CISA Known Exploited Vulnerabilities Enrichment Dashboard

The CISA KEV Vulnerability Enrichment Dashboard enables vulnerability researchers to quickly analyze trends of known and exploitable vulnerabilities identified by CISA. The table is free to use and provides a complete list of the CISA Known Exploitable Vulnerabilities Catalog which is then enriched with CVSS, EPSS, and GreyNoise Threat Intelligence. You can easily sort, search and export the data in the table below. Give it a try!

CVE ID	Vendor	Software	EPSS Score	EPSS Percentile	GreyNoise Traffic	GreyNoise Tag	CVSSv3	CVSSv2	CISA Date Added	CISA Due Date
CVE-2024-44309	Apple	Multiple Products	0.00045	17.069			6.3		11/21/2024	12/12/2024
CVE-2024-21287	Oracle	Agile Product Lifecycle Management (PLM)	0.00087	38.38			7.5		11/21/2024	12/12/2024
CVE-2024-44308	Apple	Multiple Products	0.00045	17.069			8.8		11/21/2024	12/12/2024
CVE-2024-38813	VMware	vCenter Server	0.00416	74.785			7.5		11/20/2024	12/11/2024
CVE-2024-38812	VMware	vCenter Server	0.00416	74.785			9.8		11/20/2024	12/11/2024
CVE-2024-0012	Palo Alto Networks	PAN-OS	0.96613	99.675	0	palo-alto-pan-os-auth-bypass-cve-2024-0012-attempt	9.8		11/18/2024	12/09/2024
CVE-2024-9474	Palo Alto Networks	PAN-OS	0.97398	99.943	0	palo-alto-pan-os-command-injection-cve-2024-9474-attempt	7.2		11/18/2024	12/09/2024
CVE-2024-1212	Progress	Kemp LoadMaster	0.91884	99.048	11	progress-kemp-loadmaster-rce-cve-2024-1212-attempt	9.8		11/18/2024	12/09/2024
CVE-2024-9463	Palo Alto Networks	Expedition	0.96234	99.584	0	palo-alto-expedition-os-command-injection-cve-2024-9463-attempt	7.5		11/14/2024	12/05/2024
CVE-2024-9465	Palo Alto Networks	Expedition	0.94955	99.377	7	palo-alto-networks-cve-2024-9465-unauth-sqli-attempt	9.1		11/14/2024	12/05/2024
CVE-2021-41277	Metabase	Metabase	0.97288	99.897	16	metabase-lfi-attempt	7.5	5	11/12/2024	12/03/2024
CVE-2021-26086	Atlassian	Jira Server and Data Center	0.9711	99.832	134	atlassian-jira-path-traversal-attempt	5.3	5	11/12/2024	12/03/2024
CVE-2014-2120	Cisco	Adaptive Security Appliance (ASA)	0.00246	65.295			6.1	4.3	11/12/2024	12/03/2024
CVE-2024-49039	Microsoft	Windows	0.01225	85.931			8.8		11/12/2024	12/03/2024
CVE-2024-43451	Microsoft	Windows	0.00469	76.24			6.5		11/12/2024	12/03/2024
CVE-2024-51567	CyberPersons	CyberPanel	0.4013	97.383	20	cyberpanel-rce-attempt	9.8		11/07/2024	11/28/2024
CVE-2019-16278	Nostromo	nhttpd	0.97419	99.955	24	nostromo-rce-attempt	9.8	7.5	11/07/2024	11/28/2024
CVE-2024-5910	Palo Alto Networks	Expedition	0.97099	99.831	0	palo-alto-networks-cve-2024-5910-account-takeover-attempt	9.8		11/07/2024	11/28/2024
CVE-2024-43093	Android	Framework	0.00246	65.331			7.8		11/07/2024	11/28/2024
CVE-2024-8957	PTZOptics	PT30X-SDI/NDI Cameras	0.00967	83.904	0	valuehd-ndi-ptz-camera-rce-attempt	9.8		11/04/2024	11/25/2024
CVE-2024-8956	PTZOptics	PT30X-SDI/NDI Cameras	0.01724	88.32	0	valuehd-ndi-ptz-camera-auth-bypass-attempt	9.1		11/04/2024	11/25/2024
CVE-2024-37383	Roundcube	Webmail	0.03646	91.991			6.1		10/24/2024	11/14/2024
CVE-2024-20481	Cisco	Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)	0.00226	61.53			5.8		10/24/2024	11/14/2024
CVE-2024-47575	Fortinet	FortiManager	0.05179	93.255			9.8		10/23/2024	11/13/2024
CVE-2024-38094	Microsoft	SharePoint	0.04644	92.85			7.2		10/22/2024	11/12/2024
CVE-2024-9537	ScienceLogic	SL1	0.03641	91.986			9.8		10/21/2024	11/11/2024
CVE-2024-40711	Veeam	Backup & Replication	0.96695	99.7	0	veeam-backup-and-replication-cve-2024-40711-unsafe-deserialization-rce-attempt	9.8		10/17/2024	11/07/2024
CVE-2024-28987	SolarWinds	Web Help Desk	0.95952	99.533	0	solarwinds-web-help-desk-cve-2024-28987-hard-coded-credentials-attempt	9.1		10/15/2024	11/05/2024
CVE-2024-9680	Mozilla	Firefox	0.00311	70.778			9.8		10/15/2024	11/05/2024
CVE-2024-30088	Microsoft	Windows	0.00199	58.49			7		10/15/2024	11/05/2024
CVE-2024-9380	Ivanti	Cloud Services Appliance (CSA)	0.04637	92.847			7.2		10/09/2024	10/30/2024
CVE-2024-23113	Fortinet	Multiple Products	0.01842	88.753			9.8		10/09/2024	10/30/2024
CVE-2024-9379	Ivanti	Cloud Services Appliance (CSA)	0.00756	81.645			7.2		10/09/2024	10/30/2024
CVE-2024-43572	Microsoft	Windows	0.00076	34.157			7.8		10/08/2024	10/29/2024
CVE-2024-43047	Qualcomm	Multiple Chipsets	0.00064	29.626			7.8		10/08/2024	10/29/2024
CVE-2024-43573	Microsoft	Windows	0.01063	84.722			8.1		10/08/2024	10/29/2024
CVE-2024-45519	Synacor	Zimbra Collaboration	0.76384	98.285	0	zimbra-collaboration-suite-cve-2024-45519-rce-attempt	9.8		10/03/2024	10/24/2024
CVE-2024-29824	Ivanti	Endpoint Manager (EPM)	0.32145	97.145	20	ivanti-epm-cve-2024-29824-sqli-attempt	9.6		10/02/2024	10/23/2024
CVE-2019-0344	SAP	Commerce Cloud	0.28354	96.99			9.8	7.5	09/30/2024	10/21/2024
CVE-2021-4043	Motion Spell	GPAC	0.00087	38.153			5.8	4.3	09/30/2024	10/21/2024
CVE-2023-25280	D-Link	DIR-820 Router	0.01596	87.862	0	d-link-dir-820-cve-2023-25280-rce-attempt	9.8		09/30/2024	10/21/2024
CVE-2020-15415	DrayTek	Multiple Vigor Routers	0.93019	99.15	0	draytek-vigor-routers-cve-2020-15415-rce-attempt	9.8	7.5	09/30/2024	10/21/2024
CVE-2024-7593	Ivanti	Virtual Traffic Manager	0.97303	99.902	0	ivanti-vtm-authentication-bypass-cve-2024-7593-attempt	9.8		09/24/2024	10/15/2024
CVE-2024-8963	Ivanti	Cloud Services Appliance (CSA)	0.9679	99.732			9.1		09/19/2024	10/10/2024
CVE-2022-21445	Oracle	ADF Faces	0.07306	94.283	0	oracle-adf-cve-2022-21445-deserialization-rce-attempt	9.8	7.5	09/18/2024	10/09/2024
CVE-2020-14644	Oracle	WebLogic Server	0.24285	96.773			9.8	7.5	09/18/2024	10/09/2024
CVE-2024-27348	Apache	HugeGraph-Server	0.96342	99.608	18	apache-hugegraph-cve-2024-27348-rce-attempt	9.8		09/18/2024	10/09/2024
CVE-2020-0618	Microsoft	SQL Server	0.97254	99.885	8	microsoft-sql-server-reporting-services-rce-attempt	8.8	6.5	09/18/2024	10/09/2024
CVE-2013-0643	Adobe	Flash Player	0.25773	96.867			8.8	9.3	09/17/2024	10/08/2024
CVE-2014-0497	Adobe	Flash Player	0.9672	99.71			9.8	10	09/17/2024	10/08/2024
CVE-2014-0502	Adobe	Flash Player	0.41024	97.407			8.8	10	09/17/2024	10/08/2024
CVE-2013-0648	Adobe	Flash Player	0.25773	96.867			8.8	9.3	09/17/2024	10/08/2024
CVE-2024-6670	Progress	WhatsUp Gold	0.9039	98.942	0	progress-whatsup-gold-cve-2024-6670-rce-attempt	9.8		09/16/2024	10/07/2024
CVE-2024-43461	Microsoft	Windows	0.02933	91.156			8.8		09/16/2024	10/07/2024
CVE-2024-8190	Ivanti	Cloud Services Appliance	0.12567	95.647	0	ivanti-cloud-services-appliance-os-injection-cve-2024-8190-attempt	7.2		09/13/2024	10/04/2024
CVE-2024-38226	Microsoft	Publisher	0.00051	21.474			7.3		09/10/2024	10/01/2024
CVE-2024-38014	Microsoft	Windows	0.00078	34.862			7.8		09/10/2024	10/01/2024
CVE-2024-38217	Microsoft	Windows	0.00217	60.436			5.4		09/10/2024	10/01/2024
CVE-2024-43491	Microsoft	Windows	0.00114	46.35			9.8		09/10/2024	10/01/2024
CVE-2016-3714	ImageMagick	ImageMagick	0.97377	99.935			8.4	10	09/09/2024	09/30/2024
CVE-2024-40766	SonicWall	SonicOS	0.00819	82.459			9.8		09/09/2024	09/30/2024
CVE-2017-1000253	Linux	Kernel	0.06297	93.856			7.8	7.2	09/09/2024	09/30/2024
CVE-2021-20123	DrayTek	VigorConnect	0.49447	97.618	0	draytek-vigorconnect-path-traversal-cve-2021-20123-attempt	7.5	7.8	09/03/2024	09/24/2024
CVE-2021-20124	DrayTek	VigorConnect	0.49184	97.613	0	draytek-vigorconnect-path-traversal-cve-2021-20124-attempt	7.5	7.8	09/03/2024	09/24/2024
CVE-2024-7262	Kingsoft	WPS Office	0.01147	85.355			7.8		09/03/2024	09/24/2024
CVE-2024-7965	Google	Chromium V8	0.19122	96.417			8.8		08/28/2024	09/18/2024
CVE-2024-38856	Apache	OFBiz	0.93044	99.151	0	apache-ofbiz-rce-cve-2024-38856-attempt	9.8		08/27/2024	09/17/2024
CVE-2024-7971	Google	Chromium V8	0.00138	50.727			8.8		08/26/2024	09/16/2024
CVE-2024-39717	Versa	Director	0.00208	59.444			6.6		08/23/2024	09/13/2024
CVE-2021-31196	Microsoft	Exchange Server	0.08231	94.583			7.2	6.5	08/21/2024	09/11/2024
CVE-2021-33045	Dahua	IP Camera Firmware	0.93321	99.18	9	dahua-auth-bypass	9.8	10	08/21/2024	09/11/2024
CVE-2021-33044	Dahua	IP Camera Firmware	0.95229	99.419	9	dahua-auth-bypass	9.8	10	08/21/2024	09/11/2024
CVE-2022-0185	Linux	Kernel	0.00273	68.707			8.4	7.2	08/21/2024	09/11/2024
CVE-2024-23897	Jenkins	Jenkins Command Line Interface (CLI)	0.96994	99.795	0	jenkins-cli-arbitrary-file-read-cve-2024-23897-attempt	9.8		08/19/2024	09/09/2024
CVE-2024-28986	SolarWinds	Web Help Desk	0.02618	90.668			9.8		08/15/2024	09/05/2024
CVE-2024-38193	Microsoft	Windows	0.00054	24.335			7.8		08/13/2024	09/03/2024
CVE-2024-38178	Microsoft	Windows	0.01064	84.728			7.5		08/13/2024	09/03/2024
CVE-2024-38213	Microsoft	Windows	0.00221	60.913			6.5		08/13/2024	09/03/2024
CVE-2024-38107	Microsoft	Windows	0.00043	10.816			7.8		08/13/2024	09/03/2024
CVE-2024-38106	Microsoft	Windows	0.00043	10.816			7		08/13/2024	09/03/2024
CVE-2024-38189	Microsoft	Project	0.00621	79.449			8.8		08/13/2024	09/03/2024
CVE-2024-36971	Android	Kernel	0.00105	44.391			7.8		08/07/2024	08/28/2024
CVE-2024-32113	Apache	OFBiz	0.88702	98.827	65	apache-ofbiz-cve-2024-32113-path-traversal-attempt	9.8		08/07/2024	08/28/2024
CVE-2018-0824	Microsoft	Windows	0.97148	99.845			8.8	5.1	08/05/2024	08/26/2024
CVE-2024-37085	VMware	ESXi	0.01412	86.975			7.2		07/30/2024	08/20/2024
CVE-2023-45249	Acronis	Cyber Infrastructure (ACI)	0.88105	98.79			9.8		07/29/2024	08/19/2024
CVE-2024-4879	ServiceNow	Utah, Vancouver, and Washington DC Now	0.96556	99.662	0	servicenow-template-injection-cve-2024-4879-attempt	9.8		07/29/2024	08/19/2024
CVE-2024-5217	ServiceNow	Utah, Vancouver, and Washington DC Now	0.95996	99.543	0	servicenow-input-validation-exploit-cve-2024-5217-attempt	9.8		07/29/2024	08/19/2024
CVE-2012-4792	Microsoft	Internet Explorer	0.9308	99.156			8.8	9.3	07/23/2024	08/13/2024
CVE-2024-39891	Twilio	Authy	0.19957	96.486			5.3		07/23/2024	08/13/2024
CVE-2024-34102	Adobe	Commerce and Magento Open Source	0.97327	99.914	18	adobe-commerce-and-magento-cve-2024-34102-xxe-check	9.8		07/17/2024	08/07/2024
CVE-2024-28995	SolarWinds	Serv-U	0.95998	99.544	14	solarwinds-serv-u-cve-2024-28995-path-traversal-attempt	7.5		07/17/2024	08/07/2024
CVE-2022-22948	VMware	vCenter Server	0.00692	80.732			6.5	4	07/17/2024	08/07/2024
CVE-2024-36401	OSGeo	GeoServer	0.95679	99.493	3	geoserver-geotools-cve-2024-36401-rce-attempt	9.8		07/15/2024	08/05/2024
CVE-2024-38112	Microsoft	Windows	0.70086	98.118			7.5		07/09/2024	07/30/2024
CVE-2024-38080	Microsoft	Windows	0.00043	10.816			7.8		07/09/2024	07/30/2024
CVE-2024-23692	Rejetto	HTTP File Server	0.95612	99.48	0	rejetto-http-file-server-cve-2024-23692-ssti-check	9.8		07/09/2024	07/30/2024
CVE-2024-20399	Cisco	NX-OS	0.00254	65.965			6.7		07/02/2024	07/23/2024
CVE-2022-24816	OSGeo	JAI-EXT	0.96298	99.597	21	geoserver-rce-attempt	9.8	7.5	06/26/2024	07/17/2024
CVE-2022-2586	Linux	Kernel	0.00679	80.548			7.8		06/26/2024	07/17/2024
CVE-2020-13965	Roundcube	Webmail	0.00554	78.202			6.1	4.3	06/26/2024	07/17/2024
CVE-2024-26169	Microsoft	Windows	0.00052	22.013			7.8		06/13/2024	07/04/2024
CVE-2024-32896	Android	Pixel	0.00083	36.744			7.8		06/13/2024	07/04/2024
CVE-2024-4358	Progress	Telerik Report Server	0.93466	99.195	18	telerik-report-server-cve-2024-4358-auth-bypass-attempt	9.8		06/13/2024	07/04/2024
CVE-2024-4610	Arm	Mali GPU Kernel Driver	0.15862	96.111			7.8		06/12/2024	07/03/2024
CVE-2024-4577	PHP Group	PHP	0.9632	99.603	70	php-cve-2024-4577-rce-attempt	9.8		06/12/2024	07/03/2024
CVE-2017-3506	Oracle	WebLogic Server	0.5738	97.802	41	oracle-weblogic-cve-2017-3506-os-injection-attempt	7.4	5.8	06/03/2024	06/24/2024
CVE-2024-1086	Linux	Kernel	0.00291	69.766			7.8		05/30/2024	06/20/2024
CVE-2024-24919	Check Point	Quantum Security Gateways	0.9319	99.165	28	check-point-quantum-gateway-cve-2024-24919-information-dislosure-attempt	8.6		05/30/2024	06/20/2024
CVE-2024-4978	Justice AV Solutions	Viewer	0.02833	91.013			8.4		05/29/2024	06/19/2024
CVE-2024-5274	Google	Chromium V8	0.00346	72.386			8.8		05/28/2024	06/18/2024
CVE-2020-17519	Apache	Flink	0.97215	99.871	35	apache-flink-path-traversal-attempt	7.5	5	05/23/2024	06/13/2024
CVE-2024-4947	Google	Chromium V8	0.00223	61.263			8.8		05/20/2024	06/10/2024
CVE-2023-43208	NextGen Healthcare	Mirth Connect	0.97479	99.977	0	nextgen-mirth-connect-cve-2023-43208-rce-attempt	9.8		05/20/2024	06/10/2024
CVE-2021-40655	D-Link	DIR-605 Router	0.07087	94.207	52	d-link-dir-605-information-disclosure-attempt	7.5	5	05/16/2024	06/06/2024
CVE-2024-4761	Google	Chromium Visuals	0.00223	61.263			8.8		05/16/2024	06/06/2024
CVE-2014-100005	D-Link	DIR-600 Router	0.87852	98.779			8.8	6.8	05/16/2024	06/06/2024
CVE-2024-30051	Microsoft	DWM Core Library	0.00085	37.625			7.8		05/14/2024	06/04/2024
CVE-2024-30040	Microsoft	Windows	0.00563	78.359			8.8		05/14/2024	06/04/2024
CVE-2024-4671	Google	Chromium	0.001	42.647			9.6		05/13/2024	06/03/2024
CVE-2023-7028	GitLab	GitLab CE/EE	0.95502	99.461	0	gitlab-account-takeover-attempt-cve-2023-7028	9.8		05/01/2024	05/22/2024
CVE-2024-29988	Microsoft	SmartScreen Prompt	0.00298	70.092			8.8		04/30/2024	05/21/2024
CVE-2024-20353	Cisco	Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)	0.00175	55.626			8.6		04/24/2024	05/01/2024
CVE-2024-4040	CrushFTP	CrushFTP	0.96356	99.612	0	crushftp-vfs-sandbox-arbitrary-file-read-via-ssti-cve-2024-4040-attempt	10		04/24/2024	05/01/2024
CVE-2024-20359	Cisco	Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)	0.00128	48.908			6		04/24/2024	05/01/2024
CVE-2022-38028	Microsoft	Windows	0.00051	21.383			7.8		04/23/2024	05/14/2024
CVE-2024-3400	Palo Alto Networks	PAN-OS	0.96412	99.625	25	palo-alto-pan-os-cve-2024-3400-rce-attempt	10		04/12/2024	04/19/2024
CVE-2024-3273	D-Link	Multiple NAS Devices	0.9206	99.062	21	d-link-nas-cve-2024-3273-rce-attempt	9.8	7.5	04/11/2024	05/02/2024
CVE-2024-3272	D-Link	Multiple NAS Devices	0.06985	94.176	21	d-link-nas-cve-2024-3273-rce-attempt	9.8	10	04/11/2024	05/02/2024
CVE-2024-29745	Android	Pixel	0.00094	41.192			5.5		04/04/2024	04/25/2024
CVE-2024-29748	Android	Pixel	0.00083	36.744			7.8		04/04/2024	04/25/2024
CVE-2023-24955	Microsoft	SharePoint Server	0.24811	96.819			7.2		03/26/2024	04/16/2024
CVE-2023-48788	Fortinet	FortiClient EMS	0.71085	98.15	3	fortinet-forticlientems-cve-2023-48788-sql-injection-attempt	9.8		03/25/2024	04/15/2024
CVE-2021-44529	Ivanti	Endpoint Manager Cloud Service Appliance (EPM CSA)	0.97166	99.851	24	ivanti-endpoint-manager-rce-attempt	9.8	7.5	03/25/2024	04/15/2024
CVE-2019-7256	Nice	Linear eMerge E3-Series	0.97204	99.865	0	linear-emerge-rce-attempt	9.8	10	03/25/2024	04/15/2024
CVE-2024-27198	JetBrains	TeamCity	0.97238	99.878	13	teamcity-jetbrain-cve-2024-27198-auth-bypass-attempt	9.8		03/07/2024	03/28/2024
CVE-2024-23296	Apple	Multiple Products	0.00207	59.329			7.8		03/06/2024	03/27/2024
CVE-2024-23225	Apple	Multiple Products	0.00207	59.329			7.8		03/06/2024	03/27/2024
CVE-2023-21237	Android	Pixel	0.07179	94.242			5.5		03/05/2024	03/26/2024
CVE-2021-36380	Sunhillo	SureLine	0.97494	99.984	21	sunhillo-sureline-rce-attempt	9.8	10	03/05/2024	03/26/2024
CVE-2024-21338	Microsoft	Windows	0.0007	32.105			7.8		03/04/2024	03/25/2024
CVE-2023-29360	Microsoft	Streaming Service	0.00492	76.818			8.4		02/29/2024	03/21/2024
CVE-2024-1709	ConnectWise	ScreenConnect	0.94809	99.358	17	connectwise-screenconnect-auth-bypass-rce-attempt	10		02/22/2024	02/29/2024
CVE-2024-21410	Microsoft	Exchange Server	0.08836	94.782			9.8		02/15/2024	03/07/2024
CVE-2020-3259	Cisco	Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)	0.02709	90.827	0	cisco-asa-cve-2020-3259-information-disclosure-attempt	7.5	5	02/15/2024	03/07/2024
CVE-2024-21351	Microsoft	Windows	0.05284	93.317			7.6		02/13/2024	03/05/2024
CVE-2024-21412	Microsoft	Windows	0.00473	76.345			8.1		02/13/2024	03/05/2024
CVE-2023-43770	Roundcube	Webmail	0.23603	96.733			6.1		02/12/2024	03/04/2024
CVE-2024-21762	Fortinet	FortiOS	0.01842	88.753	0	fortinet-fortios-fortiproxy-rce-cve-2024-21762-attempt	9.8		02/09/2024	02/16/2024
CVE-2023-4762	Google	Chromium V8	0.66188	98.023			8.8		02/06/2024	02/27/2024
CVE-2024-21893	Ivanti	Connect Secure, Policy Secure, and Neurons	0.95989	99.542	12	ivanti-connect-secure-ssrf-cve-2024-21893-attempt	8.2		01/31/2024	02/02/2024
CVE-2022-48618	Apple	Multiple Products	0.00346	72.365			7		01/31/2024	02/21/2024
CVE-2023-22527	Atlassian	Confluence Data Center and Server	0.97057	99.816	62	atlassian-confluence-template-injection-rce-attempt-cve-2023-22527	10		01/24/2024	02/14/2024
CVE-2024-23222	Apple	Multiple Products	0.00111	45.703			8.8		01/23/2024	02/13/2024
CVE-2023-34048	VMware	vCenter Server	0.0478	92.964			9.8		01/22/2024	02/12/2024
CVE-2023-35082	Ivanti	Endpoint Manager Mobile (EPMM) and MobileIron Core	0.96384	99.619	9	ivanti-epmm-mobileiron-core-authentication-bypass-attempt	10		01/18/2024	02/08/2024
CVE-2024-0519	Google	Chromium V8	0.00206	59.29			8.8		01/17/2024	02/07/2024
CVE-2023-6549	Citrix	NetScaler ADC and NetScaler Gateway	0.01033	84.459	9	citrix-adc-netscaler-cve-2023-6549-information-disclosure-attempt	7.5		01/17/2024	02/07/2024
CVE-2023-6548	Citrix	NetScaler ADC and NetScaler Gateway	0.01611	87.925	9	citrix-adc-netscaler-cve-2023-6549-information-disclosure-attempt	8.8		01/17/2024	01/24/2024
CVE-2018-15133	Laravel	Laravel Framework	0.96264	99.588			8.1	6.8	01/16/2024	02/06/2024
CVE-2023-46805	Ivanti	Connect Secure and Policy Secure	0.9591	99.528	60	ivanti-connect-secure-rce-attempt	8.2		01/10/2024	01/22/2024
CVE-2024-21887	Ivanti	Connect Secure and Policy Secure	0.96757	99.723	60	ivanti-connect-secure-rce-attempt	9.1		01/10/2024	01/22/2024
CVE-2023-29357	Microsoft	SharePoint Server	0.84012	98.579	19	sharepoint-cve-2023-29357-check	9.8		01/10/2024	01/31/2024
CVE-2023-27524	Apache	Superset	0.97032	99.806	0	apache-superset-authentication-bypass-attempt	9.8		01/08/2024	01/29/2024
CVE-2023-38203	Adobe	ColdFusion	0.96475	99.638	16	adobe-coldfusion-cve-2023-38203-rce-attempt	9.8		01/08/2024	01/29/2024
CVE-2023-41990	Apple	Multiple Products	0.00086	37.778			7.8		01/08/2024	01/29/2024
CVE-2023-23752	Joomla!	Joomla!	0.94831	99.361	20	joomla-credential-disclosure-cve-2023-23752-attempt	5.3		01/08/2024	01/29/2024
CVE-2016-20017	D-Link	DSL-2750B Devices	0.01574	87.78	71	d-link-dsl-2750b-rce-attempt	9.8		01/08/2024	01/29/2024
CVE-2023-29300	Adobe	ColdFusion	0.96782	99.73	13	adobe-coldfusion-cve-2023-29300-rce-attempt	9.8		01/08/2024	01/29/2024
CVE-2023-7024	Google	Chromium WebRTC	0.00629	79.614			8.8		01/02/2024	01/23/2024
CVE-2023-7101	Spreadsheet::ParseExcel	Spreadsheet::ParseExcel	0.06042	93.747			7.8		01/02/2024	01/23/2024
CVE-2023-47565	QNAP	VioStor NVR	0.01652	88.074			8.8		12/21/2023	01/11/2024
CVE-2023-49897	FXC	AE1021, AE1021PE	0.00929	83.564			8.8		12/21/2023	01/11/2024
CVE-2023-6448	Unitronics	Vision PLC and HMI	0.02932	91.154			9.8		12/11/2023	12/18/2023
CVE-2023-41265	Qlik	Sense	0.9126	99.004	0	qlik-sense-http-tunneling-attempt	9.9		12/07/2023	12/28/2023
CVE-2023-41266	Qlik	Sense	0.83435	98.553	0	qlik-sense-auth-bypass-attempt	6.5		12/07/2023	12/28/2023
CVE-2022-22071	Qualcomm	Multiple Chipsets	0.00114	46.345			7.8	7.2	12/05/2023	12/26/2023
CVE-2023-33106	Qualcomm	Multiple Chipsets	0.00064	29.626			7.8		12/05/2023	12/26/2023
CVE-2023-33107	Qualcomm	Multiple Chipsets	0.00064	29.626			7.8		12/05/2023	12/26/2023
CVE-2023-33063	Qualcomm	Multiple Chipsets	0.00064	29.626			7.8		12/05/2023	12/26/2023
CVE-2023-42917	Apple	Multiple Products	0.00209	59.533			8.8		12/04/2023	12/25/2023
CVE-2023-42916	Apple	Multiple Products	0.00317	71.14			6.5		12/04/2023	12/25/2023
CVE-2023-6345	Google	Chromium Skia	0.128	95.672			9.6		11/30/2023	12/21/2023
CVE-2023-49103	ownCloud	ownCloud graphapi	0.95113	99.398	31	owncloud-graph-api-information-disclosure	7.5		11/30/2023	12/21/2023
CVE-2023-4911	GNU	GNU C Library	0.17227	96.257			7.8		11/21/2023	12/12/2023
CVE-2023-1671	Sophos	Web Appliance	0.96261	99.587	13	sophos-web-appliance-rce-attempt	9.8		11/16/2023	12/07/2023
CVE-2023-36584	Microsoft	Windows	0.00196	58.24			5.4		11/16/2023	12/07/2023
CVE-2020-2551	Oracle	Fusion Middleware	0.97528	99.993			9.8	7.5	11/16/2023	12/07/2023
CVE-2023-36033	Microsoft	Windows	0.00087	38.149			7.8		11/14/2023	12/05/2023
CVE-2023-36036	Microsoft	Windows	0.00057	25.118			7.8		11/14/2023	12/05/2023
CVE-2023-36025	Microsoft	Windows	0.00943	83.687			8.8		11/14/2023	12/05/2023
CVE-2023-47246	SysAid	SysAid Server	0.96262	99.587	0	sysaid-path-traversal-attempt	9.8		11/13/2023	12/04/2023
CVE-2023-36846	Juniper	Junos OS	0.01006	84.235	13	juniper-junos-os-arbitrary-file-upload-attempt	5.3		11/13/2023	11/17/2023
CVE-2023-36845	Juniper	Junos OS	0.96789	99.732	13	juniper-junos-os-environment-variable-injection-attempt	9.8		11/13/2023	11/17/2023
CVE-2023-36847	Juniper	Junos OS	0.01006	84.235	13	juniper-junos-os-arbitrary-file-upload-attempt	5.3		11/13/2023	11/17/2023
CVE-2023-36851	Juniper	Junos OS	0.01114	85.104			5.3		11/13/2023	11/17/2023
CVE-2023-36844	Juniper	Junos OS	0.48915	97.609	13	juniper-junos-os-environment-variable-injection-attempt	5.3		11/13/2023	11/17/2023
CVE-2023-29552	IETF	Service Location Protocol (SLP)	0.02716	90.839			7.5		11/08/2023	11/29/2023
CVE-2023-22518	Atlassian	Confluence Data Center and Server	0.96312	99.602	19	atlassian-confluence-server-authentication-bypass-attempt	10		11/07/2023	11/28/2023
CVE-2023-46604	Apache	ActiveMQ	0.96964	99.779	23	apache-activemq-rce-attempt	9.8		11/02/2023	11/23/2023
CVE-2023-46748	F5	BIG-IP Configuration Utility	0.00776	81.942			8.8		10/31/2023	11/21/2023
CVE-2023-46747	F5	BIG-IP Configuration Utility	0.97256	99.886	2	f5-big-ip-cve-2023-46747-rce-attempt	9.8		10/31/2023	11/21/2023
CVE-2023-5631	Roundcube	Webmail	0.00753	81.603			5.4		10/26/2023	11/16/2023
CVE-2023-20273	Cisco	Cisco IOS XE Web UI	0.07472	94.335	0	cisco-ios-xe-rce-cve-2023-20273-attempt	7.2		10/23/2023	10/27/2023
CVE-2021-1435	Cisco	Cisco IOS XE Web UI	0.00167	54.467			6.6	9	10/19/2023	10/25/2023
CVE-2023-4966	Citrix	NetScaler ADC and NetScaler Gateway	0.97055	99.815	56	citrix-adc-netscaler-cve-2023-4966-information-disclosure-attempt	7.5		10/18/2023	11/08/2023
CVE-2023-20198	Cisco	IOS XE Web UI	0.88583	98.82	26	cisco-ios-xe-privilege-escalation-attempt	10		10/16/2023	10/20/2023
CVE-2023-41763	Microsoft	Skype for Business	0.73347	98.21			5.3		10/10/2023	10/31/2023
CVE-2023-44487	IETF	HTTP/2	0.83779	98.572			7.5		10/10/2023	10/31/2023
CVE-2023-36563	Microsoft	WordPad	0.00325	71.492			5.5		10/10/2023	10/31/2023
CVE-2023-20109	Cisco	IOS and IOS XE	0.00957	83.824			6.6		10/10/2023	10/31/2023
CVE-2023-21608	Adobe	Acrobat and Reader	0.01101	84.989			7.8		10/10/2023	10/31/2023
CVE-2023-42824	Apple	iOS and iPadOS	0.00062	28.074			7.8		10/05/2023	10/26/2023
CVE-2023-22515	Atlassian	Confluence Data Center and Server	0.97336	99.915	26	atlassian-confluence-server-privilege-escalation-attempt	10		10/05/2023	10/13/2023
CVE-2023-40044	Progress	WS_FTP Server	0.86618	98.696	0	progress-ws-ftp-server-cve-2023-40044-rce-attempt	8.8		10/05/2023	10/26/2023
CVE-2023-28229	Microsoft	Windows CNG Key Isolation Service	0.00616	79.367			7		10/04/2023	10/25/2023
CVE-2023-42793	JetBrains	TeamCity	0.97083	99.825	13	jetbrains-teamcity-authentication-bypass-attempt	9.8		10/04/2023	10/25/2023
CVE-2023-4211	Arm	Mali GPU Kernel Driver	0.21262	96.585			5.5		10/03/2023	10/24/2023
CVE-2023-5217	Google	Chromium libvpx	0.31122	97.108			8.8		10/02/2023	10/23/2023
CVE-2018-14667	Red Hat	JBoss RichFaces Framework	0.83783	98.573	0	richfaces-rce-scanning	9.8	7.5	09/28/2023	10/19/2023
CVE-2023-41991	Apple	Multiple Products	0.01205	85.792			5.5		09/25/2023	10/16/2023
CVE-2023-41992	Apple	Multiple Products	0.00062	28.074			7.8		09/25/2023	10/16/2023
CVE-2023-41993	Apple	Multiple Products	0.00305	70.484			8.8		09/25/2023	10/16/2023
CVE-2023-41179	Trend Micro	Apex One and Worry-Free Business Security	0.01451	87.165			7.2		09/21/2023	10/12/2023
CVE-2023-28434	MinIO	MinIO	0.08999	94.834			8.8		09/19/2023	10/10/2023
CVE-2014-8361	Realtek	SDK	0.96914	99.764	4666	realtek-miniigd-upnp-worm-attempt	9.8	10	09/18/2023	10/09/2023
CVE-2022-31459	Owl Labs	Meeting Owl	0.00077	34.804			6.5	3.3	09/18/2023	10/16/2023
CVE-2022-31463	Owl Labs	Meeting Owl	0.00077	34.804			7.1	4.3	09/18/2023	10/16/2023
CVE-2022-22265	Samsung	Mobile Devices	0.00069	31.831			7.8	4.6	09/18/2023	10/09/2023
CVE-2021-3129	Laravel	Ignition	0.97486	99.98	310	ignition-debug-rce-attempt	9.8	7.5	09/18/2023	10/09/2023
CVE-2022-31461	Owl Labs	Meeting Owl	0.00074	33.568			6.5	3.3	09/18/2023	10/16/2023
CVE-2022-31462	Owl Labs	Meeting Owl	0.00117	46.938			8.8	5.4	09/18/2023	10/16/2023
CVE-2017-6884	Zyxel	EMG2926 Routers	0.97401	99.945	142	zyxel-cve-2017-6884-rce-attempt	8.8	9	09/18/2023	10/09/2023
CVE-2023-26369	Adobe	Acrobat and Reader	0.02519	90.513			7.8		09/14/2023	10/05/2023
CVE-2023-4863	Google	Chromium WebP	0.44315	97.496			8.8		09/13/2023	10/04/2023
CVE-2023-20269	Cisco	Adaptive Security Appliance and Firepower Threat Defense	0.04018	92.361			9.1		09/13/2023	10/04/2023
CVE-2023-35674	Android	Framework	0.0018	56.312			7.8		09/13/2023	10/04/2023
CVE-2023-36802	Microsoft	Streaming Service Proxy	0.00359	72.926			7.8		09/12/2023	10/03/2023
CVE-2023-36761	Microsoft	Word	0.00894	83.242			6.5		09/12/2023	10/03/2023
CVE-2023-41064	Apple	iOS, iPadOS, and macOS	0.00384	73.797			7.8		09/11/2023	10/02/2023
CVE-2023-41061	Apple	iOS, iPadOS, and watchOS	0.00081	36.193			7.8		09/11/2023	10/02/2023
CVE-2023-33246	Apache	RocketMQ	0.97304	99.903	14	apache-rocketmq-rce-attempt	9.8		09/06/2023	09/27/2023
CVE-2023-38831	RARLAB	WinRAR	0.43876	97.486			7.8		08/24/2023	09/14/2023
CVE-2023-32315	Ignite Realtime	Openfire	0.97337	99.916	0	openfire-path-traversal-attempt	7.5		08/24/2023	09/14/2023
CVE-2023-38035	Ivanti	Sentry	0.97436	99.96	0	ivanti-mobileiron-sentry-auth-bypass-attempt	9.8		08/22/2023	09/12/2023
CVE-2023-27532	Veeam	Backup & Replication	0.02289	90.034	0	veeam-backup-and-replication-credentials-retrieval-attempt	7.5		08/22/2023	09/12/2023
CVE-2023-26359	Adobe	ColdFusion	0.72779	98.198	0	adobe-coldfusion-rce-cve-2023-26359-attempt	9.8		08/21/2023	09/11/2023
CVE-2023-24489	Citrix	Content Collaboration	0.97289	99.897	0	citrix-sharefile-rce-attempt	9.8		08/16/2023	09/06/2023
CVE-2023-38180	Microsoft	.NET Core and Visual Studio	0.01036	84.485			7.5		08/09/2023	08/30/2023
CVE-2017-18368	Zyxel	P660HN-T1A Routers	0.97444	99.964	31	zyxel-router-worm-attempt	9.8	10	08/07/2023	08/28/2023
CVE-2023-35081	Ivanti	Endpoint Manager Mobile (EPMM)	0.80822	98.444			7.2		07/31/2023	08/21/2023
CVE-2023-37580	Zimbra	Collaboration (ZCS)	0.30442	97.076			6.1		07/27/2023	08/17/2023
CVE-2023-38606	Apple	Multiple Products	0.00318	71.171			5.5		07/26/2023	08/16/2023
CVE-2023-35078	Ivanti	Endpoint Manager Mobile (EPMM)	0.96784	99.73	9	ivanti-epmm-mobileiron-core-authentication-bypass-attempt	10		07/25/2023	08/15/2023
CVE-2023-38205	Adobe	ColdFusion	0.95872	99.522	0	adobe-coldfusion-cve-2023-38205-security-feature-bypass-attempt	7.5		07/20/2023	08/10/2023
CVE-2023-29298	Adobe	ColdFusion	0.96838	99.746	14	adobe-coldfusion-cve-2023-29298-access-control-bypass-attempt	7.5		07/20/2023	08/10/2023
CVE-2023-3519	Citrix	NetScaler ADC and NetScaler Gateway	0.96554	99.661	0	citrix-adc-netscaler-cve-2023-3519-rce-attempt	9.8		07/19/2023	08/09/2023
CVE-2023-36884	Microsoft	Windows	0.07395	94.314			7.5		07/17/2023	08/29/2023
CVE-2022-29303	SolarView	Compact	0.96914	99.764	22	solarview-compact-6-rce-attempt	9.8	10	07/13/2023	08/03/2023
CVE-2023-37450	Apple	Multiple Products	0.002	58.65			8.8		07/13/2023	08/03/2023
CVE-2023-32049	Microsoft	Windows	0.03643	91.989			8.8		07/11/2023	08/01/2023
CVE-2022-31199	Netwrix	Auditor	0.47637	97.585			9.8		07/11/2023	08/01/2023
CVE-2023-32046	Microsoft	Windows	0.00223	61.238			7.8		07/11/2023	08/01/2023
CVE-2023-36874	Microsoft	Windows	0.03327	91.63			7.8		07/11/2023	08/01/2023
CVE-2023-35311	Microsoft	Outlook	0.75719	98.27			7.5		07/11/2023	08/01/2023
CVE-2021-29256	Arm	Mali Graphics Processing Unit (GPU)	0.02483	90.447			8.8	9	07/07/2023	07/28/2023
CVE-2019-20500	D-Link	DWL-2600AP Access Point	0.01149	85.365	0	d-link-dwl-2600ap-rce-attempt	7.8	7.2	06/29/2023	07/20/2023
CVE-2021-25487	Samsung	Mobile Devices	0.00067	31.148			7.8	4.6	06/29/2023	07/20/2023
CVE-2021-25394	Samsung	Mobile Devices	0.00078	34.861			6.4	4.4	06/29/2023	07/20/2023
CVE-2021-25372	Samsung	Mobile Devices	0.00078	34.861			6.7	7.2	06/29/2023	07/20/2023
CVE-2021-25489	Samsung	Mobile Devices	0.00139	50.779			5.5	4.9	06/29/2023	07/20/2023
CVE-2021-25371	Samsung	Mobile Devices	0.00078	34.861			6.7	7.2	06/29/2023	07/20/2023
CVE-2019-17621	D-Link	DIR-859 Router	0.96927	99.768	2	d-link-dir-859-gena-rce-attempt	9.8	10	06/29/2023	07/20/2023
CVE-2021-25395	Samsung	Mobile Devices	0.00238	62.546			6.4	4.4	06/29/2023	07/20/2023
CVE-2023-32435	Apple	Multiple Products	0.00168	54.832			8.8		06/23/2023	07/14/2023
CVE-2023-32439	Apple	Multiple Products	0.00438	75.47			8.8		06/23/2023	07/14/2023
CVE-2023-27992	Zyxel	Multiple Network-Attached Storage (NAS) Devices	0.03489	91.835	0	zyxel-nas-rce-cve-2023-27992-attempt	9.8		06/23/2023	07/14/2023
CVE-2023-20867	VMware	Tools	0.00333	71.895			3.9		06/23/2023	07/14/2023
CVE-2023-32434	Apple	Multiple Products	0.00103	43.412			7.8		06/23/2023	07/14/2023
CVE-2021-44026	Roundcube	Roundcube Webmail	0.0143	87.054			9.8	7.5	06/22/2023	07/13/2023
CVE-2023-20887	VMware	Aria Operations for Networks	0.96886	99.755	16	vmware-aria-operations-for-networks-rce-attempt	9.8		06/22/2023	07/13/2023
CVE-2016-0165	Microsoft	Win32k	0.00585	78.769			7.8	7.2	06/22/2023	07/13/2023
CVE-2016-9079	Mozilla	Firefox, Firefox ESR, and Thunderbird	0.95642	99.484			7.5	5	06/22/2023	07/13/2023
CVE-2020-35730	Roundcube	Roundcube Webmail	0.07574	94.369			6.1	4.3	06/22/2023	07/13/2023
CVE-2020-12641	Roundcube	Roundcube Webmail	0.12696	95.661	0	roundcube-webmail-rce-attempt	9.8	7.5	06/22/2023	07/13/2023
CVE-2023-27997	Fortinet	FortiOS and FortiProxy SSL-VPN	0.09716	95.03	0	fortios-ssl-vpn-rce-cve-2023-27997-attempt	9.8		06/13/2023	07/04/2023
CVE-2023-3079	Google	Chromium V8	0.13856	95.831			8.8		06/07/2023	06/28/2023
CVE-2023-33010	Zyxel	Multiple Firewalls	0.02466	90.415			9.8		06/05/2023	06/26/2023
CVE-2023-33009	Zyxel	Multiple Firewalls	0.02466	90.415			9.8		06/05/2023	06/26/2023
CVE-2023-34362	Progress	MOVEit Transfer	0.96938	99.771	18	moveit-transfer-scanner	9.8		06/02/2023	06/23/2023
CVE-2023-28771	Zyxel	Multiple Firewalls	0.87671	98.771	0	zyxel-ike-server-rce-cve-2023-28771-attempt	9.8		05/31/2023	06/21/2023
CVE-2023-2868	Barracuda Networks	Email Security Gateway (ESG) Appliance	0.07757	94.436			9.8		05/26/2023	06/16/2023
CVE-2023-28204	Apple	Multiple Products	0.00285	69.409			6.5		05/22/2023	06/12/2023
CVE-2023-32373	Apple	Multiple Products	0.00155	52.942			8.8		05/22/2023	06/12/2023
CVE-2023-32409	Apple	Multiple Products	0.01708	88.261			8.6		05/22/2023	06/12/2023
CVE-2004-1464	Cisco	IOS	0.01575	87.782			5.9	5	05/19/2023	06/09/2023
CVE-2023-21492	Samsung	Mobile Devices	0.00193	57.964			4.4		05/19/2023	06/09/2023
CVE-2016-6415	Cisco	IOS, IOS XR, and IOS XE	0.97263	99.889			7.5	5	05/19/2023	06/09/2023
CVE-2016-8735	Apache	Tomcat	0.7374	98.215			9.8	7.5	05/12/2023	06/02/2023
CVE-2016-3427	Oracle	Java SE and JRockit	0.67405	98.053			9.8	10	05/12/2023	06/02/2023
CVE-2021-3560	Red Hat	Polkit	0.01177	85.621			7.8	7.2	05/12/2023	06/02/2023
CVE-2014-0196	Linux	Kernel	0.01914	89.029				6.9	05/12/2023	06/02/2023
CVE-2015-5317	Jenkins	Jenkins User Interface (UI)	0.04876	93.03				5	05/12/2023	06/02/2023
CVE-2010-3904	Linux	Kernel	0.00132	49.519			7.8	7.2	05/12/2023	06/02/2023
CVE-2023-25717	Ruckus Wireless	Multiple Products	0.94944	99.374	6	ruckus-wireless-admin-rce-attempt	9.8		05/12/2023	06/02/2023
CVE-2023-29336	Microsoft	Win32k	0.00318	71.196			7.8		05/09/2023	05/30/2023
CVE-2023-21839	Oracle	WebLogic Server	0.93396	99.189	0	oracle-weblogic-cve-2023-21839-rce-attempt	7.5		05/01/2023	05/22/2023
CVE-2021-45046	Apache	Log4j2	0.97292	99.899	89	apache-log4j-rce-attempt	9	5.1	05/01/2023	05/22/2023
CVE-2023-1389	TP-Link	Archer AX21	0.05845	93.644	49	tplink-archer-ax21-cij-scan	8.8		05/01/2023	05/22/2023
CVE-2023-2136	Google	Chromium Skia	0.00876	83.057			9.6		04/21/2023	05/12/2023
CVE-2023-28432	MinIO	MinIO	0.90687	98.963	22	minio-information-disclosure-attempt	7.5		04/21/2023	05/12/2023
CVE-2023-27350	PaperCut	MF/NG	0.96922	99.766	27	papercut-authentication-bypass-check	9.8		04/21/2023	05/12/2023
CVE-2017-6742	Cisco	IOS and IOS XE Software	0.01469	87.238			8.8	9	04/19/2023	05/10/2023
CVE-2019-8526	Apple	macOS	0.00137	50.55			7.8	7.2	04/17/2023	05/08/2023
CVE-2023-2033	Google	Chromium V8	0.02201	89.807			8.8		04/17/2023	05/08/2023
CVE-2023-20963	Android	Framework	0.00224	61.369			7.8		04/13/2023	05/04/2023
CVE-2023-29492	Novi Survey	Novi Survey	0.03288	91.589			9.8		04/13/2023	05/04/2023
CVE-2023-28252	Microsoft	Windows	0.0138	86.825			7.8		04/11/2023	05/02/2023
CVE-2023-28206	Apple	iOS, iPadOS, and macOS	0.0049	76.767			8.6		04/10/2023	05/01/2023
CVE-2023-28205	Apple	Multiple Products	0.0034	72.129			8.8		04/10/2023	05/01/2023
CVE-2021-27878	Veritas	Backup Exec Agent	0.70923	98.143			8.8	9	04/07/2023	04/28/2023
CVE-2023-26083	Arm	Mali Graphics Processing Unit (GPU)	0.06398	93.914			3.3		04/07/2023	04/28/2023
CVE-2021-27877	Veritas	Backup Exec Agent	0.7621	98.282			9.8	7.5	04/07/2023	04/28/2023
CVE-2019-1388	Microsoft	Windows	0.09549	94.982			7.8	7.2	04/07/2023	04/28/2023
CVE-2021-27876	Veritas	Backup Exec Agent	0.74314	98.231			8.1	7.5	04/07/2023	04/28/2023
CVE-2022-27926	Zimbra	Collaboration (ZCS)	0.96076	99.555	0	zimbra-collaboration-suite-rxss	6.1	4.3	04/03/2023	04/24/2023
CVE-2022-38181	Arm	Mali Graphics Processing Unit (GPU)	0.66325	98.026			8.8		03/30/2023	04/20/2023
CVE-2013-3163	Microsoft	Internet Explorer	0.95743	99.503			8.8	9.3	03/30/2023	04/20/2023
CVE-2022-22706	Arm	Mali Graphics Processing Unit (GPU)	0.71247	98.153			7.8	4.6	03/30/2023	04/20/2023
CVE-2017-7494	Samba	Samba	0.97157	99.848			9.8	10	03/30/2023	04/20/2023
CVE-2022-42948	Fortra	Cobalt Strike	0.038	92.159			9.8		03/30/2023	04/20/2023
CVE-2022-39197	Fortra	Cobalt Strike	0.00767	81.813			6.1		03/30/2023	04/20/2023
CVE-2021-30900	Apple	iOS, iPadOS, and macOS	0.00238	62.488			7.8	9.3	03/30/2023	04/20/2023
CVE-2023-0266	Linux	Kernel	0.00082	36.383			7.8		03/30/2023	04/20/2023
CVE-2022-3038	Google	Chromium Network Service	0.2329	96.715			8.8		03/30/2023	04/20/2023
CVE-2023-26360	Adobe	ColdFusion	0.96201	99.578	0	adobe-coldfusion-rce-cve-2023-26359-attempt	8.6		03/15/2023	04/05/2023
CVE-2023-24880	Microsoft	Windows	0.00984	84.044			4.4		03/14/2023	04/04/2023
CVE-2023-23397	Microsoft	Office	0.90275	98.936			9.8		03/14/2023	04/04/2023
CVE-2022-41328	Fortinet	FortiOS	0.11032	95.35			7.1		03/14/2023	04/04/2023
CVE-2020-5741	Plex	Media Server	0.71944	98.17	0	plex-media-server-unpickle-rce-attempt	7.2	6.5	03/10/2023	03/31/2023
CVE-2021-39144	XStream	XStream	0.96683	99.699	6	vmware-nsx-manager-xstream-rce-attempt	8.5	6	03/10/2023	03/31/2023
CVE-2022-33891	Apache	Spark	0.97258	99.887	0	apache-spark-rce-attempt	8.8		03/07/2023	03/28/2023
CVE-2022-28810	Zoho	ManageEngine	0.9382	99.237	0	zoho-manageengine-adselfservice-plus-cve-2022-28810-rce-attempt	6.8	7.1	03/07/2023	03/28/2023
CVE-2022-35914	Teclib	GLPI	0.97389	99.939	23	glpi-remote-code-execution-attmempt	9.8		03/07/2023	03/28/2023
CVE-2022-36537	ZK Framework	AuUploader	0.92214	99.072	0	zk-framework-information-disclosure-attempt	7.5		02/27/2023	03/20/2023
CVE-2022-41223	Mitel	MiVoice Connect	0.0017	55.038			6.8		02/21/2023	03/14/2023
CVE-2022-47986	IBM	Aspera Faspex	0.96145	99.566	16	ibm-aspera-faspex-rce-attempt	9.8		02/21/2023	03/14/2023
CVE-2022-40765	Mitel	MiVoice Connect	0.00168	54.614			6.8		02/21/2023	03/14/2023
CVE-2022-46169	Cacti	Cacti	0.96372	99.616	0	cacti-remote-agent-php-unauthenticated-command-injection-attempt	9.8		02/16/2023	03/09/2023
CVE-2023-21823	Microsoft	Windows	0.5921	97.851			7.8		02/14/2023	03/07/2023
CVE-2023-23376	Microsoft	Windows	0.00094	41.194			7.8		02/14/2023	03/07/2023
CVE-2023-21715	Microsoft	Office	0.00173	55.492			7.3		02/14/2023	03/07/2023
CVE-2023-23529	Apple	Multiple Products	0.00243	64.994			8.8		02/14/2023	03/07/2023
CVE-2015-2291	Intel	Ethernet Diagnostics Driver for Windows	0.00105	44.174			7.8	7.2	02/10/2023	03/03/2023
CVE-2023-0669	Fortra	GoAnywhere MFT	0.97193	99.86	0	goanywhere-mft-command-injection-attempt	7.2		02/10/2023	03/03/2023
CVE-2022-24990	TerraMaster	TerraMaster OS	0.9344	99.193	20	terramaster-nas-api-php-rce-check	7.5		02/10/2023	03/03/2023
CVE-2022-21587	Oracle	E-Business Suite	0.97152	99.847	0	oracle-web-applications-integrator-rce-attempt	9.8		02/02/2023	02/23/2023
CVE-2023-22952	SugarCRM	Multiple Products	0.55619	97.76	0	sugarcrm-auth-bypass-rce-attempt	8.8		02/02/2023	02/23/2023
CVE-2017-11357	Telerik	User Interface (UI) for ASP.NET AJAX	0.96533	99.656			9.8	7.5	01/26/2023	02/16/2023
CVE-2022-47966	Zoho	ManageEngine	0.9751	99.99	18	zoho-manageengine-rce-cve-2022-47966-attempt	9.8		01/23/2023	02/13/2023
CVE-2022-44877	CWP	Control Web Panel	0.97243	99.88	17	centos-web-panel-rce-cve-2022-44877-attempt	9.8		01/17/2023	02/07/2023
CVE-2022-41080	Microsoft	Exchange Server	0.01174	85.566	0	exchange-owassrf-vuln-attempt	8.8		01/10/2023	01/31/2023
CVE-2023-21674	Microsoft	Windows	0.0011	45.532			8.8		01/10/2023	01/31/2023
CVE-2018-5430	TIBCO	JasperReports	0.05853	93.647	7	tibco-jasperreports-path-traversal-attempt	7.7	4	12/29/2022	01/19/2023
CVE-2018-18809	TIBCO	JasperReports	0.45232	97.534	7	tibco-jaspersoft-path-traversal-attempt	9.9	4	12/29/2022	01/19/2023
CVE-2022-42856	Apple	iOS	0.00597	79.013			8.8		12/14/2022	01/04/2023
CVE-2022-27518	Citrix	Application Delivery Controller (ADC) and Gateway	0.20483	96.523			9.8		12/13/2022	01/03/2023
CVE-2022-44698	Microsoft	Defender	0.02303	90.062			5.4		12/13/2022	01/03/2023
CVE-2022-26500	Veeam	Backup & Replication	0.05577	93.487	0	veeam-backup-and-replication-rce-check	8.8	6.5	12/13/2022	01/03/2023
CVE-2022-26501	Veeam	Backup & Replication	0.07015	94.185	0	veeam-backup-and-replication-rce-check	9.8	10	12/13/2022	01/03/2023
CVE-2022-42475	Fortinet	FortiOS	0.27418	96.94	0	fortios-ssl-vpn-rce-attempt	9.8		12/13/2022	01/03/2023
CVE-2022-4262	Google	Chromium V8	0.00515	77.338			8.8		12/05/2022	12/26/2022
CVE-2021-35587	Oracle	Fusion Middleware	0.96184	99.574	25	oracle-access-manager-rce-attempt	9.8	7.5	11/28/2022	12/19/2022
CVE-2022-4135	Google	Chromium GPU	0.01461	87.215			9.6		11/28/2022	12/19/2022
CVE-2022-41049	Microsoft	Windows	0.00339	72.103			5.4		11/14/2022	12/09/2022
CVE-2021-25370	Samsung	Mobile Devices	0.002	58.661			4.4	4.9	11/08/2022	11/29/2022
CVE-2021-25337	Samsung	Mobile Devices	0.00096	41.646			7.1	5.8	11/08/2022	11/29/2022
CVE-2021-25369	Samsung	Mobile Devices	0.00118	47.086			5.5	2.1	11/08/2022	11/29/2022
CVE-2022-41073	Microsoft	Windows	0.00069	31.824			7.8		11/08/2022	12/09/2022
CVE-2022-41125	Microsoft	Windows	0.00055	24.49			7.8		11/08/2022	12/09/2022
CVE-2022-41128	Microsoft	Windows	0.32199	97.148			8.8		11/08/2022	12/09/2022
CVE-2022-41091	Microsoft	Windows	0.00262	66.573			5.4		11/08/2022	12/09/2022
CVE-2022-3723	Google	Chromium V8	0.01775	88.501			8.8		10/28/2022	11/18/2022
CVE-2022-42827	Apple	iOS and iPadOS	0.00095	41.494			7.8		10/25/2022	11/15/2022
CVE-2020-3153	Cisco	AnyConnect Secure	0.00083	36.8			6.5	4.9	10/24/2022	11/14/2022
CVE-2018-19321	GIGABYTE	Multiple Products	0.00149	52.15			7.8	7.2	10/24/2022	11/14/2022
CVE-2020-3433	Cisco	AnyConnect Secure	0.00077	34.579			7.8	7.2	10/24/2022	11/14/2022
CVE-2018-19320	GIGABYTE	Multiple Products	0.00312	70.855			7.8	7.2	10/24/2022	11/14/2022
CVE-2018-19323	GIGABYTE	Multiple Products	0.07006	94.182			9.8	9	10/24/2022	11/14/2022
CVE-2018-19322	GIGABYTE	Multiple Products	0.00771	81.861			7.8	4.6	10/24/2022	11/14/2022
CVE-2022-41352	Zimbra	Collaboration (ZCS)	0.9437	99.295			9.8		10/20/2022	11/10/2022
CVE-2021-3493	Linux	Kernel	0.00832	82.609			7.8	7.2	10/20/2022	11/10/2022
CVE-2022-40684	Fortinet	Multiple Products	0.97398	99.943	37	fortios-authentication-bypass-attempt	9.8		10/11/2022	11/01/2022
CVE-2022-41033	Microsoft	Windows COM+ Event System Service	0.00068	31.467			7.8		10/11/2022	11/01/2022
CVE-2022-36804	Atlassian	Bitbucket Server and Data Center	0.97346	99.92	3	atlassian-bitbucket-server-rce-attempt	8.8		09/30/2022	10/21/2022
CVE-2022-41040	Microsoft	Exchange Server	0.95067	99.392	41	exchange-proxynotshell-vuln-attempt	8.8		09/30/2022	10/21/2022
CVE-2022-41082	Microsoft	Exchange Server	0.15646	96.086	41	exchange-proxynotshell-vuln-attempt	8		09/30/2022	10/21/2022
CVE-2022-3236	Sophos	Firewall	0.12788	95.669	0	sophos-firewall-rce-cve-2022-3236-attempt	9.8		09/23/2022	10/14/2022
CVE-2022-35405	Zoho	ManageEngine	0.97264	99.89	0	zoho-password-manager-pro-xml-rpc-rce-attempt	9.8		09/22/2022	10/13/2022
CVE-2013-2094	Linux	Kernel	0.0016	53.642				7.2	09/15/2022	10/06/2022
CVE-2022-40139	Trend Micro	Apex One and Apex One as a Service	0.01442	87.117			7.2		09/15/2022	10/06/2022
CVE-2013-2597	Code Aurora	ACDB Audio Driver	0.00157	53.144				7.2	09/15/2022	10/06/2022
CVE-2013-6282	Linux	Kernel	0.02354	90.159				7.2	09/15/2022	10/06/2022
CVE-2013-2596	Linux	Kernel	0.00094	41.234			7.8	6.9	09/15/2022	10/06/2022
CVE-2010-2568	Microsoft	Windows	0.97207	99.866			7.8	9.3	09/15/2022	10/06/2022
CVE-2022-32917	Apple	iOS, iPadOS, and macOS	0.00067	31.192			7.8		09/14/2022	10/05/2022
CVE-2022-37969	Microsoft	Windows	0.00096	41.584			7.8		09/14/2022	10/05/2022
CVE-2022-27593	QNAP	Photo Station	0.58604	97.835	12	qnap-cve-2022-27593-attempt	9.1		09/08/2022	09/29/2022
CVE-2022-26258	D-Link	DIR-820L	0.66727	98.04	0	dlink-820l-rce-attempt	9.8	7.5	09/08/2022	09/29/2022
CVE-2018-2628	Oracle	WebLogic Server	0.97517	99.991	1134	oracle-weblogic-rce-cve-2018-2628-rce-attempt	9.8	7.5	09/08/2022	09/29/2022
CVE-2018-6530	D-Link	Multiple Routers	0.93644	99.218	0	d-link-soap-cgi-cve-2018-6530-command-injection-attempt	9.8	10	09/08/2022	09/29/2022
CVE-2022-3075	Google	Chromium Mojo	0.01027	84.408			9.6		09/08/2022	09/29/2022
CVE-2018-13374	Fortinet	FortiOS and FortiADC	0.02334	90.112			4.3	4	09/08/2022	09/29/2022
CVE-2022-28958	D-Link	DIR-816L	0.00967	81.581			9.8	7.5	09/08/2022	09/29/2022
CVE-2018-7445	MikroTik	RouterOS	0.82209	98.502	0	mikrotik-routeros-smb-buffer-overflow-attempt	9.8	10	09/08/2022	09/29/2022
CVE-2020-9934	Apple	iOS, iPadOS, and macOS	0.00087	38.261			5.5	2.1	09/08/2022	09/29/2022
CVE-2011-1823	Android	Android OS	0.00656	80.091			7.8	7.2	09/08/2022	09/29/2022
CVE-2017-5521	NETGEAR	Multiple Devices	0.97245	99.881	28	netgear-password-disclosure-attempt	8.1	4.3	09/08/2022	09/29/2022
CVE-2011-4723	D-Link	DIR-300 Router	0.00299	70.176				6.8	09/08/2022	09/29/2022
CVE-2021-39226	Grafana Labs	Grafana	0.9102	98.985			7.3	6.8	08/25/2022	09/15/2022
CVE-2020-36193	PEAR	Archive_Tar	0.90023	98.918			7.5	5	08/25/2022	09/15/2022
CVE-2021-31010	Apple	iOS, macOS, watchOS	0.00372	73.372			7.5	5	08/25/2022	09/15/2022
CVE-2022-22963	VMware Tanzu	Spring Cloud	0.9749	99.982	27	spring-cloud-function-spel-rce-attempt	9.8	7.5	08/25/2022	09/15/2022
CVE-2022-24706	Apache	CouchDB	0.97498	99.986	0	apache-couchdb-rce-cve-2022-24706-attempt	9.8	10	08/25/2022	09/15/2022
CVE-2022-26352	dotCMS	dotCMS	0.97492	99.982	19	dotcms-file-upload-attempt	9.8	6.8	08/25/2022	09/15/2022
CVE-2022-24112	Apache	APISIX	0.97382	99.937	28	apache-apisix-rce-attempt	9.8	7.5	08/25/2022	09/15/2022
CVE-2022-2294	WebRTC	WebRTC	0.01324	86.502			8.8		08/25/2022	09/15/2022
CVE-2020-28949	PEAR	Archive_Tar	0.9426	99.283			7.8	6.8	08/25/2022	09/15/2022
CVE-2021-38406	Delta Electronics	DOPSoft 2	0.86899	98.723			7.8	6.8	08/25/2022	09/15/2022
CVE-2022-0028	Palo Alto Networks	PAN-OS	0.00268	68.452			8.6		08/22/2022	09/12/2022
CVE-2022-26923	Microsoft	Active Directory	0.04341	92.598			8.8	9	08/18/2022	09/08/2022
CVE-2022-32893	Apple	iOS and macOS	0.00593	78.934			8.8		08/18/2022	09/08/2022
CVE-2022-22536	SAP	Multiple Products	0.95766	99.506	99	http-request-smuggling-attempt	10	10	08/18/2022	09/08/2022
CVE-2022-32894	Apple	iOS and macOS	0.00149	52.086			7.8		08/18/2022	09/08/2022
CVE-2022-21971	Microsoft	Windows	0.23866	96.751			7.8	9.3	08/18/2022	09/08/2022
CVE-2017-15944	Palo Alto Networks	PAN-OS	0.97414	99.951	31	palo-alto-panos-rce-check	9.8	7.5	08/18/2022	09/08/2022
CVE-2022-2856	Google	Chromium Intents	0.03744	92.103			6.5		08/18/2022	09/08/2022
CVE-2022-27925	Zimbra	Collaboration (ZCS)	0.94441	99.306	19	zimbra-collaboration-suite-rce-cve-2022-27925-attempt	7.2	6.5	08/11/2022	09/01/2022
CVE-2022-37042	Zimbra	Collaboration (ZCS)	0.97529	99.994	19	zimbra-collaboration-suite-auth-bypass-attempt	9.8		08/11/2022	09/01/2022
CVE-2022-34713	Microsoft	Windows	0.32524	97.158			7.8		08/09/2022	08/30/2022
CVE-2022-30333	RARLAB	UnRAR	0.94478	99.313			7.5	5	08/09/2022	08/30/2022
CVE-2022-27924	Zimbra	Collaboration (ZCS)	0.07293	94.28			7.5	5	08/04/2022	08/25/2022
CVE-2022-26138	Atlassian	Confluence	0.97166	99.85	25	atlassian-questions-for-confluence-hardcoded-password-attempt	9.8		07/29/2022	08/19/2022
CVE-2022-22047	Microsoft	Windows	0.00068	31.467			7.8	7.2	07/12/2022	08/02/2022
CVE-2022-26925	Microsoft	Windows	0.9135	99.011			5.9	4.3	07/01/2022	07/22/2022
CVE-2021-30533	Google	Chromium PopupBlocker	0.01737	88.375			6.5	4.3	06/27/2022	07/18/2022
CVE-2021-4034	Red Hat	Polkit	0.00134	50.032			7.8	7.2	06/27/2022	07/18/2022
CVE-2020-9907	Apple	Multiple Products	0.00246	65.311			7.8	9.3	06/27/2022	07/18/2022
CVE-2021-30983	Apple	iOS and iPadOS	0.00138	50.665			7.8	9.3	06/27/2022	07/18/2022
CVE-2018-4344	Apple	Multiple Products	0.00703	80.894			7.8	9.3	06/27/2022	07/18/2022
CVE-2020-3837	Apple	Multiple Products	0.00134	49.901			7.8	9.3	06/27/2022	07/18/2022
CVE-2022-29499	Mitel	MiVoice Connect	0.02906	91.122	0	mitel-mivoice-connect-ssrf-cve-2022-29499-attempt	9.8	10	06/27/2022	07/18/2022
CVE-2019-8605	Apple	Multiple Products	0.00132	49.675			7.8	9.3	06/27/2022	07/18/2022
CVE-2022-30190	Microsoft	Windows	0.96732	99.715			7.8	9.3	06/14/2022	07/05/2022
CVE-2016-2388	SAP	NetWeaver	0.01258	86.118			5.3	5	06/09/2022	06/30/2022
CVE-2016-2386	SAP	NetWeaver	0.55904	97.771			9.8	7.5	06/09/2022	06/30/2022
CVE-2021-38163	SAP	NetWeaver	0.92171	99.07			8.8	9	06/09/2022	06/30/2022
CVE-2018-17480	Google	Chromium V8	0.86659	98.698			8.8	6.8	06/08/2022	06/22/2022
CVE-2010-2883	Adobe	Acrobat and Reader	0.96005	99.546			7.3	9.3	06/08/2022	06/22/2022
CVE-2008-0655	Adobe	Acrobat and Reader	0.3288	97.173			9.8	9.3	06/08/2022	06/22/2022
CVE-2012-0754	Adobe	Flash Player	0.97289	99.898				9.3	06/08/2022	06/22/2022
CVE-2016-1646	Google	Chromium V8	0.28906	97.009			8.8	9.3	06/08/2022	06/22/2022
CVE-2019-7192	QNAP	Photo Station	0.9612	99.562	2	qnap-qts-and-photo-station-lfi-check	9.8	7.5	06/08/2022	06/22/2022
CVE-2009-4324	Adobe	Acrobat and Reader	0.96953	99.776			7.8	9.3	06/08/2022	06/22/2022
CVE-2009-3953	Adobe	Acrobat and Reader	0.96904	99.759			8.8	10	06/08/2022	06/22/2022
CVE-2018-6065	Google	Chromium V8	0.96458	99.634			8.8	6.8	06/08/2022	06/22/2022
CVE-2011-2462	Adobe	Acrobat and Reader	0.97031	99.805			9.8	10	06/08/2022	06/22/2022
CVE-2012-0151	Microsoft	Windows	0.88098	98.79			7.8	9.3	06/08/2022	06/22/2022
CVE-2019-5825	Google	Chromium V8	0.60418	97.885			6.5	4.3	06/08/2022	06/22/2022
CVE-2013-1331	Microsoft	Office	0.94984	99.382			7.8	9.3	06/08/2022	06/22/2022
CVE-2016-5198	Google	Chromium V8	0.4608	97.555			8.8	6.8	06/08/2022	06/22/2022
CVE-2012-5054	Adobe	Flash Player	0.61971	97.921			8.8	9.3	06/08/2022	06/22/2022
CVE-2019-7193	QNAP	QTS	0.95151	99.404	2	qnap-qts-and-photo-station-lfi-check	9.8	10	06/08/2022	06/22/2022
CVE-2017-5070	Google	Chromium V8	0.87599	98.769			8.8	6.8	06/08/2022	06/22/2022
CVE-2007-5659	Adobe	Acrobat and Reader	0.97203	99.864			7.8	9.3	06/08/2022	06/22/2022
CVE-2011-0609	Adobe	Flash Player	0.96907	99.76			7.8	9.3	06/08/2022	06/22/2022
CVE-2012-4969	Microsoft	Internet Explorer	0.85889	98.667				9.3	06/08/2022	06/22/2022
CVE-2012-1889	Microsoft	XML Core Services	0.9698	99.79			8.8	9.3	06/08/2022	06/22/2022
CVE-2009-0557	Microsoft	Office	0.92133	99.068			7.8	9.3	06/08/2022	06/22/2022
CVE-2006-2492	Microsoft	Word	0.75579	98.267			8.8	7.6	06/08/2022	06/22/2022
CVE-2010-2572	Microsoft	PowerPoint	0.94599	99.327			7.8	9.3	06/08/2022	06/22/2022
CVE-2009-1862	Adobe	Acrobat and Reader, Flash Player	0.55885	97.769			7.8	9.3	06/08/2022	06/22/2022
CVE-2017-6862	NETGEAR	Multiple Devices	0.2346	96.724			9.8	7.5	06/08/2022	06/22/2022
CVE-2009-0563	Microsoft	Office	0.89521	98.875			7.8	9.3	06/08/2022	06/22/2022
CVE-2017-5030	Google	Chromium V8	0.75547	98.265			8.8	6.8	06/08/2022	06/22/2022
CVE-2010-1297	Adobe	Flash Player	0.87099	98.737			7.8	9.3	06/08/2022	06/22/2022
CVE-2018-17463	Google	Chromium V8	0.96966	99.78			8.8	6.8	06/08/2022	06/22/2022
CVE-2019-7195	QNAP	Photo Station	0.97041	99.808	2	qnap-qts-and-photo-station-lfi-check	9.8	7.5	06/08/2022	06/22/2022
CVE-2019-15271	Cisco	RV Series Routers	0.00383	73.753			8.8	9	06/08/2022	06/22/2022
CVE-2019-7194	QNAP	Photo Station	0.97041	99.808	2	qnap-qts-and-photo-station-lfi-check	9.8	7.5	06/08/2022	06/22/2022
CVE-2018-4990	Adobe	Acrobat and Reader	0.03476	91.816			8.8	6.8	06/08/2022	06/22/2022
CVE-2012-0767	Adobe	Flash Player	0.00278	68.974				4.3	06/08/2022	06/22/2022
CVE-2022-31460	Owl Labs	Meeting Owl Pro and Whiteboard Owl	0.00074	33.568			7.4	3.3	06/08/2022	06/22/2022
CVE-2022-26134	Atlassian	Confluence Server/Data Center	0.97279	99.896	95	atlassian-confluence-server-cve-2022-26134-ognl-injection-attempt	9.8	7.5	06/02/2022	06/06/2022
CVE-2015-4495	Mozilla	Firefox	0.89784	98.895			8.8	4.3	05/25/2022	06/15/2022
CVE-2014-0546	Adobe	Acrobat and Reader	0.00682	80.584			9.8	10	05/25/2022	06/15/2022
CVE-2015-2360	Microsoft	Win32k	0.00084	37.217				7.2	05/25/2022	06/15/2022
CVE-2013-3993	IBM	InfoSphere BigInsights	0.09867	95.073			6.5	3.5	05/25/2022	06/15/2022
CVE-2015-0016	Microsoft	Windows	0.88772	98.832			7.8	9.3	05/25/2022	06/15/2022
CVE-2014-4148	Microsoft	Windows	0.38648	97.344			8.8	9.3	05/25/2022	06/15/2022

The Dashboard above provides a complete list of the CISA Known Exploitable Vulnerabilities Catalog, as well as essential information about each vulnerability, including:

CVE Identifier: The unique Common Vulnerabilities and Exposures (CVE) identification number assigned to each vulnerability.
Vendor: The organization who developed the product associated with the CVE.
Product: The product associated with the CVE.
Date Added: The date CISA added the vulnerability to the CISA KEV list.
Due Date: Federal organizations are required to comply with remediation dates that are set by CISA BOD 22-01. The due date reflects the date federal agencies must comply with the mandate by.

Want to be Notified of Future CISA KEV Breakdowns from Nucleus?
Subscribe here:

Frequently Asked Questions

Why did Nucleus create the CISA KEV Enrichment Dashboard?

We created this tool out of our own curiosity to learn more about the vulnerabilities CISA identifies on the CISA KEV catalog as the information provided by CISA is extremely limited. We created this as a part of our security research known as the CISA KEV Breakdown.We believe having additional context can help organizations better understand the value of incorporating CISA KEV, Greynoise, EPSS, and other threat intelligence into vulnerability management prioritization and remediation efforts.

What is the CISA KEV (Known Exploitable Vulnerabilities) Catalog?

The CISA KEV Catalog is a managed threat intelligence source that provides a list of known exploited vulnerabilities that carry a significant risk to federal agencies. CISA KEV was developed as a part of the CISA Binding Operating Directive 22-01. The catalog is available for free from CISA and we recommend any organizations should consider using this and other threat intelligence sources to help prioritize vulnerability remediation.

What vulnerability enrichment is included on the dashboard?

Nucleus CISA KEV Vulnerability Enrichment Dashboard mirrors the CISA KEV list, and is enriched with CVSS, EPSS and GreyNoise Threat Intelligence.

How can I identify CISA Known Exploitable Vulnerabilities within my environment?

Lucky you should ask! Enriching your vulnerabilities findings data with vulnerability intelligence is a key way to prioritize vulnerability remediation efforts and significantly reduce your risk of being the victim of an exploited vulnerability. Nucleus enables you to aggregate all of your assets and vulnerabilities and quickly identify what CISA Known Exploitable Vulnerabilities are within your environment.
Learn how Nucleus can help you identify and prioritize CISA Known Exploitable Vulnerabilities for remediation.

Click here to expand our CISA KEV Frequently Asked Questions

How Frequently is this dashboard updated
- We aim to have this page updated within 48 hours of a CISA KEV Catalog update. Vulnerability Intelligence information may change across a vulnerability’s lifespan.
I am not bound by BOD 22-01 or federal regulations, why should the KEV concern me?
- CISA encourages all organizations to utilize the Catalog as an attribute in your vulnerability prioritization framework. Organizations looking to lessen the scope on known dangerous vulnerabilities and make a goal to remediate them can understand where they currently stand against what CISA has confirmed as exploited vulnerabilities in the wild. See CISA’s section on “How should organizations use the KEV catalog?” here.
What is GreyNoise?
- GreyNoise is a platform that collects, analyzes, and labels data on IPs that scan the internet and saturate security tools with noise. Through their sensor network, GreyNoise observes vulnerability exploitation attempts for vulnerabilities that are exploited in the wild over the Internet. These are arguably vulnerabilities that should be at the very top of your priority list to remediate.
Why are GreyNoise exploitation attempts only observed on ~20% of KEV vulnerabilities?
- Exploitation of many vulnerabilities in the CISA KEV will not be observed for many reasons that GreyNoise does a good job of explaining in this post. For example:
  - The vulnerability may not be remotely exploitable
  - Vulnerability exploitation may require authentication (and result in privilege escalation)
  - The impacted software may not be exposed to the internet
  - Mass scanning/exploitation is not occurring yet
What is EPSS?
- EPSS is the Exploit Prediction Scoring System. It is an open, data-driven effort for estimating the likelihood (probability) that a software vulnerability will be exploited in the wild. See the EPSS home page on FIRST for more information here.
What is the difference between EPSS probability and EPSS percent?
- EPSS probability is the risk calculated by the model when determining the perceived threat of the vulnerability itself. Percentage is a relative comparison of the rest of the CVEs within the given sample. While the probability only changes upon refreshing the results from the model, the percentage can change purely based on the CVE sample given. In the case of the Breakdown, we use the percentage given by the pool of all CVEs with given EPSS data. Scores may vary post-release of the post given new information about the vulnerabilities and their perceived threat. For more information on applying and understanding EPSS data, see this article on the FIRST website, as well as their FAQ page.