Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1 - 20 of 32
Filters:
Qualcomm | Multiple Chipsets

CVE-2025-27038

Qualcomm Multiple Chipsets Use-After-Free Vulnerability: Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption while rendering graphics using Adreno GPU drivers in Chrome.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-06-03
  • Due Date: 2025-06-24
Additional Notes
Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-27038
Qualcomm | Multiple Chipsets

CVE-2025-21480

Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability: Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-06-03
  • Due Date: 2025-06-24
Additional Notes
Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-21480
Qualcomm | Multiple Chipsets

CVE-2025-21479

Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability: Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-06-03
  • Due Date: 2025-06-24
Additional Notes
Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-21479
Progress | WhatsUp Gold

CVE-2024-4885

Progress WhatsUp Gold Path Traversal Vulnerability: Progress WhatsUp Gold contains a path traversal vulnerability that allows an unauthenticated attacker to achieve remote code execution.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-03-03
  • Due Date: 2025-03-24
Additional Notes
https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 ; https://nvd.nist.gov/vuln/detail/CVE-2024-4885
Progress | Kemp LoadMaster

CVE-2024-1212

Progress Kemp LoadMaster OS Command Injection Vulnerability: Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-11-18
  • Due Date: 2024-12-09
Additional Notes
https://community.progress.com/s/article/Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1212
Atlassian | Jira Server and Data Center

CVE-2021-26086

Atlassian Jira Server and Data Center Path Traversal Vulnerability: Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the /WEB-INF/web.xml endpoint.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-11-12
  • Due Date: 2024-12-03
Additional Notes
https://jira.atlassian.com/browse/JRASERVER-72695 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26086
Qualcomm | Multiple Chipsets

CVE-2024-43047

Qualcomm Multiple Chipsets Use-After-Free Vulnerability: Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
  • Date Added: 2024-10-08
  • Due Date: 2024-10-29
Additional Notes
https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/dsp-kernel/-/commit/0e27b6c7d2bd8d0453e4465ac2ca49a8f8c440e2 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43047
Progress | WhatsUp Gold

CVE-2024-6670

Progress WhatsUp Gold SQL Injection Vulnerability: Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user.

Related CWE: CWE-89

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-09-16
  • Due Date: 2024-10-07
Additional Notes
https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024 ; https://nvd.nist.gov/vuln/detail/CVE-2024-6670
Progress | Telerik Report Server

CVE-2024-4358

Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability: Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability that allows an attacker to obtain unauthorized access.

Related CWE: CWE-290

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-06-13
  • Due Date: 2024-07-04
Additional Notes
https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358; https://nvd.nist.gov/vuln/detail/CVE-2024-4358
Atlassian | Confluence Data Center and Server

CVE-2023-22527

Atlassian Confluence Data Center and Server Template Injection Vulnerability: Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.

Related CWE: CWE-74

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-01-24
  • Due Date: 2024-02-14
Additional Notes
https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22527
Qualcomm | Multiple Chipsets

CVE-2022-22071

Qualcomm Multiple Chipsets Use-After-Free Vulnerability: Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap call and process initialization is in progress.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
  • Date Added: 2023-12-05
  • Due Date: 2023-12-26
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.codelinaro.org/clo/la/kernel/msm-5.4/-/commit/586840fde350d7b8563df9889c8ce397e2c20dda; https://nvd.nist.gov/vuln/detail/CVE-2022-22071
Qualcomm | Multiple Chipsets

CVE-2023-33063

Qualcomm Multiple Chipsets Use-After-Free Vulnerability: Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
  • Date Added: 2023-12-05
  • Due Date: 2023-12-26
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.codelinaro.org/clo/la/kernel/msm-5.15/-/commit/2643808ddbedfaabbb334741873fb2857f78188a, https://git.codelinaro.org/clo/la/kernel/msm-4.14/-/commit/d43222efda5a01c9804d74a541e3c1be9b7fe110; https://nvd.nist.gov/vuln/detail/CVE-2023-33063
Qualcomm | Multiple Chipsets

CVE-2023-33106

Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability: Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

Related CWE: CWE-823

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
  • Date Added: 2023-12-05
  • Due Date: 2023-12-26
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.codelinaro.org/clo/la/kernel/msm-4.19/-/commit/1e46e81dbeb69aafd5842ce779f07e617680fd58; https://nvd.nist.gov/vuln/detail/CVE-2023-33106
Qualcomm | Multiple Chipsets

CVE-2023-33107

Qualcomm Multiple Chipsets Integer Overflow Vulnerability: Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

Related CWE: CWE-190

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
  • Date Added: 2023-12-05
  • Due Date: 2023-12-26
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.codelinaro.org/clo/la/kernel/msm-4.19/-/commit/d66b799c804083ea5226cfffac6d6c4e7ad4968b; https://nvd.nist.gov/vuln/detail/CVE-2023-33107
Atlassian | Confluence Data Center and Server

CVE-2023-22518

Atlassian Confluence Data Center and Server Improper Authorization Vulnerability: Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-11-07
  • Due Date: 2023-11-28
Additional Notes
https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22518
Progress | WS_FTP Server

CVE-2023-40044

Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability: Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-10-05
  • Due Date: 2023-10-26
Additional Notes
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023; https://nvd.nist.gov/vuln/detail/CVE-2023-40044
Atlassian | Confluence Data Center and Server

CVE-2023-22515

Atlassian Confluence Data Center and Server Broken Access Control Vulnerability: Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Check all affected Confluence instances for evidence of compromise per vendor instructions and report any positive findings to CISA.
  • Date Added: 2023-10-05
  • Due Date: 2023-10-13
Additional Notes
https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22515
Progress | MOVEit Transfer

CVE-2023-34362

Progress MOVEit Transfer SQL Injection Vulnerability: Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or delete database elements.

Related CWE: CWE-89

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-06-02
  • Due Date: 2023-06-23
Additional Notes
This CVE has a CISA AA located here: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-158a. Please see the AA for associated IOCs. Additional information is available at: https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023.; https://nvd.nist.gov/vuln/detail/CVE-2023-34362
Atlassian | Bitbucket Server and Data Center

CVE-2022-36804

Atlassian Bitbucket Server and Data Center Command Injection Vulnerability: Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions to a private one, can execute code by sending a malicious HTTP request.

Related CWEs: CWE-78| CWE-88| CWE-158

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-09-30
  • Due Date: 2022-10-21
Additional Notes
https://jira.atlassian.com/browse/BSERV-13438; https://nvd.nist.gov/vuln/detail/CVE-2022-36804
Atlassian | Confluence

CVE-2022-26138

Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability: Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.

Related CWE: CWE-798

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-07-29
  • Due Date: 2022-08-19
Additional Notes
https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html; https://nvd.nist.gov/vuln/detail/CVE-2022-26138

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now