Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Free Cyber ServicesSecure by design Secure Our WorldShields UpReport A Cyber Issue

Cybersecurity & Infrastructure Security Agency logo America’s Cyber Security Defense Agency National Coordinator For Critical Infrastructure Security and ResilienceCybersecurity & Infrastructure Security Agency logo America’s Cyber Security Defense Agency National Coordinator For Critical Infrastructure Security and Resilience
CISA Logo

Search

 

America's Cyber Defense Agency
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help LocallyFaith-Based CommunityExecutivesHigh-Risk Communities
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
    CISA Conferences
    CISA Live!
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
  • About
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Site Links
    CISA GitHub
    CISA Central
    Contact Us
    Subscribe
    Transparency and Accountability
    Policies & Plans

Free Cyber ServicesSecure by design Secure Our WorldShields UpReport A Cyber Issue

Breadcrumb
  1. Home
  2. Known Exploited Vulnerabilities Catalog
Share:

Filters

  • Accellion
  • Qlik
  • CrushFTP
  • OSGeo
  • ServiceNow
  • Dahua
  • PTZOptics
  • CyberPersons
  • Cleo
  • Reolink
  • NUUO
  • BeyondTrust
  • Paessler
  • Hitachi Vantara
  • Advantive
  • Commvault
  • GeoVision
  • Unitronics
  • FXC
  • Spreadsheet::ParseExcel
  • Joomla!
  • ConnectWise
  • Sunhillo
  • Nice
  • NextGen Healthcare
  • Justice AV Solutions
  • Check Point
  • PHP Group
  • Twilio
  • Acronis
  • Versa
  • Kingsoft
  • ScienceLogic
  • Nostromo
  • Metabase
  • Array Networks
  • North Grid
  • ProjectSend
  • Acclaim Systems
  • JQuery
  • Audinate
  • 7-Zip
  • Trimble
  • SimpleHelp
  • Craft CMS
  • tj-actions
  • NAKIVO
  • Edimax
  • reviewdog
  • Gladinet
  • Broadcom
  • Qualitia
  • Yiiframework
  • Langflow
  • FreeType
  • TeleMessage
  • ZKTeco
  • Srimax
  • MDaemon
  • ownCloud
  • Adobe
  • Alcatel
  • Amcrest
  • Android
  • Apache
  • Apple
  • Arcadyan
  • Arcserve
  • Arm
  • Artifex
  • Atlassian
  • Aviatrix
  • Barracuda Networks
  • BQE
  • Cacti
  • ChakraCore
  • Checkbox
  • (-) Remove filterCisco
  • Citrix
  • Code Aurora
  • Crestron
  • CWP
  • D-Link
  • D-Link and TRENDnet
  • Dasan
  • Dell
  • Delta Electronics
  • Docker
  • dotCMS
  • DotNetNuke (DNN)
  • DrayTek
  • Drupal
  • Elastic
  • Embedthis
  • Exim
  • EyesOfNetwork
  • F5
  • FatPipe
  • ForgeRock
  • Fortinet
  • Fortra
  • Fuel CMS
  • GIGABYTE
  • GitLab
  • GNU
  • Google
  • Grafana Labs
  • Grandstream
  • Hewlett Packard (HP)
  • Hikvision
  • IBM
  • IETF
  • Ignite Realtime
  • ImageMagick
  • InduSoft
  • Intel
  • Ivanti
  • Jenkins
  • JetBrains
  • Juniper
  • Kaseya
  • Kentico
  • Laravel
  • LG
  • Liferay
  • (-) Remove filterLinux
  • McAfee
  • MediaTek
  • Meta Platforms
  • Micro Focus
  • Microsoft
  • MikroTik
  • MinIO
  • Mitel
  • MongoDB
  • Mozilla
  • Nagios
  • NETGEAR
  • Netis
  • Netwrix
  • Novi Survey
  • Npm package
  • October CMS
  • OpenBSD
  • OpenSSL
  • Oracle
  • Palo Alto Networks
  • PaperCut
  • PEAR
  • Perl
  • PHP
  • phpMyAdmin
  • PHPUnit
  • Pi-hole
  • PlaySMS
  • Plex
  • Primetek
  • Progress
  • Pulse Secure
  • QNAP
  • QNAP Systems
  • Qualcomm
  • Quest
  • Rails
  • RARLAB
  • rConfig
  • Realtek
  • Red Hat
  • Redis
  • Rejetto
  • Roundcube
  • Ruckus Wireless
  • SaltStack
  • Samba
  • Samsung
  • SAP
  • Schneider Electric
  • Siemens
  • SIMalliance
  • Sitecore
  • SolarView
  • SolarWinds
  • Sonatype
  • SonicWall
  • Sophos
  • Sudo
  • SugarCRM
  • Sumavision
  • (-) Remove filterSymantec
  • Synacor
  • SysAid
  • TeamViewer
  • Teclib
  • Telerik
  • Tenda
  • TerraMaster
  • ThinkPHP
  • TIBCO
  • TP-Link
  • Treck TCP/IP stack
  • Trend Micro
  • Trihedral
  • TVT
  • Ubiquiti
  • Unraid
  • vBulletin
  • Veeam
  • Veritas
  • VMware
  • VMware Tanzu
  • WatchGuard
  • WebKitGTK
  • Webmin
  • WebRTC
  • WordPress
  • WSO2
  • XStream
  • Yealink
  • Zabbix
  • ZK Framework
  • Zoho
  • Zyxel
No result
Reset

Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License


Showing 1 - 20 of 97
Filters:
  • (-) Remove filterCisco
  • (-) Remove filterLinux
  • (-) Remove filterSymantec
  • Clear all filters
Linux | Kernel

CVE-2024-53150

Linux Kernel Out-of-Bounds Read Vulnerability: Linux Kernel contains an out-of-bounds read vulnerability in the USB-audio driver that allows a local, privileged attacker to obtain potentially sensitive information.

Related CWE: CWE-125

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-04-09
  • Due Date: 2025-04-30
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024122427-CVE-2024-53150-3a7d@gregkh/ ; https://source.android.com/docs/security/bulletin/2025-04-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-53150
Linux | Kernel

CVE-2024-53197

Linux Kernel Out-of-Bounds Access Vulnerability: Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privileges, or execute arbitrary code.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-04-09
  • Due Date: 2025-04-30
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024122725-CVE-2024-53197-6aef@gregkh/ ; https://source.android.com/docs/security/bulletin/2025-04-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-53197
Cisco | Smart Licensing Utility

CVE-2024-20439

Cisco Smart Licensing Utility Static Credential Vulnerability: Cisco Smart Licensing Utility contains a static credential vulnerability that allows an unauthenticated, remote attacker to log in to an affected system and gain administrative credentials.

Related CWE: CWE-912

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-03-31
  • Due Date: 2025-04-21
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw ; https://nvd.nist.gov/vuln/detail/CVE-2024-20439
Linux | Kernel

CVE-2024-50302

Linux Kernel Use of Uninitialized Resource Vulnerability: The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report.

Related CWE: CWE-908

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-03-04
  • Due Date: 2025-03-25
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024111908-CVE-2024-50302-f677@gregkh/ ; https://source.android.com/docs/security/bulletin/2025-03-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-50302
Cisco | Small Business RV Series Routers

CVE-2023-20118

Cisco Small Business RV Series Routers Command Injection Vulnerability: Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management interface. Successful exploitation could allow an authenticated, remote attacker to gain root-level privileges and access unauthorized data.

Related CWE: CWE-77

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-03-03
  • Due Date: 2025-03-24
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5 ; https://nvd.nist.gov/vuln/detail/CVE-2023-20118
Linux | Kernel

CVE-2024-53104

Linux Kernel Out-of-Bounds Write Vulnerability: Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-02-05
  • Due Date: 2025-02-26
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-53104
Cisco | Adaptive Security Appliance (ASA)

CVE-2014-2120

Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability: Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.

Related CWE: CWE-79

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-11-12
  • Due Date: 2024-12-03
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CVE-2014-2120 ; https://nvd.nist.gov/vuln/detail/CVE-2014-2120
Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVE-2024-20481

Cisco ASA and FTD Denial-of-Service Vulnerability: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.

Related CWE: CWE-772

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-10-24
  • Due Date: 2024-11-14
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-bf-dos-vDZhLqrW ; https://nvd.nist.gov/vuln/detail/CVE-2024-20481
Linux | Kernel

CVE-2017-1000253

Linux Kernel PIE Stack Buffer Corruption Vulnerability : Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-09-09
  • Due Date: 2024-09-30
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86; https://nvd.nist.gov/vuln/detail/CVE-2017-1000253
Linux | Kernel

CVE-2022-0185

Linux Kernel Heap-Based Buffer Overflow Vulnerability: Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges.

Related CWE: CWE-190

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
  • Date Added: 2024-08-21
  • Due Date: 2024-09-11
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=722d94847de2; https://nvd.nist.gov/vuln/detail/CVE-2022-0185
Cisco | NX-OS

CVE-2024-20399

Cisco NX-OS Command Injection Vulnerability: Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-07-02
  • Due Date: 2024-07-23
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP; https://nvd.nist.gov/vuln/detail/CVE-2024-20399
Linux | Kernel

CVE-2022-2586

Linux Kernel Use-After-Free Vulnerability: Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
  • Date Added: 2024-06-26
  • Due Date: 2024-07-17
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://seclists.org/oss-sec/2022/q3/131; https://nvd.nist.gov/vuln/detail/CVE-2022-2586
Linux | Kernel

CVE-2024-1086

Linux Kernel Use-After-Free Vulnerability: Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-05-30
  • Due Date: 2024-06-20
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660; https://nvd.nist.gov/vuln/detail/CVE-2024-1086
Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVE-2024-20353

Cisco ASA and FTD Denial of Service Vulnerability: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.

Related CWE: CWE-835

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-04-24
  • Due Date: 2024-05-01
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2; https://nvd.nist.gov/vuln/detail/CVE-2024-20353
Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVE-2024-20359

Cisco ASA and FTD Privilege Escalation Vulnerability: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-04-24
  • Due Date: 2024-05-01
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h; https://nvd.nist.gov/vuln/detail/CVE-2024-20359
Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVE-2020-3259

Cisco ASA and FTD Information Disclosure Vulnerability: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. This vulnerability affects only specific AnyConnect and WebVPN configurations.

Related CWE: CWE-200

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-02-15
  • Due Date: 2024-03-07
Additional Notes
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB; https://nvd.nist.gov/vuln/detail/CVE-2020-3259
Cisco | Cisco IOS XE Web UI

CVE-2023-20273

Cisco IOS XE Web UI Command Injection Vulnerability: Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.
  • Date Added: 2023-10-23
  • Due Date: 2023-10-27
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z; https://nvd.nist.gov/vuln/detail/CVE-2023-20273
Cisco | IOS XE Web UI

CVE-2023-20198

Cisco IOS XE Web UI Privilege Escalation Vulnerability: Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device.

Related CWE: CWE-420

Known To Be Used in Ransomware Campaigns? Unknown

Action: Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.
  • Date Added: 2023-10-16
  • Due Date: 2023-10-20
Additional Notes
https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-xe-dublin-17121/221128-software-fix-availability-for-cisco-ios.html; https://nvd.nist.gov/vuln/detail/CVE-2023-20198
Cisco | IOS and IOS XE

CVE-2023-20109

Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability: Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a device to crash.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-10-10
  • Due Date: 2023-10-31
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-getvpn-rce-g8qR68sx; https://nvd.nist.gov/vuln/detail/CVE-2023-20109
Cisco | Adaptive Security Appliance and Firepower Threat Defense

CVE-2023-20269

Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability: Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.

Related CWE: CWE-288

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions for group-lock and vpn-simultaneous-logins or discontinue use of the product for unsupported devices.
  • Date Added: 2023-09-13
  • Due Date: 2023-10-04
Additional Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC; https://nvd.nist.gov/vuln/detail/CVE-2023-20269
  • Currently on page 1
  • Page 2
  • Page 3
  • Page 4
  • Page 5
  • Go to next pageNext
  • Go to last pageLast

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now
Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • X
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 1-844-Say-CISA SayCISA@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • Subscribe
  • The White House
  • USA.gov
  • Website Feedback