Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1 - 20 of 56
Filters:
Fortinet | FortiOS and FortiProxy

CVE-2025-24472

Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability: Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.

Related CWE: CWE-288

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-03-18
  • Due Date: 2025-04-08
Additional Notes
https://fortiguard.fortinet.com/psirt/FG-IR-24-535 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24472
Oracle | Agile Product Lifecycle Management (PLM)

CVE-2024-20953

Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability: Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the system.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-02-24
  • Due Date: 2025-03-17
Additional Notes
https://www.oracle.com/security-alerts/cpujan2024.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-20953
Fortinet | FortiOS and FortiProxy

CVE-2024-55591

Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability: Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Related CWE: CWE-288

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-01-14
  • Due Date: 2025-01-21
Additional Notes
https://fortiguard.fortinet.com/psirt/FG-IR-24-535 ; https://nvd.nist.gov/vuln/detail/CVE-2024-55591
Oracle | WebLogic Server

CVE-2020-2883

Oracle WebLogic Server Unspecified Vulnerability: Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable by an unauthenticated attacker with network access via IIOP or T3.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-01-07
  • Due Date: 2025-01-28
Additional Notes
https://www.oracle.com/security-alerts/cpuapr2020.html ; https://nvd.nist.gov/vuln/detail/CVE-2020-2883
Oracle | Agile Product Lifecycle Management (PLM)

CVE-2024-21287

Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability: Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful exploitation of this vulnerability may result in unauthenticated file disclosure.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-11-21
  • Due Date: 2024-12-12
Additional Notes
https://www.oracle.com/security-alerts/alert-cve-2024-21287.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-21287
Fortinet | FortiManager

CVE-2024-47575

Fortinet FortiManager Missing Authentication Vulnerability: Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

Related CWE: CWE-306

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-10-23
  • Due Date: 2024-11-13
Additional Notes
https://fortiguard.fortinet.com/psirt/FG-IR-24-423 ; https://nvd.nist.gov/vuln/detail/CVE-2024-47575
Fortinet | Multiple Products

CVE-2024-23113

Fortinet Multiple Products Format String Vulnerability: Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

Related CWE: CWE-134

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-10-09
  • Due Date: 2024-10-30
Additional Notes
https://www.fortiguard.com/psirt/FG-IR-24-029 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23113
Oracle | ADF Faces

CVE-2022-21445

Oracle ADF Faces Deserialization of Untrusted Data Vulnerability: Oracle ADF Faces library, included with Oracle JDeveloper Distribution, contains a deserialization of untrusted data vulnerability leading to unauthenticated remote code execution.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-09-18
  • Due Date: 2024-10-09
Additional Notes
https://www.oracle.com/security-alerts/cpuapr2022.html ; https://nvd.nist.gov/vuln/detail/CVE-2022-21445
Oracle | WebLogic Server

CVE-2020-14644

Oracle WebLogic Server Remote Code Execution Vulnerability: Oracle WebLogic Server, a product within the Fusion Middleware suite, contains a deserialization vulnerability. Unauthenticated attackers with network access via T3 or IIOP can exploit this vulnerability to achieve remote code execution.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-09-18
  • Due Date: 2024-10-09
Additional Notes
https://www.oracle.com/security-alerts/cpujul2020.html ; https://nvd.nist.gov/vuln/detail/CVE-2020-14644
Oracle | WebLogic Server

CVE-2017-3506

Oracle WebLogic Server OS Command Injection Vulnerability: Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability that allows an attacker to execute arbitrary code via a specially crafted HTTP request that includes a malicious XML document.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-06-03
  • Due Date: 2024-06-24
Additional Notes
https://www.oracle.com/security-alerts/cpuapr2017.html; https://nvd.nist.gov/vuln/detail/CVE-2017-3506
Fortinet | FortiClient EMS

CVE-2023-48788

Fortinet FortiClient EMS SQL Injection Vulnerability: Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.

Related CWE: CWE-89

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-03-25
  • Due Date: 2024-04-15
Additional Notes
https://www.fortiguard.com/psirt/FG-IR-24-007; https://nvd.nist.gov/vuln/detail/CVE-2023-48788
Fortinet | FortiOS

CVE-2024-21762

Fortinet FortiOS Out-of-Bound Write Vulnerability: Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-02-09
  • Due Date: 2024-02-16
Additional Notes
https://fortiguard.fortinet.com/psirt/FG-IR-24-015 ; https://nvd.nist.gov/vuln/detail/CVE-2024-21762
Oracle | Fusion Middleware

CVE-2020-2551

Oracle Fusion Middleware Unspecified Vulnerability: Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the WebLogic Server.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-11-16
  • Due Date: 2023-12-07
Additional Notes
https://www.oracle.com/security-alerts/cpujan2020.html; https://nvd.nist.gov/vuln/detail/CVE-2020-2551
Fortinet | FortiOS and FortiProxy SSL-VPN

CVE-2023-27997

Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability: Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.

Related CWE: CWE-122

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-06-13
  • Due Date: 2023-07-04
Additional Notes
https://www.fortiguard.com/psirt/FG-IR-23-097; https://nvd.nist.gov/vuln/detail/CVE-2023-27997
Oracle | Java SE and JRockit

CVE-2016-3427

Oracle Java SE and JRockit Unspecified Vulnerability: Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-05-12
  • Due Date: 2023-06-02
Additional Notes
https://www.oracle.com/security-alerts/cpuapr2016v3.html; https://nvd.nist.gov/vuln/detail/CVE-2016-3427
Oracle | WebLogic Server

CVE-2023-21839

Oracle WebLogic Server Unspecified Vulnerability: Oracle WebLogic Server contains an unspecified vulnerability that allows an unauthenticated attacker with network access via T3, IIOP, to compromise Oracle WebLogic Server.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-05-01
  • Due Date: 2023-05-22
Additional Notes
https://www.oracle.com/security-alerts/cpujan2023.html; https://nvd.nist.gov/vuln/detail/CVE-2023-21839
Fortinet | FortiOS

CVE-2022-41328

Fortinet FortiOS Path Traversal Vulnerability: Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-03-14
  • Due Date: 2023-04-04
Additional Notes
https://www.fortiguard.com/psirt/FG-IR-22-369; https://nvd.nist.gov/vuln/detail/CVE-2022-41328
Oracle | E-Business Suite

CVE-2022-21587

Oracle E-Business Suite Unspecified Vulnerability: Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.

Related CWE: CWE-306

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-02-02
  • Due Date: 2023-02-23
Additional Notes
https://www.oracle.com/security-alerts/cpuoct2022.html; https://nvd.nist.gov/vuln/detail/CVE-2022-21587
Fortinet | FortiOS

CVE-2022-42475

Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability: Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.

Related CWE: CWE-197

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-13
  • Due Date: 2023-01-03
Additional Notes
https://www.fortiguard.com/psirt/FG-IR-22-398; https://nvd.nist.gov/vuln/detail/CVE-2022-42475
Oracle | Fusion Middleware

CVE-2021-35587

Oracle Fusion Middleware Unspecified Vulnerability: Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the Access Manager product.

Related CWEs: CWE-502| CWE-790

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-28
  • Due Date: 2022-12-19
Additional Notes
https://www.oracle.com/security-alerts/cpujan2022.html; https://nvd.nist.gov/vuln/detail/CVE-2021-35587

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now