Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Advantive | VeraCore

CVE-2024-57968

Advantive VeraCore Unrestricted File Upload Vulnerability: Advantive VeraCore contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload files to unintended folders via upload.apsx.

Related CWE: CWE-434

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Date Added: 2025-03-10
Due Date: 2025-03-31

Additional Notes

Advantive | VeraCore

CVE-2025-25181

Advantive VeraCore SQL Injection Vulnerability: Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via the PmSess1 parameter.

Related CWE: CWE-89

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Date Added: 2025-03-10
Due Date: 2025-03-31

Additional Notes

GIGABYTE | Multiple Products

CVE-2018-19323

GIGABYTE Multiple Products Privilege Escalation Vulnerability: The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-10-24
Due Date: 2022-11-14

Additional Notes

GIGABYTE | Multiple Products

CVE-2018-19322

GIGABYTE Multiple Products Code Execution Vulnerability: The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

Related CWE: CWE-749

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-10-24
Due Date: 2022-11-14

Additional Notes

GIGABYTE | Multiple Products

CVE-2018-19321

GIGABYTE Multiple Products Privilege Escalation Vulnerability: The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-10-24
Due Date: 2022-11-14

Additional Notes

GIGABYTE | Multiple Products

CVE-2018-19320

GIGABYTE Multiple Products Unspecified Vulnerability: The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-10-24
Due Date: 2022-11-14

Additional Notes

Nagios | Nagios XI

CVE-2021-25296

Nagios XI OS Command Injection: Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.

Related CWEs: CWE-78| CWE-138

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-01-18
Due Date: 2022-02-01

Additional Notes

Nagios | Nagios XI

CVE-2021-25297

Nagios XI OS Command Injection: Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.

Related CWEs: CWE-78| CWE-138

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-01-18
Due Date: 2022-02-01

Additional Notes

Nagios | Nagios XI

CVE-2021-25298

Nagios XI OS Command Injection: Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.

Related CWEs: CWE-78| CWE-138

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-01-18
Due Date: 2022-02-01

Additional Notes

Nagios | Nagios XI

CVE-2019-15949

Nagios XI Remote Code Execution Vulnerability: Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and insert malicious commands to execute as root.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2021-11-03
Due Date: 2022-05-03

Additional Notes

Known Exploited Vulnerabilities Catalog

Subscribe to the KEV Catalog Updates