Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity & Infrastructure Security Agency
America's Cyber Defense Agency

Search

 
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help LocallyFaith-Based CommunityExecutives
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
    Work @ CISA
  • About
    Culture
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Site Links
    Reporting Employee and Contractor Misconduct
    CISA GitHub
    Contact Us
Report a Cyber Issue
America's Cyber Defense Agency
Breadcrumb
  1. Home
Share:

Filters

What are you looking for?

  • Accellion
  • ownCloud
  • Adobe
  • Alcatel
  • Amcrest
  • Android
  • Apache
  • Apple
  • Arcadyan
  • Arcserve
  • Arm
  • Artifex
  • Atlassian
  • Aviatrix
  • Barracuda Networks
  • BQE
  • Cacti
  • ChakraCore
  • Checkbox
  • Cisco
  • CIsco
  • Citrix
  • Code Aurora
  • Crestron
  • CWP
  • D-Link
  • D-Link and TRENDnet
  • Dasan
  • Dell
  • Delta Electronics
  • Docker
  • dotCMS
  • DotNetNuke (DNN)
  • DrayTek
  • Drupal
  • Elastic
  • Embedthis
  • Exim
  • EyesOfNetwork
  • F5
  • FatPipe
  • ForgeRock
  • Fortinet
  • Fortra
  • Fuel CMS
  • GIGABYTE
  • GitLab
  • GNU
  • Google
  • Grafana Labs
  • Grandstream
  • Hewlett Packard (HP)
  • Hikvision
  • IBM
  • IETF
  • Ignite Realtime
  • ImageMagick
  • InduSoft
  • Intel
  • Ivanti
  • Jenkins
  • JetBrains
  • Juniper
  • Kaseya
  • Kentico
  • Laravel
  • LG
  • Liferay
  • Linux
  • McAfee
  • MediaTek
  • Meta Platforms
  • Micro Focus
  • Microsoft
  • MikroTik
  • MinIO
  • Mitel
  • MongoDB
  • Mozilla
  • Nagios
  • NETGEAR
  • Netis
  • Netwrix
  • Novi Survey
  • Npm package
  • October CMS
  • OpenBSD
  • OpenSSL
  • Oracle
  • Palo Alto Networks
  • PaperCut
  • PEAR
  • Perl
  • PHP
  • phpMyAdmin
  • PHPUnit
  • Pi-hole
  • PlaySMS
  • Plex
  • Primetek
  • Progress
  • Pulse Secure
  • QNAP
  • QNAP Systems
  • Qualcomm
  • Quest
  • Rails
  • RARLAB
  • rConfig
  • Realtek
  • Red Hat
  • Redis
  • Rejetto
  • Roundcube
  • Ruckus Wireless
  • SaltStack
  • Samba
  • Samsung
  • SAP
  • Schneider Electric
  • Siemens
  • SIMalliance
  • Sitecore
  • SolarView
  • SolarWinds
  • Sonatype
  • SonicWall
  • Sophos
  • Sudo
  • SugarCRM
  • Sumavision
  • Symantec
  • Synacor
  • SysAid
  • TeamViewer
  • Teclib
  • Telerik
  • Tenda
  • TerraMaster
  • ThinkPHP
  • TIBCO
  • TP-Link
  • Treck TCP/IP stack
  • Trend Micro
  • Trihedral
  • TVT
  • Ubiquiti
  • Unraid
  • vBulletin
  • Veeam
  • Veritas
  • VMware
  • VMware Tanzu
  • WatchGuard
  • WebKitGTK
  • Webmin
  • WebRTC
  • WordPress
  • WSO2
  • XStream
  • Yealink
  • Zabbix
  • Zimbra
  • ZK Framework
  • Zoho
  • Zyxel
No result
Reset

Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in the following formats:

CSV
JSON
JSON Schema


Showing 161 - 180 of 1048
Zoho | ManageEngine

CVE-2022-28810

Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability
Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-03-07
  • Due Date: 2023-03-28
Resources and Notes
https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-28810.html
Apache | Spark

CVE-2022-33891

Apache Spark Command Injection Vulnerability
Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-03-07
  • Due Date: 2023-03-28
Resources and Notes
https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc
Teclib | GLPI

CVE-2022-35914

Teclib GLPI Remote Code Execution Vulnerability
Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-03-07
  • Due Date: 2023-03-28
Resources and Notes
https://glpi-project.org/fr/glpi-10-0-3-disponible/, http://www.bioinformatics.org/phplabware/sourceer/sourceer.php?&Sfs=htmLawedTest.php&Sl=.%2Finternal_utilities%2FhtmLawed.
ZK Framework | AuUploader

CVE-2022-36537

ZK Framework AuUploader Unspecified Vulnerability
ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-02-27
  • Due Date: 2023-03-20
Resources and Notes
https://tracker.zkoss.org/browse/ZK-5150
IBM | Aspera Faspex

CVE-2022-47986

IBM Aspera Faspex Code Execution Vulnerability
IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-02-21
  • Due Date: 2023-03-14
Resources and Notes
https://exchange.xforce.ibmcloud.com/vulnerabilities/243512?_ga=2.189195179.1800390251.1676559338-700333034.1676325890
Mitel | MiVoice Connect

CVE-2022-41223

Mitel MiVoice Connect Code Injection Vulnerability
The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-02-21
  • Due Date: 2023-03-14
Resources and Notes
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0008
Mitel | MiVoice Connect

CVE-2022-40765

Mitel MiVoice Connect Command Injection Vulnerability
The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-02-21
  • Due Date: 2023-03-14
Resources and Notes
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007
Cacti | Cacti

CVE-2022-46169

Cacti Command Injection Vulnerability
Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-02-16
  • Due Date: 2023-03-09
Resources and Notes
https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf
Microsoft | Office

CVE-2023-21715

Microsoft Office Publisher Security Feature Bypass Vulnerability
Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-02-14
  • Due Date: 2023-03-07
Resources and Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21715
Microsoft | Windows

CVE-2023-23376

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-02-14
  • Due Date: 2023-03-07
Resources and Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23376
Apple | Multiple Products

CVE-2023-23529

Apple Multiple Products WebKit Type Confusion Vulnerability
WebKit in Apple iOS, MacOS, Safari and iPadOS contains a type confusion vulnerability that may lead to code execution.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-02-14
  • Due Date: 2023-03-07
Resources and Notes
https://support.apple.com/en-us/HT213635, https://support.apple.com/en-us/HT213633, https://support.apple.com/en-us/HT213638
Microsoft | Windows

CVE-2023-21823

Microsoft Windows Graphic Component Privilege Escalation Vulnerability
Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-02-14
  • Due Date: 2023-03-07
Resources and Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21823
Intel | Ethernet Diagnostics Driver for Windows

CVE-2015-2291

Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability
Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service (DoS).
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-02-10
  • Due Date: 2023-03-03
Resources and Notes
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html
TerraMaster | TerraMaster OS

CVE-2022-24990

TerraMaster OS Remote Command Execution Vulnerability
TerraMaster OS contains a remote command execution vulnerability that allows an unauthenticated user to execute commands on the target endpoint.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-02-10
  • Due Date: 2023-03-03
Resources and Notes
https://forum.terra-master.com/en/viewtopic.php?t=3030
Fortra | GoAnywhere MFT

CVE-2023-0669

Fortra GoAnywhere MFT Remote Code Execution Vulnerability
Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-02-10
  • Due Date: 2023-03-03
Resources and Notes
This CVE has a CISA AA located here: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-158a. Please see the AA for associated IOCs. Additional information is available at: https://my.goanywhere.com/webclient/DownloadProductFiles.xhtml. Fortra users must have an account in order to login and access the patch.
Oracle | E-Business Suite

CVE-2022-21587

Oracle E-Business Suite Unspecified Vulnerability
Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-02-02
  • Due Date: 2023-02-23
Resources and Notes
https://www.oracle.com/security-alerts/cpuoct2022.html
SugarCRM | Multiple Products

CVE-2023-22952

Multiple SugarCRM Products Remote Code Execution Vulnerability
Multiple SugarCRM products contain a remote code execution vulnerability in the EmailTemplates. Using a specially crafted request, custom PHP code can be injected through the EmailTemplates.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-02-02
  • Due Date: 2023-02-23
Resources and Notes
https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2023-001/
Telerik | User Interface (UI) for ASP.NET AJAX

CVE-2017-11357

Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability
Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-01-26
  • Due Date: 2023-02-16
Resources and Notes
https://docs.telerik.com/devtools/aspnet-ajax/knowledge-base/asyncupload-insecure-direct-object-reference
Zoho | ManageEngine

CVE-2022-47966

Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-01-23
  • Due Date: 2023-02-13
Resources and Notes
https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html
CWP | Control Web Panel

CVE-2022-44877

CWP Control Web Panel OS Command Injection Vulnerability
CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-01-17
  • Due Date: 2023-02-07
Resources and Notes
https://control-webpanel.com/changelog#1669855527714-450fb335-6194
  • Go to first pageFirst
  • Go to previous pagePrevious
  • …
  • Page 5
  • Page 6
  • Page 7
  • Page 8
  • Currently on page 9
  • Page 10
  • Page 11
  • Page 12
  • Page 13
  • …
  • Go to next pageNext
  • Go to last pageLast

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now
Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 888-282-0870 Central@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Accessibility
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • Subscribe
  • The White House
  • USA.gov
  • Website Feedback