Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

KEV

Categories

All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Tag groups

All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Popular tags (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

Filtering: Group: cwe Clear

ID	Title	Severity	Tags	Detected
CVE-2025-24813 KEV	[KEV] Vulnerability in Apache tomcat (CVE-2025-24813) vulnerability in Apache tomcat (CVE-2025-24813). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apache Tomcat Cwe 44 Cwe 502	1 year ago
CVE-2024-20439 KEV	[KEV] Vulnerability in Cisco smart-licensing-utility (CVE-2024-20439) vulnerability in Cisco smart-licensing-utility (CVE-2024-20439). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Cisco Smart Licensing Utility Cwe 912	1 year ago
CVE-2019-9874 KEV	[KEV] Unsafe Deserialization in Sitecore cms-and-experience-platform-xp (CVE-2019-9874) vulnerability in Sitecore cms-and-experience-platform-xp (CVE-2019-9874). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sitecore Cms And Experience Platform Xp Cwe 502	1 year ago
CVE-2019-9875 KEV	[KEV] Unsafe Deserialization in Sitecore cms-and-experience-platform-xp (CVE-2019-9875) vulnerability in Sitecore cms-and-experience-platform-xp (CVE-2019-9875). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sitecore Cms And Experience Platform Xp Cwe 502	1 year ago
CVE-2025-30154 KEV	[KEV] Vulnerability in Reviewdog action-setup-github-action (CVE-2025-30154) vulnerability in Reviewdog action-setup-github-action (CVE-2025-30154). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Reviewdog Action Setup Github Action Cwe 506	1 year ago
CVE-2017-12637 KEV	[KEV] Path Traversal in Sap netweaver (CVE-2017-12637) path traversal in Sap netweaver (CVE-2017-12637). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sap Netweaver Cwe 22	1 year ago
CVE-2025-1316 KEV	[KEV] OS Command Injection in Edimax ic-7100-ip-camera (CVE-2025-1316) OS command injection in Edimax ic-7100-ip-camera (CVE-2025-1316). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Edimax Ic 7100 Ip Camera Cwe 78	1 year ago
CVE-2024-48248 KEV	[KEV] Vulnerability in Nakivo backup-and-replication (CVE-2024-48248) vulnerability in Nakivo backup-and-replication (CVE-2024-48248). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Nakivo Backup And Replication Cwe 36	1 year ago
CVE-2025-30066 KEV	[KEV] Vulnerability in Tj-actions changed-files-github-action (CVE-2025-30066) vulnerability in Tj-actions changed-files-github-action (CVE-2025-30066). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Tj Actions Changed Files Github Action Cwe 506	1 year ago
CVE-2025-24472 KEV	[KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472) vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortinet Fortios And Fortiproxy Cwe 288	1 year ago
CVE-2025-24201 KEV	[KEV] Out-of-Bounds Write in Apple multiple-products (CVE-2025-24201) out-of-bounds write in Apple multiple-products (CVE-2025-24201). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 787	1 year ago
CVE-2025-21590 KEV	[KEV] Vulnerability in Juniper junos-os (CVE-2025-21590) vulnerability in Juniper junos-os (CVE-2025-21590). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Juniper Junos Os Cwe 653	1 year ago
CVE-2025-24984 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2025-24984) vulnerability in Microsoft windows (CVE-2025-24984). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 532	1 year ago
CVE-2025-24983 KEV	[KEV] Use-After-Free in Microsoft windows (CVE-2025-24983) vulnerability in Microsoft windows (CVE-2025-24983). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 416	1 year ago
CVE-2025-26633 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2025-26633) vulnerability in Microsoft windows (CVE-2025-26633). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 707	1 year ago
CVE-2025-24991 KEV	[KEV] Out-of-Bounds Read in Microsoft windows (CVE-2025-24991) vulnerability in Microsoft windows (CVE-2025-24991). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 125	1 year ago
CVE-2025-24993 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2025-24993) vulnerability in Microsoft windows (CVE-2025-24993). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 122	1 year ago
CVE-2025-24985 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2025-24985) vulnerability in Microsoft windows (CVE-2025-24985). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 190 Cwe 122	1 year ago
CVE-2024-57968 KEV	[KEV] Unrestricted File Upload in Advantive veracore (CVE-2024-57968) vulnerability in Advantive veracore (CVE-2024-57968). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Advantive Veracore Cwe 434	1 year ago
CVE-2025-25181 KEV	[KEV] SQL Injection in Advantive veracore (CVE-2025-25181) SQL injection in Advantive veracore (CVE-2025-25181). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Advantive Veracore Cwe 89	1 year ago
CVE-2024-13161 KEV	[KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13161) vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13161). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Ivanti Endpoint Manager Epm Cwe 36	1 year ago
CVE-2024-13160 KEV	[KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13160) vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13160). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Ivanti Endpoint Manager Epm Cwe 36	1 year ago
CVE-2024-13159 KEV	[KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13159) vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13159). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Ivanti Endpoint Manager Epm Cwe 36	1 year ago
CVE-2025-22224 KEV	[KEV] Vulnerability in Vmware esxi-and-workstation (CVE-2025-22224) vulnerability in Vmware esxi-and-workstation (CVE-2025-22224). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Vmware Esxi And Workstation Cwe 367	1 year ago
CVE-2025-22225 KEV	[KEV] Vulnerability in Vmware esxi (CVE-2025-22225) vulnerability in Vmware esxi (CVE-2025-22225). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Vmware Esxi Cwe 123	1 year ago
CVE-2025-22226 KEV	[KEV] Out-of-Bounds Read in Vmware esxi (CVE-2025-22226) vulnerability in Vmware esxi (CVE-2025-22226). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Vmware Esxi Workstation And Fusion +1	1 year ago
CVE-2024-50302 KEV	[KEV] Vulnerability in Linux kernel (CVE-2024-50302) vulnerability in Linux kernel (CVE-2024-50302). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Linux Kernel Cwe 908	1 year ago
CVE-2024-4885 KEV	[KEV] Path Traversal in Progress whatsup-gold (CVE-2024-4885) path traversal in Progress whatsup-gold (CVE-2024-4885). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Progress Whatsup Gold Cwe 22	1 year ago
CVE-2018-8639 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2018-8639) vulnerability in Microsoft windows (CVE-2018-8639). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 404	1 year ago
CVE-2023-20118 KEV	[KEV] Command Injection in Cisco small-business-rv-series-routers (CVE-2023-20118) command injection in Cisco small-business-rv-series-routers (CVE-2023-20118). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Cisco Small Business Rv Series Routers Cwe 77	1 year ago
CVE-2022-43939 KEV	[KEV] Vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43939) vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43939). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Hitachi Vantara Pentaho Business Analytics Ba Server Cwe 647	1 year ago
CVE-2022-43769 KEV	[KEV] Vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43769) vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43769). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Hitachi Vantara Pentaho Business Analytics Ba Server Cwe 74	1 year ago
CVE-2024-49035 KEV	[KEV] Privilege Escalation in Microsoft partner-center (CVE-2024-49035) vulnerability in Microsoft partner-center (CVE-2024-49035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Partner Center Cwe 269	1 year ago
CVE-2023-34192 KEV	[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2023-34192) cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2023-34192). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Synacor Zimbra Collaboration Suite Zcs Cwe 79	1 year ago
CVE-2024-20953 KEV	[KEV] Unsafe Deserialization in Oracle agile-product-lifecycle-management-plm (CVE-2024-20953) vulnerability in Oracle agile-product-lifecycle-management-plm (CVE-2024-20953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Oracle Agile Product Lifecycle Management Plm Cwe 502	1 year ago
CVE-2017-3066 KEV	[KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2017-3066) vulnerability in Adobe coldfusion (CVE-2017-3066). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Adobe Coldfusion Cwe 502	1 year ago
CVE-2025-24989 KEV	[KEV] Vulnerability in Microsoft power-pages (CVE-2025-24989) vulnerability in Microsoft power-pages (CVE-2025-24989). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Power Pages Cwe 284	1 year ago
CVE-2025-0111 KEV	[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0111) vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0111). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Palo Alto Networks Pan Os Cwe 73	1 year ago
CVE-2025-23209 KEV	[KEV] Code Injection in Craft cms craft-cms (CVE-2025-23209) code injection in Craft cms craft-cms (CVE-2025-23209). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Craft Cms Cwe 94	1 year ago
CVE-2024-53704 KEV	[KEV] Authentication Bypass in Sonicwall sonicos (CVE-2024-53704) authentication bypass in Sonicwall sonicos (CVE-2024-53704). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sonicwall Sonicos Cwe 287	1 year ago
CVE-2025-0108 KEV	[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0108) vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0108). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Palo Alto Networks Pan Os Cwe 306	1 year ago
CVE-2024-57727 KEV	[KEV] Path Traversal in simplehelp (CVE-2024-57727) path traversal in simplehelp (CVE-2024-57727). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Simplehelp Cwe 22	1 year ago
CVE-2024-12251	Command Injection in telerik (CVE-2024-12251) command injection in telerik (CVE-2024-12251). Successful exploitation can lead to full system takeover.	High	Cwe 77 Telerik Ui For Winui	1 year ago
CVE-2024-41710 KEV	[KEV] Vulnerability in Mitel sip-phones (CVE-2024-41710) vulnerability in Mitel sip-phones (CVE-2024-41710). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Mitel Sip Phones Cwe 88	1 year ago
CVE-2025-24200 KEV	[KEV] Authorization Flaw in Apple ios-and-ipados (CVE-2025-24200) vulnerability in Apple ios-and-ipados (CVE-2025-24200). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Ios And Ipados Cwe 863	1 year ago
CVE-2024-40891 KEV	[KEV] OS Command Injection in Zyxel dsl-cpe-devices (CVE-2024-40891) OS command injection in Zyxel dsl-cpe-devices (CVE-2024-40891). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zyxel Dsl Cpe Devices Cwe 78	1 year ago
CVE-2025-21391 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2025-21391) vulnerability in Microsoft windows (CVE-2025-21391). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 59	1 year ago
CVE-2025-21418 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2025-21418) vulnerability in Microsoft windows (CVE-2025-21418). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 122	1 year ago
CVE-2024-40890 KEV	[KEV] OS Command Injection in Zyxel dsl-cpe-devices (CVE-2024-40890) OS command injection in Zyxel dsl-cpe-devices (CVE-2024-40890). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zyxel Dsl Cpe Devices Cwe 78	1 year ago
CVE-2025-0994 KEV	[KEV] Unsafe Deserialization in Trimble cityworks (CVE-2025-0994) vulnerability in Trimble cityworks (CVE-2025-0994). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Trimble Cityworks Cwe 502	1 year ago

Vulnerabilities

🍪 About cookies