Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-20118 KEV |
|
[KEV] Command Injection in Cisco small-business-rv-series-routers (CVE-2023-20118)
command injection in Cisco small-business-rv-series-routers (CVE-2023-20118). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-43769 KEV |
|
[KEV] Vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43769)
vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43769). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-8639 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2018-8639)
vulnerability in Microsoft windows (CVE-2018-8639). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-4885 KEV |
|
[KEV] Path Traversal in Progress whatsup-gold (CVE-2024-4885)
path traversal in Progress whatsup-gold (CVE-2024-4885). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-43939 KEV |
|
[KEV] Vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43939)
vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43939). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-34192 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2023-34192)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2023-34192). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-49035 KEV |
|
[KEV] Privilege Escalation in Microsoft partner-center (CVE-2024-49035)
vulnerability in Microsoft partner-center (CVE-2024-49035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-20953 KEV |
|
[KEV] Unsafe Deserialization in Oracle agile-product-lifecycle-management-plm (CVE-2024-20953)
vulnerability in Oracle agile-product-lifecycle-management-plm (CVE-2024-20953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-3066 KEV |
|
[KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2017-3066)
vulnerability in Adobe coldfusion (CVE-2017-3066). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-24989 KEV |
|
[KEV] Vulnerability in Microsoft power-pages (CVE-2025-24989)
vulnerability in Microsoft power-pages (CVE-2025-24989). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-0111 KEV |
|
[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0111)
vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0111). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-23209 KEV |
|
[KEV] Code Injection in Craft cms craft-cms (CVE-2025-23209)
code injection in Craft cms craft-cms (CVE-2025-23209). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-53704 KEV |
|
[KEV] Authentication Bypass in Sonicwall sonicos (CVE-2024-53704)
authentication bypass in Sonicwall sonicos (CVE-2024-53704). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-0108 KEV |
|
[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0108)
vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0108). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-57727 KEV |
|
[KEV] Path Traversal in simplehelp (CVE-2024-57727)
path traversal in simplehelp (CVE-2024-57727). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-41710 KEV |
|
[KEV] Vulnerability in Mitel sip-phones (CVE-2024-41710)
vulnerability in Mitel sip-phones (CVE-2024-41710). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-24200 KEV |
|
[KEV] Authorization Flaw in Apple ios-and-ipados (CVE-2025-24200)
vulnerability in Apple ios-and-ipados (CVE-2025-24200). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-40891 KEV |
|
[KEV] OS Command Injection in Zyxel dsl-cpe-devices (CVE-2024-40891)
OS command injection in Zyxel dsl-cpe-devices (CVE-2024-40891). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21391 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-21391)
vulnerability in Microsoft windows (CVE-2025-21391). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21418 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-21418)
vulnerability in Microsoft windows (CVE-2025-21418). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-40890 KEV |
|
[KEV] OS Command Injection in Zyxel dsl-cpe-devices (CVE-2024-40890)
OS command injection in Zyxel dsl-cpe-devices (CVE-2024-40890). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-0994 KEV |
|
[KEV] Unsafe Deserialization in Trimble cityworks (CVE-2025-0994)
vulnerability in Trimble cityworks (CVE-2025-0994). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-0411 KEV |
|
[KEV] Vulnerability in 7-zip (CVE-2025-0411)
vulnerability in 7-zip (CVE-2025-0411). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-23748 KEV |
|
[KEV] Vulnerability in Audinate dante-discovery (CVE-2022-23748)
vulnerability in Audinate dante-discovery (CVE-2022-23748). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-21413 KEV |
|
[KEV] Vulnerability in Microsoft office-outlook (CVE-2024-21413)
vulnerability in Microsoft office-outlook (CVE-2024-21413). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-15069 KEV |
|
[KEV] Vulnerability in Sophos xg-firewall (CVE-2020-15069)
vulnerability in Sophos xg-firewall (CVE-2020-15069). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-29574 KEV |
|
[KEV] SQL Injection in Sophos cyberoamos (CVE-2020-29574)
SQL injection in Sophos cyberoamos (CVE-2020-29574). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-53104 KEV |
|
[KEV] Out-of-Bounds Write in Linux kernel (CVE-2024-53104)
out-of-bounds write in Linux kernel (CVE-2024-53104). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-9276 KEV |
|
[KEV] OS Command Injection in Paessler prtg-network-monitor (CVE-2018-9276)
OS command injection in Paessler prtg-network-monitor (CVE-2018-9276). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19410 KEV |
|
[KEV] Vulnerability in Paessler prtg-network-monitor (CVE-2018-19410)
vulnerability in Paessler prtg-network-monitor (CVE-2018-19410). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-45195 KEV |
|
[KEV] Vulnerability in Apache ofbiz (CVE-2024-45195)
vulnerability in Apache ofbiz (CVE-2024-45195). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-29059 KEV |
|
[KEV] Vulnerability in Microsoft net-framework (CVE-2024-29059)
vulnerability in Microsoft net-framework (CVE-2024-29059). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-24085 KEV |
|
[KEV] Use-After-Free in Apple multiple-products (CVE-2025-24085)
vulnerability in Apple multiple-products (CVE-2025-24085). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-23006 KEV |
|
[KEV] Unsafe Deserialization in Sonicwall sma1000-appliances (CVE-2025-23006)
vulnerability in Sonicwall sma1000-appliances (CVE-2025-23006). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-11023 KEV |
|
[KEV] Cross-Site Scripting (XSS) in jquery (CVE-2020-11023)
cross-site scripting in jquery (CVE-2020-11023). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-50603 KEV |
|
[KEV] OS Command Injection in Aviatrix controllers (CVE-2024-50603)
OS command injection in Aviatrix controllers (CVE-2024-50603). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21335 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2025-21335)
vulnerability in Microsoft windows (CVE-2025-21335). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21334 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2025-21334)
vulnerability in Microsoft windows (CVE-2025-21334). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-55591 KEV |
|
[KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-21333 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-21333)
vulnerability in Microsoft windows (CVE-2025-21333). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-12686 KEV |
|
[KEV] OS Command Injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12686)
OS command injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12686). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-48365 KEV |
|
[KEV] Vulnerability in Qlik sense (CVE-2023-48365)
vulnerability in Qlik sense (CVE-2023-48365). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-0282 KEV |
|
[KEV] Vulnerability in Ivanti connect-secure (CVE-2025-0282)
vulnerability in Ivanti connect-secure (CVE-2025-0282). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-41713 KEV |
|
[KEV] Path Traversal in Mitel micollab (CVE-2024-41713)
path traversal in Mitel micollab (CVE-2024-41713). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-55550 KEV |
|
[KEV] Path Traversal in Mitel micollab (CVE-2024-55550)
path traversal in Mitel micollab (CVE-2024-55550). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-2883 KEV |
|
[KEV] Vulnerability in Oracle weblogic-server (CVE-2020-2883)
vulnerability in Oracle weblogic-server (CVE-2020-2883). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-3393 KEV |
|
[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3393)
vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3393). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44207 KEV |
|
[KEV] Vulnerability in Acclaim systems acclaim-systems (CVE-2021-44207)
vulnerability in Acclaim systems acclaim-systems (CVE-2021-44207). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-12356 KEV |
|
[KEV] Command Injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356)
command injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-11001 KEV |
|
[KEV] OS Command Injection in Reolink multiple-ip-cameras (CVE-2019-11001)
OS command injection in Reolink multiple-ip-cameras (CVE-2019-11001). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|