www.cisa.gov
Open in
urlscan Pro
2a02:26f0:480:58c::447a
Public Scan
URL:
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Submission: On November 26 via api from RU — Scanned from DE
Submission: On November 26 via api from RU — Scanned from DE
Form analysis 3 forms found in the DOM
<form class="gsc-search-box gsc-search-box-tools" accept-charset="utf-8">
<table cellspacing="0" cellpadding="0" role="presentation" class="gsc-search-box">
<tbody>
<tr>
<td class="gsc-input">
<div class="gsc-input-box" id="gsc-iw-id1">
<table cellspacing="0" cellpadding="0" role="presentation" id="gs_id50" class="gstl_50 gsc-input" style="width: 100%; padding: 0px;">
<tbody>
<tr>
<td id="gs_tti50" class="gsib_a"><input autocomplete="off" type="text" size="10" class="gsc-input" name="search" title="search" aria-label="search" id="gsc-i-id1" dir="ltr" spellcheck="false"
style="width: 100%; padding: 0px; border: none; margin: 0px; height: auto; outline: none;"></td>
<td class="gsib_b">
<div class="gsst_b" id="gs_st50" dir="ltr"><a class="gsst_a" href="javascript:void(0)" title="Clear search box" role="button" style="display: none;"><span class="gscb_a" id="gs_cb50" aria-hidden="true">×</span></a></div>
</td>
</tr>
</tbody>
</table>
</div>
</td>
<td class="gsc-search-button"><button class="gsc-search-button gsc-search-button-v2"><svg width="13" height="13" viewBox="0 0 13 13">
<title>search</title>
<path
d="m4.8495 7.8226c0.82666 0 1.5262-0.29146 2.0985-0.87438 0.57232-0.58292 0.86378-1.2877 0.87438-2.1144 0.010599-0.82666-0.28086-1.5262-0.87438-2.0985-0.59352-0.57232-1.293-0.86378-2.0985-0.87438-0.8055-0.010599-1.5103 0.28086-2.1144 0.87438-0.60414 0.59352-0.8956 1.293-0.87438 2.0985 0.021197 0.8055 0.31266 1.5103 0.87438 2.1144 0.56172 0.60414 1.2665 0.8956 2.1144 0.87438zm4.4695 0.2115 3.681 3.6819-1.259 1.284-3.6817-3.7 0.0019784-0.69479-0.090043-0.098846c-0.87973 0.76087-1.92 1.1413-3.1207 1.1413-1.3553 0-2.5025-0.46363-3.4417-1.3909s-1.4088-2.0686-1.4088-3.4239c0-1.3553 0.4696-2.4966 1.4088-3.4239 0.9392-0.92727 2.0864-1.3969 3.4417-1.4088 1.3553-0.011889 2.4906 0.45771 3.406 1.4088 0.9154 0.95107 1.379 2.0924 1.3909 3.4239 0 1.2126-0.38043 2.2588-1.1413 3.1385l0.098834 0.090049z">
</path>
</svg></button></td>
<td class="gsc-clear-button">
<div class="gsc-clear-button" title="clear results"> </div>
</td>
</tr>
</tbody>
</table>
</form><form class="gsc-search-box gsc-search-box-tools" accept-charset="utf-8">
<table cellspacing="0" cellpadding="0" role="presentation" class="gsc-search-box">
<tbody>
<tr>
<td class="gsc-input">
<div class="gsc-input-box" id="gsc-iw-id2">
<table cellspacing="0" cellpadding="0" role="presentation" id="gs_id51" class="gstl_51 gsc-input" style="width: 100%; padding: 0px;">
<tbody>
<tr>
<td id="gs_tti51" class="gsib_a"><input autocomplete="off" type="text" size="10" class="gsc-input" name="search" title="search" aria-label="search" id="gsc-i-id2" dir="ltr" spellcheck="false"
style="width: 100%; padding: 0px; border: none; margin: 0px; height: auto; outline: none;"></td>
<td class="gsib_b">
<div class="gsst_b" id="gs_st51" dir="ltr"><a class="gsst_a" href="javascript:void(0)" title="Clear search box" role="button" style="display: none;"><span class="gscb_a" id="gs_cb51" aria-hidden="true">×</span></a></div>
</td>
</tr>
</tbody>
</table>
</div>
</td>
<td class="gsc-search-button"><button class="gsc-search-button gsc-search-button-v2"><svg width="13" height="13" viewBox="0 0 13 13">
<title>search</title>
<path
d="m4.8495 7.8226c0.82666 0 1.5262-0.29146 2.0985-0.87438 0.57232-0.58292 0.86378-1.2877 0.87438-2.1144 0.010599-0.82666-0.28086-1.5262-0.87438-2.0985-0.59352-0.57232-1.293-0.86378-2.0985-0.87438-0.8055-0.010599-1.5103 0.28086-2.1144 0.87438-0.60414 0.59352-0.8956 1.293-0.87438 2.0985 0.021197 0.8055 0.31266 1.5103 0.87438 2.1144 0.56172 0.60414 1.2665 0.8956 2.1144 0.87438zm4.4695 0.2115 3.681 3.6819-1.259 1.284-3.6817-3.7 0.0019784-0.69479-0.090043-0.098846c-0.87973 0.76087-1.92 1.1413-3.1207 1.1413-1.3553 0-2.5025-0.46363-3.4417-1.3909s-1.4088-2.0686-1.4088-3.4239c0-1.3553 0.4696-2.4966 1.4088-3.4239 0.9392-0.92727 2.0864-1.3969 3.4417-1.4088 1.3553-0.011889 2.4906 0.45771 3.406 1.4088 0.9154 0.95107 1.379 2.0924 1.3909 3.4239 0 1.2126-0.38043 2.2588-1.1413 3.1385l0.098834 0.090049z">
</path>
</svg></button></td>
<td class="gsc-clear-button">
<div class="gsc-clear-button" title="clear results"> </div>
</td>
</tr>
</tbody>
</table>
</form>GET /known-exploited-vulnerabilities-catalog
<form action="/known-exploited-vulnerabilities-catalog" method="get" id="views-exposed-form-index-kev-listing-block-1" accept-charset="UTF-8">
<div class="c-form-item c-form-item--text c-form-item--id-search-api-fulltext js-form-item js-form-type-textfield js-form-item-search-api-fulltext">
<label for="edit-search-api-fulltext" class="c-form-item__label">Text Search <span class="usa-hint"> (optional) </span></label>
<input data-drupal-selector="edit-search-api-fulltext" type="text" id="edit-search-api-fulltext" name="search_api_fulltext" value="" size="30" maxlength="128" class="c-form-item__text">
</div>
<div class="c-form-item c-form-item--select c-form-item--id-field-date-added-wrapper js-form-item js-form-type-select js-form-item-field-date-added-wrapper">
<label for="edit-field-date-added-wrapper" class="c-form-item__label">Date Added <span class="usa-hint"> (optional) </span></label>
<select data-drupal-selector="edit-field-date-added-wrapper" id="edit-field-date-added-wrapper" name="field_date_added_wrapper" class="c-form-item__select c-form-item--select">
<option value="all"></option>
<option value="30">Last 30 Days</option>
<option value="60">Last 60 Days</option>
<option value="90">Last 90 Days</option>
<option value="year">Last Year</option>
</select>
</div>
<div class="c-form-item c-form-item--text c-form-item--id-field-cve js-form-item js-form-type-textfield js-form-item-field-cve">
<label for="edit-field-cve" class="c-form-item__label">CVE <span class="usa-hint"> (optional) </span></label>
<input data-drupal-selector="edit-field-cve" type="text" id="edit-field-cve" name="field_cve" value="" size="30" maxlength="128" class="c-form-item__text">
</div>
<div class="c-form-item c-form-item--select c-form-item--id-sort-by js-form-item js-form-type-select js-form-item-sort-by">
<label for="edit-sort-by" class="c-form-item__label">Sort by <span class="usa-hint"> (optional) </span></label>
<select data-drupal-selector="edit-sort-by" id="edit-sort-by" name="sort_by" class="c-form-item__select c-form-item--select">
<option value="field_date_added" selected="selected">Publish Date</option>
<option value="field_due_date">Due Date</option>
<option value="field_vendor_project_name">Vendor/Project A-Z</option>
</select>
</div>
<div class="c-form-item c-form-item--select c-form-item--id-items-per-page js-form-item js-form-type-select js-form-item-items-per-page">
<label for="edit-items-per-page" class="c-form-item__label">Items per page <span class="usa-hint"> (optional) </span></label>
<select data-drupal-selector="edit-items-per-page" id="edit-items-per-page" name="items_per_page" class="c-form-item__select c-form-item--select">
<option value="20" selected="selected">20</option>
<option value="All">- All -</option>
</select>
</div>
<div data-drupal-selector="edit-actions" class="form-actions js-form-wrapper" id="edit-actions">
<input data-drupal-selector="edit-submit-index-kev-listing" type="submit" id="edit-submit-index-kev-listing" value="Apply" class="c-button js-form-submit c-form-item__submit c-button js-form-submit">
</div>
<div class="url-textfield js-form-wrapper" style="display: none !important;">
<div class="c-form-item c-form-item--text c-form-item--id-url js-form-item js-form-type-textfield js-form-item-url">
<label for="edit-url" class="c-form-item__label">Leave this field blank <span class="usa-hint"> (optional) </span></label>
<input autocomplete="off" data-drupal-selector="edit-url" type="text" id="edit-url" name="url" value="" size="20" maxlength="128" class="c-form-item__text">
</div>
</div>
</form>Text Content
Skip to main content An official website of the United States government Here’s how you know Here’s how you know Official websites use .gov A .gov website belongs to an official government organization in the United States. Secure .gov websites use HTTPS A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites. Free Cyber ServicesElection Threat Updates#protect2024Secure Our WorldShields UpReport A Cyber Issue Search × search Menu Close × search * Topics Topics Cybersecurity Best Practices Cyber Threats and Advisories Critical Infrastructure Security and Resilience Election Security Emergency Communications Industrial Control Systems Information and Communications Technology Supply Chain Security Partnerships and Collaboration Physical Security Risk Management How can we help? GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help LocallyFaith-Based CommunityExecutivesHigh-Risk Communities * Spotlight * Resources & Tools Resources & Tools All Resources & Tools Services Programs Resources Training Groups * News & Events News & Events News Events Cybersecurity Alerts & Advisories Directives Request a CISA Speaker Congressional Testimony CISA Conferences CISA Live! * Careers Careers Benefits & Perks HireVue Applicant Reasonable Accommodations Process Hiring Resume & Application Tips Students & Recent Graduates Veteran and Military Spouses Work @ CISA * About About Culture Divisions & Offices Regions Leadership Doing Business with CISA Site Links Reporting Employee and Contractor Misconduct CISA GitHub CISA Central 2023 Year In Review Contact Us Subscribe Free Cyber ServicesElection Threat Updates#protect2024Secure Our WorldShields UpReport A Cyber Issue Breadcrumb 1. Home Share: FILTERS What are you looking for? Text Search (optional) Date Added (optional) Last 30 DaysLast 60 DaysLast 90 DaysLast Year CVE (optional) Sort by (optional) Publish DateDue DateVendor/Project A-Z Items per page (optional) 20- All - Leave this field blank (optional) VENDOR/PROJECT * Accellion Accellion * Qlik Qlik * OSGeo OSGeo * ServiceNow ServiceNow * Dahua Dahua * PTZOptics PTZOptics * Unitronics Unitronics * FXC FXC * Spreadsheet::ParseExcel Spreadsheet::ParseExcel * Joomla! Joomla! * ConnectWise ConnectWise * Sunhillo Sunhillo * Nice Nice * CrushFTP CrushFTP * NextGen Healthcare NextGen Healthcare * Justice AV Solutions Justice AV Solutions * Check Point Check Point * PHP Group PHP Group * Twilio Twilio * Acronis Acronis * Versa Versa * Kingsoft Kingsoft * ScienceLogic ScienceLogic * Nostromo Nostromo * CyberPersons CyberPersons * Metabase Metabase * Array Networks Array Networks * ownCloud ownCloud * Adobe Adobe * Alcatel Alcatel * Amcrest Amcrest * Android Android * Apache Apache * Apple Apple * Arcadyan Arcadyan * Arcserve Arcserve * Arm Arm * Artifex Artifex * Atlassian Atlassian * Aviatrix Aviatrix * Barracuda Networks Barracuda Networks * BQE BQE * Cacti Cacti * ChakraCore ChakraCore * Checkbox Checkbox * Cisco Cisco * Citrix Citrix * Code Aurora Code Aurora * Crestron Crestron * CWP CWP * D-Link D-Link * D-Link and TRENDnet D-Link and TRENDnet * Dasan Dasan * Dell Dell * Delta Electronics Delta Electronics * Docker Docker * dotCMS dotCMS * DotNetNuke (DNN) DotNetNuke (DNN) * DrayTek DrayTek * Drupal Drupal * Elastic Elastic * Embedthis Embedthis * Exim Exim * EyesOfNetwork EyesOfNetwork * F5 F5 * FatPipe FatPipe * ForgeRock ForgeRock * Fortinet Fortinet * Fortra Fortra * Fuel CMS Fuel CMS * GIGABYTE GIGABYTE * GitLab GitLab * GNU GNU * Google Google * Grafana Labs Grafana Labs * Grandstream Grandstream * Hewlett Packard (HP) Hewlett Packard (HP) * Hikvision Hikvision * IBM IBM * IETF IETF * Ignite Realtime Ignite Realtime * ImageMagick ImageMagick * InduSoft InduSoft * Intel Intel * Ivanti Ivanti * Jenkins Jenkins * JetBrains JetBrains * Juniper Juniper * Kaseya Kaseya * Kentico Kentico * Laravel Laravel * LG LG * Liferay Liferay * Linux Linux * McAfee McAfee * MediaTek MediaTek * Meta Platforms Meta Platforms * Micro Focus Micro Focus * Microsoft Microsoft * MikroTik MikroTik * MinIO MinIO * Mitel Mitel * MongoDB MongoDB * Mozilla Mozilla * Nagios Nagios * NETGEAR NETGEAR * Netis Netis * Netwrix Netwrix * Novi Survey Novi Survey * Npm package Npm package * October CMS October CMS * OpenBSD OpenBSD * OpenSSL OpenSSL * Oracle Oracle * Palo Alto Networks Palo Alto Networks * PaperCut PaperCut * PEAR PEAR * Perl Perl * PHP PHP * phpMyAdmin phpMyAdmin * PHPUnit PHPUnit * Pi-hole Pi-hole * PlaySMS PlaySMS * Plex Plex * Primetek Primetek * Progress Progress * Pulse Secure Pulse Secure * QNAP QNAP * QNAP Systems QNAP Systems * Qualcomm Qualcomm * Quest Quest * Rails Rails * RARLAB RARLAB * rConfig rConfig * Realtek Realtek * Red Hat Red Hat * Redis Redis * Rejetto Rejetto * Roundcube Roundcube * Ruckus Wireless Ruckus Wireless * SaltStack SaltStack * Samba Samba * Samsung Samsung * SAP SAP * Schneider Electric Schneider Electric * Siemens Siemens * SIMalliance SIMalliance * Sitecore Sitecore * SolarView SolarView * SolarWinds SolarWinds * Sonatype Sonatype * SonicWall SonicWall * Sophos Sophos * Sudo Sudo * SugarCRM SugarCRM * Sumavision Sumavision * Symantec Symantec * Synacor Synacor * SysAid SysAid * TeamViewer TeamViewer * Teclib Teclib * Telerik Telerik * Tenda Tenda * TerraMaster TerraMaster * ThinkPHP ThinkPHP * TIBCO TIBCO * TP-Link TP-Link * Treck TCP/IP stack Treck TCP/IP stack * Trend Micro Trend Micro * Trihedral Trihedral * TVT TVT * Ubiquiti Ubiquiti * Unraid Unraid * vBulletin vBulletin * Veeam Veeam * Veritas Veritas * VMware VMware * VMware Tanzu VMware Tanzu * WatchGuard WatchGuard * WebKitGTK WebKitGTK * Webmin Webmin * WebRTC WebRTC * WordPress WordPress * WSO2 WSO2 * XStream XStream * Yealink Yealink * Zabbix Zabbix * Zimbra Zimbra * ZK Framework ZK Framework * Zoho Zoho * Zyxel Zyxel Show more No result Reset KNOWN EXPLOITED VULNERABILITIES CATALOG For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework. How to use the KEV Catalog The KEV catalog is also available in the following formats: CSV JSON JSON Schema (updated 06-25-2024) License -------------------------------------------------------------------------------- Showing 1 - 20 of 1223 Array Networks | AG/vxAG ArrayOS CVE-2023-28461 (LINK IS EXTERNAL) Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability: Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway. Related CWE: CWE-306(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-25 * Due Date: 2024-12-16 Additional Notes https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2023-28461 Apple | Multiple Products CVE-2024-44308 (LINK IS EXTERNAL) Apple Multiple Products Code Execution Vulnerability: Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to arbitrary code execution. Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-21 * Due Date: 2024-12-12 Additional Notes https://support.apple.com/en-us/121752(link is external), https://support.apple.com/en-us/121753(link is external), https://support.apple.com/en-us/121754(link is external), https://support.apple.com/en-us/121755(link is external), https://support.apple.com/en-us/121756(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-44308 Apple | Multiple Products CVE-2024-44309 (LINK IS EXTERNAL) Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability: Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to a cross-site scripting (XSS) attack. Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-21 * Due Date: 2024-12-12 Additional Notes https://support.apple.com/en-us/121752(link is external), https://support.apple.com/en-us/121753(link is external), https://support.apple.com/en-us/121754(link is external), https://support.apple.com/en-us/121755(link is external), https://support.apple.com/en-us/121756(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-44309 Oracle | Agile Product Lifecycle Management (PLM) CVE-2024-21287 (LINK IS EXTERNAL) Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability: Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful exploitation of this vulnerability may result in unauthenticated file disclosure. Related CWE: CWE-863(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-21 * Due Date: 2024-12-12 Additional Notes https://www.oracle.com/security-alerts/alert-cve-2024-21287.html(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-21287 VMware | vCenter Server CVE-2024-38812 (LINK IS EXTERNAL) VMware vCenter Server Heap-Based Buffer Overflow Vulnerability: VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter Server to execute remote code by sending a specially crafted packet. Related CWE: CWE-122(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-20 * Due Date: 2024-12-11 Additional Notes https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-38812 VMware | vCenter Server CVE-2024-38813 (LINK IS EXTERNAL) VMware vCenter Server Privilege Escalation Vulnerability: VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet. Related CWEs: CWE-250(link is external)| CWE-273(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-20 * Due Date: 2024-12-11 Additional Notes https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-38813 Progress | Kemp LoadMaster CVE-2024-1212 (LINK IS EXTERNAL) Progress Kemp LoadMaster OS Command Injection Vulnerability: Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution. Related CWE: CWE-78(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-18 * Due Date: 2024-12-09 Additional Notes https://community.progress.com/s/article/Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-1212 Palo Alto Networks | PAN-OS CVE-2024-0012 (LINK IS EXTERNAL) Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability: Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrators. Related CWE: CWE-306(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, management interface for affected devices should not be exposed to untrusted networks, including the internet. * Date Added: 2024-11-18 * Due Date: 2024-12-09 Additional Notes https://security.paloaltonetworks.com/CVE-2024-0012(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-0012 Palo Alto Networks | PAN-OS CVE-2024-9474 (LINK IS EXTERNAL) Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability: Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, including firewalls and VPN concentrators. Related CWE: CWE-77(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet. * Date Added: 2024-11-18 * Due Date: 2024-12-09 Additional Notes https://security.paloaltonetworks.com/CVE-2024-9474(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-9474 Palo Alto Networks | Expedition CVE-2024-9463 (LINK IS EXTERNAL) Palo Alto Networks Expedition OS Command Injection Vulnerability: Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. Related CWE: CWE-78(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-14 * Due Date: 2024-12-05 Additional Notes https://security.paloaltonetworks.com/PAN-SA-2024-0010(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-9463 Palo Alto Networks | Expedition CVE-2024-9465 (LINK IS EXTERNAL) Palo Alto Networks Expedition SQL Injection Vulnerability: Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system. Related CWE: CWE-89(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-14 * Due Date: 2024-12-05 Additional Notes https://security.paloaltonetworks.com/PAN-SA-2024-0010(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-9465 Microsoft | Windows CVE-2024-49039 (LINK IS EXTERNAL) Microsoft Windows Task Scheduler Privilege Escalation Vulnerability: Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions. Related CWE: CWE-287(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-12 * Due Date: 2024-12-03 Additional Notes https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-49039 Microsoft | Windows CVE-2024-43451 (LINK IS EXTERNAL) Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability: Microsoft Windows contains an NTLMv2 hash spoofing vulnerability that could result in disclosing a user's NTLMv2 hash to an attacker via a file open operation. The attacker could then leverage this hash to impersonate that user. Related CWE: CWE-73(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-12 * Due Date: 2024-12-03 Additional Notes https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43451(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-43451 Metabase | Metabase CVE-2021-41277 (LINK IS EXTERNAL) Metabase GeoJSON API Local File Inclusion Vulnerability: Metabase contains a local file inclusion vulnerability in the custom map support in the API to read GeoJSON formatted data. Related CWE: CWE-200(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-12 * Due Date: 2024-12-03 Additional Notes https://github.com/metabase/metabase/security/advisories/GHSA-w73v-6p7p-fpfr(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2021-41277 Cisco | Adaptive Security Appliance (ASA) CVE-2014-2120 (LINK IS EXTERNAL) Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability: Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. Related CWE: CWE-79(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-12 * Due Date: 2024-12-03 Additional Notes https://web.archive.org/web/20140403043510/http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2120(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2014-2120 Atlassian | Jira Server and Data Center CVE-2021-26086 (LINK IS EXTERNAL) Atlassian Jira Server and Data Center Path Traversal Vulnerability: Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the /WEB-INF/web.xml endpoint. Related CWE: CWE-22(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-12 * Due Date: 2024-12-03 Additional Notes https://jira.atlassian.com/browse/JRASERVER-72695(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2021-26086 Palo Alto Networks | Expedition CVE-2024-5910 (LINK IS EXTERNAL) Palo Alto Networks Expedition Missing Authentication Vulnerability: Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data. Related CWE: CWE-306(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-07 * Due Date: 2024-11-28 Additional Notes https://security.paloaltonetworks.com/CVE-2024-5910(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-5910 Android | Framework CVE-2024-43093 (LINK IS EXTERNAL) Android Framework Privilege Escalation Vulnerability: Android Framework contains an unspecified vulnerability that allows for privilege escalation. Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-07 * Due Date: 2024-11-28 Additional Notes https://source.android.com/docs/security/bulletin/2024-11-01(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-43093 CyberPersons | CyberPanel CVE-2024-51567 (LINK IS EXTERNAL) CyberPanel Incorrect Default Permissions Vulnerability: CyberPanel contains an incorrect default permissions vulnerability that allows a remote, unauthenticated attacker to execute commands as root. Related CWE: CWE-276(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-07 * Due Date: 2024-11-28 Additional Notes https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2024-51567 Nostromo | nhttpd CVE-2019-16278 (LINK IS EXTERNAL) Nostromo nhttpd Directory Traversal Vulnerability: Nostromo nhttpd contains a directory traversal vulnerability in the http_verify() function in a non-chrooted nhttpd server allowing for remote code execution. Related CWE: CWE-22(link is external) Known To Be Used in Ransomware Campaigns? Unknown Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. * Date Added: 2024-11-07 * Due Date: 2024-11-28 Additional Notes https://www.nazgul.ch/dev/nostromo_cl.txt(link is external) ; https://nvd.nist.gov/vuln/detail/CVE-2019-16278 * Currently on page 1 * Page 2 * Page 3 * Page 4 * Page 5 * Page 6 * Page 7 * Page 8 * Page 9 * … * Go to next pageNext * Go to last pageLast SUBSCRIBE TO THE KEV CATALOG UPDATES Stay up to date on the latest known exploited vulnerabilities. Subscribe Now(link is external) Return to top * Topics * Spotlight * Resources & Tools * News & Events * Careers * About Cybersecurity & Infrastructure Security Agency * Facebook * Twitter * LinkedIn * YouTube * Instagram * RSS CISA Central 1-844-Say-CISA SayCISA@cisa.dhs.gov DHS Seal CISA.gov An official website of the U.S. Department of Homeland Security * About CISA * Budget and Performance * DHS.gov * Equal Opportunity & Accessibility * FOIA Requests * No FEAR Act * Office of Inspector General * Privacy Policy * Subscribe * The White House * USA.gov * Website Feedback