CyberAlerts Known Exploited Vulnerabilities (KEV)

CyberAlerts provides a trusted catalog of vulnerabilities known to be exploited in the wild, drawing from many sources, including CISA KEV. Organizations can use this catalog to better prioritize and manage vulnerabilities in response to real-world threat activity. Further information here.

Free API Access!

Show Not In CISA KEV

Displaying vulnerabilities 31 - 40 of 117 in total

CVE-2024-11120	GeoVision EOL devices - OS Command Injection Description: Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports. CVSS: CRITICAL (9.8) EPSS Score: 54.56% SSVC Exploitation: active May 7th, 2025 (28 days ago)
CVE-2025-34028	Commvault Command Center Innovation Release Unathenticated Path Traversal Description: A path traversal vulnerability in Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files, which, when expanded by the target server, result in Remote Code Execution. A PoC exists for this vulnerability. This issue affects Command Center Innovation Release: 11.38. CVSS: CRITICAL (10.0) EPSS Score: 63.86% May 2nd, 2025 (about 1 month ago)
CVE-2024-38475	Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. Description: Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. EPSS Score: 0.04% May 1st, 2025 (about 1 month ago)
CVE-2023-44221	Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative... Description: Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability. CVSS: LOW (0.0) EPSS Score: 0.14% May 1st, 2025 (about 1 month ago)
CVE-2025-3928	Commvault Web Server unspecified vulnerability Description: Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms. CVSS: HIGH (8.8) EPSS Score: 15.08% April 28th, 2025 (about 1 month ago)
CVE-2025-42599	Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request... Description: Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. CVSS: CRITICAL (9.8) EPSS Score: 13.86% April 28th, 2025 (about 1 month ago)
CVE-2025-1976	Code injection exposure in Fabric OS 9.1.0 through 9.1.1d6 Description: Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6. CVSS: HIGH (8.6) EPSS Score: 1.79% April 28th, 2025 (about 1 month ago)
CVE-2025-32432	Craft CMS Allows Remote Code Execution Description: Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity attack vector. This issue has been patched in versions 3.9.15, 4.14.15, and 5.6.17, and is an additional fix for CVE-2023-41892. CVSS: CRITICAL (10.0) EPSS Score: 76.27% SSVC Exploitation: none April 26th, 2025 (about 1 month ago)
CVE-2025-31324	Missing Authorization check in SAP NetWeaver (Visual Composer development server) Description: SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system. CVSS: CRITICAL (10.0) EPSS Score: 78.65% April 25th, 2025 (about 1 month ago)
CVE-2024-21762	A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0... Description: A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests CVSS: CRITICAL (9.8) EPSS Score: 92.52% SSVC Exploitation: active April 24th, 2025 (about 1 month ago)