Known Exploited Vulnerabilities (KEV)

CISA Catalog

Known Exploited Vulnerabilities

· Live CISA DataCISA KEV catalog — vulnerabilities with active exploitation requiring federal remediation

Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.

KEV Entries

1,619

Ransomware Use

327

Overdue

1,615

Vendors

266

Products

655

26 results · Page 2/2

CVE-2018-13379RansomwareOverdue

Due: 2022-05-03
Added: 2021-11-03

Fortinet FortiOS SSL VPN Path Traversal Vulnerability

Fortinet · FortiOS

Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

Required Action

Apply updates per vendor instructions.

2 / 2