Known Exploited Vulnerabilities Catalog

External catalog of known exploited vulnerabilities conforming to GCVE BCP-07 standard.
Catalog UUID: cce329bf-df49-4c6e-a027-80be2e6483bd (EUVD KEV)

KEV Entries
32
Vulnerability ID Status Exploited Status Updated Evidence Characteristics Actions
CVE-2020-1472
Microsoft - Windows Server version 2004 , Microsoft - Windows Server 2019 +12 more 		Confirmed
Asserted: 2025-01-23 		Yes 2025-01-23
First seen: 2025-01-23 		1 source
csirt_report 		- Details
CVE-2023-22515
Atlassian - Confluence Data Center , Atlassian - Confluence Server 		Confirmed
Asserted: 2025-01-23 		Yes 2025-01-23
First seen: 2025-01-23 		1 source
csirt_report 		- Details
CVE-2017-0144
Microsoft Corporation - Windows SMB 		Confirmed
Asserted: 2025-01-23 		Yes 2025-01-23
First seen: 2025-01-23 		1 source
csirt_report 		- Details
CVE-2023-46747
F5 - BIG-IP 		Confirmed
Asserted: 2025-01-23 		Yes 2025-01-23
First seen: 2025-01-23 		1 source
csirt_report 		- Details
CVE-2023-46604
Apache Software Foundation - Apache ActiveMQ , Apache Software Foundation - Apache ActiveMQ Legacy OpenWire Module 		Confirmed
Asserted: 2025-01-23 		Yes 2025-01-23
First seen: 2025-01-23 		1 source
csirt_report 		- Details
CVE-2023-27997
Fortinet - FortiOS-6K7K , Fortinet - FortiProxy +1 more 		Confirmed
Asserted: 2025-01-23 		Yes 2025-01-23
First seen: 2025-01-23 		1 source
csirt_report 		- Details
CVE-2023-3519
Citrix - NetScaler ADC , Citrix - NetScaler Gateway 		Confirmed
Asserted: 2025-01-23 		Yes 2025-01-23
First seen: 2025-01-23 		1 source
csirt_report 		- Details
CVE-2020-0787
Microsoft - Windows , Microsoft - Windows Server +8 more 		Confirmed
Asserted: 2025-01-23 		Yes 2025-01-23
First seen: 2025-01-23 		1 source
csirt_report 		- Details
CVE-2023-48788
Fortinet - FortiClientEMS , fortinet - forticlient_enterprise_management_server 		Confirmed
Asserted: 2025-01-23 		Yes 2025-01-23
First seen: 2025-01-23 		1 source
csirt_report 		- Details
CVE-2024-8963
Ivanti - CSA (Cloud Services Appliance) , ivanti - endpoint_manager_cloud_services_appliance 		Confirmed
Asserted: 2025-01-17 		Yes 2025-01-17
First seen: 2025-01-17 		1 source
csirt_report 		- Details
displaying 21 - 30 KEV entries in total 32
About this Catalog

ENISA via the CSIRTs network provides list of known-exploited seen in the CSIRTs network.

This Known Exploited Vulnerabilities (KEV) catalog conforms to the GCVE BCP-07 standard (Best Current Practice) standard for documenting vulnerabilities with confirmed or suspected active exploitation.

Each entry includes exploitation status, evidence sources, and characteristics to help organizations prioritize vulnerability remediation efforts.

JSON Schema JSON API NDJSON