{"generated_at":"2026-07-03T20:33:50+00:00","count":1631,"data":[{"cve_id":"CVE-2021-21985","vendor_project":"VMware","product":"vCenter Server","vulnerability_name":"VMware vCenter Server Improper Input Validation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-22005","vendor_project":"VMware","product":"vCenter Server","vulnerability_name":"VMware vCenter Server File Upload Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-11510","vendor_project":"Ivanti","product":"Pulse Connect Secure","vulnerability_name":"Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-26855","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-34473","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-0708","vendor_project":"Microsoft","product":"Remote Desktop Services","vulnerability_name":"Microsoft Remote Desktop Services Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-13379","vendor_project":"Fortinet","product":"FortiOS","vulnerability_name":"Fortinet FortiOS SSL VPN Path Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-35464","vendor_project":"ForgeRock","product":"Access Management (AM)","vulnerability_name":"ForgeRock Access Management (AM) Core Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-5902","vendor_project":"F5","product":"BIG-IP","vulnerability_name":"F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-19781","vendor_project":"Citrix","product":"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance","vulnerability_name":"Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-1498","vendor_project":"Cisco","product":"HyperFlex HX","vulnerability_name":"Cisco HyperFlex HX Data Platform Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-26084","vendor_project":"Atlassian","product":"Confluence Server and Data Center","vulnerability_name":"Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-5638","vendor_project":"Apache","product":"Struts","vulnerability_name":"Apache Struts Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-40438","vendor_project":"Apache","product":"Apache","vulnerability_name":"Apache HTTP Server-Side Request Forgery (SSRF)","date_added":"2021-12-01T00:00:00.000000Z","due_date":"2021-12-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-44228","vendor_project":"Apache","product":"Log4j2","vulnerability_name":"Apache Log4j2 Remote Code Execution Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2021-12-24T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-6271","vendor_project":"GNU","product":"Bourne-Again Shell (Bash)","vulnerability_name":"GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability","date_added":"2022-01-28T00:00:00.000000Z","due_date":"2022-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-1635","vendor_project":"Microsoft","product":"HTTP.sys","vulnerability_name":"Microsoft HTTP.sys Remote Code Execution Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-9841","vendor_project":"PHPUnit","product":"PHPUnit","vulnerability_name":"PHPUnit Command Injection Vulnerability","date_added":"2022-02-15T00:00:00.000000Z","due_date":"2022-08-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-29464","vendor_project":"WSO2","product":"Multiple Products","vulnerability_name":"WSO2 Multiple Products Unrestrictive Upload of File Vulnerability","date_added":"2022-04-25T00:00:00.000000Z","due_date":"2022-05-16T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-0160","vendor_project":"OpenSSL","product":"OpenSSL","vulnerability_name":"OpenSSL Information Disclosure Vulnerability","date_added":"2022-05-04T00:00:00.000000Z","due_date":"2022-05-25T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-26134","vendor_project":"Atlassian","product":"Confluence Server\/Data Center","vulnerability_name":"Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability","date_added":"2022-06-02T00:00:00.000000Z","due_date":"2022-06-06T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-0669","vendor_project":"Fortra","product":"GoAnywhere MFT","vulnerability_name":"Fortra GoAnywhere MFT Remote Code Execution Vulnerability","date_added":"2023-02-10T00:00:00.000000Z","due_date":"2023-03-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-27350","vendor_project":"PaperCut","product":"MF\/NG","vulnerability_name":"PaperCut MF\/NG Improper Access Control Vulnerability","date_added":"2023-04-21T00:00:00.000000Z","due_date":"2023-05-12T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-1389","vendor_project":"TP-Link","product":"Archer AX21","vulnerability_name":"TP-Link Archer AX-21 Command Injection Vulnerability","date_added":"2023-05-01T00:00:00.000000Z","due_date":"2023-05-22T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-35078","vendor_project":"Ivanti","product":"Endpoint Manager Mobile (EPMM)","vulnerability_name":"Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability","date_added":"2023-07-25T00:00:00.000000Z","due_date":"2023-08-15T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-32315","vendor_project":"Ignite Realtime","product":"Openfire","vulnerability_name":"Ignite Realtime Openfire Path Traversal Vulnerability","date_added":"2023-08-24T00:00:00.000000Z","due_date":"2023-09-14T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-44487","vendor_project":"IETF","product":"HTTP\/2","vulnerability_name":"HTTP\/2 Rapid Reset Attack Vulnerability","date_added":"2023-10-10T00:00:00.000000Z","due_date":"2023-10-31T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-4966","vendor_project":"Citrix","product":"NetScaler ADC and NetScaler Gateway","vulnerability_name":"Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability","date_added":"2023-10-18T00:00:00.000000Z","due_date":"2023-11-08T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-22518","vendor_project":"Atlassian","product":"Confluence Data Center and Server","vulnerability_name":"Atlassian Confluence Data Center and Server Improper Authorization Vulnerability","date_added":"2023-11-07T00:00:00.000000Z","due_date":"2023-11-28T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-1671","vendor_project":"Sophos","product":"Web Appliance","vulnerability_name":"Sophos Web Appliance Command Injection Vulnerability","date_added":"2023-11-16T00:00:00.000000Z","due_date":"2023-12-07T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-21887","vendor_project":"Ivanti","product":"Connect Secure and Policy Secure","vulnerability_name":"Ivanti Connect Secure and Policy Secure Command Injection Vulnerability","date_added":"2024-01-10T00:00:00.000000Z","due_date":"2024-01-22T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-35082","vendor_project":"Ivanti","product":"Endpoint Manager Mobile (EPMM) and MobileIron Core","vulnerability_name":"Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability","date_added":"2024-01-18T00:00:00.000000Z","due_date":"2024-02-08T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-21893","vendor_project":"Ivanti","product":"Connect Secure, Policy Secure, and Neurons","vulnerability_name":"Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2024-01-31T00:00:00.000000Z","due_date":"2024-02-02T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-3400","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Command Injection Vulnerability","date_added":"2024-04-12T00:00:00.000000Z","due_date":"2024-04-19T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-23897","vendor_project":"Jenkins","product":"Jenkins Command Line Interface (CLI)","vulnerability_name":"Jenkins Command Line Interface (CLI) Path Traversal Vulnerability","date_added":"2024-08-19T00:00:00.000000Z","due_date":"2024-09-09T00:00:00.000000Z","known_ransomware":true,"epss":0.99999,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-26086","vendor_project":"Atlassian","product":"Jira Server and Data Center","vulnerability_name":"Atlassian Jira Server and Data Center Path Traversal Vulnerability","date_added":"2024-11-12T00:00:00.000000Z","due_date":"2024-12-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99999,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2012-1823","vendor_project":"PHP","product":"PHP","vulnerability_name":"PHP-CGI Query String Parameter Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99998,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-2251","vendor_project":"Apache","product":"Struts","vulnerability_name":"Apache Struts Improper Input Validation Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99998,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-7921","vendor_project":"Hikvision","product":"Multiple Products","vulnerability_name":"Hikvision Multiple Products Improper Authentication Vulnerability","date_added":"2026-03-05T00:00:00.000000Z","due_date":"2026-03-26T00:00:00.000000Z","known_ransomware":false,"epss":0.99998,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-14882","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99997,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-22954","vendor_project":"VMware","product":"Workspace ONE Access and Identity Manager","vulnerability_name":"VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability","date_added":"2022-04-14T00:00:00.000000Z","due_date":"2022-05-05T00:00:00.000000Z","known_ransomware":true,"epss":0.99997,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-3273","vendor_project":"D-Link","product":"Multiple NAS Devices","vulnerability_name":"D-Link Multiple NAS Devices Command Injection Vulnerability","date_added":"2024-04-11T00:00:00.000000Z","due_date":"2024-05-02T00:00:00.000000Z","known_ransomware":false,"epss":0.99997,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-16920","vendor_project":"D-Link","product":"Multiple Routers","vulnerability_name":"D-Link Multiple Routers Command Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99996,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-44877","vendor_project":"CWP","product":"Control Web Panel","vulnerability_name":"CWP Control Web Panel OS Command Injection Vulnerability","date_added":"2023-01-17T00:00:00.000000Z","due_date":"2023-02-07T00:00:00.000000Z","known_ransomware":false,"epss":0.99995,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-34102","vendor_project":"Adobe","product":"Commerce and Magento Open Source","vulnerability_name":"Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability","date_added":"2024-07-17T00:00:00.000000Z","due_date":"2024-08-07T00:00:00.000000Z","known_ransomware":false,"epss":0.99994,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-7600","vendor_project":"Drupal","product":"Drupal Core","vulnerability_name":"Drupal Core Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99993,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-8515","vendor_project":"DrayTek","product":"Multiple Vigor Routers","vulnerability_name":"Multiple DrayTek Vigor Routers Web Management Page Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99993,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-11776","vendor_project":"Apache","product":"Struts","vulnerability_name":"Apache Struts Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99993,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-10271","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle Corporation WebLogic Server Remote Code Execution Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":true,"epss":0.99993,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-3452","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)","vulnerability_name":"Cisco ASA and FTD Read-Only Path Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99992,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-41773","vendor_project":"Apache","product":"HTTP Server","vulnerability_name":"Apache HTTP Server Path Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99992,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-27199","vendor_project":"JetBrains","product":"TeamCity","vulnerability_name":"JetBrains TeamCity Relative Path Traversal Vulnerability","date_added":"2026-04-20T00:00:00.000000Z","due_date":"2026-05-04T00:00:00.000000Z","known_ransomware":true,"epss":0.99991,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-12617","vendor_project":"Apache","product":"Tomcat","vulnerability_name":"Apache Tomcat Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99988,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-9054","vendor_project":"Zyxel","product":"Multiple Network-Attached Storage (NAS) Devices","vulnerability_name":"Zyxel Multiple NAS Devices OS Command Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99988,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-34523","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99987,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-4577","vendor_project":"PHP Group","product":"PHP","vulnerability_name":"PHP-CGI OS Command Injection Vulnerability","date_added":"2024-06-12T00:00:00.000000Z","due_date":"2024-07-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99987,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-7593","vendor_project":"Ivanti","product":"Virtual Traffic Manager","vulnerability_name":"Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability","date_added":"2024-09-24T00:00:00.000000Z","due_date":"2024-10-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99987,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-9670","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":false,"epss":0.99986,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-46805","vendor_project":"Ivanti","product":"Connect Secure and Policy Secure","vulnerability_name":"Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability","date_added":"2024-01-10T00:00:00.000000Z","due_date":"2024-01-22T00:00:00.000000Z","known_ransomware":true,"epss":0.99986,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-40684","vendor_project":"Fortinet","product":"Multiple Products","vulnerability_name":"Fortinet Multiple Products Authentication Bypass Vulnerability","date_added":"2022-10-11T00:00:00.000000Z","due_date":"2022-11-01T00:00:00.000000Z","known_ransomware":true,"epss":0.99984,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-29300","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","date_added":"2024-01-08T00:00:00.000000Z","due_date":"2024-01-29T00:00:00.000000Z","known_ransomware":true,"epss":0.99984,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-22527","vendor_project":"Atlassian","product":"Confluence Data Center and Server","vulnerability_name":"Atlassian Confluence Data Center and Server Template Injection Vulnerability","date_added":"2024-01-24T00:00:00.000000Z","due_date":"2024-02-14T00:00:00.000000Z","known_ransomware":true,"epss":0.99984,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-20090","vendor_project":"Arcadyan","product":"Buffalo Firmware","vulnerability_name":"Arcadyan Buffalo Firmware Path Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.99983,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-45195","vendor_project":"Apache","product":"OFBiz","vulnerability_name":"Apache OFBiz Forced Browsing Vulnerability","date_added":"2025-02-04T00:00:00.000000Z","due_date":"2025-02-25T00:00:00.000000Z","known_ransomware":false,"epss":0.99983,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-53770","vendor_project":"Microsoft","product":"SharePoint","vulnerability_name":"Microsoft SharePoint Deserialization of Untrusted Data Vulnerability","date_added":"2025-07-20T00:00:00.000000Z","due_date":"2025-07-21T00:00:00.000000Z","known_ransomware":true,"epss":0.99982,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-22204","vendor_project":"Perl","product":"Exiftool","vulnerability_name":"ExifTool Remote Code Execution Vulnerability","date_added":"2021-11-17T00:00:00.000000Z","due_date":"2021-12-01T00:00:00.000000Z","known_ransomware":false,"epss":0.99981,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-42793","vendor_project":"JetBrains","product":"TeamCity","vulnerability_name":"JetBrains TeamCity Authentication Bypass Vulnerability","date_added":"2023-10-04T00:00:00.000000Z","due_date":"2023-10-25T00:00:00.000000Z","known_ransomware":true,"epss":0.99979,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-24919","vendor_project":"Check Point","product":"Quantum Security Gateways","vulnerability_name":"Check Point Quantum Security Gateways Information Disclosure Vulnerability","date_added":"2024-05-30T00:00:00.000000Z","due_date":"2024-06-20T00:00:00.000000Z","known_ransomware":true,"epss":0.99978,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-45046","vendor_project":"Apache","product":"Log4j2","vulnerability_name":"Apache Log4j2 Deserialization of Untrusted Data Vulnerability","date_added":"2023-05-01T00:00:00.000000Z","due_date":"2023-05-22T00:00:00.000000Z","known_ransomware":true,"epss":0.99977,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-4879","vendor_project":"ServiceNow","product":"Utah, Vancouver, and Washington DC Now Platform","vulnerability_name":"ServiceNow Improper Input Validation Vulnerability","date_added":"2024-07-29T00:00:00.000000Z","due_date":"2024-08-19T00:00:00.000000Z","known_ransomware":false,"epss":0.99976,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-45519","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability","date_added":"2024-10-03T00:00:00.000000Z","due_date":"2024-10-24T00:00:00.000000Z","known_ransomware":false,"epss":0.99976,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-8361","vendor_project":"Realtek","product":"SDK","vulnerability_name":"Realtek SDK Improper Input Validation Vulnerability","date_added":"2023-09-18T00:00:00.000000Z","due_date":"2023-10-09T00:00:00.000000Z","known_ransomware":false,"epss":0.99975,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-22457","vendor_project":"Ivanti","product":"Connect Secure, Policy Secure, and ZTA Gateways","vulnerability_name":"Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability","date_added":"2025-04-04T00:00:00.000000Z","due_date":"2025-04-11T00:00:00.000000Z","known_ransomware":true,"epss":0.99973,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-0282","vendor_project":"Ivanti","product":"Connect Secure, Policy Secure, and ZTA Gateways","vulnerability_name":"Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability","date_added":"2025-01-08T00:00:00.000000Z","due_date":"2025-01-15T00:00:00.000000Z","known_ransomware":true,"epss":0.99971,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-25506","vendor_project":"D-Link","product":"DNS-320 Device","vulnerability_name":"D-Link DNS-320 Device Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99968,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-47986","vendor_project":"IBM","product":"Aspera Faspex","vulnerability_name":"IBM Aspera Faspex Code Execution Vulnerability","date_added":"2023-02-21T00:00:00.000000Z","due_date":"2023-03-14T00:00:00.000000Z","known_ransomware":true,"epss":0.99968,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-3248","vendor_project":"Langflow","product":"Langflow","vulnerability_name":"Langflow Missing Authentication Vulnerability","date_added":"2025-05-05T00:00:00.000000Z","due_date":"2025-05-26T00:00:00.000000Z","known_ransomware":false,"epss":0.99968,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-0158","vendor_project":"Microsoft","product":"MSCOMCTL.OCX","vulnerability_name":"Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99966,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-0688","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99965,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-42013","vendor_project":"Apache","product":"HTTP Server","vulnerability_name":"Apache HTTP Server Path Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99964,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-2725","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server, Injection","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":true,"epss":0.99964,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41082","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Remote Code Execution Vulnerability","date_added":"2022-09-30T00:00:00.000000Z","due_date":"2022-10-21T00:00:00.000000Z","known_ransomware":true,"epss":0.99964,"cvss_score":8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-31161","vendor_project":"CrushFTP","product":"CrushFTP","vulnerability_name":"CrushFTP Authentication Bypass Vulnerability","date_added":"2025-04-07T00:00:00.000000Z","due_date":"2025-04-28T00:00:00.000000Z","known_ransomware":true,"epss":0.99963,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-59287","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability","date_added":"2025-10-24T00:00:00.000000Z","due_date":"2025-11-14T00:00:00.000000Z","known_ransomware":false,"epss":0.99962,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-10149","vendor_project":"Exim","product":"Mail Transfer Agent (MTA)","vulnerability_name":"Exim Mail Transfer Agent (MTA) Improper Input Validation","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":false,"epss":0.99961,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-1709","vendor_project":"ConnectWise","product":"ScreenConnect","vulnerability_name":"ConnectWise ScreenConnect Authentication Bypass Vulnerability","date_added":"2024-02-22T00:00:00.000000Z","due_date":"2024-02-29T00:00:00.000000Z","known_ransomware":true,"epss":0.99959,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-38475","vendor_project":"Apache","product":"HTTP Server","vulnerability_name":"Apache HTTP Server Improper Escaping of Output Vulnerability","date_added":"2025-05-01T00:00:00.000000Z","due_date":"2025-05-22T00:00:00.000000Z","known_ransomware":false,"epss":0.99957,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-1388","vendor_project":"F5","product":"BIG-IP","vulnerability_name":"F5 BIG-IP Missing Authentication Vulnerability","date_added":"2022-05-10T00:00:00.000000Z","due_date":"2022-05-31T00:00:00.000000Z","known_ransomware":true,"epss":0.99956,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-29824","vendor_project":"Ivanti","product":"Endpoint Manager (EPM)","vulnerability_name":"Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability","date_added":"2024-10-02T00:00:00.000000Z","due_date":"2024-10-23T00:00:00.000000Z","known_ransomware":false,"epss":0.99951,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-15961","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Unrestricted File Upload Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.9995,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-10562","vendor_project":"Dasan","product":"Gigabit Passive Optical Network (GPON) Routers","vulnerability_name":"Dasan GPON Routers Command Injection Vulnerability","date_added":"2022-03-31T00:00:00.000000Z","due_date":"2022-04-21T00:00:00.000000Z","known_ransomware":true,"epss":0.9995,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-38035","vendor_project":"Ivanti","product":"Sentry","vulnerability_name":"Ivanti Sentry Authentication Bypass Vulnerability","date_added":"2023-08-22T00:00:00.000000Z","due_date":"2023-09-12T00:00:00.000000Z","known_ransomware":true,"epss":0.99949,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-27065","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99946,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-11882","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99945,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41040","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Server-Side Request Forgery Vulnerability","date_added":"2022-09-30T00:00:00.000000Z","due_date":"2022-10-21T00:00:00.000000Z","known_ransomware":true,"epss":0.99945,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-24813","vendor_project":"Apache","product":"Tomcat","vulnerability_name":"Apache Tomcat Path Equivalence Vulnerability","date_added":"2025-04-01T00:00:00.000000Z","due_date":"2025-04-22T00:00:00.000000Z","known_ransomware":false,"epss":0.99945,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-3129","vendor_project":"Laravel","product":"Ignition","vulnerability_name":"Laravel Ignition File Upload Vulnerability","date_added":"2023-09-18T00:00:00.000000Z","due_date":"2023-10-09T00:00:00.000000Z","known_ransomware":true,"epss":0.99943,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-10189","vendor_project":"Zoho","product":"ManageEngine","vulnerability_name":"Zoho ManageEngine Desktop Central File Upload Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99941,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-7169","vendor_project":"GNU","product":"Bourne-Again Shell (Bash)","vulnerability_name":"GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability","date_added":"2022-01-28T00:00:00.000000Z","due_date":"2022-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.9994,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-3113","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Heap-Based Buffer Overflow Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.9994,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-35405","vendor_project":"Zoho","product":"ManageEngine","vulnerability_name":"Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability","date_added":"2022-09-22T00:00:00.000000Z","due_date":"2022-10-13T00:00:00.000000Z","known_ransomware":false,"epss":0.9994,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-22963","vendor_project":"VMware Tanzu","product":"Spring Cloud","vulnerability_name":"VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99939,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-30525","vendor_project":"Zyxel","product":"Multiple Firewalls","vulnerability_name":"Zyxel Multiple Firewalls OS Command Injection Vulnerability","date_added":"2022-05-16T00:00:00.000000Z","due_date":"2022-06-06T00:00:00.000000Z","known_ransomware":false,"epss":0.99938,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-27198","vendor_project":"JetBrains","product":"TeamCity","vulnerability_name":"JetBrains TeamCity Authentication Bypass Vulnerability","date_added":"2024-03-07T00:00:00.000000Z","due_date":"2024-03-28T00:00:00.000000Z","known_ransomware":true,"epss":0.99938,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-26085","vendor_project":"Atlassian","product":"Confluence Server","vulnerability_name":"Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.99937,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-34362","vendor_project":"Progress","product":"MOVEit Transfer","vulnerability_name":"Progress MOVEit Transfer SQL Injection Vulnerability","date_added":"2023-06-02T00:00:00.000000Z","due_date":"2023-06-23T00:00:00.000000Z","known_ransomware":true,"epss":0.99934,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-0199","vendor_project":"Microsoft","product":"Office and WordPad","vulnerability_name":"Microsoft Office and WordPad Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99933,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-1497","vendor_project":"Cisco","product":"HyperFlex HX","vulnerability_name":"Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.99928,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-29303","vendor_project":"SolarView","product":"Compact","vulnerability_name":"SolarView Compact Command Injection Vulnerability","date_added":"2023-07-13T00:00:00.000000Z","due_date":"2023-08-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99922,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-0604","vendor_project":"Microsoft","product":"SharePoint","vulnerability_name":"Microsoft SharePoint Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99913,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-3396","vendor_project":"Atlassian","product":"Confluence Server and Data Server","vulnerability_name":"Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99913,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-20038","vendor_project":"SonicWall","product":"SMA 100 Appliances","vulnerability_name":"SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability","date_added":"2022-01-28T00:00:00.000000Z","due_date":"2022-02-11T00:00:00.000000Z","known_ransomware":true,"epss":0.99912,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-49704","vendor_project":"Microsoft","product":"SharePoint","vulnerability_name":"Microsoft SharePoint Code Injection Vulnerability","date_added":"2025-07-22T00:00:00.000000Z","due_date":"2025-07-23T00:00:00.000000Z","known_ransomware":true,"epss":0.99907,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-7481","vendor_project":"SonicWall","product":"SMA100","vulnerability_name":"SonicWall SMA100 SQL Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99906,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-1427","vendor_project":"Elastic","product":"Elasticsearch","vulnerability_name":"Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99906,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-0296","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA)","vulnerability_name":"Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99903,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22986","vendor_project":"F5","product":"BIG-IP and BIG-IQ Centralized Management","vulnerability_name":"F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99898,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-24893","vendor_project":"XWiki","product":"Platform","vulnerability_name":"XWiki Platform Eval Injection Vulnerability","date_added":"2025-10-30T00:00:00.000000Z","due_date":"2025-11-20T00:00:00.000000Z","known_ransomware":false,"epss":0.99898,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-5777","vendor_project":"Citrix","product":"NetScaler ADC and Gateway","vulnerability_name":"Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability","date_added":"2025-07-10T00:00:00.000000Z","due_date":"2025-07-11T00:00:00.000000Z","known_ransomware":true,"epss":0.99897,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-39226","vendor_project":"Grafana Labs","product":"Grafana","vulnerability_name":"Grafana Authentication Bypass Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99888,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-0497","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Integer Underflow Vulnerablity","date_added":"2024-09-17T00:00:00.000000Z","due_date":"2024-10-08T00:00:00.000000Z","known_ransomware":false,"epss":0.99883,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-49706","vendor_project":"Microsoft","product":"SharePoint","vulnerability_name":"Microsoft SharePoint Improper Authentication Vulnerability","date_added":"2025-07-22T00:00:00.000000Z","due_date":"2025-07-23T00:00:00.000000Z","known_ransomware":true,"epss":0.99879,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2019-1653","vendor_project":"Cisco","product":"Small Business RV320 and RV325 Routers","vulnerability_name":"Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99876,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-33044","vendor_project":"Dahua","product":"IP Camera Firmware","vulnerability_name":"Dahua IP Camera Authentication Bypass Vulnerability","date_added":"2024-08-21T00:00:00.000000Z","due_date":"2024-09-11T00:00:00.000000Z","known_ransomware":false,"epss":0.99871,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-36260","vendor_project":"Hikvision","product":"Security cameras web server","vulnerability_name":"Hikvision Improper Input Validation","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-01-24T00:00:00.000000Z","known_ransomware":false,"epss":0.99869,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-44515","vendor_project":"Zoho","product":"Desktop Central","vulnerability_name":"Zoho Desktop Central Authentication Bypass Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2021-12-24T00:00:00.000000Z","known_ransomware":false,"epss":0.99867,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-35394","vendor_project":"Realtek","product":"Jungle Software Development Kit (SDK)","vulnerability_name":"Realtek Jungle SDK Remote Code Execution Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2021-12-24T00:00:00.000000Z","known_ransomware":false,"epss":0.99857,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-37415","vendor_project":"Zoho","product":"ManageEngine ServiceDesk Plus (SDP)","vulnerability_name":"Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability","date_added":"2021-12-01T00:00:00.000000Z","due_date":"2021-12-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99854,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-23752","vendor_project":"Joomla!","product":"Joomla!","vulnerability_name":"Joomla! Improper Access Control Vulnerability","date_added":"2024-01-08T00:00:00.000000Z","due_date":"2024-01-29T00:00:00.000000Z","known_ransomware":false,"epss":0.99827,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-46169","vendor_project":"Cacti","product":"Cacti","vulnerability_name":"Cacti Command Injection Vulnerability","date_added":"2023-02-16T00:00:00.000000Z","due_date":"2023-03-09T00:00:00.000000Z","known_ransomware":false,"epss":0.99826,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-7269","vendor_project":"Microsoft","product":"Internet Information Services (IIS)","vulnerability_name":"Microsoft Windows Server Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99823,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-36401","vendor_project":"OSGeo","product":"GeoServer","vulnerability_name":"OSGeo GeoServer GeoTools Eval Injection Vulnerability","date_added":"2024-07-15T00:00:00.000000Z","due_date":"2024-08-05T00:00:00.000000Z","known_ransomware":false,"epss":0.99813,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-21839","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server Unspecified Vulnerability","date_added":"2023-05-01T00:00:00.000000Z","due_date":"2023-05-22T00:00:00.000000Z","known_ransomware":false,"epss":0.99811,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-0796","vendor_project":"Microsoft","product":"SMBv3","vulnerability_name":"Microsoft SMBv3 Remote Code Execution Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":true,"epss":0.9981,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-32432","vendor_project":"Craft CMS","product":"Craft CMS","vulnerability_name":"Craft CMS Code Injection Vulnerability","date_added":"2026-03-20T00:00:00.000000Z","due_date":"2026-04-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99803,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-1040","vendor_project":"Sophos","product":"Firewall","vulnerability_name":"Sophos Firewall Authentication Bypass Vulnerability","date_added":"2022-03-31T00:00:00.000000Z","due_date":"2022-04-21T00:00:00.000000Z","known_ransomware":false,"epss":0.99796,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-7961","vendor_project":"Liferay","product":"Liferay Portal","vulnerability_name":"Liferay Portal Deserialization of Untrusted Data Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99783,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-31207","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Security Feature Bypass Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99782,"cvss_score":6.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2016-6277","vendor_project":"NETGEAR","product":"Multiple Routers","vulnerability_name":"NETGEAR Multiple Routers Remote Code Execution Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-09-07T00:00:00.000000Z","known_ransomware":false,"epss":0.99781,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-15107","vendor_project":"Webmin","product":"Webmin","vulnerability_name":"Webmin Command Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.99766,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-13159","vendor_project":"Ivanti","product":"Endpoint Manager (EPM)","vulnerability_name":"Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability","date_added":"2025-03-10T00:00:00.000000Z","due_date":"2025-03-31T00:00:00.000000Z","known_ransomware":false,"epss":0.99762,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-34527","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Print Spooler Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99759,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-29298","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Improper Access Control Vulnerability","date_added":"2023-07-20T00:00:00.000000Z","due_date":"2023-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.99754,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-47966","vendor_project":"Zoho","product":"ManageEngine","vulnerability_name":"Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability","date_added":"2023-01-23T00:00:00.000000Z","due_date":"2023-02-13T00:00:00.000000Z","known_ransomware":true,"epss":0.99753,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-4863","vendor_project":"Google","product":"Chromium WebP","vulnerability_name":"Google Chromium WebP Heap-Based Buffer Overflow Vulnerability","date_added":"2023-09-13T00:00:00.000000Z","due_date":"2023-10-04T00:00:00.000000Z","known_ransomware":false,"epss":0.99739,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-18935","vendor_project":"Progress","product":"Telerik UI for ASP.NET AJAX","vulnerability_name":"Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99737,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-15505","vendor_project":"Ivanti","product":"MobileIron Multiple Products","vulnerability_name":"Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99737,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-38205","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Improper Access Control Vulnerability","date_added":"2023-07-20T00:00:00.000000Z","due_date":"2023-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.99732,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22205","vendor_project":"GitLab","product":"Community and Enterprise Editions","vulnerability_name":"GitLab Community and Enterprise Editions Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99731,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-16759","vendor_project":"vBulletin","product":"vBulletin","vulnerability_name":"vBulletin PHP Module Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99728,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-38647","vendor_project":"Microsoft","product":"Open Management Infrastructure (OMI)","vulnerability_name":"Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.99723,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-61882","vendor_project":"Oracle","product":"E-Business Suite","vulnerability_name":"Oracle E-Business Suite Unspecified Vulnerability","date_added":"2025-10-06T00:00:00.000000Z","due_date":"2025-10-27T00:00:00.000000Z","known_ransomware":true,"epss":0.99722,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-2861","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Directory Traversal Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.99721,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-31166","vendor_project":"Microsoft","product":"HTTP Protocol Stack","vulnerability_name":"Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability","date_added":"2022-04-06T00:00:00.000000Z","due_date":"2022-04-27T00:00:00.000000Z","known_ransomware":false,"epss":0.99718,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-10033","vendor_project":"PHP","product":"PHPMailer","vulnerability_name":"PHPMailer Command Injection Vulnerability","date_added":"2025-07-07T00:00:00.000000Z","due_date":"2025-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.99714,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-13927","vendor_project":"Apache","product":"Airflow\u0027s Experimental API","vulnerability_name":"Apache Airflow\u0027s Experimental API Authentication Bypass","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.997,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-0012","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability","date_added":"2024-11-18T00:00:00.000000Z","due_date":"2024-12-09T00:00:00.000000Z","known_ransomware":true,"epss":0.99698,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-0147","vendor_project":"Microsoft","product":"SMBv1 server","vulnerability_name":"Microsoft Windows SMBv1 Information Disclosure Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":true,"epss":0.99693,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-1000353","vendor_project":"Jenkins","product":"Jenkins","vulnerability_name":"Jenkins Remote Code Execution Vulnerability","date_added":"2025-10-02T00:00:00.000000Z","due_date":"2025-10-23T00:00:00.000000Z","known_ransomware":false,"epss":0.99686,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-22965","vendor_project":"VMware","product":"Spring Framework","vulnerability_name":"Spring Framework JDK 9+ Remote Code Execution Vulnerability","date_added":"2022-04-04T00:00:00.000000Z","due_date":"2022-04-25T00:00:00.000000Z","known_ransomware":false,"epss":0.99677,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-0543","vendor_project":"Redis","product":"Debian-specific Redis Servers","vulnerability_name":"Debian-specific Redis Server Lua Sandbox Escape Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.9967,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-46604","vendor_project":"Apache","product":"ActiveMQ","vulnerability_name":"Apache ActiveMQ Deserialization of Untrusted Data Vulnerability","date_added":"2023-11-02T00:00:00.000000Z","due_date":"2023-11-23T00:00:00.000000Z","known_ransomware":true,"epss":0.99654,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-35914","vendor_project":"Teclib","product":"GLPI","vulnerability_name":"Teclib GLPI Remote Code Execution Vulnerability","date_added":"2023-03-07T00:00:00.000000Z","due_date":"2023-03-28T00:00:00.000000Z","known_ransomware":false,"epss":0.99628,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-5217","vendor_project":"ServiceNow","product":"Utah, Vancouver, and Washington DC Now Platform","vulnerability_name":"ServiceNow Incomplete List of Disallowed Inputs Vulnerability","date_added":"2024-07-29T00:00:00.000000Z","due_date":"2024-08-19T00:00:00.000000Z","known_ransomware":false,"epss":0.99628,"cvss_score":9.2,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-6278","vendor_project":"GNU","product":"GNU Bash","vulnerability_name":"GNU Bash OS Command Injection Vulnerability","date_added":"2025-10-02T00:00:00.000000Z","due_date":"2025-10-23T00:00:00.000000Z","known_ransomware":false,"epss":0.99621,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-29357","vendor_project":"Microsoft","product":"SharePoint Server","vulnerability_name":"Microsoft SharePoint Server Privilege Escalation Vulnerability","date_added":"2024-01-10T00:00:00.000000Z","due_date":"2024-01-31T00:00:00.000000Z","known_ransomware":true,"epss":0.99618,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-28995","vendor_project":"SolarWinds","product":"Serv-U","vulnerability_name":"SolarWinds Serv-U Path Traversal Vulnerability ","date_added":"2024-07-17T00:00:00.000000Z","due_date":"2024-08-07T00:00:00.000000Z","known_ransomware":false,"epss":0.99614,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-10035","vendor_project":"Fortra","product":"GoAnywhere MFT","vulnerability_name":"Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability","date_added":"2025-09-29T00:00:00.000000Z","due_date":"2025-10-20T00:00:00.000000Z","known_ransomware":true,"epss":0.99614,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-12615","vendor_project":"Apache","product":"Tomcat","vulnerability_name":"Apache Tomcat on Windows Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.99607,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-9465","vendor_project":"Palo Alto Networks","product":"Expedition","vulnerability_name":"Palo Alto Networks Expedition SQL Injection Vulnerability","date_added":"2024-11-14T00:00:00.000000Z","due_date":"2024-12-05T00:00:00.000000Z","known_ransomware":false,"epss":0.99597,"cvss_score":9.2,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-4427","vendor_project":"Ivanti","product":"Endpoint Manager Mobile (EPMM)","vulnerability_name":"Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability","date_added":"2025-05-19T00:00:00.000000Z","due_date":"2025-06-09T00:00:00.000000Z","known_ransomware":false,"epss":0.99589,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-48703","vendor_project":"CWP","product":"Control Web Panel","vulnerability_name":"CWP Control Web Panel OS Command Injection Vulnerability","date_added":"2025-11-04T00:00:00.000000Z","due_date":"2025-11-25T00:00:00.000000Z","known_ransomware":false,"epss":0.99589,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-16846","vendor_project":"SaltStack","product":"Salt","vulnerability_name":"SaltStack Salt Shell Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99585,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-20198","vendor_project":"Cisco","product":"IOS XE Web UI","vulnerability_name":"Cisco IOS XE Web UI Privilege Escalation Vulnerability","date_added":"2023-10-16T00:00:00.000000Z","due_date":"2023-10-20T00:00:00.000000Z","known_ransomware":false,"epss":0.99571,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-21972","vendor_project":"VMware","product":"vCenter Server","vulnerability_name":"VMware vCenter Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.9957,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-55182","vendor_project":"Meta","product":"React Server Components","vulnerability_name":"Meta React Server Components Remote Code Execution Vulnerability","date_added":"2025-12-05T00:00:00.000000Z","due_date":"2025-12-12T00:00:00.000000Z","known_ransomware":true,"epss":0.99562,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-33045","vendor_project":"Dahua","product":"IP Camera Firmware","vulnerability_name":"Dahua IP Camera Authentication Bypass Vulnerability","date_added":"2024-08-21T00:00:00.000000Z","due_date":"2024-09-11T00:00:00.000000Z","known_ransomware":false,"epss":0.99556,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-4040","vendor_project":"CrushFTP","product":"CrushFTP","vulnerability_name":"CrushFTP VFS Sandbox Escape Vulnerability","date_added":"2024-04-24T00:00:00.000000Z","due_date":"2024-05-01T00:00:00.000000Z","known_ransomware":false,"epss":0.99539,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-20062","vendor_project":"ThinkPHP","product":"noneCms","vulnerability_name":"ThinkPHP \u0022noneCms\u0022 Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.9953,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-1472","vendor_project":"Microsoft","product":"Netlogon","vulnerability_name":"Microsoft Netlogon Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99512,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-0171","vendor_project":"Cisco","product":"IOS and IOS XE","vulnerability_name":"Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.9951,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-23692","vendor_project":"Rejetto","product":"HTTP File Server","vulnerability_name":"Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability","date_added":"2024-07-09T00:00:00.000000Z","due_date":"2024-07-30T00:00:00.000000Z","known_ransomware":false,"epss":0.99485,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-42475","vendor_project":"Fortinet","product":"FortiOS","vulnerability_name":"Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability","date_added":"2022-12-13T00:00:00.000000Z","due_date":"2023-01-03T00:00:00.000000Z","known_ransomware":true,"epss":0.99474,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-11043","vendor_project":"PHP","product":"FastCGI Process Manager (FPM)","vulnerability_name":"PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.9947,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-9805","vendor_project":"Apache","product":"Struts","vulnerability_name":"Apache Struts Deserialization of Untrusted Data Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99461,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-2628","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server Unspecified Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":false,"epss":0.99448,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-7494","vendor_project":"Samba","product":"Samba","vulnerability_name":"Samba Remote Code Execution Vulnerability","date_added":"2023-03-30T00:00:00.000000Z","due_date":"2023-04-20T00:00:00.000000Z","known_ransomware":true,"epss":0.99448,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-3519","vendor_project":"Citrix","product":"NetScaler ADC and NetScaler Gateway","vulnerability_name":"Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability","date_added":"2023-07-19T00:00:00.000000Z","due_date":"2023-08-09T00:00:00.000000Z","known_ransomware":true,"epss":0.99445,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-32113","vendor_project":"Apache","product":"OFBiz","vulnerability_name":"Apache OFBiz Path Traversal Vulnerability","date_added":"2024-08-07T00:00:00.000000Z","due_date":"2024-08-28T00:00:00.000000Z","known_ransomware":false,"epss":0.99442,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-34048","vendor_project":"VMware","product":"vCenter Server","vulnerability_name":"VMware vCenter Server Out-of-Bounds Write Vulnerability","date_added":"2024-01-22T00:00:00.000000Z","due_date":"2024-02-12T00:00:00.000000Z","known_ransomware":false,"epss":0.99428,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-38856","vendor_project":"Apache","product":"OFBiz","vulnerability_name":"Apache OFBiz Incorrect Authorization Vulnerability","date_added":"2024-08-27T00:00:00.000000Z","due_date":"2024-09-17T00:00:00.000000Z","known_ransomware":false,"epss":0.99427,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2011-0611","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.9941,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-30190","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability","date_added":"2022-06-14T00:00:00.000000Z","due_date":"2022-07-05T00:00:00.000000Z","known_ransomware":true,"epss":0.99374,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-0148","vendor_project":"Microsoft","product":"SMBv1 server","vulnerability_name":"Microsoft SMBv1 Server Remote Code Execution Vulnerability","date_added":"2022-04-06T00:00:00.000000Z","due_date":"2022-04-27T00:00:00.000000Z","known_ransomware":true,"epss":0.99373,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-31324","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver Unrestricted File Upload Vulnerability","date_added":"2025-04-29T00:00:00.000000Z","due_date":"2025-05-20T00:00:00.000000Z","known_ransomware":true,"epss":0.99359,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-32030","vendor_project":"ASUS","product":"Routers","vulnerability_name":"ASUS Routers Improper Authentication Vulnerability","date_added":"2025-06-02T00:00:00.000000Z","due_date":"2025-06-23T00:00:00.000000Z","known_ransomware":false,"epss":0.99351,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-5119","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Use-After-Free Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.99344,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-6287","vendor_project":"Rejetto","product":"HTTP File Server (HFS)","vulnerability_name":"Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.99323,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-3156","vendor_project":"Sudo","product":"Sudo","vulnerability_name":"Sudo Heap-Based Buffer Overflow Vulnerability","date_added":"2022-04-06T00:00:00.000000Z","due_date":"2022-04-27T00:00:00.000000Z","known_ransomware":false,"epss":0.99295,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-4885","vendor_project":"Progress","product":"WhatsUp Gold","vulnerability_name":"Progress WhatsUp Gold Path Traversal Vulnerability","date_added":"2025-03-03T00:00:00.000000Z","due_date":"2025-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.99288,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-28771","vendor_project":"Zyxel","product":"Multiple Firewalls","vulnerability_name":"Zyxel Multiple Firewalls OS Command Injection Vulnerability","date_added":"2023-05-31T00:00:00.000000Z","due_date":"2023-06-21T00:00:00.000000Z","known_ransomware":false,"epss":0.99284,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-14750","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.9927,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-1938","vendor_project":"Apache","product":"Tomcat","vulnerability_name":"Apache Tomcat Improper Privilege Management Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.9927,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-7602","vendor_project":"Drupal","product":"Core","vulnerability_name":"Drupal Core Remote Code Execution Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":true,"epss":0.99236,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-0144","vendor_project":"Microsoft","product":"SMBv1","vulnerability_name":"Microsoft SMBv1 Remote Code Execution Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":true,"epss":0.9923,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-42237","vendor_project":"Sitecore","product":"XP","vulnerability_name":"Sitecore XP Remote Command Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.99214,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-27348","vendor_project":"Apache","product":"HugeGraph-Server","vulnerability_name":"Apache HugeGraph-Server Improper Access Control Vulnerability","date_added":"2024-09-18T00:00:00.000000Z","due_date":"2024-10-09T00:00:00.000000Z","known_ransomware":false,"epss":0.9921,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-24086","vendor_project":"Adobe","product":"Commerce and Magento Open Source","vulnerability_name":"Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability","date_added":"2022-02-15T00:00:00.000000Z","due_date":"2022-03-01T00:00:00.000000Z","known_ransomware":false,"epss":0.99199,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-0646","vendor_project":"Microsoft","product":".NET Framework","vulnerability_name":"Microsoft .NET Framework Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99193,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-36804","vendor_project":"Atlassian","product":"Bitbucket Server and Data Center","vulnerability_name":"Atlassian Bitbucket Server and Data Center Command Injection Vulnerability","date_added":"2022-09-30T00:00:00.000000Z","due_date":"2022-10-21T00:00:00.000000Z","known_ransomware":false,"epss":0.99174,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-22515","vendor_project":"Atlassian","product":"Confluence Data Center and Server","vulnerability_name":"Atlassian Confluence Data Center and Server Broken Access Control Vulnerability","date_added":"2023-10-05T00:00:00.000000Z","due_date":"2023-10-13T00:00:00.000000Z","known_ransomware":true,"epss":0.99156,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-11978","vendor_project":"Apache","product":"Airflow","vulnerability_name":"Apache Airflow Command Injection","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.99118,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-44529","vendor_project":"Ivanti","product":"Endpoint Manager Cloud Service Appliance (EPM CSA)","vulnerability_name":"Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability ","date_added":"2024-03-25T00:00:00.000000Z","due_date":"2024-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.99105,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-36884","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Search Remote Code Execution Vulnerability","date_added":"2023-07-17T00:00:00.000000Z","due_date":"2023-08-29T00:00:00.000000Z","known_ransomware":true,"epss":0.99083,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-10199","vendor_project":"Sonatype","product":"Nexus Repository","vulnerability_name":"Sonatype Nexus Repository Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.99064,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-16278","vendor_project":"Nostromo","product":"nhttpd","vulnerability_name":"Nostromo nhttpd Directory Traversal Vulnerability","date_added":"2024-11-07T00:00:00.000000Z","due_date":"2024-11-28T00:00:00.000000Z","known_ransomware":false,"epss":0.99057,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-0618","vendor_project":"Microsoft","product":"SQL Server","vulnerability_name":"Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability","date_added":"2024-09-18T00:00:00.000000Z","due_date":"2024-10-09T00:00:00.000000Z","known_ransomware":false,"epss":0.99046,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-10520","vendor_project":"Ivanti","product":"Sentry","vulnerability_name":"Ivanti Sentry OS Command Injection Vulnerability","date_added":"2026-06-11T00:00:00.000000Z","due_date":"2026-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.99041,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-3881","vendor_project":"Cisco","product":"IOS and IOS XE","vulnerability_name":"Cisco IOS and IOS XE Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.98975,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-30333","vendor_project":"RARLAB","product":"UnRAR","vulnerability_name":"RARLAB UnRAR Directory Traversal Vulnerability","date_added":"2022-08-09T00:00:00.000000Z","due_date":"2022-08-30T00:00:00.000000Z","known_ransomware":true,"epss":0.98975,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-40539","vendor_project":"Zoho","product":"ManageEngine","vulnerability_name":"Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.9896,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-3929","vendor_project":"Crestron","product":"Multiple Products","vulnerability_name":"Crestron Multiple Products Command Injection Vulnerability","date_added":"2022-04-15T00:00:00.000000Z","due_date":"2022-05-06T00:00:00.000000Z","known_ransomware":false,"epss":0.98952,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-7247","vendor_project":"OpenBSD","product":"OpenSMTPD","vulnerability_name":"OpenSMTPD Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.98946,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-9791","vendor_project":"Apache","product":"Struts 1","vulnerability_name":"Apache Struts 1 Improper Input Validation Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.98931,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-3236","vendor_project":"Sophos","product":"Firewall","vulnerability_name":"Sophos Firewall Code Injection Vulnerability","date_added":"2022-09-23T00:00:00.000000Z","due_date":"2022-10-14T00:00:00.000000Z","known_ransomware":false,"epss":0.98905,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-24061","vendor_project":"GNU","product":"InetUtils","vulnerability_name":"GNU InetUtils Argument Injection Vulnerability","date_added":"2026-01-26T00:00:00.000000Z","due_date":"2026-02-16T00:00:00.000000Z","known_ransomware":false,"epss":0.98871,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-47246","vendor_project":"SysAid","product":"SysAid Server","vulnerability_name":"SysAid Server Path Traversal Vulnerability","date_added":"2023-11-13T00:00:00.000000Z","due_date":"2023-12-04T00:00:00.000000Z","known_ransomware":true,"epss":0.98851,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-29059","vendor_project":"Microsoft","product":".NET Framework","vulnerability_name":"Microsoft .NET Framework Information Disclosure Vulnerability","date_added":"2025-02-04T00:00:00.000000Z","due_date":"2025-02-25T00:00:00.000000Z","known_ransomware":false,"epss":0.98832,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2008-4250","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Buffer Overflow Vulnerability","date_added":"2026-05-20T00:00:00.000000Z","due_date":"2026-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.98751,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-24816","vendor_project":"OSGeo","product":"JAI-EXT","vulnerability_name":"OSGeo GeoServer JAI-EXT Code Injection Vulnerability","date_added":"2024-06-26T00:00:00.000000Z","due_date":"2024-07-17T00:00:00.000000Z","known_ransomware":false,"epss":0.98739,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-2465","vendor_project":"Oracle","product":"Java SE","vulnerability_name":"Oracle Java SE Unspecified Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.98704,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-3152","vendor_project":"Oracle","product":"Fusion Middleware","vulnerability_name":"Oracle Fusion Middleware Unspecified Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.98695,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-11539","vendor_project":"Ivanti","product":"Pulse Connect Secure and Pulse Policy Secure","vulnerability_name":"Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.98617,"cvss_score":8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-17558","vendor_project":"Apache","product":"Solr","vulnerability_name":"Apache Solr VelocityResponseWriter Plug-In Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.98567,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-8963","vendor_project":"Ivanti","product":"Cloud Services Appliance (CSA)","vulnerability_name":"Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability","date_added":"2024-09-19T00:00:00.000000Z","due_date":"2024-10-10T00:00:00.000000Z","known_ransomware":false,"epss":0.98557,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-50603","vendor_project":"Aviatrix","product":"Controllers","vulnerability_name":"Aviatrix Controllers OS Command Injection Vulnerability","date_added":"2025-01-16T00:00:00.000000Z","due_date":"2025-02-06T00:00:00.000000Z","known_ransomware":false,"epss":0.98545,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-4681","vendor_project":"Oracle","product":"Java SE","vulnerability_name":"Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.98536,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-50623","vendor_project":"Cleo","product":"Multiple Products","vulnerability_name":"Cleo Multiple Products Unrestricted File Upload Vulnerability","date_added":"2024-12-13T00:00:00.000000Z","due_date":"2025-01-03T00:00:00.000000Z","known_ransomware":true,"epss":0.98529,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-3088","vendor_project":"Apache","product":"ActiveMQ","vulnerability_name":"Apache ActiveMQ Improper Input Validation Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.98518,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-20767","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Improper Access Control Vulnerability","date_added":"2024-12-16T00:00:00.000000Z","due_date":"2025-01-06T00:00:00.000000Z","known_ransomware":false,"epss":0.98514,"cvss_score":7.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-39144","vendor_project":"XStream","product":"XStream","vulnerability_name":"XStream Remote Code Execution Vulnerability","date_added":"2023-03-10T00:00:00.000000Z","due_date":"2023-03-31T00:00:00.000000Z","known_ransomware":false,"epss":0.9851,"cvss_score":8.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-5418","vendor_project":"Rails","product":"Ruby on Rails","vulnerability_name":"Rails Ruby on Rails Path Traversal Vulnerability","date_added":"2025-07-07T00:00:00.000000Z","due_date":"2025-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.98507,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2008-2992","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Reader and Acrobat Input Validation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.98482,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-9463","vendor_project":"Palo Alto Networks","product":"Expedition","vulnerability_name":"Palo Alto Networks Expedition OS Command Injection Vulnerability","date_added":"2024-11-14T00:00:00.000000Z","due_date":"2024-12-05T00:00:00.000000Z","known_ransomware":false,"epss":0.98423,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-33017","vendor_project":"Langflow","product":"Langflow","vulnerability_name":"Langflow Code Injection Vulnerability","date_added":"2026-03-25T00:00:00.000000Z","due_date":"2026-04-08T00:00:00.000000Z","known_ransomware":false,"epss":0.98412,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-6207","vendor_project":"SAP","product":"Solution Manager","vulnerability_name":"SAP Solution Manager Missing Authentication for Critical Function Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.98376,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-21587","vendor_project":"Oracle","product":"E-Business Suite","vulnerability_name":"Oracle E-Business Suite Unspecified Vulnerability","date_added":"2023-02-02T00:00:00.000000Z","due_date":"2023-02-23T00:00:00.000000Z","known_ransomware":true,"epss":0.98342,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-15944","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Remote Code Execution Vulnerability","date_added":"2022-08-18T00:00:00.000000Z","due_date":"2022-09-08T00:00:00.000000Z","known_ransomware":false,"epss":0.9834,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-0108","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Authentication Bypass Vulnerability","date_added":"2025-02-18T00:00:00.000000Z","due_date":"2025-03-11T00:00:00.000000Z","known_ransomware":false,"epss":0.98338,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-1000861","vendor_project":"Jenkins","product":"Jenkins Stapler Web Framework","vulnerability_name":"Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.98326,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-1555","vendor_project":"NETGEAR","product":"Wireless Access Point (WAP) Devices","vulnerability_name":"NETGEAR Multiple WAP Devices Command Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.98325,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-55591","vendor_project":"Fortinet","product":"FortiOS and FortiProxy","vulnerability_name":"Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability","date_added":"2025-01-14T00:00:00.000000Z","due_date":"2025-01-21T00:00:00.000000Z","known_ransomware":true,"epss":0.98259,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-22947","vendor_project":"VMware","product":"Spring Cloud Gateway","vulnerability_name":"VMware Spring Cloud Gateway Code Injection Vulnerability","date_added":"2022-05-16T00:00:00.000000Z","due_date":"2022-06-06T00:00:00.000000Z","known_ransomware":false,"epss":0.98253,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-20887","vendor_project":"VMware","product":"Aria Operations for Networks","vulnerability_name":"Vmware Aria Operations for Networks Command Injection Vulnerability","date_added":"2023-06-22T00:00:00.000000Z","due_date":"2023-07-13T00:00:00.000000Z","known_ransomware":false,"epss":0.98243,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-0507","vendor_project":"Oracle","product":"Java SE","vulnerability_name":"Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.98237,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-26138","vendor_project":"Atlassian","product":"Confluence","vulnerability_name":"Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability","date_added":"2022-07-29T00:00:00.000000Z","due_date":"2022-08-19T00:00:00.000000Z","known_ransomware":false,"epss":0.9817,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-27925","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability","date_added":"2022-08-11T00:00:00.000000Z","due_date":"2022-09-01T00:00:00.000000Z","known_ransomware":true,"epss":0.98163,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-12987","vendor_project":"DrayTek","product":"Vigor Routers","vulnerability_name":"DrayTek Vigor Routers OS Command Injection Vulnerability","date_added":"2025-05-15T00:00:00.000000Z","due_date":"2025-06-05T00:00:00.000000Z","known_ransomware":false,"epss":0.98125,"cvss_score":6.9,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-35395","vendor_project":"Realtek","product":"AP-Router SDK","vulnerability_name":"Realtek AP-Router SDK Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.981,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-41940","vendor_project":"WebPros","product":"cPanel \u0026 WHM and WP2 (WordPress Squared)","vulnerability_name":"WebPros cPanel \u0026 WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability","date_added":"2026-04-30T00:00:00.000000Z","due_date":"2026-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.981,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-41713","vendor_project":"Mitel","product":"MiCollab","vulnerability_name":"Mitel MiCollab Path Traversal Vulnerability","date_added":"2025-01-07T00:00:00.000000Z","due_date":"2025-01-28T00:00:00.000000Z","known_ransomware":true,"epss":0.98067,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-25280","vendor_project":"D-Link","product":"DIR-820 Router","vulnerability_name":"D-Link DIR-820 Router OS Command Injection Vulnerability","date_added":"2024-09-30T00:00:00.000000Z","due_date":"2024-10-21T00:00:00.000000Z","known_ransomware":false,"epss":0.98053,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-3272","vendor_project":"D-Link","product":"Multiple NAS Devices","vulnerability_name":"D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability","date_added":"2024-04-11T00:00:00.000000Z","due_date":"2024-05-02T00:00:00.000000Z","known_ransomware":false,"epss":0.98038,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-1956","vendor_project":"Apache","product":"Kylin","vulnerability_name":"Apache Kylin OS Command Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.9796,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-22536","vendor_project":"SAP","product":"Multiple Products","vulnerability_name":"SAP Multiple Products HTTP Request Smuggling Vulnerability","date_added":"2022-08-18T00:00:00.000000Z","due_date":"2022-09-08T00:00:00.000000Z","known_ransomware":false,"epss":0.97945,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-14883","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server Unspecified Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.97929,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-25078","vendor_project":"D-Link","product":"DCS-2530L and DCS-2670L Devices","vulnerability_name":"D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability","date_added":"2025-08-05T00:00:00.000000Z","due_date":"2025-08-26T00:00:00.000000Z","known_ransomware":false,"epss":0.97901,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-68613","vendor_project":"n8n","product":"n8n","vulnerability_name":"n8n Improper Control of Dynamically-Managed Code Resources Vulnerability","date_added":"2026-03-11T00:00:00.000000Z","due_date":"2026-03-25T00:00:00.000000Z","known_ransomware":false,"epss":0.97875,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-17519","vendor_project":"Apache","product":"Flink","vulnerability_name":"Apache Flink Improper Access Control Vulnerability","date_added":"2024-05-23T00:00:00.000000Z","due_date":"2024-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.97856,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-45382","vendor_project":"D-Link","product":"Multiple Routers","vulnerability_name":"D-Link Multiple Routers Remote Code Execution Vulnerability","date_added":"2022-04-04T00:00:00.000000Z","due_date":"2022-04-25T00:00:00.000000Z","known_ransomware":false,"epss":0.97836,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-11738","vendor_project":"WordPress","product":"Snap Creek Duplicator Plugin","vulnerability_name":"WordPress Snap Creek Duplicator Plugin File Download Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.97822,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-38831","vendor_project":"RARLAB","product":"WinRAR","vulnerability_name":"RARLAB WinRAR Code Execution Vulnerability","date_added":"2023-08-24T00:00:00.000000Z","due_date":"2023-09-14T00:00:00.000000Z","known_ransomware":true,"epss":0.97798,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22054","vendor_project":"Omnissa","product":"Workspace One UEM","vulnerability_name":"Omnissa Workspace ONE Server-Side Request Forgery","date_added":"2026-03-09T00:00:00.000000Z","due_date":"2026-03-23T00:00:00.000000Z","known_ransomware":false,"epss":0.97713,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-32433","vendor_project":"Erlang","product":"Erlang\/OTP","vulnerability_name":"Erlang Erlang\/OTP SSH Server Missing Authentication for Critical Function Vulnerability","date_added":"2025-06-09T00:00:00.000000Z","due_date":"2025-06-30T00:00:00.000000Z","known_ransomware":false,"epss":0.97673,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-43769","vendor_project":"Hitachi Vantara","product":"Pentaho Business Analytics (BA) Server","vulnerability_name":"Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability","date_added":"2025-03-03T00:00:00.000000Z","due_date":"2025-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.9767,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-7450","vendor_project":"IBM","product":"WebSphere Application Server and Server Hypervisor Edition","vulnerability_name":"IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":false,"epss":0.97655,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-0422","vendor_project":"Oracle","product":"Java Runtime Environment (JRE)","vulnerability_name":"Oracle JRE Remote Code Execution Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":true,"epss":0.97612,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-36380","vendor_project":"Sunhillo","product":"SureLine","vulnerability_name":"Sunhillo SureLine OS Command Injection Vulnerablity","date_added":"2024-03-05T00:00:00.000000Z","due_date":"2024-03-26T00:00:00.000000Z","known_ransomware":false,"epss":0.97599,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-48788","vendor_project":"Fortinet","product":"FortiClient EMS","vulnerability_name":"Fortinet FortiClient EMS SQL Injection Vulnerability","date_added":"2024-03-25T00:00:00.000000Z","due_date":"2024-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.97591,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-61884","vendor_project":"Oracle","product":"E-Business Suite","vulnerability_name":"Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2025-10-20T00:00:00.000000Z","due_date":"2025-11-10T00:00:00.000000Z","known_ransomware":true,"epss":0.97582,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-33766","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Information Disclosure","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-02-01T00:00:00.000000Z","known_ransomware":false,"epss":0.97502,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-3714","vendor_project":"ImageMagick","product":"ImageMagick","vulnerability_name":"ImageMagick Improper Input Validation Vulnerability","date_added":"2024-09-09T00:00:00.000000Z","due_date":"2024-09-30T00:00:00.000000Z","known_ransomware":false,"epss":0.97485,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-4358","vendor_project":"Progress","product":"Telerik Report Server","vulnerability_name":"Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability","date_added":"2024-06-13T00:00:00.000000Z","due_date":"2024-07-04T00:00:00.000000Z","known_ransomware":false,"epss":0.97482,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-56145","vendor_project":"Craft CMS","product":"Craft CMS","vulnerability_name":"Craft CMS Code Injection Vulnerability","date_added":"2025-06-02T00:00:00.000000Z","due_date":"2025-06-23T00:00:00.000000Z","known_ransomware":false,"epss":0.97446,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-9082","vendor_project":"ThinkPHP","product":"ThinkPHP","vulnerability_name":"ThinkPHP Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.97419,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-23397","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Outlook Privilege Escalation Vulnerability","date_added":"2023-03-14T00:00:00.000000Z","due_date":"2023-04-04T00:00:00.000000Z","known_ransomware":false,"epss":0.97408,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2007-3010","vendor_project":"Alcatel","product":"OmniPCX Enterprise","vulnerability_name":"Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability","date_added":"2022-04-15T00:00:00.000000Z","due_date":"2022-05-06T00:00:00.000000Z","known_ransomware":false,"epss":0.97407,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-27524","vendor_project":"Apache","product":"Superset","vulnerability_name":"Apache Superset Insecure Default Initialization of Resource Vulnerability","date_added":"2024-01-08T00:00:00.000000Z","due_date":"2024-01-29T00:00:00.000000Z","known_ransomware":false,"epss":0.97405,"cvss_score":8.9,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-25213","vendor_project":"WordPress","product":"File Manager Plugin","vulnerability_name":"WordPress File Manager Plugin Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.97328,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-1641","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.97327,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-14864","vendor_project":"Oracle","product":"Intelligence Enterprise Edition","vulnerability_name":"Oracle Business Intelligence Enterprise Edition Path Transversal","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.97233,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-41277","vendor_project":"Metabase","product":"Metabase","vulnerability_name":"Metabase GeoJSON API Local File Inclusion Vulnerability","date_added":"2024-11-12T00:00:00.000000Z","due_date":"2024-12-03T00:00:00.000000Z","known_ransomware":false,"epss":0.97178,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-34028","vendor_project":"Commvault","product":"Command Center","vulnerability_name":"Commvault Command Center Path Traversal Vulnerability","date_added":"2025-05-02T00:00:00.000000Z","due_date":"2025-05-23T00:00:00.000000Z","known_ransomware":false,"epss":0.97157,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-3398","vendor_project":"Atlassian","product":"Confluence Server and Data Center","vulnerability_name":"Atlassian Confluence Server and Data Center Path Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.97153,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-7256","vendor_project":"Nice","product":"Linear eMerge E3-Series","vulnerability_name":"Nice Linear eMerge E3-Series OS Command Injection Vulnerability","date_added":"2024-03-25T00:00:00.000000Z","due_date":"2024-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.97136,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-2555","vendor_project":"Oracle","product":"Multiple Products","vulnerability_name":"Oracle Multiple Products Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.97116,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-26360","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","date_added":"2023-03-15T00:00:00.000000Z","due_date":"2023-04-05T00:00:00.000000Z","known_ransomware":false,"epss":0.97115,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-20500","vendor_project":"D-Link","product":"DWL-2600AP Access Point","vulnerability_name":"D-Link DWL-2600AP Access Point Command Injection Vulnerability","date_added":"2023-06-29T00:00:00.000000Z","due_date":"2023-07-20T00:00:00.000000Z","known_ransomware":false,"epss":0.97109,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-2051","vendor_project":"D-Link","product":"DIR-645 Router","vulnerability_name":"D-Link DIR-645 Router Remote Code Execution Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.97101,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-38203","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","date_added":"2024-01-08T00:00:00.000000Z","due_date":"2024-01-29T00:00:00.000000Z","known_ransomware":true,"epss":0.97003,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-8291","vendor_project":"Artifex","product":"Ghostscript","vulnerability_name":"Artifex Ghostscript Type Confusion Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.96968,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-3962","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability","date_added":"2025-10-06T00:00:00.000000Z","due_date":"2025-10-27T00:00:00.000000Z","known_ransomware":false,"epss":0.96889,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-40444","vendor_project":"Microsoft","product":"MSHTML","vulnerability_name":"Microsoft MSHTML Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.96843,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-5544","vendor_project":"VMware","product":"VMware ESXi and Horizon DaaS","vulnerability_name":"VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.96823,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-54236","vendor_project":"Adobe","product":"Commerce and\u202fMagento","vulnerability_name":"Adobe Commerce and\u202fMagento Improper Input Validation Vulnerability","date_added":"2025-10-24T00:00:00.000000Z","due_date":"2025-11-14T00:00:00.000000Z","known_ransomware":false,"epss":0.96742,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-22502","vendor_project":"Micro Focus","product":"Operation Bridge Reporter (OBR)","vulnerability_name":"Micro Focus Operation Bridge Report (OBR) Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.9674,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-20281","vendor_project":"Cisco","product":"Identity Services Engine","vulnerability_name":"Cisco Identity Services Engine Injection Vulnerability","date_added":"2025-07-28T00:00:00.000000Z","due_date":"2025-08-18T00:00:00.000000Z","known_ransomware":false,"epss":0.96732,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2011-3544","vendor_project":"Oracle","product":"Java SE JDK and JRE","vulnerability_name":"Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.96714,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-25257","vendor_project":"Fortinet","product":"FortiWeb","vulnerability_name":"Fortinet FortiWeb SQL Injection Vulnerability","date_added":"2025-07-18T00:00:00.000000Z","due_date":"2025-08-08T00:00:00.000000Z","known_ransomware":false,"epss":0.9671,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-25223","vendor_project":"Sophos","product":"SG UTM","vulnerability_name":"Sophos SG UTM Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.96693,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-34197","vendor_project":"Apache","product":"ActiveMQ","vulnerability_name":"Apache ActiveMQ Improper Input Validation Vulnerability","date_added":"2026-04-16T00:00:00.000000Z","due_date":"2026-04-30T00:00:00.000000Z","known_ransomware":false,"epss":0.96666,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-6530","vendor_project":"D-Link","product":"Multiple Routers","vulnerability_name":"D-Link Multiple Routers OS Command Injection Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":true,"epss":0.96626,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-33246","vendor_project":"Apache","product":"RocketMQ","vulnerability_name":"Apache RocketMQ Command Execution Vulnerability","date_added":"2023-09-06T00:00:00.000000Z","due_date":"2023-09-27T00:00:00.000000Z","known_ransomware":false,"epss":0.96604,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2009-0927","vendor_project":"Adobe","product":"Reader and Acrobat","vulnerability_name":"Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.96598,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-46747","vendor_project":"F5","product":"BIG-IP Configuration Utility","vulnerability_name":"F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability","date_added":"2023-10-31T00:00:00.000000Z","due_date":"2023-11-21T00:00:00.000000Z","known_ransomware":true,"epss":0.96515,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-8260","vendor_project":"Ivanti","product":"Pulse Connect Secure","vulnerability_name":"Ivanti Pulse Connect Secure Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.9648,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-52163","vendor_project":"Digiever","product":"DS-2105 Pro","vulnerability_name":"Digiever DS-2105 Pro Missing Authorization Vulnerability","date_added":"2025-12-22T00:00:00.000000Z","due_date":"2026-01-12T00:00:00.000000Z","known_ransomware":false,"epss":0.96434,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-11651","vendor_project":"SaltStack","product":"Salt","vulnerability_name":"SaltStack Salt Authentication Bypass Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.96405,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-17562","vendor_project":"Embedthis","product":"GoAhead","vulnerability_name":"Embedthis GoAhead Remote Code Execution Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2022-06-10T00:00:00.000000Z","known_ransomware":false,"epss":0.96327,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-35587","vendor_project":"Oracle","product":"Fusion Middleware","vulnerability_name":"Oracle Fusion Middleware Unspecified Vulnerability","date_added":"2022-11-28T00:00:00.000000Z","due_date":"2022-12-19T00:00:00.000000Z","known_ransomware":false,"epss":0.96284,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-20250","vendor_project":"RARLAB","product":"WinRAR","vulnerability_name":"WinRAR Absolute Path Traversal Vulnerability","date_added":"2022-02-15T00:00:00.000000Z","due_date":"2022-08-15T00:00:00.000000Z","known_ransomware":true,"epss":0.96274,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-23760","vendor_project":"SmarterTools","product":"SmarterMail","vulnerability_name":"SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability","date_added":"2026-01-26T00:00:00.000000Z","due_date":"2026-02-16T00:00:00.000000Z","known_ransomware":true,"epss":0.96268,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-31431","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability","date_added":"2026-05-01T00:00:00.000000Z","due_date":"2026-05-15T00:00:00.000000Z","known_ransomware":false,"epss":0.96267,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-24112","vendor_project":"Apache","product":"APISIX","vulnerability_name":"Apache APISIX Authentication Bypass Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.96182,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-0840","vendor_project":"Oracle","product":"Java Runtime Environment (JRE)","vulnerability_name":"Oracle JRE Unspecified Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.96166,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-14847","vendor_project":"MikroTik","product":"RouterOS","vulnerability_name":"MikroTik Router OS Directory Traversal Vulnerability","date_added":"2021-12-01T00:00:00.000000Z","due_date":"2022-06-01T00:00:00.000000Z","known_ransomware":false,"epss":0.96087,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-20085","vendor_project":"TVT","product":"NVMS-1000","vulnerability_name":"TVT NVMS-1000 Directory Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.96071,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-4852","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.96032,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-10068","vendor_project":"Kentico","product":"Xperience","vulnerability_name":"Kentico Xperience Deserialization of Untrusted Data Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.96031,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-3506","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server OS Command Injection Vulnerability","date_added":"2024-06-03T00:00:00.000000Z","due_date":"2024-06-24T00:00:00.000000Z","known_ransomware":false,"epss":0.96015,"cvss_score":7.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1652","vendor_project":"Cisco","product":"Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers","vulnerability_name":"Cisco Small Business Routers Improper Input Validation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.95923,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-17530","vendor_project":"Apache","product":"Struts","vulnerability_name":"Apache Struts Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.95922,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-5847","vendor_project":"Unraid","product":"Unraid","vulnerability_name":"Unraid Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.95844,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-23131","vendor_project":"Zabbix","product":"Frontend","vulnerability_name":"Zabbix Frontend Authentication Bypass Vulnerability","date_added":"2022-02-22T00:00:00.000000Z","due_date":"2022-03-08T00:00:00.000000Z","known_ransomware":false,"epss":0.95683,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-0313","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Use-After-Free Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.95683,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-1273","vendor_project":"VMware Tanzu","product":"Spring Data Commons","vulnerability_name":"VMware Tanzu Spring Data Commons Property Binder Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.95649,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-39987","vendor_project":"Marimo","product":"Marimo","vulnerability_name":"Marimo Remote Code Execution Vulnerability","date_added":"2026-04-23T00:00:00.000000Z","due_date":"2026-05-07T00:00:00.000000Z","known_ransomware":false,"epss":0.95645,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-5410","vendor_project":"VMware Tanzu","product":"Spring Cloud Configuration (Config) Server","vulnerability_name":"VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.95586,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-0752","vendor_project":"Rails","product":"Ruby on Rails","vulnerability_name":"Ruby on Rails Directory Traversal Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.95537,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41352","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability","date_added":"2022-10-20T00:00:00.000000Z","due_date":"2022-11-10T00:00:00.000000Z","known_ransomware":false,"epss":0.95478,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-21412","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability","date_added":"2024-02-13T00:00:00.000000Z","due_date":"2024-03-05T00:00:00.000000Z","known_ransomware":true,"epss":0.95443,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2009-1151","vendor_project":"phpMyAdmin","product":"phpMyAdmin","vulnerability_name":"phpMyAdmin Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.95438,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-1212","vendor_project":"Progress","product":"Kemp LoadMaster","vulnerability_name":"Progress Kemp LoadMaster OS Command Injection Vulnerability","date_added":"2024-11-18T00:00:00.000000Z","due_date":"2024-12-09T00:00:00.000000Z","known_ransomware":false,"epss":0.95388,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-54068","vendor_project":"Laravel","product":"Livewire","vulnerability_name":"Laravel Livewire Code Injection Vulnerability","date_added":"2026-03-20T00:00:00.000000Z","due_date":"2026-04-03T00:00:00.000000Z","known_ransomware":false,"epss":0.95376,"cvss_score":9.2,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-11580","vendor_project":"Atlassian","product":"Crowd and Crowd Data Center","vulnerability_name":"Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.95355,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-47812","vendor_project":"Wing FTP Server","product":"Wing FTP Server","vulnerability_name":"Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability","date_added":"2025-07-14T00:00:00.000000Z","due_date":"2025-08-04T00:00:00.000000Z","known_ransomware":false,"epss":0.95343,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-7609","vendor_project":"Elastic","product":"Kibana","vulnerability_name":"Kibana Arbitrary Code Execution","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":false,"epss":0.95338,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-36537","vendor_project":"ZK Framework","product":"AuUploader","vulnerability_name":"ZK Framework AuUploader Unspecified Vulnerability","date_added":"2023-02-27T00:00:00.000000Z","due_date":"2023-03-20T00:00:00.000000Z","known_ransomware":true,"epss":0.95335,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-57727","vendor_project":"SimpleHelp ","product":"SimpleHelp","vulnerability_name":"SimpleHelp Path Traversal Vulnerability","date_added":"2025-02-13T00:00:00.000000Z","due_date":"2025-03-06T00:00:00.000000Z","known_ransomware":true,"epss":0.95151,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-53704","vendor_project":"SonicWall","product":"SonicOS","vulnerability_name":"SonicWall SonicOS SSLVPN Improper Authentication Vulnerability","date_added":"2025-02-18T00:00:00.000000Z","due_date":"2025-03-11T00:00:00.000000Z","known_ransomware":true,"epss":0.95132,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0798","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.95121,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-25717","vendor_project":"Ruckus Wireless","product":"Multiple Products","vulnerability_name":"Multiple Ruckus Wireless Products CSRF and RCE Vulnerability","date_added":"2023-05-12T00:00:00.000000Z","due_date":"2023-06-02T00:00:00.000000Z","known_ransomware":false,"epss":0.95107,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-24489","vendor_project":"Citrix","product":"Content Collaboration","vulnerability_name":"Citrix Content Collaboration ShareFile Improper Access Control Vulnerability","date_added":"2023-08-16T00:00:00.000000Z","due_date":"2023-09-06T00:00:00.000000Z","known_ransomware":false,"epss":0.95076,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-6332","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Object Linking \u0026 Embedding (OLE) Automation Array Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.94996,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-7028","vendor_project":"GitLab","product":"GitLab CE\/EE","vulnerability_name":"GitLab Community and Enterprise Editions Improper Access Control Vulnerability","date_added":"2024-05-01T00:00:00.000000Z","due_date":"2024-05-22T00:00:00.000000Z","known_ransomware":false,"epss":0.94955,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-2883","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server Unspecified Vulnerability","date_added":"2025-01-07T00:00:00.000000Z","due_date":"2025-01-28T00:00:00.000000Z","known_ransomware":false,"epss":0.94928,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-4034","vendor_project":"Red Hat","product":"Polkit","vulnerability_name":"Red Hat Polkit Out-of-Bounds Read and Write Vulnerability","date_added":"2022-06-27T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.94921,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-51378","vendor_project":"CyberPersons","product":"CyberPanel","vulnerability_name":"CyberPanel Incorrect Default Permissions Vulnerability","date_added":"2024-12-04T00:00:00.000000Z","due_date":"2024-12-25T00:00:00.000000Z","known_ransomware":true,"epss":0.94878,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-9822","vendor_project":"DotNetNuke (DNN)","product":"DotNetNuke (DNN)","vulnerability_name":"DotNetNuke (DNN) Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.94789,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-9474","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability","date_added":"2024-11-18T00:00:00.000000Z","due_date":"2024-12-09T00:00:00.000000Z","known_ransomware":true,"epss":0.94766,"cvss_score":6.9,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-47575","vendor_project":"Fortinet","product":"FortiManager","vulnerability_name":"Fortinet FortiManager Missing Authentication Vulnerability","date_added":"2024-10-23T00:00:00.000000Z","due_date":"2024-11-13T00:00:00.000000Z","known_ransomware":false,"epss":0.94761,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-6287","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver Missing Authentication for Critical Function Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.94719,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-6670","vendor_project":"Progress","product":"WhatsUp Gold","vulnerability_name":"Progress WhatsUp Gold SQL Injection Vulnerability","date_added":"2024-09-16T00:00:00.000000Z","due_date":"2024-10-07T00:00:00.000000Z","known_ransomware":true,"epss":0.94661,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-21413","vendor_project":"Microsoft","product":"Office Outlook","vulnerability_name":"Microsoft Outlook Improper Input Validation Vulnerability","date_added":"2025-02-06T00:00:00.000000Z","due_date":"2025-02-27T00:00:00.000000Z","known_ransomware":false,"epss":0.9466,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-12637","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver Directory Traversal Vulnerability","date_added":"2025-03-19T00:00:00.000000Z","due_date":"2025-04-09T00:00:00.000000Z","known_ransomware":false,"epss":0.94557,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-14644","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server Remote Code Execution Vulnerability","date_added":"2024-09-18T00:00:00.000000Z","due_date":"2024-10-09T00:00:00.000000Z","known_ransomware":false,"epss":0.94548,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-18368","vendor_project":"Zyxel","product":"P660HN-T1A Routers","vulnerability_name":"Zyxel P660HN-T1A Routers Command Injection Vulnerability","date_added":"2023-08-07T00:00:00.000000Z","due_date":"2023-08-28T00:00:00.000000Z","known_ransomware":false,"epss":0.94508,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-4008","vendor_project":"Smartbedded","product":"Meteobridge","vulnerability_name":"Smartbedded Meteobridge Command Injection Vulnerability","date_added":"2025-10-02T00:00:00.000000Z","due_date":"2025-10-23T00:00:00.000000Z","known_ransomware":false,"epss":0.94376,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-4117","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Arbitrary Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.94354,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-1147","vendor_project":"Microsoft","product":".NET Framework, SharePoint, Visual Studio","vulnerability_name":"Microsoft .NET Framework, SharePoint, and Visual Studio Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.94243,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2007-5659","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Buffer Overflow Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.94222,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-36846","vendor_project":"Juniper","product":"Junos OS","vulnerability_name":"Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability","date_added":"2023-11-13T00:00:00.000000Z","due_date":"2023-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.94205,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-1000486","vendor_project":"Primetek","product":"Primefaces Application","vulnerability_name":"Primetek Primefaces Remote Code Execution Vulnerability","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":false,"epss":0.94104,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-21643","vendor_project":"Fortinet","product":"FortiClient EMS","vulnerability_name":"Fortinet FortiClient EMS SQL Injection Vulnerability","date_added":"2026-04-13T00:00:00.000000Z","due_date":"2026-04-16T00:00:00.000000Z","known_ransomware":false,"epss":0.94085,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-12989","vendor_project":"Citrix","product":"SD-WAN and NetScaler","vulnerability_name":"Citrix SD-WAN and NetScaler SQL Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.94046,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-26857","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.94008,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-48248","vendor_project":"NAKIVO","product":"Backup and Replication","vulnerability_name":"NAKIVO Backup and Replication Absolute Path Traversal Vulnerability","date_added":"2025-03-19T00:00:00.000000Z","due_date":"2025-04-09T00:00:00.000000Z","known_ransomware":false,"epss":0.93995,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-55956","vendor_project":"Cleo","product":"Multiple Products","vulnerability_name":"Cleo Multiple Products Unauthenticated File Upload Vulnerability","date_added":"2024-12-17T00:00:00.000000Z","due_date":"2025-01-07T00:00:00.000000Z","known_ransomware":true,"epss":0.93804,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-0625","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Authentication Bypass Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-09-07T00:00:00.000000Z","known_ransomware":false,"epss":0.93797,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-14933","vendor_project":"NUUO","product":"NVRmini Devices","vulnerability_name":"NUUO NVRmini Devices OS Command Injection Vulnerability ","date_added":"2024-12-18T00:00:00.000000Z","due_date":"2025-01-08T00:00:00.000000Z","known_ransomware":false,"epss":0.93746,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-0632","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Authentication Bypass Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.93691,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-1723","vendor_project":"Oracle","product":"Java SE","vulnerability_name":"Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.93688,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-5122","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Use-After-Free Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.93688,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-36845","vendor_project":"Juniper","product":"Junos OS","vulnerability_name":"Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability","date_added":"2023-11-13T00:00:00.000000Z","due_date":"2023-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.93546,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-44077","vendor_project":"Zoho","product":"ManageEngine ServiceDesk Plus (SDP) \/ SupportCenter Plus","vulnerability_name":"Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability","date_added":"2021-12-01T00:00:00.000000Z","due_date":"2021-12-15T00:00:00.000000Z","known_ransomware":false,"epss":0.93514,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-10561","vendor_project":"Dasan","product":"Gigabit Passive Optical Network (GPON) Routers","vulnerability_name":"Dasan GPON Routers Authentication Bypass Vulnerability","date_added":"2022-03-31T00:00:00.000000Z","due_date":"2022-04-21T00:00:00.000000Z","known_ransomware":false,"epss":0.93316,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-0143","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.93307,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0802","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.93289,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-57819","vendor_project":"Sangoma","product":"FreePBX","vulnerability_name":"Sangoma FreePBX Authentication Bypass Vulnerability","date_added":"2025-08-29T00:00:00.000000Z","due_date":"2025-09-19T00:00:00.000000Z","known_ransomware":false,"epss":0.93286,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-2551","vendor_project":"Oracle","product":"Fusion Middleware","vulnerability_name":"Oracle Fusion Middleware Unspecified Vulnerability","date_added":"2023-11-16T00:00:00.000000Z","due_date":"2023-12-07T00:00:00.000000Z","known_ransomware":false,"epss":0.93168,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-0189","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Memory Corruption Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.93165,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-28987","vendor_project":"SolarWinds","product":"Web Help Desk","vulnerability_name":"SolarWinds Web Help Desk Hardcoded Credential Vulnerability","date_added":"2024-10-15T00:00:00.000000Z","due_date":"2024-11-05T00:00:00.000000Z","known_ransomware":false,"epss":0.93159,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-5849","vendor_project":"Unraid","product":"Unraid","vulnerability_name":"Unraid Authentication Bypass Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.93151,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-4437","vendor_project":"Apache","product":"Shiro","vulnerability_name":"Apache Shiro Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.93143,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-33891","vendor_project":"Apache","product":"Spark","vulnerability_name":"Apache Spark Command Injection Vulnerability","date_added":"2023-03-07T00:00:00.000000Z","due_date":"2023-03-28T00:00:00.000000Z","known_ransomware":false,"epss":0.92984,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-30406","vendor_project":"Gladinet","product":"CentreStack","vulnerability_name":"Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability","date_added":"2025-04-08T00:00:00.000000Z","due_date":"2025-04-29T00:00:00.000000Z","known_ransomware":false,"epss":0.92727,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-24016","vendor_project":"Wazuh","product":"Wazuh Server","vulnerability_name":"Wazuh Server Deserialization of Untrusted Data Vulnerability","date_added":"2025-06-10T00:00:00.000000Z","due_date":"2025-07-01T00:00:00.000000Z","known_ransomware":false,"epss":0.92579,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-40870","vendor_project":"Aviatrix","product":"Aviatrix Controller","vulnerability_name":"Aviatrix Controller Unrestricted Upload of File","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-02-01T00:00:00.000000Z","known_ransomware":false,"epss":0.92382,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-24706","vendor_project":"Apache","product":"CouchDB","vulnerability_name":"Apache CouchDB Insecure Default Initialization of Resource Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.92335,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-3427","vendor_project":"Oracle","product":"Java SE and JRockit","vulnerability_name":"Oracle Java SE and JRockit Unspecified Vulnerability","date_added":"2023-05-12T00:00:00.000000Z","due_date":"2023-06-02T00:00:00.000000Z","known_ransomware":false,"epss":0.92334,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-35273","vendor_project":"Oracle","product":" PeopleSoft Enterprise PeopleTools","vulnerability_name":"Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability","date_added":"2026-06-12T00:00:00.000000Z","due_date":"2026-06-15T00:00:00.000000Z","known_ransomware":true,"epss":0.9233,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-43939","vendor_project":"Hitachi Vantara","product":"Pentaho Business Analytics (BA) Server","vulnerability_name":"Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability","date_added":"2025-03-03T00:00:00.000000Z","due_date":"2025-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.92266,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-5689","vendor_project":"Intel","product":"Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability","vulnerability_name":"Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability","date_added":"2022-01-28T00:00:00.000000Z","due_date":"2022-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.92189,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-2616","vendor_project":"Oracle","product":"BI Publisher (Formerly XML Publisher)","vulnerability_name":"Oracle BI Publisher Unauthorized Access Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.92183,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-1350","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows DNS Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.92178,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-2747","vendor_project":"Kentico","product":"Xperience CMS","vulnerability_name":"Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability","date_added":"2025-10-20T00:00:00.000000Z","due_date":"2025-11-10T00:00:00.000000Z","known_ransomware":false,"epss":0.92161,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-11371","vendor_project":"Gladinet","product":"CentreStack and Triofox","vulnerability_name":"Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability","date_added":"2025-11-04T00:00:00.000000Z","due_date":"2025-11-25T00:00:00.000000Z","known_ransomware":false,"epss":0.92094,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-54309","vendor_project":"CrushFTP","product":"CrushFTP","vulnerability_name":" CrushFTP Unprotected Alternate Channel Vulnerability","date_added":"2025-07-22T00:00:00.000000Z","due_date":"2025-08-12T00:00:00.000000Z","known_ransomware":false,"epss":0.92034,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-0754","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Memory Corruption Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.9203,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-20439","vendor_project":"Cisco","product":"Smart Licensing Utility","vulnerability_name":"Cisco Smart Licensing Utility Static Credential Vulnerability","date_added":"2025-03-31T00:00:00.000000Z","due_date":"2025-04-21T00:00:00.000000Z","known_ransomware":false,"epss":0.9201,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-10148","vendor_project":"SolarWinds","product":"Orion","vulnerability_name":"SolarWinds Orion Authentication Bypass Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.9198,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-7399","vendor_project":"Samsung","product":"MagicINFO 9 Server","vulnerability_name":"Samsung MagicINFO 9 Server Path Traversal Vulnerability","date_added":"2026-04-24T00:00:00.000000Z","due_date":"2026-05-08T00:00:00.000000Z","known_ransomware":false,"epss":0.91941,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-11138","vendor_project":"Quest","product":"KACE System Management Appliance","vulnerability_name":"Quest KACE System Management Appliance Remote Command Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.91931,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-6340","vendor_project":"Drupal","product":"Core","vulnerability_name":"Drupal Core Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.91919,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-0249","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Use-After-Free Vulnerability","date_added":"2026-05-20T00:00:00.000000Z","due_date":"2026-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.91885,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-8657","vendor_project":"EyesOfNetwork","product":"EyesOfNetwork","vulnerability_name":"EyesOfNetwork Use of Hard-Coded Credentials Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.91874,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-5910","vendor_project":"Palo Alto Networks","product":"Expedition","vulnerability_name":"Palo Alto Networks Expedition Missing Authentication Vulnerability","date_added":"2024-11-07T00:00:00.000000Z","due_date":"2024-11-28T00:00:00.000000Z","known_ransomware":false,"epss":0.91783,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-11680","vendor_project":"ProjectSend","product":"ProjectSend","vulnerability_name":"ProjectSend Improper Authentication Vulnerability","date_added":"2024-12-03T00:00:00.000000Z","due_date":"2024-12-24T00:00:00.000000Z","known_ransomware":false,"epss":0.91559,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-26352","vendor_project":"dotCMS","product":"dotCMS","vulnerability_name":"dotCMS Unrestricted Upload of File Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":true,"epss":0.91501,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-2568","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Remote Code Execution Vulnerability","date_added":"2022-09-15T00:00:00.000000Z","due_date":"2022-10-06T00:00:00.000000Z","known_ransomware":false,"epss":0.91324,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-35211","vendor_project":"SolarWinds","product":"Serv-U","vulnerability_name":"SolarWinds Serv-U Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.9116,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-5076","vendor_project":"Oracle","product":"Java SE","vulnerability_name":"Oracle Java SE Sandbox Bypass Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.91013,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-8243","vendor_project":"Ivanti","product":"Pulse Connect Secure","vulnerability_name":"Ivanti Pulse Connect Secure Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.90759,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-12149","vendor_project":"Red Hat","product":"JBoss Application Server","vulnerability_name":"Red Hat JBoss Application Server Remote Code Execution Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2022-06-10T00:00:00.000000Z","known_ransomware":true,"epss":0.90713,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-3066","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Deserialization Vulnerability","date_added":"2025-02-24T00:00:00.000000Z","due_date":"2025-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.90597,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-21311","vendor_project":"Adminer","product":"Adminer","vulnerability_name":"Adminer Server-Side Request Forgery Vulnerability","date_added":"2025-09-29T00:00:00.000000Z","due_date":"2025-10-20T00:00:00.000000Z","known_ransomware":false,"epss":0.90461,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-32648","vendor_project":"October CMS","product":"October CMS","vulnerability_name":"October CMS Improper Authentication","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-02-01T00:00:00.000000Z","known_ransomware":false,"epss":0.90418,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-42321","vendor_project":"Microsoft","product":"Exchange","vulnerability_name":"Microsoft Exchange Server Remote Code Execution Vulnerability","date_added":"2021-11-17T00:00:00.000000Z","due_date":"2021-12-01T00:00:00.000000Z","known_ransomware":true,"epss":0.90388,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-3952","vendor_project":"VMware","product":"vCenter Server","vulnerability_name":"VMware vCenter Server Information Disclosure Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.90384,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-12480","vendor_project":"Gladinet","product":"Triofox","vulnerability_name":"Gladinet Triofox Improper Access Control Vulnerability","date_added":"2025-11-12T00:00:00.000000Z","due_date":"2025-12-03T00:00:00.000000Z","known_ransomware":false,"epss":0.90355,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-41763","vendor_project":"Microsoft","product":"Skype for Business","vulnerability_name":"Microsoft Skype for Business Privilege Escalation Vulnerability","date_added":"2023-10-10T00:00:00.000000Z","due_date":"2023-10-31T00:00:00.000000Z","known_ransomware":false,"epss":0.90353,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2016-8735","vendor_project":"Apache","product":"Tomcat","vulnerability_name":"Apache Tomcat Remote Code Execution Vulnerability","date_added":"2023-05-12T00:00:00.000000Z","due_date":"2023-06-02T00:00:00.000000Z","known_ransomware":false,"epss":0.90338,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-21315","vendor_project":"Npm package","product":"System Information Library for Node.JS","vulnerability_name":"System Information Library for Node.JS Command Injection","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-02-01T00:00:00.000000Z","known_ransomware":false,"epss":0.9024,"cvss_score":7.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-40044","vendor_project":"Progress","product":"WS_FTP Server","vulnerability_name":"Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability","date_added":"2023-10-05T00:00:00.000000Z","due_date":"2023-10-26T00:00:00.000000Z","known_ransomware":true,"epss":0.9015,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2009-3960","vendor_project":"Adobe","product":"BlazeDS","vulnerability_name":"Adobe BlazeDS Information Disclosure Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-09-07T00:00:00.000000Z","known_ransomware":true,"epss":0.90118,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-29583","vendor_project":"Zyxel","product":"Multiple Products","vulnerability_name":"Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.90049,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-17463","vendor_project":"Fuel CMS","product":"Fuel CMS","vulnerability_name":"Fuel CMS SQL Injection Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2022-06-10T00:00:00.000000Z","known_ransomware":false,"epss":0.90044,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-8464","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.90026,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-0431","vendor_project":"Oracle","product":"Java Runtime Environment (JRE)","vulnerability_name":"Oracle JRE Sandbox Bypass Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":true,"epss":0.89987,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-8570","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Remote Code Execution Vulnerability","date_added":"2022-02-25T00:00:00.000000Z","due_date":"2022-08-25T00:00:00.000000Z","known_ransomware":false,"epss":0.89889,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-0146","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows SMB Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.89862,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-0145","vendor_project":"Microsoft","product":"SMBv1","vulnerability_name":"Microsoft SMBv1 Remote Code Execution Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":true,"epss":0.8985,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-54253","vendor_project":"Adobe","product":"Experience Manager (AEM) Forms","vulnerability_name":"Adobe Experience Manager Forms Code Execution Vulnerability","date_added":"2025-10-15T00:00:00.000000Z","due_date":"2025-11-05T00:00:00.000000Z","known_ransomware":false,"epss":0.89824,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-13160","vendor_project":"Ivanti","product":"Endpoint Manager (EPM)","vulnerability_name":"Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability","date_added":"2025-03-10T00:00:00.000000Z","due_date":"2025-03-31T00:00:00.000000Z","known_ransomware":false,"epss":0.89738,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-37164","vendor_project":"Hewlett Packard Enterprise (HPE)","product":"OneView","vulnerability_name":"Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability","date_added":"2026-01-07T00:00:00.000000Z","due_date":"2026-01-28T00:00:00.000000Z","known_ransomware":false,"epss":0.89733,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-7195","vendor_project":"QNAP","product":"Photo Station","vulnerability_name":"QNAP Photo Station Path Traversal Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":true,"epss":0.89681,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-20273","vendor_project":"Cisco","product":"Cisco IOS XE Web UI","vulnerability_name":"Cisco IOS XE Web UI Command Injection Vulnerability","date_added":"2023-10-23T00:00:00.000000Z","due_date":"2023-10-27T00:00:00.000000Z","known_ransomware":false,"epss":0.89634,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-36844","vendor_project":"Juniper","product":"Junos OS","vulnerability_name":"Juniper Junos OS EX Series PHP External Variable Modification Vulnerability","date_added":"2023-11-13T00:00:00.000000Z","due_date":"2023-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.89628,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2019-17621","vendor_project":"D-Link","product":"DIR-859 Router","vulnerability_name":"D-Link DIR-859 Router Command Execution Vulnerability","date_added":"2023-06-29T00:00:00.000000Z","due_date":"2023-07-20T00:00:00.000000Z","known_ransomware":false,"epss":0.89624,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-4878","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.89618,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-64446","vendor_project":"Fortinet","product":"FortiWeb","vulnerability_name":"Fortinet FortiWeb Path Traversal Vulnerability","date_added":"2025-11-14T00:00:00.000000Z","due_date":"2025-11-21T00:00:00.000000Z","known_ransomware":false,"epss":0.89526,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-26858","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.89509,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-3333","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Stack-based Buffer Overflow Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.89497,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-49113","vendor_project":"Roundcube","product":"Webmail","vulnerability_name":"RoundCube Webmail Deserialization of Untrusted Data Vulnerability","date_added":"2026-02-20T00:00:00.000000Z","due_date":"2026-03-13T00:00:00.000000Z","known_ransomware":false,"epss":0.89462,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-0601","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows CryptoAPI Spoofing Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.89436,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-14839","vendor_project":"LG","product":"N1A1 NAS","vulnerability_name":"LG N1A1 NAS Remote Command Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.89354,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-5521","vendor_project":"NETGEAR","product":"Multiple Devices","vulnerability_name":"NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":false,"epss":0.89294,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-5086","vendor_project":"Dassault Syst\u00e8mes","product":"DELMIA Apriso","vulnerability_name":"Dassault Syst\u00e8mes DELMIA Apriso Deserialization of Untrusted Data Vulnerability","date_added":"2025-09-11T00:00:00.000000Z","due_date":"2025-10-02T00:00:00.000000Z","known_ransomware":false,"epss":0.89077,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-8190","vendor_project":"Ivanti","product":"Cloud Services Appliance","vulnerability_name":"Ivanti Cloud Services Appliance OS Command Injection Vulnerability","date_added":"2024-09-13T00:00:00.000000Z","due_date":"2024-10-04T00:00:00.000000Z","known_ransomware":false,"epss":0.88955,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-43798","vendor_project":"Grafana Labs","product":"Grafana","vulnerability_name":"Grafana Path Traversal Vulnerability","date_added":"2025-10-09T00:00:00.000000Z","due_date":"2025-10-30T00:00:00.000000Z","known_ransomware":false,"epss":0.88849,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2012-0151","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.8878,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-8759","vendor_project":"Microsoft","product":".NET Framework","vulnerability_name":"Microsoft .NET Framework Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.88698,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-3120","vendor_project":"Elastic","product":"Elasticsearch","vulnerability_name":"Elasticsearch Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.88559,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-13161","vendor_project":"Ivanti","product":"Endpoint Manager (EPM)","vulnerability_name":"Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability","date_added":"2025-03-10T00:00:00.000000Z","due_date":"2025-03-31T00:00:00.000000Z","known_ransomware":false,"epss":0.88518,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-35616","vendor_project":"Fortinet","product":"FortiClient EMS","vulnerability_name":"Fortinet FortiClient EMS Improper Access Control Vulnerability","date_added":"2026-04-06T00:00:00.000000Z","due_date":"2026-04-09T00:00:00.000000Z","known_ransomware":false,"epss":0.88505,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-8193","vendor_project":"Citrix","product":"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance","vulnerability_name":"Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.88411,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-26399","vendor_project":"SolarWinds","product":"Web Help Desk","vulnerability_name":"SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability","date_added":"2026-03-09T00:00:00.000000Z","due_date":"2026-03-12T00:00:00.000000Z","known_ransomware":false,"epss":0.8833,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-61757","vendor_project":"Oracle","product":"Fusion Middleware","vulnerability_name":"Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability","date_added":"2025-11-21T00:00:00.000000Z","due_date":"2025-12-12T00:00:00.000000Z","known_ransomware":false,"epss":0.88312,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-37042","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability","date_added":"2022-08-11T00:00:00.000000Z","due_date":"2022-09-01T00:00:00.000000Z","known_ransomware":true,"epss":0.88256,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-0188","vendor_project":"Adobe","product":"Reader and Acrobat","vulnerability_name":"Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.88246,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-7192","vendor_project":"QNAP","product":"Photo Station","vulnerability_name":"QNAP Photo Station Improper Access Control Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":true,"epss":0.88213,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-36025","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows SmartScreen Security Feature Bypass Vulnerability","date_added":"2023-11-14T00:00:00.000000Z","due_date":"2023-12-05T00:00:00.000000Z","known_ransomware":false,"epss":0.88196,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-40711","vendor_project":"Veeam","product":"Backup \u0026 Replication","vulnerability_name":"Veeam Backup and Replication Deserialization Vulnerability","date_added":"2024-10-17T00:00:00.000000Z","due_date":"2024-11-07T00:00:00.000000Z","known_ransomware":true,"epss":0.88193,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-20253","vendor_project":"Splunk","product":"Enterprise","vulnerability_name":"Splunk Enterprise Missing Authentication for Critical Function Vulnerability","date_added":"2026-06-18T00:00:00.000000Z","due_date":"2026-06-21T00:00:00.000000Z","known_ransomware":false,"epss":0.88171,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-0847","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Privilege Escalation Vulnerability","date_added":"2022-04-25T00:00:00.000000Z","due_date":"2022-05-16T00:00:00.000000Z","known_ransomware":false,"epss":0.88106,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-1776","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Memory Corruption Vulnerability","date_added":"2022-01-28T00:00:00.000000Z","due_date":"2022-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.88013,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-21973","vendor_project":"VMware","product":"vCenter Server and Cloud Foundation","vulnerability_name":"VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-03-21T00:00:00.000000Z","known_ransomware":false,"epss":0.88012,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-12356","vendor_project":"BeyondTrust","product":"Privileged Remote Access (PRA) and Remote Support (RS) ","vulnerability_name":"BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability ","date_added":"2024-12-19T00:00:00.000000Z","due_date":"2024-12-27T00:00:00.000000Z","known_ransomware":false,"epss":0.87991,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-9079","vendor_project":"Mozilla","product":"Firefox, Firefox ESR, and Thunderbird","vulnerability_name":"Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability","date_added":"2023-06-22T00:00:00.000000Z","due_date":"2023-07-13T00:00:00.000000Z","known_ransomware":false,"epss":0.87921,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-27593","vendor_project":"QNAP","product":"Photo Station","vulnerability_name":"QNAP Photo Station Externally Controlled Reference Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":true,"epss":0.87908,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-8174","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability","date_added":"2022-02-15T00:00:00.000000Z","due_date":"2022-08-15T00:00:00.000000Z","known_ransomware":true,"epss":0.87814,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-58136","vendor_project":"Yiiframework","product":"Yii","vulnerability_name":"Yiiframework Yii Improper Protection of Alternate Path Vulnerability","date_added":"2025-05-02T00:00:00.000000Z","due_date":"2025-05-23T00:00:00.000000Z","known_ransomware":false,"epss":0.87776,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-17496","vendor_project":"vBulletin","product":"vBulletin","vulnerability_name":"vBulletin PHP Module Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.8774,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-24423","vendor_project":"SmarterTools","product":"SmarterMail","vulnerability_name":"SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability","date_added":"2026-02-05T00:00:00.000000Z","due_date":"2026-02-26T00:00:00.000000Z","known_ransomware":true,"epss":0.87693,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-20182","vendor_project":"Cisco","product":"Catalyst SD-WAN","vulnerability_name":"Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability","date_added":"2026-05-14T00:00:00.000000Z","due_date":"2026-05-17T00:00:00.000000Z","known_ransomware":false,"epss":0.87693,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-6415","vendor_project":"Cisco","product":"IOS, IOS XR, and IOS XE","vulnerability_name":"Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability","date_added":"2023-05-19T00:00:00.000000Z","due_date":"2023-06-09T00:00:00.000000Z","known_ransomware":false,"epss":0.87687,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-1708","vendor_project":"ConnectWise","product":"ScreenConnect","vulnerability_name":"ConnectWise ScreenConnect Path Traversal Vulnerability","date_added":"2026-04-28T00:00:00.000000Z","due_date":"2026-05-12T00:00:00.000000Z","known_ransomware":true,"epss":0.87624,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-26143","vendor_project":"Mitel","product":"MiCollab, MiVoice Business Express","vulnerability_name":"MiCollab, MiVoice Business Express Access Control Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.87565,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-4428","vendor_project":"Ivanti","product":"Endpoint Manager Mobile (EPMM)","vulnerability_name":"Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability","date_added":"2025-05-19T00:00:00.000000Z","due_date":"2025-06-09T00:00:00.000000Z","known_ransomware":false,"epss":0.87529,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-6366","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA)","vulnerability_name":"Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.87503,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-6324","vendor_project":"Microsoft","product":"Kerberos Key Distribution Center (KDC)","vulnerability_name":"Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.87448,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-29635","vendor_project":"D-Link","product":"DIR-823X","vulnerability_name":"D-Link DIR-823X Command Injection Vulnerability","date_added":"2026-04-24T00:00:00.000000Z","due_date":"2026-05-08T00:00:00.000000Z","known_ransomware":false,"epss":0.87239,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-16057","vendor_project":"D-Link","product":"DNS-320 Storage Device","vulnerability_name":"D-Link DNS-320 Remote Code Execution Vulnerability","date_added":"2022-04-15T00:00:00.000000Z","due_date":"2022-05-06T00:00:00.000000Z","known_ransomware":true,"epss":0.8721,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-9276","vendor_project":"Paessler","product":"PRTG Network Monitor","vulnerability_name":"Paessler PRTG Network Monitor OS Command Injection Vulnerability","date_added":"2025-02-04T00:00:00.000000Z","due_date":"2025-02-25T00:00:00.000000Z","known_ransomware":false,"epss":0.87173,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-4113","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-05-04T00:00:00.000000Z","due_date":"2022-05-25T00:00:00.000000Z","known_ransomware":false,"epss":0.87042,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-40655","vendor_project":"D-Link","product":"DIR-605 Router","vulnerability_name":"D-Link DIR-605 Router Information Disclosure Vulnerability","date_added":"2024-05-16T00:00:00.000000Z","due_date":"2024-06-06T00:00:00.000000Z","known_ransomware":false,"epss":0.87039,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-0640","vendor_project":"Adobe","product":"Reader and Acrobat","vulnerability_name":"Adobe Reader and Acrobat Memory Corruption Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.86979,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-2868","vendor_project":"Barracuda Networks","product":"Email Security Gateway (ESG) Appliance","vulnerability_name":"Barracuda Networks ESG Appliance Improper Input Validation Vulnerability","date_added":"2023-05-26T00:00:00.000000Z","due_date":"2023-06-16T00:00:00.000000Z","known_ransomware":false,"epss":0.86956,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-0674","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.86863,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-51567","vendor_project":"CyberPersons","product":"CyberPanel","vulnerability_name":"CyberPanel Incorrect Default Permissions Vulnerability","date_added":"2024-11-07T00:00:00.000000Z","due_date":"2024-11-28T00:00:00.000000Z","known_ransomware":true,"epss":0.86725,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-18362","vendor_project":"Kaseya","product":"Virtual System\/Server Administrator (VSA)","vulnerability_name":"Kaseya VSA SQL Injection Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":true,"epss":0.86706,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-2426","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.8669,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-8644","vendor_project":"PlaySMS","product":"PlaySMS","vulnerability_name":"PlaySMS Server-Side Template Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.86689,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-0257","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Authentication Bypass Vulnerability","date_added":"2026-05-29T00:00:00.000000Z","due_date":"2026-06-01T00:00:00.000000Z","known_ransomware":false,"epss":0.86678,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2009-3459","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability","date_added":"2026-05-20T00:00:00.000000Z","due_date":"2026-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.86468,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-19410","vendor_project":"Paessler","product":"PRTG Network Monitor","vulnerability_name":"Paessler PRTG Network Monitor Local File Inclusion Vulnerability","date_added":"2025-02-04T00:00:00.000000Z","due_date":"2025-02-25T00:00:00.000000Z","known_ransomware":false,"epss":0.8646,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-4716","vendor_project":"IBM","product":"Planning Analytics","vulnerability_name":"IBM Planning Analytics Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.86441,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-6961","vendor_project":"VMware","product":"SD-WAN Edge","vulnerability_name":"VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.86431,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-9242","vendor_project":"WatchGuard","product":"Firebox","vulnerability_name":"WatchGuard Firebox Out-of-Bounds Write Vulnerability","date_added":"2025-11-12T00:00:00.000000Z","due_date":"2025-12-03T00:00:00.000000Z","known_ransomware":false,"epss":0.8637,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2011-2462","vendor_project":"Adobe","product":"Reader and Acrobat","vulnerability_name":"Adobe Reader and Acrobat Universal 3D Memory Corruption Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.86238,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-21017","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.8621,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-6218","vendor_project":"RARLAB","product":"WinRAR","vulnerability_name":"RARLAB WinRAR Path Traversal Vulnerability","date_added":"2025-12-09T00:00:00.000000Z","due_date":"2025-12-30T00:00:00.000000Z","known_ransomware":false,"epss":0.86192,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-1675","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Print Spooler Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.86132,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-1731","vendor_project":"BeyondTrust","product":"Remote Support (RS) and Privileged Remote Access (PRA)","vulnerability_name":"BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability","date_added":"2026-02-13T00:00:00.000000Z","due_date":"2026-02-16T00:00:00.000000Z","known_ransomware":true,"epss":0.86091,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-11652","vendor_project":"SaltStack","product":"Salt","vulnerability_name":"SaltStack Salt Path Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.86063,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2015-2545","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Malformed EPS File Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.86053,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-3893","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Resource Management Errors Vulnerability","date_added":"2025-08-12T00:00:00.000000Z","due_date":"2025-09-02T00:00:00.000000Z","known_ransomware":false,"epss":0.8593,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-31755","vendor_project":"Tenda","product":"AC11 Router","vulnerability_name":"Tenda AC11 Router Stack Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.85849,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-24858","vendor_project":"Fortinet","product":"Multiple Products","vulnerability_name":"Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability","date_added":"2026-01-27T00:00:00.000000Z","due_date":"2026-01-30T00:00:00.000000Z","known_ransomware":false,"epss":0.85844,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-0311","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Remote Code Execution Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.8582,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-8088","vendor_project":"RARLAB","product":"WinRAR","vulnerability_name":"RARLAB WinRAR Path Traversal Vulnerability","date_added":"2025-08-12T00:00:00.000000Z","due_date":"2025-09-02T00:00:00.000000Z","known_ransomware":false,"epss":0.85778,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2009-3129","vendor_project":"Microsoft","product":"Excel","vulnerability_name":"Microsoft Excel Featheader Record Memory Corruption Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.85731,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-27997","vendor_project":"Fortinet","product":"FortiOS and FortiProxy SSL-VPN","vulnerability_name":"Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability","date_added":"2023-06-13T00:00:00.000000Z","due_date":"2023-07-04T00:00:00.000000Z","known_ransomware":true,"epss":0.85689,"cvss_score":9.2,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-30116","vendor_project":"Kaseya","product":"Virtual System\/Server Administrator (VSA)","vulnerability_name":"Kaseya Virtual System\/Server Administrator (VSA) Information Disclosure Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.85619,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-20362","vendor_project":"Cisco","product":"Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense","vulnerability_name":"Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability","date_added":"2025-09-25T00:00:00.000000Z","due_date":"2025-09-26T00:00:00.000000Z","known_ransomware":false,"epss":0.85543,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-52691","vendor_project":"SmarterTools","product":"SmarterMail","vulnerability_name":"SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability","date_added":"2026-01-26T00:00:00.000000Z","due_date":"2026-02-16T00:00:00.000000Z","known_ransomware":true,"epss":0.85457,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-3580","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)","vulnerability_name":"Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.85439,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-7796","vendor_project":"Synacor","product":"Zimbra Collaboration Suite","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability","date_added":"2026-02-17T00:00:00.000000Z","due_date":"2026-03-10T00:00:00.000000Z","known_ransomware":false,"epss":0.85416,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-24955","vendor_project":"Microsoft","product":"SharePoint Server","vulnerability_name":"Microsoft SharePoint Server Code Injection Vulnerability","date_added":"2024-03-26T00:00:00.000000Z","due_date":"2024-04-16T00:00:00.000000Z","known_ransomware":true,"epss":0.85395,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-2423","vendor_project":"Oracle","product":"Java Runtime Environment (JRE)","vulnerability_name":"Oracle JRE Unspecified Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.85333,"cvss_score":3.7,"cvss_severity":"LOW"},{"cve_id":"CVE-2014-0322","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Use-After-Free Vulnerability","date_added":"2022-05-04T00:00:00.000000Z","due_date":"2022-05-25T00:00:00.000000Z","known_ransomware":false,"epss":0.85239,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-3906","vendor_project":"Microsoft","product":"Graphics Component","vulnerability_name":"Microsoft Graphics Component Memory Corruption Vulnerability","date_added":"2022-02-15T00:00:00.000000Z","due_date":"2022-08-15T00:00:00.000000Z","known_ransomware":false,"epss":0.84971,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-41265","vendor_project":"Qlik","product":"Sense","vulnerability_name":"Qlik Sense HTTP Tunneling Vulnerability","date_added":"2023-12-07T00:00:00.000000Z","due_date":"2023-12-28T00:00:00.000000Z","known_ransomware":true,"epss":0.84967,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-41266","vendor_project":"Qlik","product":"Sense","vulnerability_name":"Qlik Sense Path Traversal Vulnerability","date_added":"2023-12-07T00:00:00.000000Z","due_date":"2023-12-28T00:00:00.000000Z","known_ransomware":true,"epss":0.84966,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-38950","vendor_project":"ZKTeco","product":"BioTime","vulnerability_name":"ZKTeco BioTime Path Traversal Vulnerability","date_added":"2025-05-19T00:00:00.000000Z","due_date":"2025-06-09T00:00:00.000000Z","known_ransomware":false,"epss":0.8488,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-10758","vendor_project":"MongoDB","product":"mongo-express","vulnerability_name":"MongoDB mongo-express Remote Code Execution Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2022-06-10T00:00:00.000000Z","known_ransomware":false,"epss":0.84845,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-36847","vendor_project":"Juniper","product":"Junos OS","vulnerability_name":"Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability","date_added":"2023-11-13T00:00:00.000000Z","due_date":"2023-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.84692,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-23134","vendor_project":"Zabbix","product":"Frontend","vulnerability_name":"Zabbix Frontend Improper Access Control Vulnerability","date_added":"2022-02-22T00:00:00.000000Z","due_date":"2022-03-08T00:00:00.000000Z","known_ransomware":false,"epss":0.84657,"cvss_score":3.7,"cvss_severity":"LOW"},{"cve_id":"CVE-2026-9082","vendor_project":"Drupal","product":"Core","vulnerability_name":"Drupal Core SQL Injection Vulnerability","date_added":"2026-05-22T00:00:00.000000Z","due_date":"2026-05-27T00:00:00.000000Z","known_ransomware":false,"epss":0.84631,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-28986","vendor_project":"SolarWinds","product":"Web Help Desk","vulnerability_name":"SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability","date_added":"2024-08-15T00:00:00.000000Z","due_date":"2024-09-05T00:00:00.000000Z","known_ransomware":false,"epss":0.84628,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-11581","vendor_project":"Atlassian","product":"Jira Server and Data Center","vulnerability_name":"Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-09-07T00:00:00.000000Z","known_ransomware":false,"epss":0.84621,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-15415","vendor_project":"DrayTek","product":"Multiple Vigor Routers","vulnerability_name":"DrayTek Multiple Vigor Routers OS Command Injection Vulnerability","date_added":"2024-09-30T00:00:00.000000Z","due_date":"2024-10-21T00:00:00.000000Z","known_ransomware":false,"epss":0.84599,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-27924","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability","date_added":"2022-08-04T00:00:00.000000Z","due_date":"2022-08-25T00:00:00.000000Z","known_ransomware":true,"epss":0.84593,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-28949","vendor_project":"PEAR","product":"Archive_Tar","vulnerability_name":"PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.84554,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-42208","vendor_project":"BerriAI","product":"LiteLLM","vulnerability_name":"BerriAI LiteLLM SQL Injection Vulnerability","date_added":"2026-05-08T00:00:00.000000Z","due_date":"2026-05-11T00:00:00.000000Z","known_ransomware":false,"epss":0.84518,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-12641","vendor_project":"Roundcube","product":"Roundcube Webmail","vulnerability_name":"Roundcube Webmail Remote Code Execution Vulnerability","date_added":"2023-06-22T00:00:00.000000Z","due_date":"2023-07-13T00:00:00.000000Z","known_ransomware":false,"epss":0.84456,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-64328","vendor_project":"Sangoma","product":"FreePBX ","vulnerability_name":"Sangoma FreePBX OS Command Injection Vulnerability","date_added":"2026-02-03T00:00:00.000000Z","due_date":"2026-02-24T00:00:00.000000Z","known_ransomware":false,"epss":0.84417,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-38112","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows MSHTML Platform Spoofing Vulnerability","date_added":"2024-07-09T00:00:00.000000Z","due_date":"2024-07-30T00:00:00.000000Z","known_ransomware":false,"epss":0.84345,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-27992","vendor_project":"Zyxel","product":"Multiple Network-Attached Storage (NAS) Devices","vulnerability_name":"Zyxel Multiple NAS Devices Command Injection Vulnerability","date_added":"2023-06-23T00:00:00.000000Z","due_date":"2023-07-14T00:00:00.000000Z","known_ransomware":false,"epss":0.84195,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-0213","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Escalation Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.84138,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-40551","vendor_project":"SolarWinds","product":"Web Help Desk","vulnerability_name":"SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability","date_added":"2026-02-03T00:00:00.000000Z","due_date":"2026-02-06T00:00:00.000000Z","known_ransomware":false,"epss":0.8413,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-24990","vendor_project":"TerraMaster","product":"TerraMaster OS","vulnerability_name":"TerraMaster OS Remote Command Execution Vulnerability","date_added":"2023-02-10T00:00:00.000000Z","due_date":"2023-03-03T00:00:00.000000Z","known_ransomware":true,"epss":0.8405,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-1340","vendor_project":"Ivanti","product":"Endpoint Manager Mobile (EPMM)","vulnerability_name":"Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability","date_added":"2026-04-08T00:00:00.000000Z","due_date":"2026-04-11T00:00:00.000000Z","known_ransomware":false,"epss":0.8404,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-3055","vendor_project":"Citrix","product":"NetScaler","vulnerability_name":"Citrix NetScaler Out-of-Bounds Read Vulnerability","date_added":"2026-03-30T00:00:00.000000Z","due_date":"2026-04-02T00:00:00.000000Z","known_ransomware":false,"epss":0.83996,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-28432","vendor_project":"MinIO","product":"MinIO","vulnerability_name":"MinIO Information Disclosure Vulnerability","date_added":"2023-04-21T00:00:00.000000Z","due_date":"2023-05-12T00:00:00.000000Z","known_ransomware":false,"epss":0.83957,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-5722","vendor_project":"Grandstream","product":"UCM6200","vulnerability_name":"Grandstream Networks UCM6200 Series SQL Injection Vulnerability","date_added":"2022-01-28T00:00:00.000000Z","due_date":"2022-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.83926,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-17463","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Remote Code Execution Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.83898,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-9874","vendor_project":"Sitecore","product":"CMS and Experience Platform (XP)","vulnerability_name":"Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability","date_added":"2025-03-26T00:00:00.000000Z","due_date":"2025-04-16T00:00:00.000000Z","known_ransomware":false,"epss":0.83857,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-11023","vendor_project":"JQuery","product":"JQuery","vulnerability_name":"JQuery Cross-Site Scripting (XSS) Vulnerability","date_added":"2025-01-23T00:00:00.000000Z","due_date":"2025-02-13T00:00:00.000000Z","known_ransomware":false,"epss":0.8383,"cvss_score":6.9,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2015-3035","vendor_project":"TP-Link","product":"Multiple Archer Devices","vulnerability_name":"TP-Link Multiple Archer Devices Directory Traversal Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.83772,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-3161","vendor_project":"Cisco","product":"Cisco IP Phones","vulnerability_name":"Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.83734,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-1889","vendor_project":"Microsoft","product":"XML Core Services","vulnerability_name":"Microsoft XML Core Services Memory Corruption Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.83638,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2009-3953","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.83574,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0193","vendor_project":"Apache","product":"Solr","vulnerability_name":"Apache Solr DataImportHandler Code Injection Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2022-06-10T00:00:00.000000Z","known_ransomware":false,"epss":0.83547,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-5195","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Race Condition Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.83524,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-34026","vendor_project":"Versa","product":"Concerto","vulnerability_name":"Versa Concerto Improper Authentication Vulnerability","date_added":"2026-01-22T00:00:00.000000Z","due_date":"2026-02-12T00:00:00.000000Z","known_ransomware":false,"epss":0.83479,"cvss_score":9.2,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-11317","vendor_project":"Telerik","product":"User Interface (UI) for ASP.NET AJAX","vulnerability_name":"Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability","date_added":"2022-04-11T00:00:00.000000Z","due_date":"2022-05-02T00:00:00.000000Z","known_ransomware":false,"epss":0.83476,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-10174","vendor_project":"NETGEAR","product":"WNR2000v5 Router","vulnerability_name":"NETGEAR WNR2000v5 Router Buffer Overflow Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.8345,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-20021","vendor_project":"SonicWall","product":"SonicWall Email Security","vulnerability_name":"SonicWall Email Security Improper Privilege Management Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.83425,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-1871","vendor_project":"Red Hat","product":"JBoss Seam 2","vulnerability_name":"Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2022-06-10T00:00:00.000000Z","known_ransomware":false,"epss":0.83397,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-3765","vendor_project":"Mozilla","product":"Multiple Products","vulnerability_name":"Mozilla Multiple Products Remote Code Execution Vulnerability","date_added":"2025-10-06T00:00:00.000000Z","due_date":"2025-10-27T00:00:00.000000Z","known_ransomware":false,"epss":0.83279,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-26923","vendor_project":"Microsoft","product":"Active Directory","vulnerability_name":"Microsoft Active Directory Domain Services Privilege Escalation Vulnerability","date_added":"2022-08-18T00:00:00.000000Z","due_date":"2022-09-08T00:00:00.000000Z","known_ransomware":false,"epss":0.83277,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-3992","vendor_project":"VMware","product":"ESXi","vulnerability_name":"VMware ESXi OpenSLP Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.83015,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-14847","vendor_project":"MongoDB","product":"MongoDB and MongoDB Server","vulnerability_name":"MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability","date_added":"2025-12-29T00:00:00.000000Z","due_date":"2026-01-19T00:00:00.000000Z","known_ransomware":false,"epss":0.83007,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-7194","vendor_project":"QNAP","product":"Photo Station","vulnerability_name":"QNAP Photo Station Path Traversal Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":true,"epss":0.82966,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-1187","vendor_project":"D-Link and TRENDnet","product":"Multiple Devices","vulnerability_name":"D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.82863,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-42009","vendor_project":"Roundcube","product":"Webmail","vulnerability_name":"RoundCube Webmail Cross-Site Scripting Vulnerability","date_added":"2025-06-09T00:00:00.000000Z","due_date":"2025-06-30T00:00:00.000000Z","known_ransomware":false,"epss":0.82853,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-0769","vendor_project":"D-Link","product":"DIR-859 Router","vulnerability_name":" D-Link DIR-859 Router Path Traversal Vulnerability","date_added":"2025-06-25T00:00:00.000000Z","due_date":"2025-07-16T00:00:00.000000Z","known_ransomware":false,"epss":0.82714,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-43208","vendor_project":"NextGen Healthcare","product":"Mirth Connect","vulnerability_name":"NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability","date_added":"2024-05-20T00:00:00.000000Z","due_date":"2024-06-10T00:00:00.000000Z","known_ransomware":true,"epss":0.82708,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-27561","vendor_project":"Yealink","product":"Device Management","vulnerability_name":"Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.82516,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-7200","vendor_project":"Microsoft","product":"Edge","vulnerability_name":"Microsoft Edge Memory Corruption Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.8249,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-2883","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.82485,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-1297","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Memory Corruption Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.82296,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-6789","vendor_project":"Exim","product":"Exim","vulnerability_name":"Exim Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.82238,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-0806","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Use-After-Free Vulnerability","date_added":"2026-05-20T00:00:00.000000Z","due_date":"2026-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.82172,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-8957","vendor_project":"PTZOptics","product":"PT30X-SDI\/NDI Cameras","vulnerability_name":"PTZOptics PT30X-SDI\/NDI Cameras OS Command Injection Vulnerability","date_added":"2024-11-04T00:00:00.000000Z","due_date":"2024-11-25T00:00:00.000000Z","known_ransomware":false,"epss":0.81973,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-1331","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Buffer Overflow Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.81877,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-0074","vendor_project":"Microsoft","product":"Silverlight","vulnerability_name":"Microsoft Silverlight Double Dereference Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":true,"epss":0.81868,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2009-4324","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Use-After-Free Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.81863,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-15982","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Use-After-Free Vulnerability","date_added":"2022-02-15T00:00:00.000000Z","due_date":"2022-08-15T00:00:00.000000Z","known_ransomware":true,"epss":0.81844,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-43451","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability","date_added":"2024-11-12T00:00:00.000000Z","due_date":"2024-12-03T00:00:00.000000Z","known_ransomware":false,"epss":0.81817,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2012-4969","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Use-After-Free Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.81716,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-13382","vendor_project":"Fortinet","product":"FortiOS and FortiProxy","vulnerability_name":"Fortinet FortiOS and FortiProxy Improper Authorization","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":true,"epss":0.81691,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-4114","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Object Linking \u0026 Embedding (OLE) Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.81628,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-11826","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.81627,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-40536","vendor_project":"SolarWinds","product":"Web Help Desk","vulnerability_name":"SolarWinds Web Help Desk Security Control Bypass Vulnerability","date_added":"2026-02-12T00:00:00.000000Z","due_date":"2026-02-15T00:00:00.000000Z","known_ransomware":false,"epss":0.81624,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-33053","vendor_project":"Microsoft","product":"Windows","vulnerability_name":" Microsoft Windows External Control of File Name or Path Vulnerability","date_added":"2025-06-10T00:00:00.000000Z","due_date":"2025-07-01T00:00:00.000000Z","known_ransomware":false,"epss":0.81558,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0752","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Type Confusion Vulnerability","date_added":"2022-02-15T00:00:00.000000Z","due_date":"2022-08-15T00:00:00.000000Z","known_ransomware":true,"epss":0.81551,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-4911","vendor_project":"GNU","product":"GNU C Library","vulnerability_name":"GNU C Library Buffer Overflow Vulnerability","date_added":"2023-11-21T00:00:00.000000Z","due_date":"2023-12-12T00:00:00.000000Z","known_ransomware":false,"epss":0.81422,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-1281","vendor_project":"Ivanti","product":"Endpoint Manager Mobile (EPMM)","vulnerability_name":"Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability","date_added":"2026-01-29T00:00:00.000000Z","due_date":"2026-02-01T00:00:00.000000Z","known_ransomware":false,"epss":0.81231,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-26258","vendor_project":"D-Link","product":"DIR-820L","vulnerability_name":"D-Link DIR-820L Remote Code Execution Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":false,"epss":0.81218,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-26411","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.81103,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-1603","vendor_project":"Ivanti","product":" Endpoint Manager (EPM)","vulnerability_name":"Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability","date_added":"2026-03-09T00:00:00.000000Z","due_date":"2026-03-23T00:00:00.000000Z","known_ransomware":false,"epss":0.81089,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-7255","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.80968,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-9621","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2025-07-07T00:00:00.000000Z","due_date":"2025-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.80906,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-21762","vendor_project":"Fortinet","product":"FortiOS","vulnerability_name":"Fortinet FortiOS Out-of-Bound Write Vulnerability","date_added":"2024-02-09T00:00:00.000000Z","due_date":"2024-02-16T00:00:00.000000Z","known_ransomware":true,"epss":0.80835,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-0262","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Remote Code Execution Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.80734,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-48907","vendor_project":"Widget Factory","product":"Joomla Content Editor ","vulnerability_name":"Widget Factory Joomla Content Editor Improper Access Control Vulnerability","date_added":"2026-06-16T00:00:00.000000Z","due_date":"2026-06-19T00:00:00.000000Z","known_ransomware":false,"epss":0.80425,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-0037","vendor_project":"Microsoft","product":"Edge and Internet Explorer","vulnerability_name":"Microsoft Edge and Internet Explorer Type Confusion Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.80386,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-14871","vendor_project":"Oracle","product":"Solaris and Zettabyte File System (ZFS)","vulnerability_name":"Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.80291,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-22952","vendor_project":"SugarCRM","product":"Multiple Products","vulnerability_name":"Multiple SugarCRM Products Remote Code Execution Vulnerability","date_added":"2023-02-02T00:00:00.000000Z","due_date":"2023-02-23T00:00:00.000000Z","known_ransomware":false,"epss":0.80274,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-31955","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Information Disclosure Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.80263,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-42271","vendor_project":"BerriAI","product":"LiteLLM","vulnerability_name":"BerriAI LiteLLM Command Injection Vulnerability","date_added":"2026-06-08T00:00:00.000000Z","due_date":"2026-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.80188,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-3043","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Memory Corruption Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.7983,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-7201","vendor_project":"Microsoft","product":"Edge","vulnerability_name":"Microsoft Edge Memory Corruption Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.79687,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-10987","vendor_project":"Tenda","product":"AC1900 Router AC15 Model","vulnerability_name":"Tenda AC1900 Router AC15 Model Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.79673,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-0738","vendor_project":"Red Hat","product":"JBoss","vulnerability_name":"Red Hat JBoss Authentication Bypass Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":true,"epss":0.79415,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-18809","vendor_project":"TIBCO","product":"JasperReports","vulnerability_name":"TIBCO JasperReports Library Directory Traversal Vulnerability","date_added":"2022-12-29T00:00:00.000000Z","due_date":"2023-01-19T00:00:00.000000Z","known_ransomware":false,"epss":0.79064,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-4810","vendor_project":"Hewlett Packard (HP)","product":"ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management","vulnerability_name":"HP Multiple Products Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.79003,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-34291","vendor_project":"Langflow","product":"Langflow","vulnerability_name":"Langflow Origin Validation Error Vulnerability","date_added":"2026-05-21T00:00:00.000000Z","due_date":"2026-06-04T00:00:00.000000Z","known_ransomware":false,"epss":0.7889,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-4792","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Use-After-Free Vulnerability","date_added":"2024-07-23T00:00:00.000000Z","due_date":"2024-08-13T00:00:00.000000Z","known_ransomware":false,"epss":0.78823,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-6418","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.78808,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22555","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Heap Out-of-Bounds Write Vulnerability","date_added":"2025-10-06T00:00:00.000000Z","due_date":"2025-10-27T00:00:00.000000Z","known_ransomware":false,"epss":0.78684,"cvss_score":8.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-3346","vendor_project":"Adobe","product":"Reader and Acrobat","vulnerability_name":"Adobe Reader and Acrobat Memory Corruption Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.78581,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-34910","vendor_project":"Ubiquiti","product":"UniFi OS","vulnerability_name":"Ubiquiti UniFi OS Improper Input Validation Vulnerability","date_added":"2026-06-23T00:00:00.000000Z","due_date":"2026-06-26T00:00:00.000000Z","known_ransomware":false,"epss":0.78555,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-21975","vendor_project":"VMware","product":"vRealize Operations Manager API","vulnerability_name":"VMware Server Side Request Forgery in vRealize Operations Manager API","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-02-01T00:00:00.000000Z","known_ransomware":true,"epss":0.78435,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-49103","vendor_project":"ownCloud","product":"ownCloud graphapi","vulnerability_name":"ownCloud graphapi Information Disclosure Vulnerability","date_added":"2023-11-30T00:00:00.000000Z","due_date":"2023-12-21T00:00:00.000000Z","known_ransomware":false,"epss":0.78428,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-27351","vendor_project":"PaperCut","product":"NG\/MF","vulnerability_name":"PaperCut NG\/MF Improper Authentication Vulnerability","date_added":"2026-04-20T00:00:00.000000Z","due_date":"2026-05-04T00:00:00.000000Z","known_ransomware":true,"epss":0.7842,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-28799","vendor_project":"QNAP","product":"Network Attached Storage (NAS)","vulnerability_name":"QNAP NAS Improper Authorization Vulnerability","date_added":"2022-03-31T00:00:00.000000Z","due_date":"2022-04-21T00:00:00.000000Z","known_ransomware":true,"epss":0.78395,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-1732","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.78376,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-26318","vendor_project":"WatchGuard","product":"Firebox and XTM Appliances","vulnerability_name":"WatchGuard Firebox and XTM Appliances Arbitrary Code Execution","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.78303,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2011-3402","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Remote Code Execution Vulnerability","date_added":"2025-10-06T00:00:00.000000Z","due_date":"2025-10-27T00:00:00.000000Z","known_ransomware":false,"epss":0.78285,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-24880","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows SmartScreen Security Feature Bypass Vulnerability","date_added":"2023-03-14T00:00:00.000000Z","due_date":"2023-04-04T00:00:00.000000Z","known_ransomware":true,"epss":0.78152,"cvss_score":4.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-0261","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Use-After-Free Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.7813,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-38406","vendor_project":"Delta Electronics","product":"DOPSoft 2","vulnerability_name":"Delta Electronics DOPSoft 2 Improper Input Validation Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.77892,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-1347","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.77889,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-8816","vendor_project":"Pi-hole","product":"AdminLTE","vulnerability_name":"Pi-Hole AdminLTE Remote Code Execution Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2022-06-10T00:00:00.000000Z","known_ransomware":false,"epss":0.77847,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-15949","vendor_project":"Nagios","product":"Nagios XI","vulnerability_name":"Nagios XI Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.77741,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-1761","vendor_project":"Microsoft","product":"Word","vulnerability_name":"Microsoft Word Memory Corruption Vulnerability","date_added":"2022-02-15T00:00:00.000000Z","due_date":"2022-08-15T00:00:00.000000Z","known_ransomware":false,"epss":0.77734,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-27532","vendor_project":"Veeam","product":"Backup \u0026 Replication","vulnerability_name":"Veeam Backup \u0026 Replication Cloud Connect Missing Authentication for Critical Function Vulnerability","date_added":"2023-08-22T00:00:00.000000Z","due_date":"2023-09-12T00:00:00.000000Z","known_ransomware":true,"epss":0.7761,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-6352","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Code Injection Vulnerability","date_added":"2022-02-25T00:00:00.000000Z","due_date":"2022-08-25T00:00:00.000000Z","known_ransomware":false,"epss":0.77553,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-3897","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Use-After-Free Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.77462,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41080","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Privilege Escalation Vulnerability","date_added":"2023-01-10T00:00:00.000000Z","due_date":"2023-01-31T00:00:00.000000Z","known_ransomware":true,"epss":0.77326,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-34192","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","date_added":"2025-02-25T00:00:00.000000Z","due_date":"2025-03-18T00:00:00.000000Z","known_ransomware":false,"epss":0.77266,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-3718","vendor_project":"ImageMagick","product":"ImageMagick","vulnerability_name":"ImageMagick Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.76897,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-15133","vendor_project":"Laravel","product":"Laravel Framework","vulnerability_name":"Laravel Deserialization of Untrusted Data Vulnerability","date_added":"2024-01-16T00:00:00.000000Z","due_date":"2024-02-06T00:00:00.000000Z","known_ransomware":false,"epss":0.76814,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2008-0015","vendor_project":"Microsoft","product":"Windows","vulnerability_name":" Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability","date_added":"2026-02-17T00:00:00.000000Z","due_date":"2026-03-10T00:00:00.000000Z","known_ransomware":false,"epss":0.76647,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-13965","vendor_project":"Roundcube","product":"Webmail","vulnerability_name":"Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability","date_added":"2024-06-26T00:00:00.000000Z","due_date":"2024-07-17T00:00:00.000000Z","known_ransomware":false,"epss":0.76596,"cvss_score":6.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-8110","vendor_project":"Gogs","product":"Gogs","vulnerability_name":"Gogs Path Traversal Vulnerability","date_added":"2026-01-12T00:00:00.000000Z","due_date":"2026-02-02T00:00:00.000000Z","known_ransomware":false,"epss":0.7654,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-7238","vendor_project":"Sonatype","product":"Nexus Repository Manager","vulnerability_name":"Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2022-06-10T00:00:00.000000Z","known_ransomware":false,"epss":0.76526,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-44698","vendor_project":"Microsoft","product":"Defender","vulnerability_name":"Microsoft Defender SmartScreen Security Feature Bypass Vulnerability","date_added":"2022-12-13T00:00:00.000000Z","due_date":"2023-01-03T00:00:00.000000Z","known_ransomware":true,"epss":0.76106,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-30860","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Integer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.75994,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-0016","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows TS WebProxy Directory Traversal Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.7594,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-11357","vendor_project":"Telerik","product":"User Interface (UI) for ASP.NET AJAX","vulnerability_name":"Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability","date_added":"2023-01-26T00:00:00.000000Z","due_date":"2023-02-16T00:00:00.000000Z","known_ransomware":true,"epss":0.75709,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-1003030","vendor_project":"Jenkins","product":"Matrix Project Plugin","vulnerability_name":"Jenkins Matrix Project Plugin Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.75594,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-3715","vendor_project":"ImageMagick","product":"ImageMagick","vulnerability_name":"ImageMagick Arbitrary File Deletion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.75383,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-8298","vendor_project":"ChakraCore","product":"ChakraCore scripting engine","vulnerability_name":"ChakraCore Scripting Engine Type Confusion Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.75339,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-6204","vendor_project":"Dassault Syst\u00e8mes","product":"DELMIA Apriso","vulnerability_name":"Dassault Syst\u00e8mes DELMIA Apriso Code Injection Vulnerability","date_added":"2025-10-28T00:00:00.000000Z","due_date":"2025-11-18T00:00:00.000000Z","known_ransomware":false,"epss":0.75306,"cvss_score":8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-25298","vendor_project":"Nagios","product":"Nagios XI","vulnerability_name":"Nagios XI OS Command Injection","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-02-01T00:00:00.000000Z","known_ransomware":false,"epss":0.75196,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-9248","vendor_project":"Progress","product":"ASP.NET AJAX and Sitefinity","vulnerability_name":"Progress Telerik UI for ASP.NET AJAX and Sitefinity Cryptographic Weakness Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.75098,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-0391","vendor_project":"Apache","product":"Struts 2","vulnerability_name":"Apache Struts 2 Improper Input Validation Vulnerability","date_added":"2022-01-21T00:00:00.000000Z","due_date":"2022-07-21T00:00:00.000000Z","known_ransomware":false,"epss":0.75071,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-44221","vendor_project":"SonicWall","product":"SMA100 Appliances","vulnerability_name":"SonicWall SMA100 Appliances OS Command Injection Vulnerability","date_added":"2025-05-01T00:00:00.000000Z","due_date":"2025-05-22T00:00:00.000000Z","known_ransomware":false,"epss":0.74933,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-0780","vendor_project":"InduSoft","product":"Web Studio","vulnerability_name":"InduSoft Web Studio NTWebServer Directory Traversal Vulnerability","date_added":"2022-04-15T00:00:00.000000Z","due_date":"2022-05-06T00:00:00.000000Z","known_ransomware":false,"epss":0.74548,"cvss_score":7.5,"cvss_severity":null},{"cve_id":"CVE-2019-1458","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":true,"epss":0.74438,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-20123","vendor_project":"DrayTek","product":"VigorConnect","vulnerability_name":"Draytek VigorConnect Path Traversal Vulnerability ","date_added":"2024-09-03T00:00:00.000000Z","due_date":"2024-09-24T00:00:00.000000Z","known_ransomware":false,"epss":0.74279,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-42287","vendor_project":"Microsoft","product":"Active Directory","vulnerability_name":"Microsoft Active Directory Domain Services Privilege Escalation Vulnerability","date_added":"2022-04-11T00:00:00.000000Z","due_date":"2022-05-02T00:00:00.000000Z","known_ransomware":true,"epss":0.74265,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-14667","vendor_project":"Red Hat","product":"JBoss RichFaces Framework","vulnerability_name":"Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability","date_added":"2023-09-28T00:00:00.000000Z","due_date":"2023-10-19T00:00:00.000000Z","known_ransomware":false,"epss":0.74171,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-2551","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Use-After-Free Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.74096,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2005-2773","vendor_project":"Hewlett Packard (HP)","product":"OpenView Network Node Manager","vulnerability_name":"HP OpenView Network Node Manager Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.7409,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-18325","vendor_project":"DotNetNuke (DNN)","product":"DotNetNuke (DNN)","vulnerability_name":"DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.74048,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-15811","vendor_project":"DotNetNuke (DNN)","product":"DotNetNuke (DNN)","vulnerability_name":"DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.74048,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-8414","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Shell Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.73968,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-12991","vendor_project":"Citrix","product":"SD-WAN and NetScaler","vulnerability_name":"Citrix SD-WAN and NetScaler Command Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.73875,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-3918","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Out-of-Bounds Write Vulnerability","date_added":"2025-10-06T00:00:00.000000Z","due_date":"2025-10-27T00:00:00.000000Z","known_ransomware":false,"epss":0.73872,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1003029","vendor_project":"Jenkins","product":"Script Security Plugin","vulnerability_name":"Jenkins Script Security Plugin Sandbox Bypass Vulnerability","date_added":"2022-04-25T00:00:00.000000Z","due_date":"2022-05-16T00:00:00.000000Z","known_ransomware":false,"epss":0.73854,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-8543","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Search Remote Code Execution Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.7376,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-8120","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.73721,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-9978","vendor_project":"WordPress","product":"Social Warfare Plugin","vulnerability_name":"WordPress Social Warfare Plugin Cross-Site Scripting (XSS) Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.73543,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-0824","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability","date_added":"2024-08-05T00:00:00.000000Z","due_date":"2024-08-26T00:00:00.000000Z","known_ransomware":false,"epss":0.73469,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-5631","vendor_project":"Roundcube","product":"Webmail","vulnerability_name":"Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability","date_added":"2023-10-26T00:00:00.000000Z","due_date":"2023-11-16T00:00:00.000000Z","known_ransomware":false,"epss":0.73445,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-40449","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Win32k Privilege Escalation Vulnerability","date_added":"2021-11-17T00:00:00.000000Z","due_date":"2021-12-01T00:00:00.000000Z","known_ransomware":true,"epss":0.73381,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-37383","vendor_project":"Roundcube","product":"Webmail","vulnerability_name":"RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability","date_added":"2024-10-24T00:00:00.000000Z","due_date":"2024-11-14T00:00:00.000000Z","known_ransomware":false,"epss":0.73296,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-47565","vendor_project":"QNAP","product":"VioStor NVR","vulnerability_name":"QNAP VioStor NVR OS Command Injection Vulnerability","date_added":"2023-12-21T00:00:00.000000Z","due_date":"2024-01-11T00:00:00.000000Z","known_ransomware":false,"epss":0.73277,"cvss_score":8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-42258","vendor_project":"BQE","product":"BillQuick Web Suite","vulnerability_name":"BQE BillQuick Web Suite SQL Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.73269,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-13720","vendor_project":"Google","product":"Chrome WebAudio","vulnerability_name":"Google Chrome WebAudio Use-After-Free Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.72977,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-2776","vendor_project":"SysAid","product":"SysAid On-Prem","vulnerability_name":"SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability","date_added":"2025-07-22T00:00:00.000000Z","due_date":"2025-08-12T00:00:00.000000Z","known_ransomware":false,"epss":0.72971,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-5741","vendor_project":"Plex","product":"Media Server","vulnerability_name":"Plex Media Server Remote Code Execution Vulnerability","date_added":"2023-03-10T00:00:00.000000Z","due_date":"2023-03-31T00:00:00.000000Z","known_ransomware":false,"epss":0.72936,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1429","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.72626,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6316","vendor_project":"Citrix","product":"NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server","vulnerability_name":"Citrix Multiple Products Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.72596,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-7841","vendor_project":"Schneider Electric","product":"U.motion Builder","vulnerability_name":"Schneider Electric U.motion Builder SQL Injection Vulnerability","date_added":"2022-04-15T00:00:00.000000Z","due_date":"2022-05-06T00:00:00.000000Z","known_ransomware":false,"epss":0.72486,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-20699","vendor_project":"Cisco","product":"Small Business RV160, RV260, RV340, and RV345 Series Routers","vulnerability_name":"Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.72458,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-1316","vendor_project":"Edimax","product":"IC-7100 IP Camera","vulnerability_name":"Edimax IC-7100 IP Camera OS Command Injection Vulnerability","date_added":"2025-03-19T00:00:00.000000Z","due_date":"2025-04-09T00:00:00.000000Z","known_ransomware":false,"epss":0.7227,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-6334","vendor_project":"NETGEAR","product":"DGN2200 Devices","vulnerability_name":"NETGEAR DGN2200 Devices OS Command Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.72199,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-21509","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Security Feature Bypass Vulnerability","date_added":"2026-01-26T00:00:00.000000Z","due_date":"2026-02-16T00:00:00.000000Z","known_ransomware":false,"epss":0.72152,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2012-1856","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.72119,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-2215","vendor_project":"Android","product":"Android Kernel","vulnerability_name":"Android Kernel Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.72105,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-8540","vendor_project":"Microsoft","product":"Malware Protection Engine","vulnerability_name":"Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.71961,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-4344","vendor_project":"Exim","product":"Exim","vulnerability_name":"Exim Heap-Based Buffer Overflow Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.71794,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-3259","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)","vulnerability_name":"Cisco ASA and FTD Information Disclosure Vulnerability","date_added":"2024-02-15T00:00:00.000000Z","due_date":"2024-03-07T00:00:00.000000Z","known_ransomware":true,"epss":0.71789,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-25296","vendor_project":"Nagios","product":"Nagios XI","vulnerability_name":"Nagios XI OS Command Injection","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-02-01T00:00:00.000000Z","known_ransomware":false,"epss":0.71737,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-2386","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver SQL Injection Vulnerability","date_added":"2022-06-09T00:00:00.000000Z","due_date":"2022-06-30T00:00:00.000000Z","known_ransomware":false,"epss":0.7106,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-3163","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Memory Corruption Vulnerability","date_added":"2023-03-30T00:00:00.000000Z","due_date":"2023-04-20T00:00:00.000000Z","known_ransomware":false,"epss":0.70676,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-36193","vendor_project":"PEAR","product":"Archive_Tar","vulnerability_name":"PEAR Archive_Tar Improper Link Resolution Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.70595,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6736","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.70559,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-2294","vendor_project":"WebRTC","product":"WebRTC","vulnerability_name":"WebRTC Heap Buffer Overflow Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":true,"epss":0.70461,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-21220","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Improper Input Validation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.70435,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-28810","vendor_project":"Zoho","product":"ManageEngine","vulnerability_name":"Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability","date_added":"2023-03-07T00:00:00.000000Z","due_date":"2023-03-28T00:00:00.000000Z","known_ransomware":false,"epss":0.70419,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2012-1535","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Arbitrary Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.70384,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-4495","vendor_project":"Mozilla","product":"Firefox","vulnerability_name":"Mozilla Firefox Security Feature Bypass Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.70226,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-42278","vendor_project":"Microsoft","product":"Active Directory","vulnerability_name":"Microsoft Active Directory Domain Services Privilege Escalation Vulnerability","date_added":"2022-04-11T00:00:00.000000Z","due_date":"2022-05-02T00:00:00.000000Z","known_ransomware":true,"epss":0.70207,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-50751","vendor_project":"Check Point","product":"Security Gateway","vulnerability_name":"Check Point Security Gateway Improper Authentication Vulnerability","date_added":"2026-06-08T00:00:00.000000Z","due_date":"2026-06-11T00:00:00.000000Z","known_ransomware":true,"epss":0.70099,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-4427","vendor_project":"IBM","product":"Data Risk Manager","vulnerability_name":"IBM Data Risk Manager Security Bypass Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.70031,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-0185","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Media Center Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.6994,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-8453","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-01-21T00:00:00.000000Z","due_date":"2022-07-21T00:00:00.000000Z","known_ransomware":true,"epss":0.69833,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-0034","vendor_project":"Microsoft","product":"Silverlight","vulnerability_name":"Microsoft Silverlight Runtime Remote Code Execution Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":true,"epss":0.69709,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-3896","vendor_project":"Microsoft","product":"Silverlight","vulnerability_name":"Microsoft Silverlight Information Disclosure Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.6961,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-20124","vendor_project":"DrayTek","product":"VigorConnect","vulnerability_name":"Draytek VigorConnect Path Traversal Vulnerability ","date_added":"2024-09-03T00:00:00.000000Z","due_date":"2024-09-24T00:00:00.000000Z","known_ransomware":false,"epss":0.69248,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-6205","vendor_project":"Dassault Syst\u00e8mes","product":"DELMIA Apriso","vulnerability_name":"Dassault Syst\u00e8mes DELMIA Apriso Missing Authorization Vulnerability","date_added":"2025-10-28T00:00:00.000000Z","due_date":"2025-11-18T00:00:00.000000Z","known_ransomware":false,"epss":0.69174,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-0938","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.69166,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-1690","vendor_project":"Mozilla","product":"Firefox and Thunderbird","vulnerability_name":"Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.69021,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-3393","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.68684,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-4430","vendor_project":"IBM","product":"Data Risk Manager","vulnerability_name":"IBM Data Risk Manager Directory Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.68544,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-30657","vendor_project":"Apple","product":"macOS","vulnerability_name":"Apple macOS Unspecified Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.68531,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2016-11021","vendor_project":"D-Link","product":"DCS-930L Devices","vulnerability_name":"D-Link DCS-930L Devices OS Command Injection Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.68525,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-7645","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Arbitrary Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.68396,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-30088","vendor_project":"Microsoft","product":"Windows ","vulnerability_name":"Microsoft Windows Kernel TOCTOU Race Condition Vulnerability","date_added":"2024-10-15T00:00:00.000000Z","due_date":"2024-11-05T00:00:00.000000Z","known_ransomware":true,"epss":0.68202,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6077","vendor_project":"NETGEAR","product":"Wireless Router DGN2200","vulnerability_name":"NETGEAR DGN2200 Remote Code Execution Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-09-07T00:00:00.000000Z","known_ransomware":false,"epss":0.68201,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-34713","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability","date_added":"2022-08-09T00:00:00.000000Z","due_date":"2022-08-30T00:00:00.000000Z","known_ransomware":false,"epss":0.6798,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-8651","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Integer Overflow Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.67922,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-18426","vendor_project":"Meta Platforms","product":"WhatsApp","vulnerability_name":"WhatsApp Cross-Site Scripting Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.67859,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-28461","vendor_project":"Array Networks ","product":"AG\/vxAG ArrayOS","vulnerability_name":"Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability","date_added":"2024-11-25T00:00:00.000000Z","due_date":"2024-12-16T00:00:00.000000Z","known_ransomware":true,"epss":0.67645,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2009-0556","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office PowerPoint Code Injection Vulnerability","date_added":"2026-01-07T00:00:00.000000Z","due_date":"2026-01-28T00:00:00.000000Z","known_ransomware":false,"epss":0.67539,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-36934","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows SAM Local Privilege Escalation Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-02-24T00:00:00.000000Z","known_ransomware":false,"epss":0.67252,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-0411","vendor_project":"7-Zip","product":"7-Zip","vulnerability_name":"7-Zip Mark of the Web Bypass Vulnerability","date_added":"2025-02-06T00:00:00.000000Z","due_date":"2025-02-27T00:00:00.000000Z","known_ransomware":false,"epss":0.67071,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2011-0609","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Unspecified Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.66821,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-4657","vendor_project":"Apple","product":"iOS","vulnerability_name":"Apple iOS Webkit Memory Corruption Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.66788,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-58360","vendor_project":"OSGeo","product":"GeoServer","vulnerability_name":"OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability","date_added":"2025-12-11T00:00:00.000000Z","due_date":"2026-01-01T00:00:00.000000Z","known_ransomware":false,"epss":0.66753,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-2729","vendor_project":"Adobe","product":"Reader and Acrobat","vulnerability_name":"Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.66555,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-36942","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.66023,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-0629","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Directory Traversal Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-09-07T00:00:00.000000Z","known_ransomware":false,"epss":0.65902,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-29552","vendor_project":"IETF","product":"Service Location Protocol (SLP)","vulnerability_name":"Service Location Protocol (SLP) Denial-of-Service Vulnerability","date_added":"2023-11-08T00:00:00.000000Z","due_date":"2023-11-29T00:00:00.000000Z","known_ransomware":false,"epss":0.65873,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-0631","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Information Disclosure Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-09-07T00:00:00.000000Z","known_ransomware":false,"epss":0.65867,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-59718","vendor_project":"Fortinet","product":"Multiple Products","vulnerability_name":"Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability","date_added":"2025-12-16T00:00:00.000000Z","due_date":"2025-12-23T00:00:00.000000Z","known_ransomware":false,"epss":0.65825,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-1812","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.65117,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-20337","vendor_project":"Cisco","product":"Identity Services Engine","vulnerability_name":"Cisco Identity Services Engine Injection Vulnerability","date_added":"2025-07-28T00:00:00.000000Z","due_date":"2025-08-18T00:00:00.000000Z","known_ransomware":false,"epss":0.65098,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-1020","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.65037,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0211","vendor_project":"Apache","product":"HTTP Server","vulnerability_name":"Apache HTTP Server Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.65005,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-33073","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows SMB Client Improper Access Control Vulnerability","date_added":"2025-10-20T00:00:00.000000Z","due_date":"2025-11-10T00:00:00.000000Z","known_ransomware":false,"epss":0.64987,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-27877","vendor_project":"Veritas","product":"Backup Exec Agent","vulnerability_name":"Veritas Backup Exec Agent Improper Authentication Vulnerability","date_added":"2023-04-07T00:00:00.000000Z","due_date":"2023-04-28T00:00:00.000000Z","known_ransomware":true,"epss":0.6491,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-7256","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Open Type Font Remote Code Execution Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.64835,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30551","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.64701,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30632","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Out-of-Bounds Write Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.64546,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-32202","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Protection Mechanism Failure Vulnerability","date_added":"2026-04-28T00:00:00.000000Z","due_date":"2026-05-12T00:00:00.000000Z","known_ransomware":false,"epss":0.64095,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2019-8394","vendor_project":"Zoho","product":"ManageEngine","vulnerability_name":"Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.64051,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-4068","vendor_project":"Arcserve","product":"Unified Data Protection (UDP)","vulnerability_name":"Arcserve Unified Data Protection (UDP) Directory Traversal Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.63643,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-35081","vendor_project":"Ivanti","product":"Endpoint Manager Mobile (EPMM)","vulnerability_name":"Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability","date_added":"2023-07-31T00:00:00.000000Z","due_date":"2023-08-21T00:00:00.000000Z","known_ransomware":false,"epss":0.63316,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-4939","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.63304,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-20353","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)","vulnerability_name":"Cisco ASA and FTD Denial of Service Vulnerability","date_added":"2024-04-24T00:00:00.000000Z","due_date":"2024-05-01T00:00:00.000000Z","known_ransomware":false,"epss":0.63272,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-0151","vendor_project":"Microsoft","product":"Client-Server Run-time Subsystem (CSRSS)","vulnerability_name":"Microsoft Windows CSRSS Security Feature Bypass Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.63195,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2009-0563","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Buffer Overflow Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.63081,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-45498","vendor_project":"Microsoft","product":"Defender","vulnerability_name":"Microsoft Defender Denial of Service Vulnerability","date_added":"2026-05-20T00:00:00.000000Z","due_date":"2026-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.63076,"cvss_score":4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-9380","vendor_project":"Ivanti","product":"Cloud Services Appliance (CSA)","vulnerability_name":"Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability","date_added":"2024-10-09T00:00:00.000000Z","due_date":"2024-10-30T00:00:00.000000Z","known_ransomware":false,"epss":0.62988,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-2572","vendor_project":"Microsoft","product":"PowerPoint","vulnerability_name":"Microsoft PowerPoint Buffer Overflow Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.62598,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-11953","vendor_project":"React Native Community","product":"CLI","vulnerability_name":"React Native Community CLI OS Command Injection Vulnerability","date_added":"2026-02-05T00:00:00.000000Z","due_date":"2026-02-26T00:00:00.000000Z","known_ransomware":false,"epss":0.62378,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-1428","vendor_project":"Red Hat","product":"JBoss","vulnerability_name":"Red Hat JBoss Information Disclosure Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":true,"epss":0.62308,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-21529","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability","date_added":"2026-04-13T00:00:00.000000Z","due_date":"2026-04-27T00:00:00.000000Z","known_ransomware":true,"epss":0.62104,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-21445","vendor_project":"Oracle","product":"ADF Faces","vulnerability_name":"Oracle ADF Faces Deserialization of Untrusted Data Vulnerability","date_added":"2024-09-18T00:00:00.000000Z","due_date":"2024-10-09T00:00:00.000000Z","known_ransomware":false,"epss":0.6201,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-0059","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Information Disclosure Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.61968,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-8373","vendor_project":"Microsoft","product":"Internet Explorer Scripting Engine","vulnerability_name":"Microsoft Scripting Engine Memory Corruption Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.61912,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-23113","vendor_project":"Fortinet","product":"Multiple Products","vulnerability_name":"Fortinet Multiple Products Format String Vulnerability","date_added":"2024-10-09T00:00:00.000000Z","due_date":"2024-10-30T00:00:00.000000Z","known_ransomware":false,"epss":0.61725,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-4428","vendor_project":"IBM","product":"Data Risk Manager","vulnerability_name":"IBM Data Risk Manager Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.61692,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-5786","vendor_project":"Google","product":"Chrome Blink","vulnerability_name":"Google Chrome Blink Use-After-Free Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.61537,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-21608","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Use-After-Free Vulnerability","date_added":"2023-10-10T00:00:00.000000Z","due_date":"2023-10-31T00:00:00.000000Z","known_ransomware":false,"epss":0.61475,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-7755","vendor_project":"Juniper","product":"ScreenOS","vulnerability_name":"Juniper ScreenOS Improper Authentication Vulnerability","date_added":"2025-10-02T00:00:00.000000Z","due_date":"2025-10-23T00:00:00.000000Z","known_ransomware":false,"epss":0.614,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-54085","vendor_project":"AMI","product":"MegaRAC SPx","vulnerability_name":"AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability","date_added":"2025-06-25T00:00:00.000000Z","due_date":"2025-07-16T00:00:00.000000Z","known_ransomware":false,"epss":0.61202,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-22991","vendor_project":"F5","product":"BIG-IP Traffic Management Microkernel","vulnerability_name":"F5 BIG-IP Traffic Management Microkernel Buffer Overflow","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-02-01T00:00:00.000000Z","known_ransomware":false,"epss":0.61064,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-7445","vendor_project":"MikroTik","product":"RouterOS","vulnerability_name":"MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":false,"epss":0.61018,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-43572","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Management Console Remote Code Execution Vulnerability","date_added":"2024-10-08T00:00:00.000000Z","due_date":"2024-10-29T00:00:00.000000Z","known_ransomware":false,"epss":0.60954,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-8956","vendor_project":"PTZOptics","product":"PT30X-SDI\/NDI Cameras","vulnerability_name":"PTZOptics PT30X-SDI\/NDI Cameras Authentication Bypass Vulnerability","date_added":"2024-11-04T00:00:00.000000Z","due_date":"2024-11-25T00:00:00.000000Z","known_ransomware":false,"epss":0.60879,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-43468","vendor_project":"Microsoft","product":"Configuration Manager","vulnerability_name":"Microsoft Configuration Manager SQL Injection Vulnerability","date_added":"2026-02-12T00:00:00.000000Z","due_date":"2026-03-05T00:00:00.000000Z","known_ransomware":false,"epss":0.60661,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-20017","vendor_project":"D-Link","product":"DSL-2750B Devices","vulnerability_name":"D-Link DSL-2750B Devices Command Injection Vulnerability","date_added":"2024-01-08T00:00:00.000000Z","due_date":"2024-01-29T00:00:00.000000Z","known_ransomware":false,"epss":0.6043,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-33634","vendor_project":"Aquasecurity","product":"Trivy","vulnerability_name":"Aquasecurity Trivy Embedded Malicious Code Vulnerability","date_added":"2026-03-26T00:00:00.000000Z","due_date":"2026-04-09T00:00:00.000000Z","known_ransomware":false,"epss":0.60368,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-11774","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Outlook Security Feature Bypass Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.59893,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-33742","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.59139,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-37580","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","date_added":"2023-07-27T00:00:00.000000Z","due_date":"2023-08-17T00:00:00.000000Z","known_ransomware":false,"epss":0.59041,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-24054","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability","date_added":"2025-04-17T00:00:00.000000Z","due_date":"2025-05-08T00:00:00.000000Z","known_ransomware":false,"epss":0.58974,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-6065","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Integer Overflow Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.58822,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-31125","vendor_project":"Vite","product":"Vitejs","vulnerability_name":"Vite Vitejs Improper Access Control Vulnerability","date_added":"2026-01-22T00:00:00.000000Z","due_date":"2026-02-12T00:00:00.000000Z","known_ransomware":false,"epss":0.58765,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2009-0557","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Object Record Corruption Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.58551,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-43770","vendor_project":"Roundcube","product":"Webmail","vulnerability_name":"Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability","date_added":"2024-02-12T00:00:00.000000Z","due_date":"2024-03-04T00:00:00.000000Z","known_ransomware":false,"epss":0.58483,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-2746","vendor_project":"Kentico","product":"Xperience CMS","vulnerability_name":"Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability","date_added":"2025-10-20T00:00:00.000000Z","due_date":"2025-11-10T00:00:00.000000Z","known_ransomware":false,"epss":0.58431,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-7262","vendor_project":"Microsoft","product":"Excel","vulnerability_name":"Microsoft Office Security Feature Bypass Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.58204,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-8655","vendor_project":"EyesOfNetwork","product":"EyesOfNetwork","vulnerability_name":"EyesOfNetwork Improper Privilege Management Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.58076,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-7331","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Information Disclosure Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.58023,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-20127","vendor_project":"Cisco","product":"Catalyst SD-WAN Controller and Manager","vulnerability_name":"Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability","date_added":"2026-02-25T00:00:00.000000Z","due_date":"2026-02-27T00:00:00.000000Z","known_ransomware":false,"epss":0.57793,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-21224","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.57736,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-7193","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Memory Corruption Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.57705,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-6549","vendor_project":"Citrix","product":"NetScaler ADC and NetScaler Gateway","vulnerability_name":"Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability","date_added":"2024-01-17T00:00:00.000000Z","due_date":"2024-02-07T00:00:00.000000Z","known_ransomware":false,"epss":0.57633,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-0101","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Transaction Manager Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.57482,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-21551","vendor_project":"Dell","product":"dbutil Driver","vulnerability_name":"Dell dbutil Driver Insufficient Access Control Vulnerability","date_added":"2022-03-31T00:00:00.000000Z","due_date":"2022-04-21T00:00:00.000000Z","known_ransomware":false,"epss":0.57474,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-26919","vendor_project":"NETGEAR","product":"JGS516PE Devices","vulnerability_name":"Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.57195,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-37055","vendor_project":"D-Link","product":"Routers","vulnerability_name":"D-Link Routers Buffer Overflow Vulnerability","date_added":"2025-12-08T00:00:00.000000Z","due_date":"2025-12-29T00:00:00.000000Z","known_ransomware":false,"epss":0.57037,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-29499","vendor_project":"Mitel","product":"MiVoice Connect","vulnerability_name":"Mitel MiVoice Connect Data Validation Vulnerability","date_added":"2022-06-27T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":true,"epss":0.56967,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-27104","vendor_project":"Accellion","product":"FTA","vulnerability_name":"Accellion FTA OS Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.56686,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-47813","vendor_project":"Wing FTP Server","product":"Wing FTP Server","vulnerability_name":"Wing FTP Server Information Disclosure Vulnerability","date_added":"2026-03-16T00:00:00.000000Z","due_date":"2026-03-30T00:00:00.000000Z","known_ransomware":false,"epss":0.56366,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2015-1701","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.562,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-5825","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Out-of-Bounds Write Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.55925,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2019-11708","vendor_project":"Mozilla","product":"Firefox and Thunderbird","vulnerability_name":"Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.55874,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-21882","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-02-04T00:00:00.000000Z","due_date":"2022-02-18T00:00:00.000000Z","known_ransomware":false,"epss":0.55711,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-0984","vendor_project":"Adobe","product":"Flash Player and AIR","vulnerability_name":"Adobe Flash Player and AIR Use-After-Free Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.55375,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-2775","vendor_project":"SysAid","product":"SysAid On-Prem","vulnerability_name":"SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability","date_added":"2025-07-22T00:00:00.000000Z","due_date":"2025-08-12T00:00:00.000000Z","known_ransomware":false,"epss":0.55177,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-0125","vendor_project":"Cisco","product":"VPN Routers","vulnerability_name":"Cisco VPN Routers Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.54763,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2006-1547","vendor_project":"Apache","product":"Struts 1","vulnerability_name":"Apache Struts 1 ActionForm Denial-of-Service Vulnerability","date_added":"2022-01-21T00:00:00.000000Z","due_date":"2022-07-21T00:00:00.000000Z","known_ransomware":false,"epss":0.54635,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-1671","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Remote Code Execution Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.54628,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-58034","vendor_project":"Fortinet","product":"FortiWeb","vulnerability_name":"Fortinet FortiWeb OS Command Injection Vulnerability","date_added":"2025-11-18T00:00:00.000000Z","due_date":"2025-11-25T00:00:00.000000Z","known_ransomware":false,"epss":0.54376,"cvss_score":6.7,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-29557","vendor_project":"D-Link","product":"DIR-825 R1 Devices","vulnerability_name":"D-Link DIR-825 R1 Devices Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.5432,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-38812","vendor_project":"VMware","product":"vCenter Server","vulnerability_name":"VMware vCenter Server Heap-Based Buffer Overflow Vulnerability","date_added":"2024-11-20T00:00:00.000000Z","due_date":"2024-12-11T00:00:00.000000Z","known_ransomware":false,"epss":0.54143,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-20118","vendor_project":"Cisco","product":"Small Business RV Series Routers","vulnerability_name":"Cisco Small Business RV Series Routers Command Injection Vulnerability","date_added":"2025-03-03T00:00:00.000000Z","due_date":"2025-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.53827,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2014-0130","vendor_project":"Rails","product":"Ruby on Rails","vulnerability_name":"Ruby on Rails Directory Traversal Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.53703,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-21971","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Runtime Remote Code Execution Vulnerability","date_added":"2022-08-18T00:00:00.000000Z","due_date":"2022-09-08T00:00:00.000000Z","known_ransomware":false,"epss":0.53655,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22941","vendor_project":"Citrix","product":"ShareFile","vulnerability_name":"Citrix ShareFile Improper Access Control Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.53585,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-45249","vendor_project":"Acronis","product":"Cyber Infrastructure (ACI)","vulnerability_name":"Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability","date_added":"2024-07-29T00:00:00.000000Z","due_date":"2024-08-19T00:00:00.000000Z","known_ransomware":false,"epss":0.53535,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-22175","vendor_project":"GitLab","product":"GitLab","vulnerability_name":"GitLab Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2026-02-18T00:00:00.000000Z","due_date":"2026-03-11T00:00:00.000000Z","known_ransomware":false,"epss":0.53372,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2019-0808","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.53298,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-1642","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Memory Corruption Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.53213,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0541","vendor_project":"Microsoft","product":"MSHTML","vulnerability_name":"Microsoft MSHTML Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.53202,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2012-2539","vendor_project":"Microsoft","product":"Word","vulnerability_name":"Microsoft Word Remote Code Execution Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.53159,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-1054","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.52778,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1367","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.52729,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-25079","vendor_project":"D-Link","product":"DCS-2530L and DCS-2670L Devices","vulnerability_name":"D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability","date_added":"2025-08-05T00:00:00.000000Z","due_date":"2025-08-26T00:00:00.000000Z","known_ransomware":false,"epss":0.52717,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-13272","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Improper Privilege Management Vulnerability","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2022-06-10T00:00:00.000000Z","known_ransomware":false,"epss":0.52199,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-28550","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.52005,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-43461","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows MSHTML Platform Spoofing Vulnerability","date_added":"2024-09-16T00:00:00.000000Z","due_date":"2024-10-07T00:00:00.000000Z","known_ransomware":false,"epss":0.51883,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-21338","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability","date_added":"2024-03-04T00:00:00.000000Z","due_date":"2024-03-25T00:00:00.000000Z","known_ransomware":true,"epss":0.51865,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-2388","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver Information Disclosure Vulnerability","date_added":"2022-06-09T00:00:00.000000Z","due_date":"2022-06-30T00:00:00.000000Z","known_ransomware":false,"epss":0.51553,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-32434","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Integer Overflow Vulnerability","date_added":"2023-06-23T00:00:00.000000Z","due_date":"2023-07-14T00:00:00.000000Z","known_ransomware":false,"epss":0.51517,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-20023","vendor_project":"SonicWall","product":"SonicWall Email Security","vulnerability_name":"SonicWall Email Security Path Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.51407,"cvss_score":4.9,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2015-2502","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Memory Corruption Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.51127,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-14611","vendor_project":"Gladinet","product":"CentreStack and Triofox","vulnerability_name":"Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability","date_added":"2025-12-15T00:00:00.000000Z","due_date":"2026-01-05T00:00:00.000000Z","known_ransomware":false,"epss":0.50949,"cvss_score":7.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2009-1537","vendor_project":"Microsoft","product":"DirectX","vulnerability_name":"Microsoft DirectX NULL Byte Overwrite Vulnerability","date_added":"2026-05-20T00:00:00.000000Z","due_date":"2026-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.50926,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-49897","vendor_project":"FXC","product":"AE1021, AE1021PE","vulnerability_name":"FXC AE1021, AE1021PE OS Command Injection Vulnerability","date_added":"2023-12-21T00:00:00.000000Z","due_date":"2024-01-11T00:00:00.000000Z","known_ransomware":false,"epss":0.50729,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-4148","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Remote Code Execution Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.50703,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-15999","vendor_project":"Google","product":"Chrome FreeType","vulnerability_name":"Google Chrome FreeType Heap Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.5063,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-25181","vendor_project":"Advantive","product":"VeraCore","vulnerability_name":" Advantive VeraCore SQL Injection Vulnerability","date_added":"2025-03-10T00:00:00.000000Z","due_date":"2025-03-31T00:00:00.000000Z","known_ransomware":false,"epss":0.50557,"cvss_score":5.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-38094","vendor_project":"Microsoft","product":"SharePoint","vulnerability_name":"Microsoft SharePoint Deserialization Vulnerability","date_added":"2024-10-22T00:00:00.000000Z","due_date":"2024-11-12T00:00:00.000000Z","known_ransomware":true,"epss":0.49979,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-21182","vendor_project":"Oracle","product":"WebLogic Server","vulnerability_name":"Oracle WebLogic Server Unspecified Vulnerability","date_added":"2026-06-01T00:00:00.000000Z","due_date":"2026-06-04T00:00:00.000000Z","known_ransomware":false,"epss":0.49689,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-23227","vendor_project":"NUUO","product":"NVRmini2 Devices","vulnerability_name":"NUUO NVRmini2 Devices Missing Authentication Vulnerability ","date_added":"2024-12-18T00:00:00.000000Z","due_date":"2025-01-08T00:00:00.000000Z","known_ransomware":false,"epss":0.49431,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-12812","vendor_project":"Fortinet","product":"FortiOS","vulnerability_name":"Fortinet FortiOS SSL VPN Improper Authentication Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.49344,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-4404","vendor_project":"Apple","product":"OS X","vulnerability_name":"Apple OS X Heap-Based Buffer Overflow Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.49049,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-28252","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability","date_added":"2023-04-11T00:00:00.000000Z","due_date":"2023-05-02T00:00:00.000000Z","known_ransomware":true,"epss":0.48973,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-5430","vendor_project":"TIBCO","product":"JasperReports","vulnerability_name":"TIBCO JasperReports Server Information Disclosure Vulnerability","date_added":"2022-12-29T00:00:00.000000Z","due_date":"2023-01-19T00:00:00.000000Z","known_ransomware":false,"epss":0.48753,"cvss_score":7.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-16009","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.48574,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-9715","vendor_project":"Adobe","product":"Acrobat","vulnerability_name":"Adobe Acrobat Use-After-Free Vulnerability","date_added":"2026-04-13T00:00:00.000000Z","due_date":"2026-04-27T00:00:00.000000Z","known_ransomware":false,"epss":0.48441,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2006-2492","vendor_project":"Microsoft","product":"Word","vulnerability_name":"Microsoft Word Malformed Object Pointer Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.48387,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2011-1889","vendor_project":"Microsoft","product":"Forefront Threat Management Gateway (TMG)","vulnerability_name":"Microsoft Forefront TMG Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.48368,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-1646","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Out-of-Bounds Read Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.4811,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-26829","vendor_project":"OpenPLC","product":"ScadaBR","vulnerability_name":"OpenPLC ScadaBR Cross-site Scripting Vulnerability","date_added":"2025-11-28T00:00:00.000000Z","due_date":"2025-12-19T00:00:00.000000Z","known_ransomware":false,"epss":0.4805,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-40407","vendor_project":"Reolink","product":"RLC-410W IP Camera","vulnerability_name":"Reolink RLC-410W IP Camera OS Command Injection Vulnerability ","date_added":"2024-12-18T00:00:00.000000Z","due_date":"2025-01-08T00:00:00.000000Z","known_ransomware":false,"epss":0.47915,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-2094","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Privilege Escalation Vulnerability","date_added":"2022-09-15T00:00:00.000000Z","due_date":"2022-10-06T00:00:00.000000Z","known_ransomware":false,"epss":0.47709,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-4077","vendor_project":"Microsoft","product":"Input Method Editor (IME) Japanese","vulnerability_name":"Microsoft IME Japanese Privilege Escalation Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.47679,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-32463","vendor_project":"Sudo","product":"Sudo","vulnerability_name":"Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability","date_added":"2025-09-29T00:00:00.000000Z","due_date":"2025-10-20T00:00:00.000000Z","known_ransomware":false,"epss":0.47467,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-22893","vendor_project":"Ivanti","product":"Pulse Connect Secure","vulnerability_name":"Ivanti Pulse Connect Secure Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.47172,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-22017","vendor_project":"VMware","product":"vCenter Server","vulnerability_name":"VMware vCenter Server Improper Access Control","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-01-24T00:00:00.000000Z","known_ransomware":false,"epss":0.46715,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2016-3976","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver Directory Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.46605,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-17026","vendor_project":"Mozilla","product":"Firefox and Thunderbird","vulnerability_name":"Mozilla Firefox And Thunderbird Type Confusion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.46589,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-39197","vendor_project":"Fortra","product":"Cobalt Strike","vulnerability_name":"Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability","date_added":"2023-03-30T00:00:00.000000Z","due_date":"2023-04-20T00:00:00.000000Z","known_ransomware":false,"epss":0.46446,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-31196","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Information Disclosure Vulnerability","date_added":"2024-08-21T00:00:00.000000Z","due_date":"2024-09-11T00:00:00.000000Z","known_ransomware":false,"epss":0.4638,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0803","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.4523,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-29988","vendor_project":"Microsoft","product":"SmartScreen Prompt","vulnerability_name":"Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability","date_added":"2024-04-30T00:00:00.000000Z","due_date":"2024-05-21T00:00:00.000000Z","known_ransomware":false,"epss":0.45151,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-2425","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Memory Corruption Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.44851,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-3900","vendor_project":"Microsoft","product":"WinVerifyTrust function","vulnerability_name":"Microsoft WinVerifyTrust function Remote Code Execution","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":false,"epss":0.44647,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2015-2419","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Memory Corruption Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.44537,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-43573","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows MSHTML Platform Spoofing Vulnerability","date_added":"2024-10-08T00:00:00.000000Z","due_date":"2024-10-29T00:00:00.000000Z","known_ransomware":false,"epss":0.44382,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-3493","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Privilege Escalation Vulnerability","date_added":"2022-10-20T00:00:00.000000Z","due_date":"2022-11-10T00:00:00.000000Z","known_ransomware":false,"epss":0.43988,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-9379","vendor_project":"Ivanti","product":"Cloud Services Appliance (CSA)","vulnerability_name":"Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability","date_added":"2024-10-09T00:00:00.000000Z","due_date":"2024-10-30T00:00:00.000000Z","known_ransomware":false,"epss":0.43583,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2016-3235","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office OLE DLL Side Loading Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.43431,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2009-0238","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Remote Code Execution","date_added":"2026-04-14T00:00:00.000000Z","due_date":"2026-04-28T00:00:00.000000Z","known_ransomware":false,"epss":0.43063,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-12271","vendor_project":"Sophos","product":"SFOS","vulnerability_name":"Sophos SFOS SQL Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.43062,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-25297","vendor_project":"Nagios","product":"Nagios XI","vulnerability_name":"Nagios XI OS Command Injection","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-02-01T00:00:00.000000Z","known_ransomware":false,"epss":0.42935,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-44026","vendor_project":"Roundcube","product":"Roundcube Webmail","vulnerability_name":"Roundcube Webmail SQL Injection Vulnerability","date_added":"2023-06-22T00:00:00.000000Z","due_date":"2023-07-13T00:00:00.000000Z","known_ransomware":false,"epss":0.42908,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-16651","vendor_project":"Roundcube","product":"Roundcube Webmail","vulnerability_name":"Roundcube Webmail File Disclosure Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.42831,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6862","vendor_project":"NETGEAR","product":"Multiple Devices","vulnerability_name":"NETGEAR Multiple Devices Buffer Overflow Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.42696,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2017-6737","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.42632,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-0787","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability","date_added":"2022-01-28T00:00:00.000000Z","due_date":"2022-07-28T00:00:00.000000Z","known_ransomware":true,"epss":0.42524,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-16928","vendor_project":"Exim","product":"Exim Internet Mailer","vulnerability_name":"Exim Out-of-bounds Write Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.42482,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-100005","vendor_project":"D-Link","product":"DIR-600 Router","vulnerability_name":"D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability","date_added":"2024-05-16T00:00:00.000000Z","due_date":"2024-06-06T00:00:00.000000Z","known_ransomware":false,"epss":0.42414,"cvss_score":8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2007-0671","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Excel Remote Code Execution Vulnerability","date_added":"2025-08-12T00:00:00.000000Z","due_date":"2025-09-02T00:00:00.000000Z","known_ransomware":false,"epss":0.42139,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-33538","vendor_project":"TP-Link","product":"Multiple Routers","vulnerability_name":"TP-Link Multiple Routers Command Injection Vulnerability","date_added":"2025-06-16T00:00:00.000000Z","due_date":"2025-07-07T00:00:00.000000Z","known_ransomware":false,"epss":0.41874,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-20230","vendor_project":"Cisco","product":"Unified Communications Manager","vulnerability_name":"Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2026-06-25T00:00:00.000000Z","due_date":"2026-06-28T00:00:00.000000Z","known_ransomware":false,"epss":0.41694,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-21999","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Print Spooler Privilege Escalation Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.41683,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2011-1823","vendor_project":"Android","product":"Android OS","vulnerability_name":"Android OS Privilege Escalation Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":false,"epss":0.41634,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-41710","vendor_project":"Mitel","product":"SIP Phones","vulnerability_name":"Mitel SIP Phones Argument Injection Vulnerability","date_added":"2025-02-12T00:00:00.000000Z","due_date":"2025-03-05T00:00:00.000000Z","known_ransomware":false,"epss":0.4161,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-5030","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Memory Corruption Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.41603,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-21674","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability","date_added":"2023-01-10T00:00:00.000000Z","due_date":"2023-01-31T00:00:00.000000Z","known_ransomware":false,"epss":0.41538,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0841","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.414,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22894","vendor_project":"Ivanti","product":"Pulse Connect Secure","vulnerability_name":"Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.41284,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-1464","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Spoofing Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.41131,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-30066","vendor_project":"tj-actions","product":"changed-files GitHub Action","vulnerability_name":"tj-actions\/changed-files GitHub Action Embedded Malicious Code Vulnerability","date_added":"2025-03-18T00:00:00.000000Z","due_date":"2025-04-08T00:00:00.000000Z","known_ransomware":false,"epss":0.41008,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-29336","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32K Privilege Escalation Vulnerability","date_added":"2023-05-09T00:00:00.000000Z","due_date":"2023-05-30T00:00:00.000000Z","known_ransomware":false,"epss":0.40919,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-2033","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2023-04-17T00:00:00.000000Z","due_date":"2023-05-08T00:00:00.000000Z","known_ransomware":false,"epss":0.40798,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-0666","vendor_project":"Cisco","product":"Prime Data Center Network Manager (DCNM)","vulnerability_name":"Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.40608,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-4990","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Double Free Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.40537,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-20333","vendor_project":"Cisco","product":"Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense","vulnerability_name":"Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability","date_added":"2025-09-25T00:00:00.000000Z","due_date":"2025-09-26T00:00:00.000000Z","known_ransomware":false,"epss":0.40391,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-4123","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Privilege Escalation Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.40289,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-0496","vendor_project":"Adobe","product":"Reader and Acrobat","vulnerability_name":"Adobe Reader and Acrobat Use-After-Free Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.40243,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-20016","vendor_project":"SonicWall","product":"SSLVPN SMA100","vulnerability_name":"SonicWall SSLVPN SMA100 SQL Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.40038,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-27860","vendor_project":"FatPipe","product":"WARP, IPVPN, and MPVPN software","vulnerability_name":"FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-01-24T00:00:00.000000Z","known_ransomware":false,"epss":0.39824,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-6282","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Improper Input Validation Vulnerability","date_added":"2022-09-15T00:00:00.000000Z","due_date":"2022-10-06T00:00:00.000000Z","known_ransomware":false,"epss":0.39711,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-1647","vendor_project":"Microsoft","product":"Defender","vulnerability_name":"Microsoft Defender Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.39653,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-3660","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.39578,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-38178","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Scripting Engine Memory Corruption Vulnerability","date_added":"2024-08-13T00:00:00.000000Z","due_date":"2024-09-03T00:00:00.000000Z","known_ransomware":false,"epss":0.39457,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1579","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Remote Code Execution Vulnerability","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":true,"epss":0.39317,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-3568","vendor_project":"Meta Platforms","product":"WhatsApp","vulnerability_name":"WhatsApp VOIP Stack Buffer Overflow Vulnerability","date_added":"2022-04-19T00:00:00.000000Z","due_date":"2022-05-10T00:00:00.000000Z","known_ransomware":false,"epss":0.39166,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-26828","vendor_project":"OpenPLC","product":"ScadaBR","vulnerability_name":"OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability","date_added":"2025-12-03T00:00:00.000000Z","due_date":"2025-12-24T00:00:00.000000Z","known_ransomware":false,"epss":0.39096,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-2424","vendor_project":"Microsoft","product":"PowerPoint","vulnerability_name":"Microsoft PowerPoint Memory Corruption Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.38497,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-11001","vendor_project":"Reolink","product":"Multiple IP Cameras","vulnerability_name":"Reolink Multiple IP Cameras OS Command Injection Vulnerability","date_added":"2024-12-18T00:00:00.000000Z","due_date":"2025-01-08T00:00:00.000000Z","known_ransomware":false,"epss":0.38369,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-13374","vendor_project":"Fortinet","product":"FortiOS and FortiADC","vulnerability_name":"Fortinet FortiOS and FortiADC Improper Access Control Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":true,"epss":0.38088,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-4762","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2024-02-06T00:00:00.000000Z","due_date":"2024-02-27T00:00:00.000000Z","known_ransomware":false,"epss":0.37987,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-11707","vendor_project":"Mozilla","product":"Firefox and Thunderbird","vulnerability_name":"Mozilla Firefox and Thunderbird Type Confusion Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.37951,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6884","vendor_project":"Zyxel","product":"EMG2926 Routers","vulnerability_name":"Zyxel EMG2926 Routers Command Injection Vulnerability","date_added":"2023-09-18T00:00:00.000000Z","due_date":"2023-10-09T00:00:00.000000Z","known_ransomware":true,"epss":0.37634,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-20352","vendor_project":"Cisco","product":"IOS and IOS XE","vulnerability_name":"Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability","date_added":"2025-09-29T00:00:00.000000Z","due_date":"2025-10-20T00:00:00.000000Z","known_ransomware":false,"epss":0.37613,"cvss_score":7.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-55550","vendor_project":"Mitel","product":"MiCollab","vulnerability_name":"Mitel MiCollab Path Traversal Vulnerability","date_added":"2025-01-07T00:00:00.000000Z","due_date":"2025-01-28T00:00:00.000000Z","known_ransomware":true,"epss":0.375,"cvss_score":4.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2014-3153","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Privilege Escalation Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.37233,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-22960","vendor_project":"VMware","product":"Multiple Products","vulnerability_name":"VMware Multiple Products Privilege Escalation Vulnerability","date_added":"2022-04-15T00:00:00.000000Z","due_date":"2022-05-06T00:00:00.000000Z","known_ransomware":false,"epss":0.37171,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-0099","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.37164,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-38163","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver Unrestricted File Upload Vulnerability","date_added":"2022-06-09T00:00:00.000000Z","due_date":"2022-06-30T00:00:00.000000Z","known_ransomware":false,"epss":0.37149,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2008-0655","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Unspecified Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.36844,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-10221","vendor_project":"rConfig","product":"rConfig","vulnerability_name":"rConfig OS Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.36754,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-2387","vendor_project":"Microsoft","product":"ATM Font Driver","vulnerability_name":"Microsoft ATM Font Driver Privilege Escalation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.36738,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-19006","vendor_project":"Sangoma","product":"FreePBX","vulnerability_name":" Sangoma FreePBX Improper Authentication Vulnerability","date_added":"2026-02-03T00:00:00.000000Z","due_date":"2026-02-24T00:00:00.000000Z","known_ransomware":false,"epss":0.36615,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-17144","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.36514,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-38003","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.36238,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-0300","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability","date_added":"2026-05-06T00:00:00.000000Z","due_date":"2026-05-09T00:00:00.000000Z","known_ransomware":false,"epss":0.36157,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-31199","vendor_project":"Netwrix","product":"Auditor","vulnerability_name":"Netwrix Auditor Insecure Object Deserialization Vulnerability","date_added":"2023-07-11T00:00:00.000000Z","due_date":"2023-08-01T00:00:00.000000Z","known_ransomware":true,"epss":0.36152,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-5735","vendor_project":"Amcrest","product":"Cameras and Network Video Recorder (NVR)","vulnerability_name":"Amcrest Cameras and NVR Stack-based Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.35643,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6327","vendor_project":"Symantec","product":"Symantec Messaging Gateway","vulnerability_name":"Symantec Messaging Gateway Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.35341,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-1770","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Uninitialized Memory Use Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.35105,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-5065","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.34893,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-37975","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.34887,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-5198","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Out-of-Bounds Memory Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.34703,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-6973","vendor_project":"Ivanti","product":"Endpoint Manager Mobile (EPMM)","vulnerability_name":"Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability","date_added":"2026-05-07T00:00:00.000000Z","due_date":"2026-05-10T00:00:00.000000Z","known_ransomware":false,"epss":0.34454,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-5330","vendor_project":"Ubiquiti","product":"AirOS","vulnerability_name":"Ubiquiti AirOS Command Injection Vulnerability","date_added":"2022-04-15T00:00:00.000000Z","due_date":"2022-05-06T00:00:00.000000Z","known_ransomware":false,"epss":0.34401,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-5217","vendor_project":"Google","product":"Chromium libvpx","vulnerability_name":"Google Chromium libvpx Heap Buffer Overflow Vulnerability","date_added":"2023-10-02T00:00:00.000000Z","due_date":"2023-10-23T00:00:00.000000Z","known_ransomware":false,"epss":0.34401,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-17480","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Out-of-Bounds Write Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.34292,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-2509","vendor_project":"QNAP","product":"QNAP Network-Attached Storage (NAS)","vulnerability_name":"QNAP Network-Attached Storage (NAS) Command Injection Vulnerability","date_added":"2022-04-11T00:00:00.000000Z","due_date":"2022-05-02T00:00:00.000000Z","known_ransomware":false,"epss":0.34168,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-13383","vendor_project":"Fortinet","product":"FortiOS and FortiProxy","vulnerability_name":"Fortinet FortiOS and FortiProxy Out-of-bounds Write","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":true,"epss":0.33647,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2015-0071","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer ASLR Bypass Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.33581,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2013-5223","vendor_project":"D-Link","product":"DSL-2760U","vulnerability_name":"D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.33567,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2016-4655","vendor_project":"Apple","product":"iOS","vulnerability_name":"Apple iOS Information Disclosure Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.33353,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-8195","vendor_project":"Citrix","product":"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance","vulnerability_name":"Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.33263,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-35730","vendor_project":"Roundcube","product":"Roundcube Webmail","vulnerability_name":"Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability","date_added":"2023-06-22T00:00:00.000000Z","due_date":"2023-07-13T00:00:00.000000Z","known_ransomware":false,"epss":0.32823,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2016-3298","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.3279,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-8218","vendor_project":"Pulse Secure","product":"Pulse Connect Secure","vulnerability_name":"Pulse Connect Secure Code Injection Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-09-07T00:00:00.000000Z","known_ransomware":false,"epss":0.32739,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-3079","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2023-06-07T00:00:00.000000Z","due_date":"2023-06-28T00:00:00.000000Z","known_ransomware":false,"epss":0.32724,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30633","vendor_project":"Google","product":"Chromium Indexed DB API","vulnerability_name":"Google Chromium Indexed DB API Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.32657,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-9680","vendor_project":"Mozilla","product":"Firefox","vulnerability_name":"Mozilla Firefox Use-After-Free Vulnerability","date_added":"2024-10-15T00:00:00.000000Z","due_date":"2024-11-05T00:00:00.000000Z","known_ransomware":true,"epss":0.32568,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2013-0641","vendor_project":"Adobe","product":"Reader","vulnerability_name":"Adobe Reader Buffer Overflow Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.32449,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-36874","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability","date_added":"2023-07-11T00:00:00.000000Z","due_date":"2023-08-01T00:00:00.000000Z","known_ransomware":false,"epss":0.32309,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-39780","vendor_project":"ASUS","product":"RT-AX55 Routers","vulnerability_name":"ASUS RT-AX55 Routers OS Command Injection Vulnerability","date_added":"2025-06-02T00:00:00.000000Z","due_date":"2025-06-23T00:00:00.000000Z","known_ransomware":false,"epss":0.3216,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-42292","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Excel Security Feature Bypass","date_added":"2021-11-17T00:00:00.000000Z","due_date":"2021-12-01T00:00:00.000000Z","known_ransomware":false,"epss":0.31949,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-27852","vendor_project":"Checkbox","product":"Checkbox Survey","vulnerability_name":"Checkbox Survey Deserialization of Untrusted Data Vulnerability","date_added":"2022-04-11T00:00:00.000000Z","due_date":"2022-05-02T00:00:00.000000Z","known_ransomware":false,"epss":0.31946,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-26633","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability","date_added":"2025-03-11T00:00:00.000000Z","due_date":"2025-04-01T00:00:00.000000Z","known_ransomware":true,"epss":0.31894,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-4135","vendor_project":"Google","product":"Chromium GPU","vulnerability_name":"Google Chromium GPU Heap Buffer Overflow Vulnerability","date_added":"2022-11-28T00:00:00.000000Z","due_date":"2022-12-19T00:00:00.000000Z","known_ransomware":false,"epss":0.31864,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-68645","vendor_project":"Synacor","product":" Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability","date_added":"2026-01-22T00:00:00.000000Z","due_date":"2026-02-12T00:00:00.000000Z","known_ransomware":false,"epss":0.31769,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2011-2005","vendor_project":"Microsoft","product":"Ancillary Function Driver (afd.sys)","vulnerability_name":"Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.31761,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-32756","vendor_project":"Fortinet","product":"Multiple Products","vulnerability_name":"Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability","date_added":"2025-05-14T00:00:00.000000Z","due_date":"2025-06-04T00:00:00.000000Z","known_ransomware":false,"epss":0.31419,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-4523","vendor_project":"Trihedral","product":"VTScada (formerly VTS)","vulnerability_name":"Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability","date_added":"2022-04-15T00:00:00.000000Z","due_date":"2022-05-06T00:00:00.000000Z","known_ransomware":false,"epss":0.31392,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-40799","vendor_project":"D-Link","product":"DNR-322L","vulnerability_name":"D-Link DNR-322L Download of Code Without Integrity Check Vulnerability","date_added":"2025-08-05T00:00:00.000000Z","due_date":"2025-08-26T00:00:00.000000Z","known_ransomware":false,"epss":0.31328,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-5070","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.31212,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-20963","vendor_project":"Microsoft","product":"SharePoint","vulnerability_name":"Microsoft SharePoint Deserialization of Untrusted Data Vulnerability","date_added":"2026-03-18T00:00:00.000000Z","due_date":"2026-03-21T00:00:00.000000Z","known_ransomware":false,"epss":0.31109,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-24682","vendor_project":"Synacor","product":"Zimbra Collaborate Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability","date_added":"2022-02-25T00:00:00.000000Z","due_date":"2022-03-11T00:00:00.000000Z","known_ransomware":true,"epss":0.3106,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-34448","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Scripting Engine Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.3067,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-39935","vendor_project":"GitLab","product":"Community and Enterprise Editions","vulnerability_name":"GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2026-02-03T00:00:00.000000Z","due_date":"2026-02-24T00:00:00.000000Z","known_ransomware":false,"epss":0.30496,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-57968","vendor_project":"Advantive","product":"VeraCore","vulnerability_name":"Advantive VeraCore Unrestricted File Upload Vulnerability","date_added":"2025-03-10T00:00:00.000000Z","due_date":"2025-03-31T00:00:00.000000Z","known_ransomware":false,"epss":0.30477,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-21351","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows SmartScreen Security Feature Bypass Vulnerability","date_added":"2024-02-13T00:00:00.000000Z","due_date":"2024-03-05T00:00:00.000000Z","known_ransomware":false,"epss":0.30344,"cvss_score":7.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-13608","vendor_project":"Citrix","product":"StoreFront Server","vulnerability_name":"Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.3026,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-20028","vendor_project":"SonicWall","product":"Secure Remote Access (SRA)","vulnerability_name":"SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.30084,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-0968","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.30018,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1405","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.2995,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-8653","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.29822,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-0222","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Remote Code Execution Vulnerability","date_added":"2022-02-25T00:00:00.000000Z","due_date":"2022-08-25T00:00:00.000000Z","known_ransomware":false,"epss":0.29645,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-15752","vendor_project":"Docker","product":"Desktop Community Edition","vulnerability_name":"Docker Desktop Community Edition Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.29628,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-20753","vendor_project":"Kaseya","product":"Virtual System\/Server Administrator (VSA)","vulnerability_name":"Kaseya VSA Remote Code Execution Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":true,"epss":0.29551,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-0232","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Exception Handler Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.29253,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-2533","vendor_project":"PaperCut","product":"NG\/MF","vulnerability_name":"PaperCut NG\/MF Cross-Site Request Forgery (CSRF) Vulnerability","date_added":"2025-07-28T00:00:00.000000Z","due_date":"2025-08-18T00:00:00.000000Z","known_ransomware":false,"epss":0.29246,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-2380","vendor_project":"SAP","product":"Customer Relationship Management (CRM)","vulnerability_name":"SAP Customer Relationship Management (CRM) Path Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.29229,"cvss_score":6.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-0149","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Memory Corruption Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.29189,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-41993","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Code Execution Vulnerability","date_added":"2023-09-25T00:00:00.000000Z","due_date":"2023-10-16T00:00:00.000000Z","known_ransomware":false,"epss":0.29179,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-20393","vendor_project":"Cisco","product":"Multiple Products","vulnerability_name":"Cisco Multiple Products Improper Input Validation Vulnerability","date_added":"2025-12-17T00:00:00.000000Z","due_date":"2025-12-24T00:00:00.000000Z","known_ransomware":false,"epss":0.2906,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-30807","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.28839,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-33010","vendor_project":"Zyxel","product":"Multiple Firewalls","vulnerability_name":"Zyxel Multiple Firewalls Buffer Overflow Vulnerability","date_added":"2023-06-05T00:00:00.000000Z","due_date":"2023-06-26T00:00:00.000000Z","known_ransomware":false,"epss":0.28813,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-11120","vendor_project":"GeoVision","product":"Multiple Devices","vulnerability_name":"GeoVision Devices OS Command Injection Vulnerability","date_added":"2025-05-07T00:00:00.000000Z","due_date":"2025-05-28T00:00:00.000000Z","known_ransomware":false,"epss":0.28554,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-37969","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability","date_added":"2022-09-14T00:00:00.000000Z","due_date":"2022-10-05T00:00:00.000000Z","known_ransomware":false,"epss":0.28483,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-3153","vendor_project":"Cisco","product":"AnyConnect Secure","vulnerability_name":"Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability","date_added":"2022-10-24T00:00:00.000000Z","due_date":"2022-11-14T00:00:00.000000Z","known_ransomware":true,"epss":0.28307,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-33009","vendor_project":"Zyxel","product":"Multiple Firewalls","vulnerability_name":"Zyxel Multiple Firewalls Buffer Overflow Vulnerability","date_added":"2023-06-05T00:00:00.000000Z","due_date":"2023-06-26T00:00:00.000000Z","known_ransomware":false,"epss":0.28144,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-1086","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Use-After-Free Vulnerability","date_added":"2024-05-30T00:00:00.000000Z","due_date":"2024-06-20T00:00:00.000000Z","known_ransomware":true,"epss":0.28058,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-4063","vendor_project":"Sierra Wireless","product":"AirLink ALEOS","vulnerability_name":"Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability","date_added":"2025-12-12T00:00:00.000000Z","due_date":"2026-01-02T00:00:00.000000Z","known_ransomware":false,"epss":0.28056,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-19356","vendor_project":"Netis","product":"WF2419 Devices","vulnerability_name":"Netis WF2419 Devices Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.27962,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-38193","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability","date_added":"2024-08-13T00:00:00.000000Z","due_date":"2024-09-03T00:00:00.000000Z","known_ransomware":false,"epss":0.27561,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-8581","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Privilege Escalation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":true,"epss":0.27558,"cvss_score":7.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-20131","vendor_project":"Cisco","product":"Secure Firewall Management Center (FMC)","vulnerability_name":"Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability","date_added":"2026-03-19T00:00:00.000000Z","due_date":"2026-03-22T00:00:00.000000Z","known_ransomware":true,"epss":0.27551,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-45247","vendor_project":"Mirasvit","product":"Mirasvit Full Page Cache Warmer","vulnerability_name":"Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability","date_added":"2026-06-03T00:00:00.000000Z","due_date":"2026-06-06T00:00:00.000000Z","known_ransomware":false,"epss":0.27546,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-0994","vendor_project":"Trimble","product":"Cityworks","vulnerability_name":"Trimble Cityworks Deserialization Vulnerability","date_added":"2025-02-07T00:00:00.000000Z","due_date":"2025-02-28T00:00:00.000000Z","known_ransomware":false,"epss":0.27426,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-28205","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Use-After-Free Vulnerability","date_added":"2023-04-10T00:00:00.000000Z","due_date":"2023-05-01T00:00:00.000000Z","known_ransomware":false,"epss":0.27076,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-4978","vendor_project":"Justice AV Solutions","product":"Viewer ","vulnerability_name":"Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability","date_added":"2024-05-29T00:00:00.000000Z","due_date":"2024-06-19T00:00:00.000000Z","known_ransomware":false,"epss":0.26937,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-5135","vendor_project":"SonicWall","product":"SonicOS","vulnerability_name":"SonicWall SonicOS Buffer Overflow Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":false,"epss":0.26869,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-37085","vendor_project":"VMware","product":"ESXi","vulnerability_name":"VMware ESXi Authentication Bypass Vulnerability","date_added":"2024-07-30T00:00:00.000000Z","due_date":"2024-08-20T00:00:00.000000Z","known_ransomware":true,"epss":0.2677,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-3393","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability","date_added":"2024-12-30T00:00:00.000000Z","due_date":"2025-01-20T00:00:00.000000Z","known_ransomware":false,"epss":0.26636,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-3931","vendor_project":"Looking Glass","product":"Multi-Router Looking Glass (MRLG)","vulnerability_name":"Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability","date_added":"2025-07-07T00:00:00.000000Z","due_date":"2025-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.26572,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-21166","vendor_project":"Google","product":"Chromium","vulnerability_name":"Google Chromium Race Condition Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.26525,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-2817","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Privilege Escalation Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.26349,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-8196","vendor_project":"Citrix","product":"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance","vulnerability_name":"Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.26333,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-53690","vendor_project":"Sitecore","product":"Multiple Products","vulnerability_name":"Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability","date_added":"2025-09-04T00:00:00.000000Z","due_date":"2025-09-25T00:00:00.000000Z","known_ransomware":false,"epss":0.26308,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-3351","vendor_project":"Microsoft","product":"Internet Explorer and Edge","vulnerability_name":"Microsoft Internet Explorer and Edge Information Disclosure Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":true,"epss":0.26286,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-36802","vendor_project":"Microsoft","product":"Streaming Service Proxy","vulnerability_name":"Microsoft Streaming Service Proxy Privilege Escalation Vulnerability","date_added":"2023-09-12T00:00:00.000000Z","due_date":"2023-10-03T00:00:00.000000Z","known_ransomware":false,"epss":0.261,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-27363","vendor_project":"FreeType","product":"FreeType","vulnerability_name":"FreeType Out-of-Bounds Write Vulnerability","date_added":"2025-05-06T00:00:00.000000Z","due_date":"2025-05-27T00:00:00.000000Z","known_ransomware":false,"epss":0.26049,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-21510","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Shell Protection Mechanism Failure Vulnerability","date_added":"2026-02-10T00:00:00.000000Z","due_date":"2026-03-03T00:00:00.000000Z","known_ransomware":false,"epss":0.25835,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-2590","vendor_project":"Oracle","product":"Java SE","vulnerability_name":"Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.25714,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-22506","vendor_project":"Micro Focus","product":"Micro Focus Access Manager","vulnerability_name":"Micro Focus Access Manager Information Leakage Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.25695,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22681","vendor_project":"Rockwell","product":"Multiple Products","vulnerability_name":"Rockwell Multiple Products Insufficient Protected Credentials Vulnerability","date_added":"2026-03-05T00:00:00.000000Z","due_date":"2026-03-26T00:00:00.000000Z","known_ransomware":false,"epss":0.25455,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-49138","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability","date_added":"2024-12-10T00:00:00.000000Z","due_date":"2024-12-31T00:00:00.000000Z","known_ransomware":false,"epss":0.25414,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-5002","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Stack-based Buffer Overflow Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.25353,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-20245","vendor_project":"Cisco","product":"Catalyst SD-WAN Manager","vulnerability_name":"Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability","date_added":"2026-06-09T00:00:00.000000Z","due_date":"2026-06-23T00:00:00.000000Z","known_ransomware":false,"epss":0.25323,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-35250","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability ","date_added":"2024-12-16T00:00:00.000000Z","due_date":"2025-01-06T00:00:00.000000Z","known_ransomware":false,"epss":0.25222,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-7855","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Use-After-Free Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.25198,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-0185","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Heap-Based Buffer Overflow Vulnerability","date_added":"2024-08-21T00:00:00.000000Z","due_date":"2024-09-11T00:00:00.000000Z","known_ransomware":false,"epss":0.25151,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-18187","vendor_project":"Trend Micro","product":"OfficeScan","vulnerability_name":"Trend Micro OfficeScan Directory Traversal Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.25125,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2009-1862","vendor_project":"Adobe","product":"Acrobat and Reader, Flash Player","vulnerability_name":"Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.25006,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41128","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Scripting Languages Remote Code Execution Vulnerability","date_added":"2022-11-08T00:00:00.000000Z","due_date":"2022-12-09T00:00:00.000000Z","known_ransomware":false,"epss":0.24808,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-3038","vendor_project":"Google","product":"Chromium Network Service","vulnerability_name":"Google Chromium Network Service Use-After-Free Vulnerability","date_added":"2023-03-30T00:00:00.000000Z","due_date":"2023-04-20T00:00:00.000000Z","known_ransomware":false,"epss":0.24738,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-48365","vendor_project":"Qlik","product":"Sense","vulnerability_name":"Qlik Sense HTTP Tunneling Vulnerability","date_added":"2025-01-13T00:00:00.000000Z","due_date":"2025-02-03T00:00:00.000000Z","known_ransomware":true,"epss":0.24676,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-0040","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.24554,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-28206","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability","date_added":"2023-04-10T00:00:00.000000Z","due_date":"2023-05-01T00:00:00.000000Z","known_ransomware":false,"epss":0.24513,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-19949","vendor_project":"QNAP","product":"Network Attached Storage (NAS)","vulnerability_name":"QNAP NAS File Station Command Injection Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":true,"epss":0.24449,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-1096","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.24237,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-0502","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Double Free Vulnerablity","date_added":"2024-09-17T00:00:00.000000Z","due_date":"2024-10-08T00:00:00.000000Z","known_ransomware":false,"epss":0.24204,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-1380","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.24188,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-32201","vendor_project":"Microsoft","product":"SharePoint Server","vulnerability_name":"Microsoft SharePoint Server Improper Input Validation Vulnerability","date_added":"2026-04-14T00:00:00.000000Z","due_date":"2026-04-28T00:00:00.000000Z","known_ransomware":false,"epss":0.24172,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-4632","vendor_project":"Samsung","product":"MagicINFO 9 Server","vulnerability_name":"Samsung MagicINFO 9 Server Path Traversal Vulnerability","date_added":"2025-05-22T00:00:00.000000Z","due_date":"2025-06-12T00:00:00.000000Z","known_ransomware":false,"epss":0.23953,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-27878","vendor_project":"Veritas","product":"Backup Exec Agent","vulnerability_name":"Veritas Backup Exec Agent Command Execution Vulnerability","date_added":"2023-04-07T00:00:00.000000Z","due_date":"2023-04-28T00:00:00.000000Z","known_ransomware":true,"epss":0.23952,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-19953","vendor_project":"QNAP","product":"Network Attached Storage (NAS)","vulnerability_name":"QNAP NAS File Station Cross-Site Scripting Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":true,"epss":0.23894,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2016-9563","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver XML External Entity (XXE) Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.23805,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-32439","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Type Confusion Vulnerability","date_added":"2023-06-23T00:00:00.000000Z","due_date":"2023-07-14T00:00:00.000000Z","known_ransomware":false,"epss":0.23788,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-4006","vendor_project":"VMware","product":"Multiple Products","vulnerability_name":"Multiple VMware Products Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.23771,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-6882","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","date_added":"2022-04-19T00:00:00.000000Z","due_date":"2022-05-10T00:00:00.000000Z","known_ransomware":true,"epss":0.23717,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2016-4656","vendor_project":"Apple","product":"iOS","vulnerability_name":"Apple iOS Memory Corruption Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.23626,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-0609","vendor_project":"Google","product":"Chromium Animation","vulnerability_name":"Google Chromium Animation Use-After-Free Vulnerability","date_added":"2022-02-15T00:00:00.000000Z","due_date":"2022-03-01T00:00:00.000000Z","known_ransomware":false,"epss":0.23546,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-23006","vendor_project":"SonicWall","product":"SMA1000 Appliances","vulnerability_name":"SonicWall SMA1000 Appliances Deserialization Vulnerability","date_added":"2025-01-24T00:00:00.000000Z","due_date":"2025-02-14T00:00:00.000000Z","known_ransomware":true,"epss":0.23432,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-32435","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Memory Corruption Vulnerability","date_added":"2023-06-23T00:00:00.000000Z","due_date":"2023-07-14T00:00:00.000000Z","known_ransomware":false,"epss":0.22951,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-6367","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA)","vulnerability_name":"Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.22583,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-1019","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Arbitrary Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.22487,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-0196","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Race Condition Vulnerability","date_added":"2023-05-12T00:00:00.000000Z","due_date":"2023-06-02T00:00:00.000000Z","known_ransomware":false,"epss":0.22475,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2015-5317","vendor_project":"Jenkins","product":"Jenkins User Interface (UI)","vulnerability_name":"Jenkins User Interface (UI) Information Disclosure Vulnerability","date_added":"2023-05-12T00:00:00.000000Z","due_date":"2023-06-02T00:00:00.000000Z","known_ransomware":false,"epss":0.22429,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-37079","vendor_project":"Broadcom","product":"VMware vCenter Server","vulnerability_name":"Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability","date_added":"2026-01-23T00:00:00.000000Z","due_date":"2026-02-13T00:00:00.000000Z","known_ransomware":false,"epss":0.22377,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-14174","vendor_project":"Google","product":"Chromium","vulnerability_name":"Google Chromium Out of Bounds Memory Access Vulnerability","date_added":"2025-12-12T00:00:00.000000Z","due_date":"2026-01-02T00:00:00.000000Z","known_ransomware":false,"epss":0.22359,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-8639","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability","date_added":"2025-03-03T00:00:00.000000Z","due_date":"2025-03-24T00:00:00.000000Z","known_ransomware":true,"epss":0.22349,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22899","vendor_project":"Ivanti","product":"Pulse Connect Secure","vulnerability_name":"Ivanti Pulse Connect Secure Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.22343,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-0546","vendor_project":"Adobe","product":"Reader and Acrobat","vulnerability_name":"Adobe Reader and Acrobat Sandbox Bypass Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.2233,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-3560","vendor_project":"Red Hat","product":"Polkit","vulnerability_name":"Red Hat Polkit Incorrect Authorization Vulnerability","date_added":"2023-05-12T00:00:00.000000Z","due_date":"2023-06-02T00:00:00.000000Z","known_ransomware":false,"epss":0.22193,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-27930","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.22178,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-29360","vendor_project":"Microsoft","product":"Streaming Service","vulnerability_name":"Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability","date_added":"2024-02-29T00:00:00.000000Z","due_date":"2024-03-21T00:00:00.000000Z","known_ransomware":false,"epss":0.22133,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-0162","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Information Disclosure Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.22088,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-2441","vendor_project":"Google","product":"Chromium","vulnerability_name":"Google Chromium CSS Use-After-Free Vulnerability","date_added":"2026-02-17T00:00:00.000000Z","due_date":"2026-03-10T00:00:00.000000Z","known_ransomware":false,"epss":0.2202,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0903","vendor_project":"Microsoft","product":"Graphics Device Interface (GDI)","vulnerability_name":"Microsoft GDI Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.21713,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-20269","vendor_project":"Cisco","product":"Adaptive Security Appliance and Firepower Threat Defense","vulnerability_name":"Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability","date_added":"2023-09-13T00:00:00.000000Z","due_date":"2023-10-04T00:00:00.000000Z","known_ransomware":true,"epss":0.21583,"cvss_score":5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-30397","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Scripting Engine Type Confusion Vulnerability","date_added":"2025-05-13T00:00:00.000000Z","due_date":"2025-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.21562,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6742","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","date_added":"2023-04-19T00:00:00.000000Z","due_date":"2023-05-10T00:00:00.000000Z","known_ransomware":false,"epss":0.21424,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-9377","vendor_project":"D-Link","product":"DIR-610 Devices","vulnerability_name":"D-Link DIR-610 Devices Remote Command Execution","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.21338,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-31200","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2025-04-17T00:00:00.000000Z","due_date":"2025-05-08T00:00:00.000000Z","known_ransomware":false,"epss":0.21255,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-5054","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Integer Overflow Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.21194,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-44309","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability","date_added":"2024-11-21T00:00:00.000000Z","due_date":"2024-12-12T00:00:00.000000Z","known_ransomware":false,"epss":0.21044,"cvss_score":6.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2012-1854","vendor_project":"Microsoft","product":"Visual Basic for Applications (VBA)","vulnerability_name":"Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability","date_added":"2026-04-13T00:00:00.000000Z","due_date":"2026-04-27T00:00:00.000000Z","known_ransomware":false,"epss":0.21028,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-36563","vendor_project":"Microsoft","product":"WordPad","vulnerability_name":"Microsoft WordPad Information Disclosure Vulnerability","date_added":"2023-10-10T00:00:00.000000Z","due_date":"2023-10-31T00:00:00.000000Z","known_ransomware":false,"epss":0.20719,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-24363","vendor_project":"TP-Link","product":"TL-WA855RE","vulnerability_name":"TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability","date_added":"2025-09-02T00:00:00.000000Z","due_date":"2025-09-23T00:00:00.000000Z","known_ransomware":false,"epss":0.20689,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-3309","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.20625,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1297","vendor_project":"Microsoft","product":"Excel","vulnerability_name":"Microsoft Excel Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.20455,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-9163","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Stack-Based Buffer Overflow Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.20356,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-31956","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows NTFS Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.20268,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-41379","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Installer Privilege Escalation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":true,"epss":0.20255,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-54948","vendor_project":"Trend Micro","product":"Apex One","vulnerability_name":"Trend Micro Apex One OS Command Injection Vulnerability","date_added":"2025-08-18T00:00:00.000000Z","due_date":"2025-09-08T00:00:00.000000Z","known_ransomware":false,"epss":0.20253,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2014-8439","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Dereferenced Pointer Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.20008,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-43300","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability","date_added":"2025-08-21T00:00:00.000000Z","due_date":"2025-09-11T00:00:00.000000Z","known_ransomware":false,"epss":0.19972,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-36948","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Update Medic Service Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.1991,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-4171","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Remote Code Execution Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.19903,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-37976","vendor_project":"Google","product":"Chromium","vulnerability_name":"Google Chromium Information Disclosure Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.19901,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-21148","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Heap Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.19815,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-1010","vendor_project":"Adobe","product":"Flash Player and AIR","vulnerability_name":"Adobe Flash Player and AIR Integer Overflow Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.19785,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-68461","vendor_project":"Roundcube","product":"Webmail","vulnerability_name":"RoundCube Webmail Cross-site Scripting Vulnerability","date_added":"2026-02-20T00:00:00.000000Z","due_date":"2026-03-13T00:00:00.000000Z","known_ransomware":false,"epss":0.19769,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-26871","vendor_project":"Trend Micro","product":"Apex Central","vulnerability_name":"Trend Micro Apex Central Arbitrary File Upload Vulnerability","date_added":"2022-03-31T00:00:00.000000Z","due_date":"2022-04-21T00:00:00.000000Z","known_ransomware":false,"epss":0.19633,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-6345","vendor_project":"Google","product":"Chromium Skia","vulnerability_name":"Google Skia Integer Overflow Vulnerability","date_added":"2023-11-30T00:00:00.000000Z","due_date":"2023-12-21T00:00:00.000000Z","known_ransomware":false,"epss":0.1963,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-27443","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","date_added":"2025-05-19T00:00:00.000000Z","due_date":"2025-06-09T00:00:00.000000Z","known_ransomware":false,"epss":0.19543,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-0210","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Privilege Escalation Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.19522,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-40891","vendor_project":"Zyxel","product":"DSL CPE Devices","vulnerability_name":"Zyxel DSL CPE OS Command Injection Vulnerability","date_added":"2025-02-11T00:00:00.000000Z","due_date":"2025-03-04T00:00:00.000000Z","known_ransomware":false,"epss":0.19406,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-7836","vendor_project":"SKYSEA","product":"Client View","vulnerability_name":"SKYSEA Client View Improper Authentication Vulnerability","date_added":"2025-10-14T00:00:00.000000Z","due_date":"2025-11-04T00:00:00.000000Z","known_ransomware":false,"epss":0.1938,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-40890","vendor_project":"Zyxel","product":"DSL CPE Devices","vulnerability_name":"Zyxel DSL CPE OS Command Injection Vulnerability","date_added":"2025-02-11T00:00:00.000000Z","due_date":"2025-03-04T00:00:00.000000Z","known_ransomware":false,"epss":0.1931,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-7971","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2024-08-26T00:00:00.000000Z","due_date":"2024-09-16T00:00:00.000000Z","known_ransomware":false,"epss":0.19272,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1215","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.19254,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1322","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.19205,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-7775","vendor_project":"Citrix","product":"NetScaler","vulnerability_name":"Citrix NetScaler Memory Overflow Vulnerability","date_added":"2025-08-26T00:00:00.000000Z","due_date":"2025-08-28T00:00:00.000000Z","known_ransomware":false,"epss":0.18973,"cvss_score":9.2,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-36761","vendor_project":"Microsoft","product":"Word","vulnerability_name":"Microsoft Word Information Disclosure Vulnerability","date_added":"2023-09-12T00:00:00.000000Z","due_date":"2023-10-03T00:00:00.000000Z","known_ransomware":false,"epss":0.18959,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-48172","vendor_project":"LiteSpeed","product":"cPanel Plugin","vulnerability_name":"LiteSpeed cPanel Plugin Privilege Escalation Vulnerability","date_added":"2026-05-26T00:00:00.000000Z","due_date":"2026-05-29T00:00:00.000000Z","known_ransomware":false,"epss":0.18914,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-22047","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability","date_added":"2022-07-12T00:00:00.000000Z","due_date":"2022-08-02T00:00:00.000000Z","known_ransomware":false,"epss":0.18912,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-7892","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Use-After-Free Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.18786,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-24085","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Use-After-Free Vulnerability","date_added":"2025-01-29T00:00:00.000000Z","due_date":"2025-02-19T00:00:00.000000Z","known_ransomware":false,"epss":0.18668,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-5591","vendor_project":"Fortinet","product":"FortiOS","vulnerability_name":"Fortinet FortiOS Default Configuration Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.18566,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-11899","vendor_project":"Treck TCP\/IP stack","product":"IPv6","vulnerability_name":"Treck TCP\/IP stack Out-of-Bounds Read Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.18564,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-0147","vendor_project":"Cisco","product":"Secure Access Control System (ACS)","vulnerability_name":"Cisco Secure Access Control System Java Deserialization Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.18554,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-5123","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Use-After-Free Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.18493,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-22718","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Print Spooler Privilege Escalation Vulnerability","date_added":"2022-04-19T00:00:00.000000Z","due_date":"2022-05-10T00:00:00.000000Z","known_ransomware":false,"epss":0.18464,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-8440","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Escalation Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.18386,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-37450","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Code Execution Vulnerability","date_added":"2023-07-13T00:00:00.000000Z","due_date":"2023-08-03T00:00:00.000000Z","known_ransomware":false,"epss":0.18185,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-8506","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Type Confusion Vulnerability","date_added":"2022-05-04T00:00:00.000000Z","due_date":"2022-05-25T00:00:00.000000Z","known_ransomware":false,"epss":0.18172,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-0022","vendor_project":"Microsoft","product":"XML Core Services","vulnerability_name":"Microsoft XML Core Services Information Disclosure Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.18069,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-29824","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability","date_added":"2025-04-08T00:00:00.000000Z","due_date":"2025-04-29T00:00:00.000000Z","known_ransomware":true,"epss":0.1806,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-14733","vendor_project":"WatchGuard","product":"Firebox","vulnerability_name":"WatchGuard Firebox Out of Bounds Write Vulnerability","date_added":"2025-12-19T00:00:00.000000Z","due_date":"2025-12-26T00:00:00.000000Z","known_ransomware":false,"epss":0.18047,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-42916","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability","date_added":"2023-12-04T00:00:00.000000Z","due_date":"2023-12-25T00:00:00.000000Z","known_ransomware":false,"epss":0.17963,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-26359","vendor_project":"Adobe","product":"ColdFusion","vulnerability_name":"Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","date_added":"2023-08-21T00:00:00.000000Z","due_date":"2023-09-11T00:00:00.000000Z","known_ransomware":false,"epss":0.17937,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-4345","vendor_project":"Exim","product":"Exim","vulnerability_name":"Exim Privilege Escalation Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.17794,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-19943","vendor_project":"QNAP","product":"Network Attached Storage (NAS)","vulnerability_name":"QNAP NAS File Station Cross-Site Scripting Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":true,"epss":0.17705,"cvss_score":8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-44207","vendor_project":"Acclaim Systems","product":"USAHERDS","vulnerability_name":"Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability ","date_added":"2024-12-23T00:00:00.000000Z","due_date":"2025-01-13T00:00:00.000000Z","known_ransomware":false,"epss":0.17578,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-5326","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.1745,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-50224","vendor_project":"TP-Link","product":"TL-WR841N","vulnerability_name":"TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability","date_added":"2025-09-03T00:00:00.000000Z","due_date":"2025-09-24T00:00:00.000000Z","known_ransomware":false,"epss":0.1745,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2019-8605","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Use-After-Free Vulnerability","date_added":"2022-06-27T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.17438,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-22719","vendor_project":"Broadcom","product":"VMware Aria Operations","vulnerability_name":"Broadcom VMware Aria Operations Command Injection Vulnerability","date_added":"2026-03-03T00:00:00.000000Z","due_date":"2026-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.17424,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-27926","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","date_added":"2023-04-03T00:00:00.000000Z","due_date":"2023-04-24T00:00:00.000000Z","known_ransomware":false,"epss":0.17252,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-7965","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Inappropriate Implementation Vulnerability","date_added":"2024-08-28T00:00:00.000000Z","due_date":"2024-09-18T00:00:00.000000Z","known_ransomware":false,"epss":0.17227,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-11182","vendor_project":"MDaemon","product":"Email Server","vulnerability_name":"MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability","date_added":"2025-05-19T00:00:00.000000Z","due_date":"2025-06-09T00:00:00.000000Z","known_ransomware":false,"epss":0.17105,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-20359","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)","vulnerability_name":"Cisco ASA and FTD Privilege Escalation Vulnerability","date_added":"2024-04-24T00:00:00.000000Z","due_date":"2024-05-01T00:00:00.000000Z","known_ransomware":false,"epss":0.16995,"cvss_score":6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-7101","vendor_project":"Spreadsheet::ParseExcel","product":"Spreadsheet::ParseExcel","vulnerability_name":"Spreadsheet::ParseExcel Remote Code Execution Vulnerability","date_added":"2024-01-02T00:00:00.000000Z","due_date":"2024-01-23T00:00:00.000000Z","known_ransomware":false,"epss":0.167,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-38813","vendor_project":"VMware","product":"vCenter Server","vulnerability_name":"VMware vCenter Server Privilege Escalation Vulnerability","date_added":"2024-11-20T00:00:00.000000Z","due_date":"2024-12-11T00:00:00.000000Z","known_ransomware":false,"epss":0.16676,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30533","vendor_project":"Google","product":"Chromium PopupBlocker","vulnerability_name":"Google Chromium PopupBlocker Security Bypass Vulnerability","date_added":"2022-06-27T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.16611,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-36036","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability","date_added":"2023-11-14T00:00:00.000000Z","due_date":"2023-12-05T00:00:00.000000Z","known_ransomware":false,"epss":0.1654,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-32409","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Sandbox Escape Vulnerability","date_added":"2023-05-22T00:00:00.000000Z","due_date":"2023-06-12T00:00:00.000000Z","known_ransomware":false,"epss":0.1653,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-27950","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Initialization Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.1652,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-20022","vendor_project":"SonicWall","product":"SonicWall Email Security","vulnerability_name":"SonicWall Email Security Unrestricted Upload of File Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.16509,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-22620","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability","date_added":"2022-02-11T00:00:00.000000Z","due_date":"2022-02-25T00:00:00.000000Z","known_ransomware":false,"epss":0.16342,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-3837","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2022-06-27T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.16111,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-4262","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2022-12-05T00:00:00.000000Z","due_date":"2022-12-26T00:00:00.000000Z","known_ransomware":false,"epss":0.16109,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-20481","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)","vulnerability_name":"Cisco ASA and FTD Denial-of-Service Vulnerability","date_added":"2024-10-24T00:00:00.000000Z","due_date":"2024-11-14T00:00:00.000000Z","known_ransomware":false,"epss":0.15953,"cvss_score":5.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-0986","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.15932,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-7286","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.15705,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-40766","vendor_project":"SonicWall","product":"SonicOS","vulnerability_name":"SonicWall SonicOS Improper Access Control Vulnerability","date_added":"2024-09-09T00:00:00.000000Z","due_date":"2024-09-30T00:00:00.000000Z","known_ransomware":true,"epss":0.15694,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-38180","vendor_project":"Microsoft","product":".NET Core and Visual Studio","vulnerability_name":"Microsoft .NET Core and Visual Studio Denial-of-Service Vulnerability","date_added":"2023-08-09T00:00:00.000000Z","due_date":"2023-08-30T00:00:00.000000Z","known_ransomware":false,"epss":0.15519,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-21513","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability","date_added":"2026-02-10T00:00:00.000000Z","due_date":"2026-03-03T00:00:00.000000Z","known_ransomware":false,"epss":0.15384,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-41064","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability","date_added":"2023-09-11T00:00:00.000000Z","due_date":"2023-10-02T00:00:00.000000Z","known_ransomware":false,"epss":0.15263,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-0310","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player ASLR Bypass Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.15217,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-4947","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2024-05-20T00:00:00.000000Z","due_date":"2024-06-10T00:00:00.000000Z","known_ransomware":false,"epss":0.15111,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-35311","vendor_project":"Microsoft","product":"Outlook","vulnerability_name":"Microsoft Outlook Security Feature Bypass Vulnerability","date_added":"2023-07-11T00:00:00.000000Z","due_date":"2023-08-01T00:00:00.000000Z","known_ransomware":false,"epss":0.15028,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-2360","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.14958,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-38028","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Print Spooler Privilege Escalation Vulnerability ","date_added":"2024-04-23T00:00:00.000000Z","due_date":"2024-05-14T00:00:00.000000Z","known_ransomware":false,"epss":0.14949,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-20708","vendor_project":"Cisco","product":"Small Business RV160, RV260, RV340, and RV345 Series Routers","vulnerability_name":"Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.14863,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-14634","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Integer Overflow Vulnerability","date_added":"2026-01-26T00:00:00.000000Z","due_date":"2026-02-16T00:00:00.000000Z","known_ransomware":false,"epss":0.14806,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-8069","vendor_project":"Citrix","product":"Session Recording","vulnerability_name":"Citrix Session Recording Deserialization of Untrusted Data Vulnerability","date_added":"2025-08-25T00:00:00.000000Z","due_date":"2025-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.14736,"cvss_score":5.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-30883","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.14721,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-1789","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Type Confusion Vulnerability","date_added":"2022-05-04T00:00:00.000000Z","due_date":"2022-05-25T00:00:00.000000Z","known_ransomware":false,"epss":0.14542,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-28204","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability","date_added":"2023-05-22T00:00:00.000000Z","due_date":"2023-06-12T00:00:00.000000Z","known_ransomware":false,"epss":0.14406,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-34484","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows User Profile Service Privilege Escalation Vulnerability","date_added":"2022-03-31T00:00:00.000000Z","due_date":"2022-04-21T00:00:00.000000Z","known_ransomware":false,"epss":0.14393,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-7193","vendor_project":"QNAP","product":"QTS","vulnerability_name":"QNAP QTS Improper Input Validation Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":true,"epss":0.14367,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2016-0165","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2023-06-22T00:00:00.000000Z","due_date":"2023-07-13T00:00:00.000000Z","known_ransomware":false,"epss":0.14358,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-26485","vendor_project":"Mozilla","product":"Firefox","vulnerability_name":"Mozilla Firefox Use-After-Free Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-03-21T00:00:00.000000Z","known_ransomware":false,"epss":0.14261,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-10181","vendor_project":"Sumavision","product":"Enhanced Multimedia Router (EMR)","vulnerability_name":"Sumavision EMR Cross-Site Request Forgery (CSRF) Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.14209,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-0151","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.14204,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-9875","vendor_project":"Sitecore","product":"CMS and Experience Platform (XP)","vulnerability_name":"Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability","date_added":"2025-03-26T00:00:00.000000Z","due_date":"2025-04-16T00:00:00.000000Z","known_ransomware":false,"epss":0.14154,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22900","vendor_project":"Ivanti","product":"Pulse Connect Secure","vulnerability_name":"Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.14146,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2014-2120","vendor_project":"Cisco","product":"Adaptive Security Appliance (ASA)","vulnerability_name":"Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability","date_added":"2024-11-12T00:00:00.000000Z","due_date":"2024-12-03T00:00:00.000000Z","known_ransomware":false,"epss":0.14029,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-22948","vendor_project":"VMware","product":"vCenter Server","vulnerability_name":"VMware vCenter Server Incorrect Default File Permissions Vulnerability ","date_added":"2024-07-17T00:00:00.000000Z","due_date":"2024-08-07T00:00:00.000000Z","known_ransomware":false,"epss":0.13935,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-12686","vendor_project":"BeyondTrust","product":"Privileged Remote Access (PRA) and Remote Support (RS)","vulnerability_name":"BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability","date_added":"2025-01-13T00:00:00.000000Z","due_date":"2025-02-03T00:00:00.000000Z","known_ransomware":false,"epss":0.13788,"cvss_score":6.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-1364","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2022-04-15T00:00:00.000000Z","due_date":"2022-05-06T00:00:00.000000Z","known_ransomware":false,"epss":0.1372,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-49039","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Task Scheduler Privilege Escalation Vulnerability","date_added":"2024-11-12T00:00:00.000000Z","due_date":"2024-12-03T00:00:00.000000Z","known_ransomware":true,"epss":0.13719,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-20867","vendor_project":"VMware","product":"Tools","vulnerability_name":"VMware Tools Authentication Bypass Vulnerability","date_added":"2023-06-23T00:00:00.000000Z","due_date":"2023-07-14T00:00:00.000000Z","known_ransomware":false,"epss":0.13638,"cvss_score":3.9,"cvss_severity":"LOW"},{"cve_id":"CVE-2017-12240","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.13521,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-3010","vendor_project":"Oracle","product":"Solaris","vulnerability_name":"Oracle Solaris Privilege Escalation Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.13506,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30858","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, macOS Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.13486,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-27876","vendor_project":"Veritas","product":"Backup Exec Agent","vulnerability_name":"Veritas Backup Exec Agent File Access Vulnerability","date_added":"2023-04-07T00:00:00.000000Z","due_date":"2023-04-28T00:00:00.000000Z","known_ransomware":true,"epss":0.13411,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-38213","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows SmartScreen Security Feature Bypass Vulnerability","date_added":"2024-08-13T00:00:00.000000Z","due_date":"2024-09-03T00:00:00.000000Z","known_ransomware":false,"epss":0.1337,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2015-4902","vendor_project":"Oracle","product":"Java SE","vulnerability_name":"Oracle Java SE Integrity Check Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.13354,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-23176","vendor_project":"WatchGuard","product":"Firebox and XTM","vulnerability_name":"WatchGuard Firebox and XTM Privilege Escalation Vulnerability","date_added":"2022-04-11T00:00:00.000000Z","due_date":"2022-05-02T00:00:00.000000Z","known_ransomware":false,"epss":0.13318,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-22769","vendor_project":"Dell","product":"RecoverPoint for Virtual Machines (RP4VMs)","vulnerability_name":"Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability","date_added":"2026-02-18T00:00:00.000000Z","due_date":"2026-02-21T00:00:00.000000Z","known_ransomware":false,"epss":0.13131,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-2586","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Use-After-Free Vulnerability","date_added":"2024-06-26T00:00:00.000000Z","due_date":"2024-07-17T00:00:00.000000Z","known_ransomware":false,"epss":0.12746,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-34926","vendor_project":"Trend Micro","product":"Apex One","vulnerability_name":"Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability","date_added":"2026-05-21T00:00:00.000000Z","due_date":"2026-06-04T00:00:00.000000Z","known_ransomware":false,"epss":0.12682,"cvss_score":6.7,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-21410","vendor_project":"Microsoft","product":"Exchange Server","vulnerability_name":"Microsoft Exchange Server Privilege Escalation Vulnerability","date_added":"2024-02-15T00:00:00.000000Z","due_date":"2024-03-07T00:00:00.000000Z","known_ransomware":false,"epss":0.12661,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-22675","vendor_project":"Apple","product":"macOS","vulnerability_name":"Apple macOS Out-of-Bounds Write Vulnerability","date_added":"2022-04-04T00:00:00.000000Z","due_date":"2022-04-25T00:00:00.000000Z","known_ransomware":false,"epss":0.12642,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-38181","vendor_project":"Arm","product":"Mali Graphics Processing Unit (GPU)","vulnerability_name":"Arm Mali GPU Kernel Driver Use-After-Free Vulnerability","date_added":"2023-03-30T00:00:00.000000Z","due_date":"2023-04-20T00:00:00.000000Z","known_ransomware":false,"epss":0.12588,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-20775","vendor_project":"Cisco","product":"SD-WAN","vulnerability_name":"Cisco SD-WAN Path Traversal Vulnerability","date_added":"2026-02-25T00:00:00.000000Z","due_date":"2026-02-27T00:00:00.000000Z","known_ransomware":false,"epss":0.12475,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-31201","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Arbitrary Read and Write Vulnerability","date_added":"2025-04-17T00:00:00.000000Z","due_date":"2025-05-08T00:00:00.000000Z","known_ransomware":false,"epss":0.12358,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-41328","vendor_project":"Fortinet","product":"FortiOS","vulnerability_name":"Fortinet FortiOS Path Traversal Vulnerability","date_added":"2023-03-14T00:00:00.000000Z","due_date":"2023-04-04T00:00:00.000000Z","known_ransomware":false,"epss":0.12316,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-32373","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Use-After-Free Vulnerability","date_added":"2023-05-22T00:00:00.000000Z","due_date":"2023-06-12T00:00:00.000000Z","known_ransomware":false,"epss":0.1227,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-36424","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Out-of-Bounds Read Vulnerability","date_added":"2026-04-13T00:00:00.000000Z","due_date":"2026-04-27T00:00:00.000000Z","known_ransomware":false,"epss":0.12184,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-21715","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Publisher Security Feature Bypass Vulnerability","date_added":"2023-02-14T00:00:00.000000Z","due_date":"2023-03-07T00:00:00.000000Z","known_ransomware":false,"epss":0.12107,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-11292","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Type Confusion Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.12104,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-28663","vendor_project":"Arm","product":"Mali Graphics Processing Unit (GPU)","vulnerability_name":"Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.12084,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-66376","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability","date_added":"2026-03-18T00:00:00.000000Z","due_date":"2026-04-01T00:00:00.000000Z","known_ransomware":false,"epss":0.12009,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-36033","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability","date_added":"2023-11-14T00:00:00.000000Z","due_date":"2023-12-05T00:00:00.000000Z","known_ransomware":false,"epss":0.11977,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-20821","vendor_project":"Cisco","product":"IOS XR","vulnerability_name":"Cisco IOS XR Open Port Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.1176,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-9377","vendor_project":"TP-Link","product":"Multiple Routers","vulnerability_name":"TP-Link Archer C7(EU) and TL-WR841N\/ND(MS) OS Command Injection Vulnerability","date_added":"2025-09-03T00:00:00.000000Z","due_date":"2025-09-24T00:00:00.000000Z","known_ransomware":false,"epss":0.11747,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-37973","vendor_project":"Google","product":"Chromium Portals","vulnerability_name":"Google Chromium Portals Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.11735,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-3118","vendor_project":"Cisco","product":"IOS XR","vulnerability_name":"Cisco IOS XR Software Discovery Protocol Format String Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.11685,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-22587","vendor_project":"Apple","product":"iOS and macOS","vulnerability_name":"Apple Memory Corruption Vulnerability","date_added":"2022-01-28T00:00:00.000000Z","due_date":"2022-02-11T00:00:00.000000Z","known_ransomware":false,"epss":0.11638,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2012-1710","vendor_project":"Oracle","product":"Fusion Middleware","vulnerability_name":"Oracle Fusion Middleware Unspecified Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":true,"epss":0.11636,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-1253","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.11616,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-21042","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Out-of-Bounds Write Vulnerability","date_added":"2025-11-10T00:00:00.000000Z","due_date":"2025-12-01T00:00:00.000000Z","known_ransomware":false,"epss":0.11606,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-8599","vendor_project":"Trend Micro","product":"Apex One and OfficeScan","vulnerability_name":"Trend Micro Apex One and OfficeScan Authentication Bypass Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.11576,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-27103","vendor_project":"Accellion","product":"FTA","vulnerability_name":"Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.11406,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-42999","vendor_project":"SAP","product":"NetWeaver","vulnerability_name":"SAP NetWeaver Deserialization Vulnerability","date_added":"2025-05-15T00:00:00.000000Z","due_date":"2025-06-05T00:00:00.000000Z","known_ransomware":false,"epss":0.11222,"cvss_score":9.1,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-3904","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Improper Input Validation Vulnerability","date_added":"2023-05-12T00:00:00.000000Z","due_date":"2023-06-02T00:00:00.000000Z","known_ransomware":false,"epss":0.11217,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-0648","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Code Execution Vulnerability","date_added":"2024-09-17T00:00:00.000000Z","due_date":"2024-10-08T00:00:00.000000Z","known_ransomware":false,"epss":0.11094,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30762","vendor_project":"Apple","product":"iOS","vulnerability_name":"Apple iOS WebKit Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.11074,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-0005","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.11022,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-4761","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Out-of-Bounds Memory Write Vulnerability","date_added":"2024-05-16T00:00:00.000000Z","due_date":"2024-06-06T00:00:00.000000Z","known_ransomware":false,"epss":0.11007,"cvss_score":8.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-38648","vendor_project":"Microsoft","product":"Open Management Infrastructure (OMI)","vulnerability_name":"Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.10933,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-2546","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Memory Corruption Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.10929,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-23376","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability","date_added":"2023-02-14T00:00:00.000000Z","due_date":"2023-03-07T00:00:00.000000Z","known_ransomware":true,"epss":0.10853,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-8467","vendor_project":"Trend Micro","product":"Apex One and OfficeScan","vulnerability_name":"Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.10793,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6740","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.10788,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-1000253","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel PIE Stack Buffer Corruption Vulnerability ","date_added":"2024-09-09T00:00:00.000000Z","due_date":"2024-09-30T00:00:00.000000Z","known_ransomware":true,"epss":0.10695,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-15069","vendor_project":"Sophos","product":"XG Firewall","vulnerability_name":"Sophos XG Firewall Buffer Overflow Vulnerability","date_added":"2025-02-06T00:00:00.000000Z","due_date":"2025-02-27T00:00:00.000000Z","known_ransomware":false,"epss":0.10674,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-28318","vendor_project":"SolarWinds","product":"Serv-U","vulnerability_name":"SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability","date_added":"2026-06-05T00:00:00.000000Z","due_date":"2026-06-19T00:00:00.000000Z","known_ransomware":false,"epss":0.10659,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-23222","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Type Confusion Vulnerability","date_added":"2024-01-23T00:00:00.000000Z","due_date":"2024-02-13T00:00:00.000000Z","known_ransomware":false,"epss":0.10593,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30761","vendor_project":"Apple","product":"iOS","vulnerability_name":"Apple iOS WebKit Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.10591,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-6572","vendor_project":"Google","product":"Chrome Media","vulnerability_name":"Google Chrome Media Use-After-Free Vulnerability","date_added":"2022-01-10T00:00:00.000000Z","due_date":"2022-07-10T00:00:00.000000Z","known_ransomware":false,"epss":0.10586,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41223","vendor_project":"Mitel","product":"MiVoice Connect","vulnerability_name":"Mitel MiVoice Connect Code Injection Vulnerability","date_added":"2023-02-21T00:00:00.000000Z","due_date":"2023-03-14T00:00:00.000000Z","known_ransomware":true,"epss":0.10571,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-6738","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.1055,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6739","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.1055,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6743","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.1055,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-0643","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Incorrect Default Permissions Vulnerability","date_added":"2024-09-17T00:00:00.000000Z","due_date":"2024-10-08T00:00:00.000000Z","known_ransomware":false,"epss":0.10533,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-40765","vendor_project":"Mitel","product":"MiVoice Connect","vulnerability_name":"Mitel MiVoice Connect Command Injection Vulnerability","date_added":"2023-02-21T00:00:00.000000Z","due_date":"2023-03-14T00:00:00.000000Z","known_ransomware":true,"epss":0.10481,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-27932","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Type Confusion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.10337,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-43890","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows AppX Installer Spoofing Vulnerability","date_added":"2021-12-15T00:00:00.000000Z","due_date":"2021-12-29T00:00:00.000000Z","known_ransomware":true,"epss":0.10295,"cvss_score":7.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-20133","vendor_project":"Cisco","product":"Catalyst SD-WAN Manager","vulnerability_name":"Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability","date_added":"2026-04-20T00:00:00.000000Z","due_date":"2026-04-23T00:00:00.000000Z","known_ransomware":false,"epss":0.10245,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-3433","vendor_project":"Cisco","product":"AnyConnect Secure","vulnerability_name":"Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability","date_added":"2022-10-24T00:00:00.000000Z","due_date":"2022-11-14T00:00:00.000000Z","known_ransomware":true,"epss":0.1013,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-0263","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.10034,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-5274","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2024-05-28T00:00:00.000000Z","due_date":"2024-06-18T00:00:00.000000Z","known_ransomware":false,"epss":0.1002,"cvss_score":8.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-6047","vendor_project":"GeoVision","product":"Multiple Devices","vulnerability_name":"GeoVision Devices OS Command Injection Vulnerability","date_added":"2025-05-07T00:00:00.000000Z","due_date":"2025-05-28T00:00:00.000000Z","known_ransomware":false,"epss":0.09992,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-1130","vendor_project":"Apple","product":"OS X","vulnerability_name":"Apple OS X Authentication Bypass Vulnerability","date_added":"2022-02-10T00:00:00.000000Z","due_date":"2022-08-10T00:00:00.000000Z","known_ransomware":false,"epss":0.09887,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-21193","vendor_project":"Google","product":"Chromium Blink","vulnerability_name":"Google Chromium Blink Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.0987,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-38217","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability","date_added":"2024-09-10T00:00:00.000000Z","due_date":"2024-10-01T00:00:00.000000Z","known_ransomware":false,"epss":0.09835,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-26925","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows LSA Spoofing Vulnerability","date_added":"2022-07-01T00:00:00.000000Z","due_date":"2022-07-22T00:00:00.000000Z","known_ransomware":false,"epss":0.09823,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-26904","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows User Profile Service Privilege Escalation Vulnerability","date_added":"2022-04-25T00:00:00.000000Z","due_date":"2022-05-16T00:00:00.000000Z","known_ransomware":false,"epss":0.09817,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-21333","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability","date_added":"2025-01-14T00:00:00.000000Z","due_date":"2025-02-04T00:00:00.000000Z","known_ransomware":false,"epss":0.09798,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1132","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":false,"epss":0.09788,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-32893","vendor_project":"Apple","product":"iOS and macOS","vulnerability_name":"Apple iOS and macOS Out-of-Bounds Write Vulnerability","date_added":"2022-08-18T00:00:00.000000Z","due_date":"2022-09-08T00:00:00.000000Z","known_ransomware":false,"epss":0.09785,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-6543","vendor_project":"Citrix","product":"NetScaler ADC and Gateway","vulnerability_name":"Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability","date_added":"2025-06-30T00:00:00.000000Z","due_date":"2025-07-21T00:00:00.000000Z","known_ransomware":false,"epss":0.09756,"cvss_score":9.2,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-20701","vendor_project":"Cisco","product":"Small Business RV160, RV260, RV340, and RV345 Series Routers","vulnerability_name":"Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.09747,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-0703","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows SMB Information Disclosure Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.0964,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-23529","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Type Confusion Vulnerability","date_added":"2023-02-14T00:00:00.000000Z","due_date":"2023-03-07T00:00:00.000000Z","known_ransomware":false,"epss":0.09502,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-21206","vendor_project":"Google","product":"Chromium Blink","vulnerability_name":"Google Chromium Blink Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.09401,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-42917","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Memory Corruption Vulnerability","date_added":"2023-12-04T00:00:00.000000Z","due_date":"2023-12-25T00:00:00.000000Z","known_ransomware":false,"epss":0.0937,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-57726","vendor_project":"SimpleHelp ","product":"SimpleHelp","vulnerability_name":"SimpleHelp Missing Authorization Vulnerability","date_added":"2026-04-24T00:00:00.000000Z","due_date":"2026-05-08T00:00:00.000000Z","known_ransomware":true,"epss":0.09328,"cvss_score":9.9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-20703","vendor_project":"Cisco","product":"Small Business RV160, RV260, RV340, and RV345 Series Routers","vulnerability_name":"Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.09203,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-44308","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Code Execution Vulnerability","date_added":"2024-11-21T00:00:00.000000Z","due_date":"2024-12-12T00:00:00.000000Z","known_ransomware":false,"epss":0.09186,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-6558","vendor_project":"Google","product":"Chromium","vulnerability_name":"Google Chromium ANGLE and GPU Improper Input Validation Vulnerability","date_added":"2025-07-22T00:00:00.000000Z","due_date":"2025-08-12T00:00:00.000000Z","known_ransomware":false,"epss":0.09185,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-23748","vendor_project":"Audinate","product":"Dante Discovery","vulnerability_name":"Dante Discovery Process Control Vulnerability","date_added":"2025-02-06T00:00:00.000000Z","due_date":"2025-02-27T00:00:00.000000Z","known_ransomware":false,"epss":0.09092,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-32046","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability","date_added":"2023-07-11T00:00:00.000000Z","due_date":"2023-08-01T00:00:00.000000Z","known_ransomware":false,"epss":0.09083,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-2291","vendor_project":"Intel","product":"Ethernet Diagnostics Driver for Windows","vulnerability_name":"Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability","date_added":"2023-02-10T00:00:00.000000Z","due_date":"2023-03-03T00:00:00.000000Z","known_ransomware":true,"epss":0.09011,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30563","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.08928,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-14558","vendor_project":"Tenda","product":"AC7, AC9, and AC10 Routers","vulnerability_name":"Tenda AC7, AC9, and AC10 Routers Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.08672,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2010-4398","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-21T00:00:00.000000Z","known_ransomware":false,"epss":0.08661,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1388","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability","date_added":"2023-04-07T00:00:00.000000Z","due_date":"2023-04-28T00:00:00.000000Z","known_ransomware":true,"epss":0.08589,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-19323","vendor_project":"GIGABYTE","product":"Multiple Products","vulnerability_name":"GIGABYTE Multiple Products Privilege Escalation Vulnerability","date_added":"2022-10-24T00:00:00.000000Z","due_date":"2022-11-14T00:00:00.000000Z","known_ransomware":true,"epss":0.08523,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-42856","vendor_project":"Apple","product":"iOS","vulnerability_name":"Apple iOS Type Confusion Vulnerability","date_added":"2022-12-14T00:00:00.000000Z","due_date":"2023-01-04T00:00:00.000000Z","known_ransomware":false,"epss":0.08523,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-43529","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Use-After-Free WebKit Vulnerability","date_added":"2025-12-15T00:00:00.000000Z","due_date":"2026-01-05T00:00:00.000000Z","known_ransomware":false,"epss":0.08439,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-2783","vendor_project":"Google","product":"Chromium Mojo","vulnerability_name":"Google Chromium Mojo Sandbox Escape Vulnerability","date_added":"2025-03-27T00:00:00.000000Z","due_date":"2025-04-17T00:00:00.000000Z","known_ransomware":false,"epss":0.08404,"cvss_score":8.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-41091","vendor_project":"Microsoft","product":"Defender","vulnerability_name":"Microsoft Defender Link Following Vulnerability","date_added":"2026-05-20T00:00:00.000000Z","due_date":"2026-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.08371,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0156","vendor_project":"Cisco","product":"IOS Software and Cisco IOS XE Software","vulnerability_name":"Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.08369,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-4671","vendor_project":"Google","product":"Chromium","vulnerability_name":"Google Chromium Visuals Use-After-Free Vulnerability","date_added":"2024-05-13T00:00:00.000000Z","due_date":"2024-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.08348,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-28310","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.0833,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-11634","vendor_project":"Citrix","product":"Workspace Application and Receiver for Windows","vulnerability_name":"Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.08091,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-1870","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.07921,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-0386","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Improper Ownership Management Vulnerability","date_added":"2025-06-17T00:00:00.000000Z","due_date":"2025-07-08T00:00:00.000000Z","known_ransomware":false,"epss":0.0788,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-41244","vendor_project":"Broadcom","product":"VMware Aria Operations and VMware Tools","vulnerability_name":"Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability","date_added":"2025-10-30T00:00:00.000000Z","due_date":"2025-11-20T00:00:00.000000Z","known_ransomware":false,"epss":0.0788,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-38189","vendor_project":"Microsoft","product":"Project","vulnerability_name":"Microsoft Project Remote Code Execution Vulnerability ","date_added":"2024-08-13T00:00:00.000000Z","due_date":"2024-09-03T00:00:00.000000Z","known_ransomware":false,"epss":0.07871,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-48927","vendor_project":"TeleMessage","product":"TM SGNL","vulnerability_name":"TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability","date_added":"2025-07-01T00:00:00.000000Z","due_date":"2025-07-22T00:00:00.000000Z","known_ransomware":false,"epss":0.07857,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-4102","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Use-After-Free Vulnerability","date_added":"2021-12-15T00:00:00.000000Z","due_date":"2021-12-29T00:00:00.000000Z","known_ransomware":false,"epss":0.07836,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0172","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software Improper Input Validation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.07824,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2012-2034","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Memory Corruption Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.078,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0155","vendor_project":"Cisco","product":"Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches","vulnerability_name":"Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.07747,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-20262","vendor_project":"Cisco","product":"Catalyst SD-WAN Manager","vulnerability_name":"Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability","date_added":"2026-06-15T00:00:00.000000Z","due_date":"2026-06-29T00:00:00.000000Z","known_ransomware":false,"epss":0.07683,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-0683","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Installer Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.07667,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30952","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Integer Overflow or Wraparound Vulnerability","date_added":"2026-03-05T00:00:00.000000Z","due_date":"2026-03-26T00:00:00.000000Z","known_ransomware":false,"epss":0.07617,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0173","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software Improper Input Validation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.07613,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0174","vendor_project":"Cisco","product":"IOS XE Software","vulnerability_name":"Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.07613,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2004-0210","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Escalation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.07606,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-57728","vendor_project":"SimpleHelp ","product":"SimpleHelp","vulnerability_name":"SimpleHelp Path Traversal Vulnerability","date_added":"2026-04-24T00:00:00.000000Z","due_date":"2026-05-08T00:00:00.000000Z","known_ransomware":true,"epss":0.07549,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0676","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Information Disclosure Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.07505,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-34486","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Event Tracing Privilege Escalation Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.07428,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30554","vendor_project":"Google","product":"Chromium WebGL","vulnerability_name":"Google Chromium WebGL Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.07367,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-7024","vendor_project":"Google","product":"Chromium WebRTC","vulnerability_name":"Google Chromium WebRTC Heap Buffer Overflow Vulnerability","date_added":"2024-01-02T00:00:00.000000Z","due_date":"2024-01-23T00:00:00.000000Z","known_ransomware":false,"epss":0.07356,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-24521","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows CLFS Driver Privilege Escalation Vulnerability","date_added":"2022-04-13T00:00:00.000000Z","due_date":"2022-05-04T00:00:00.000000Z","known_ransomware":true,"epss":0.07304,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-3950","vendor_project":"VMware","product":"Multiple Products","vulnerability_name":"VMware Multiple Products Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.07254,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0158","vendor_project":"Cisco","product":"IOS Software and Cisco IOS XE Software","vulnerability_name":"Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.07194,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6744","vendor_project":"Cisco","product":"IOS software","vulnerability_name":"Cisco IOS Software SNMP Remote Code Execution Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.07158,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-1871","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.0712,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-38080","vendor_project":"Microsoft","product":"Windows ","vulnerability_name":"Microsoft Windows Hyper-V Privilege Escalation Vulnerability","date_added":"2024-07-09T00:00:00.000000Z","due_date":"2024-07-30T00:00:00.000000Z","known_ransomware":false,"epss":0.07115,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-34621","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Prototype Pollution Vulnerability","date_added":"2026-04-13T00:00:00.000000Z","due_date":"2026-04-27T00:00:00.000000Z","known_ransomware":false,"epss":0.07086,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-1879","vendor_project":"Apple","product":"iOS, iPadOS, and watchOS","vulnerability_name":"Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.07082,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2019-0344","vendor_project":"SAP","product":"Commerce Cloud","vulnerability_name":"SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability","date_added":"2024-09-30T00:00:00.000000Z","due_date":"2024-10-21T00:00:00.000000Z","known_ransomware":false,"epss":0.07079,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-0154","vendor_project":"Cisco","product":"IOS Software","vulnerability_name":"Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.07074,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-26369","vendor_project":"Adobe","product":"Acrobat and Reader","vulnerability_name":"Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability","date_added":"2023-09-14T00:00:00.000000Z","due_date":"2023-10-05T00:00:00.000000Z","known_ransomware":false,"epss":0.07036,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-20122","vendor_project":"Cisco","product":"Catalyst SD-WAN Manger","vulnerability_name":"Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability","date_added":"2026-04-20T00:00:00.000000Z","due_date":"2026-04-23T00:00:00.000000Z","known_ransomware":false,"epss":0.07016,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-12231","vendor_project":"Cisco","product":"IOS software","vulnerability_name":"Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.06938,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-12233","vendor_project":"Cisco","product":"IOS software","vulnerability_name":"Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.06938,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-12234","vendor_project":"Cisco","product":"IOS software","vulnerability_name":"Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.06938,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-12235","vendor_project":"Cisco","product":"IOS software","vulnerability_name":"Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.06938,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-12237","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.06938,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2008-3431","vendor_project":"Oracle","product":"VirtualBox","vulnerability_name":"Oracle VirtualBox Insufficient Input Validation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.06932,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-27518","vendor_project":"Citrix","product":"Application Delivery Controller (ADC) and Gateway","vulnerability_name":"Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability","date_added":"2022-12-13T00:00:00.000000Z","due_date":"2023-01-03T00:00:00.000000Z","known_ransomware":false,"epss":0.06931,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-1040","vendor_project":"Microsoft","product":"Hyper-V RemoteFX","vulnerability_name":"Microsoft Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.06903,"cvss_score":9,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-1064","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.06886,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0159","vendor_project":"Cisco","product":"IOS Software and Cisco IOS XE Software","vulnerability_name":"Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.06874,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-3723","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2022-10-28T00:00:00.000000Z","due_date":"2022-11-18T00:00:00.000000Z","known_ransomware":false,"epss":0.0675,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-33825","vendor_project":"Microsoft","product":"Defender","vulnerability_name":"Microsoft Defender Insufficient Granularity of Access Control Vulnerability","date_added":"2026-04-22T00:00:00.000000Z","due_date":"2026-05-06T00:00:00.000000Z","known_ransomware":true,"epss":0.06749,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-28434","vendor_project":"MinIO","product":"MinIO","vulnerability_name":"MinIO Security Feature Bypass Vulnerability","date_added":"2023-09-19T00:00:00.000000Z","due_date":"2023-10-10T00:00:00.000000Z","known_ransomware":false,"epss":0.06736,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-1675","vendor_project":"Mozilla","product":"Firefox","vulnerability_name":"Mozilla Firefox Information Disclosure Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.06696,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2012-0767","vendor_project":"Adobe","product":"Flash Player","vulnerability_name":"Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.06662,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-30713","vendor_project":"Apple","product":"macOS","vulnerability_name":"Apple macOS Unspecified Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.0658,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-6554","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2025-07-02T00:00:00.000000Z","due_date":"2025-07-23T00:00:00.000000Z","known_ransomware":false,"epss":0.06564,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-33739","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.06555,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-5419","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Out-of-Bounds Read and Write Vulnerability","date_added":"2025-06-05T00:00:00.000000Z","due_date":"2025-06-26T00:00:00.000000Z","known_ransomware":false,"epss":0.06463,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-16010","vendor_project":"Google","product":"Chrome for Android UI","vulnerability_name":"Google Chrome for Android UI Heap Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.06414,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-38106","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2024-08-13T00:00:00.000000Z","due_date":"2024-09-03T00:00:00.000000Z","known_ransomware":false,"epss":0.06337,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-6820","vendor_project":"Mozilla","product":"Firefox and Thunderbird","vulnerability_name":"Mozilla Firefox And Thunderbird Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.06305,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-33771","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.06204,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1069","vendor_project":"Microsoft","product":"Task Scheduler","vulnerability_name":"Microsoft Task Scheduler Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.06117,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-62215","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Race Condition Vulnerability","date_added":"2025-11-12T00:00:00.000000Z","due_date":"2025-12-03T00:00:00.000000Z","known_ransomware":false,"epss":0.061,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6627","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.06042,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-38014","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Installer Improper Privilege Management Vulnerability","date_added":"2024-09-10T00:00:00.000000Z","due_date":"2024-10-01T00:00:00.000000Z","known_ransomware":false,"epss":0.06008,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-27101","vendor_project":"Accellion","product":"FTA","vulnerability_name":"Accellion FTA SQL Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.05998,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-15271","vendor_project":"Cisco","product":"RV Series Routers","vulnerability_name":"Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability","date_added":"2022-06-08T00:00:00.000000Z","due_date":"2022-06-22T00:00:00.000000Z","known_ransomware":false,"epss":0.05979,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-26500","vendor_project":"Veeam","product":"Backup \u0026 Replication","vulnerability_name":"Veeam Backup \u0026 Replication Remote Code Execution Vulnerability","date_added":"2022-12-13T00:00:00.000000Z","due_date":"2023-01-03T00:00:00.000000Z","known_ransomware":true,"epss":0.05942,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-22600","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Privilege Escalation Vulnerability","date_added":"2022-04-11T00:00:00.000000Z","due_date":"2022-05-02T00:00:00.000000Z","known_ransomware":false,"epss":0.05918,"cvss_score":6.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-24990","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Untrusted Pointer Dereference Vulnerability","date_added":"2025-10-14T00:00:00.000000Z","due_date":"2025-11-04T00:00:00.000000Z","known_ransomware":false,"epss":0.05793,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-2136","vendor_project":"Google","product":"Chromium Skia","vulnerability_name":"Google Chrome Skia Integer Overflow Vulnerability","date_added":"2023-04-21T00:00:00.000000Z","due_date":"2023-05-12T00:00:00.000000Z","known_ransomware":false,"epss":0.05786,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-8468","vendor_project":"Trend Micro","product":"Apex One, OfficeScan and Worry-Free Business Security Agents","vulnerability_name":"Trend Micro Multiple Products Content Validation Escape Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.05754,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-3502","vendor_project":"TrueConf","product":"Client","vulnerability_name":"TrueConf Client Download of Code Without Integrity Check Vulnerability","date_added":"2026-04-02T00:00:00.000000Z","due_date":"2026-04-16T00:00:00.000000Z","known_ransomware":false,"epss":0.0575,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-0167","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.05729,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-30051","vendor_project":"Microsoft","product":"DWM Core Library","vulnerability_name":" Microsoft DWM Core Library Privilege Escalation Vulnerability","date_added":"2024-05-14T00:00:00.000000Z","due_date":"2024-06-04T00:00:00.000000Z","known_ransomware":true,"epss":0.05687,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-3075","vendor_project":"Google","product":"Chromium Mojo","vulnerability_name":"Google Chromium Mojo Insufficient Data Validation Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":false,"epss":0.0568,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-6693","vendor_project":"Fortinet","product":"FortiOS","vulnerability_name":"Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability","date_added":"2025-06-25T00:00:00.000000Z","due_date":"2025-07-16T00:00:00.000000Z","known_ransomware":true,"epss":0.05663,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-20700","vendor_project":"Cisco","product":"Small Business RV160, RV260, RV340, and RV345 Series Routers","vulnerability_name":"Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.05655,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-42897","vendor_project":"Microsoft","product":"Microsoft","vulnerability_name":"Microsoft Exchange Server Cross-Site Scripting Vulnerability","date_added":"2026-05-15T00:00:00.000000Z","due_date":"2026-05-29T00:00:00.000000Z","known_ransomware":false,"epss":0.0564,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-21823","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Graphic Component Privilege Escalation Vulnerability","date_added":"2023-02-14T00:00:00.000000Z","due_date":"2023-03-07T00:00:00.000000Z","known_ransomware":false,"epss":0.05563,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2010-3035","vendor_project":"Cisco","product":"IOS XR","vulnerability_name":"Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.05562,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-32917","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability","date_added":"2022-09-14T00:00:00.000000Z","due_date":"2022-10-05T00:00:00.000000Z","known_ransomware":false,"epss":0.05557,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-0492","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Improper Authentication Vulnerability","date_added":"2026-06-02T00:00:00.000000Z","due_date":"2026-06-05T00:00:00.000000Z","known_ransomware":false,"epss":0.05528,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-28664","vendor_project":"Arm","product":"Mali Graphics Processing Unit (GPU)","vulnerability_name":"Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.05464,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-10585","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2025-09-23T00:00:00.000000Z","due_date":"2025-10-14T00:00:00.000000Z","known_ransomware":false,"epss":0.05419,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-17087","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.05387,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-12319","vendor_project":"Cisco","product":"IOS XE Software","vulnerability_name":"Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.05367,"cvss_score":5.9,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-20128","vendor_project":"Cisco","product":"Catalyst SD-WAN Manager","vulnerability_name":"Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability","date_added":"2026-04-20T00:00:00.000000Z","due_date":"2026-04-23T00:00:00.000000Z","known_ransomware":false,"epss":0.05269,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-3993","vendor_project":"IBM","product":"InfoSphere BigInsights","vulnerability_name":"IBM InfoSphere BigInsights Invalid Input Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":true,"epss":0.05236,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2019-0863","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.05207,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30900","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability","date_added":"2023-03-30T00:00:00.000000Z","due_date":"2023-04-20T00:00:00.000000Z","known_ransomware":false,"epss":0.05204,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2002-0367","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Escalation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.05188,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2015-6175","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.05169,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2004-1464","vendor_project":"Cisco","product":"IOS","vulnerability_name":"Cisco IOS Denial-of-Service Vulnerability","date_added":"2023-05-19T00:00:00.000000Z","due_date":"2023-06-09T00:00:00.000000Z","known_ransomware":false,"epss":0.05133,"cvss_score":5.9,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-0179","vendor_project":"Cisco","product":"IOS Software","vulnerability_name":"Cisco IOS Software Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.05051,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2018-0180","vendor_project":"Cisco","product":"IOS Software","vulnerability_name":"Cisco IOS Software Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.05051,"cvss_score":6.8,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-5281","vendor_project":"Google","product":"Dawn","vulnerability_name":"Google Dawn Use-After-Free Vulnerability","date_added":"2026-04-01T00:00:00.000000Z","due_date":"2026-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.05036,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-20805","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Information Disclosure Vulnerability","date_added":"2026-01-13T00:00:00.000000Z","due_date":"2026-02-03T00:00:00.000000Z","known_ransomware":false,"epss":0.05028,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-25108","vendor_project":"Soliton Systems K.K","product":"FileZen","vulnerability_name":"Soliton Systems K.K FileZen OS Command Injection Vulnerability","date_added":"2026-02-24T00:00:00.000000Z","due_date":"2026-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.04974,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-21525","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows NULL Pointer Dereference Vulnerability","date_added":"2026-02-10T00:00:00.000000Z","due_date":"2026-03-03T00:00:00.000000Z","known_ransomware":false,"epss":0.04956,"cvss_score":6.2,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-36741","vendor_project":"Trend Micro","product":"Apex One, Apex One as a Service, and Worry-Free Business Security","vulnerability_name":"Trend Micro Multiple Products Improper Input Validation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.04951,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-16256","vendor_project":"SIMalliance","product":"Toolbox Browser","vulnerability_name":"SIMalliance Toolbox Browser Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.04949,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2009-1123","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Improper Input Validation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.04918,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-24200","vendor_project":"Apple","product":"iOS and iPadOS","vulnerability_name":"Apple iOS and iPadOS Incorrect Authorization Vulnerability","date_added":"2025-02-12T00:00:00.000000Z","due_date":"2025-03-05T00:00:00.000000Z","known_ransomware":false,"epss":0.04906,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-13223","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Type Confusion Vulnerability","date_added":"2025-11-19T00:00:00.000000Z","due_date":"2025-12-10T00:00:00.000000Z","known_ransomware":false,"epss":0.04835,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-18988","vendor_project":"TeamViewer","product":"Desktop","vulnerability_name":"TeamViewer Desktop Bypass Remote Login Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.04746,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0161","vendor_project":"Cisco","product":"IOS Software","vulnerability_name":"Cisco IOS Software Resource Management Errors Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.04746,"cvss_score":6.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-41179","vendor_project":"Trend Micro","product":"Apex One and Worry-Free Business Security","vulnerability_name":"Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability","date_added":"2023-09-21T00:00:00.000000Z","due_date":"2023-10-12T00:00:00.000000Z","known_ransomware":false,"epss":0.04739,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-29574","vendor_project":"Sophos","product":"CyberoamOS","vulnerability_name":"CyberoamOS (CROS) SQL Injection Vulnerability","date_added":"2025-02-06T00:00:00.000000Z","due_date":"2025-02-27T00:00:00.000000Z","known_ransomware":false,"epss":0.04729,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-1631","vendor_project":"Juniper","product":"Junos OS","vulnerability_name":"Juniper Junos OS Path Traversal Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.04725,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0543","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.04718,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-23209","vendor_project":"Craft CMS","product":"Craft CMS","vulnerability_name":"Craft CMS Code Injection Vulnerability","date_added":"2025-02-20T00:00:00.000000Z","due_date":"2025-03-13T00:00:00.000000Z","known_ransomware":false,"epss":0.04714,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2012-0518","vendor_project":"Oracle","product":"Fusion Middleware","vulnerability_name":"Oracle Fusion Middleware Unspecified Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.04664,"cvss_score":4.7,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-60710","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Link Following Vulnerability","date_added":"2026-04-13T00:00:00.000000Z","due_date":"2026-04-27T00:00:00.000000Z","known_ransomware":false,"epss":0.04601,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-7287","vendor_project":"Apple","product":"iOS","vulnerability_name":"Apple iOS Memory Corruption Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.04589,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-41991","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Improper Certificate Validation Vulnerability","date_added":"2023-09-25T00:00:00.000000Z","due_date":"2023-10-16T00:00:00.000000Z","known_ransomware":false,"epss":0.04547,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-30661","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Storage Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.04528,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-2856","vendor_project":"Google","product":"Chromium Intents","vulnerability_name":"Google Chromium Intents Insufficient Input Validation Vulnerability","date_added":"2022-08-18T00:00:00.000000Z","due_date":"2022-09-08T00:00:00.000000Z","known_ransomware":false,"epss":0.04493,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-38000","vendor_project":"Google","product":"Chromium Intents","vulnerability_name":"Google Chromium Intents Improper Input Validation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.04485,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-46748","vendor_project":"F5","product":"BIG-IP Configuration Utility","vulnerability_name":"F5 BIG-IP Configuration Utility SQL Injection Vulnerability","date_added":"2023-10-31T00:00:00.000000Z","due_date":"2023-11-21T00:00:00.000000Z","known_ransomware":false,"epss":0.04468,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-1027","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.04447,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-32049","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability","date_added":"2023-07-11T00:00:00.000000Z","due_date":"2023-08-01T00:00:00.000000Z","known_ransomware":false,"epss":0.04401,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-2021","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Authentication Bypass Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":true,"epss":0.04362,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2015-1769","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Mount Manager Privilege Escalation Vulnerability","date_added":"2022-05-25T00:00:00.000000Z","due_date":"2022-06-15T00:00:00.000000Z","known_ransomware":false,"epss":0.04339,"cvss_score":6.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-20045","vendor_project":"Cisco","product":"Unified Communications Manager","vulnerability_name":"Cisco Unified Communications Products Code Injection Vulnerability","date_added":"2026-01-21T00:00:00.000000Z","due_date":"2026-02-11T00:00:00.000000Z","known_ransomware":false,"epss":0.04307,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-26501","vendor_project":"Veeam","product":"Backup \u0026 Replication","vulnerability_name":"Veeam Backup \u0026 Replication Remote Code Execution Vulnerability","date_added":"2022-12-13T00:00:00.000000Z","due_date":"2023-01-03T00:00:00.000000Z","known_ransomware":true,"epss":0.04279,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-20399","vendor_project":"Cisco","product":"NX-OS","vulnerability_name":"Cisco NX-OS Command Injection Vulnerability","date_added":"2024-07-02T00:00:00.000000Z","due_date":"2024-07-23T00:00:00.000000Z","known_ransomware":false,"epss":0.04271,"cvss_score":6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-13671","vendor_project":"Drupal","product":"Drupal core","vulnerability_name":"Drupal core Un-restricted Upload of File","date_added":"2022-01-18T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.04269,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-27915","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability","date_added":"2025-10-07T00:00:00.000000Z","due_date":"2025-10-28T00:00:00.000000Z","known_ransomware":false,"epss":0.04241,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-24201","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability","date_added":"2025-03-13T00:00:00.000000Z","due_date":"2025-04-03T00:00:00.000000Z","known_ransomware":false,"epss":0.0424,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2018-8611","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2022-05-24T00:00:00.000000Z","due_date":"2022-06-14T00:00:00.000000Z","known_ransomware":false,"epss":0.04161,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0859","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.04151,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30869","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS Type Confusion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.0415,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-54313","vendor_project":"Prettier","product":"eslint-config-prettier","vulnerability_name":"Prettier eslint-config-prettier Embedded Malicious Code Vulnerability","date_added":"2026-01-22T00:00:00.000000Z","due_date":"2026-02-12T00:00:00.000000Z","known_ransomware":false,"epss":0.04146,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-55177","vendor_project":"Meta Platforms","product":"WhatsApp","vulnerability_name":"Meta Platforms WhatsApp Incorrect Authorization Vulnerability","date_added":"2025-09-02T00:00:00.000000Z","due_date":"2025-09-23T00:00:00.000000Z","known_ransomware":false,"epss":0.04116,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-38646","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.04044,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-26169","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability","date_added":"2024-06-13T00:00:00.000000Z","due_date":"2024-07-04T00:00:00.000000Z","known_ransomware":true,"epss":0.04014,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-39717","vendor_project":"Versa","product":"Director","vulnerability_name":"Versa Director Dangerous File Type Upload Vulnerability","date_added":"2024-08-23T00:00:00.000000Z","due_date":"2024-09-13T00:00:00.000000Z","known_ransomware":false,"epss":0.04006,"cvss_score":6.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2019-7483","vendor_project":"SonicWall","product":"SMA100","vulnerability_name":"SonicWall SMA100 Directory Traversal Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":false,"epss":0.03977,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-30040","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability","date_added":"2024-05-14T00:00:00.000000Z","due_date":"2024-06-04T00:00:00.000000Z","known_ransomware":false,"epss":0.03939,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-43000","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple products Use-After-Free Vulnerability","date_added":"2026-03-05T00:00:00.000000Z","due_date":"2026-03-26T00:00:00.000000Z","known_ransomware":false,"epss":0.03901,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-20035","vendor_project":"SonicWall","product":"SMA100 Appliances","vulnerability_name":"SonicWall SMA100 Appliances OS Command Injection Vulnerability","date_added":"2025-04-16T00:00:00.000000Z","due_date":"2025-05-07T00:00:00.000000Z","known_ransomware":false,"epss":0.0389,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-2749","vendor_project":"Kentico","product":"Kentico Xperience","vulnerability_name":"Kentico Xperience Path Traversal Vulnerability","date_added":"2026-04-20T00:00:00.000000Z","due_date":"2026-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.03854,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-9537","vendor_project":"ScienceLogic","product":"SL1","vulnerability_name":"ScienceLogic SL1 Unspecified Vulnerability","date_added":"2024-10-21T00:00:00.000000Z","due_date":"2024-11-11T00:00:00.000000Z","known_ransomware":false,"epss":0.03852,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-21533","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Improper Privilege Management Vulnerability","date_added":"2026-02-10T00:00:00.000000Z","due_date":"2026-03-03T00:00:00.000000Z","known_ransomware":false,"epss":0.03846,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-47827","vendor_project":"IGEL","product":"IGEL OS","vulnerability_name":"IGEL OS Use of a Key Past its Expiration Date Vulnerability","date_added":"2025-10-14T00:00:00.000000Z","due_date":"2025-11-04T00:00:00.000000Z","known_ransomware":false,"epss":0.03817,"cvss_score":4.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-0519","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Out-of-Bounds Memory Access Vulnerability","date_added":"2024-01-17T00:00:00.000000Z","due_date":"2024-02-07T00:00:00.000000Z","known_ransomware":false,"epss":0.03769,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-9907","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2022-06-27T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.03738,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-27085","vendor_project":"Microsoft","product":"Internet Explorer","vulnerability_name":"Microsoft Internet Explorer Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.03708,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-24985","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability","date_added":"2025-03-11T00:00:00.000000Z","due_date":"2025-04-01T00:00:00.000000Z","known_ransomware":false,"epss":0.03705,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-3643","vendor_project":"SolarWinds","product":"Virtualization Manager","vulnerability_name":"SolarWinds Virtualization Manager Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.03704,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-0266","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Use-After-Free Vulnerability","date_added":"2023-03-30T00:00:00.000000Z","due_date":"2023-04-20T00:00:00.000000Z","known_ransomware":false,"epss":0.03702,"cvss_score":7.9,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30665","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.03692,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30663","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products WebKit Integer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.0369,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-31010","vendor_project":"Apple","product":"iOS, macOS, watchOS","vulnerability_name":"Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability","date_added":"2022-08-25T00:00:00.000000Z","due_date":"2022-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.03673,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-19321","vendor_project":"GIGABYTE","product":"Multiple Products","vulnerability_name":"GIGABYTE Multiple Products Privilege Escalation Vulnerability","date_added":"2022-10-24T00:00:00.000000Z","due_date":"2022-11-14T00:00:00.000000Z","known_ransomware":true,"epss":0.03671,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-27102","vendor_project":"Accellion","product":"FTA","vulnerability_name":"Accellion FTA OS Command Injection Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.03654,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-3566","vendor_project":"Cisco","product":"IOS XR","vulnerability_name":"Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.03631,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2016-8562","vendor_project":"Siemens","product":"SIMATIC CP","vulnerability_name":"Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.03624,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-19320","vendor_project":"GIGABYTE","product":"Multiple Products","vulnerability_name":"GIGABYTE Multiple Products Unspecified Vulnerability","date_added":"2022-10-24T00:00:00.000000Z","due_date":"2022-11-14T00:00:00.000000Z","known_ransomware":true,"epss":0.03597,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1385","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":true,"epss":0.03595,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0175","vendor_project":"Cisco","product":"IOS, XR, and XE Software","vulnerability_name":"Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.03577,"cvss_score":8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-53197","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Out-of-Bounds Access Vulnerability","date_added":"2025-04-09T00:00:00.000000Z","due_date":"2025-04-30T00:00:00.000000Z","known_ransomware":false,"epss":0.03558,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-45727","vendor_project":"North Grid","product":"Proself","vulnerability_name":"North Grid Proself Improper Restriction of XML External Entity (XXE) Reference Vulnerability","date_added":"2024-12-03T00:00:00.000000Z","due_date":"2024-12-24T00:00:00.000000Z","known_ransomware":false,"epss":0.03542,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1315","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.03478,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-0167","vendor_project":"Cisco","product":"IOS, XR, and XE Software","vulnerability_name":"Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.03449,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-8405","vendor_project":"Microsoft","product":"DirectX Graphics Kernel (DXGKRNL)","vulnerability_name":"Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.03444,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-8406","vendor_project":"Microsoft","product":"DirectX Graphics Kernel (DXGKRNL)","vulnerability_name":"Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability","date_added":"2022-03-28T00:00:00.000000Z","due_date":"2022-04-18T00:00:00.000000Z","known_ransomware":true,"epss":0.03444,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-20953","vendor_project":"Oracle","product":"Agile Product Lifecycle Management (PLM)","vulnerability_name":"Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability","date_added":"2025-02-24T00:00:00.000000Z","due_date":"2025-03-17T00:00:00.000000Z","known_ransomware":false,"epss":0.03405,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-2596","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Integer Overflow Vulnerability","date_added":"2022-09-15T00:00:00.000000Z","due_date":"2022-10-06T00:00:00.000000Z","known_ransomware":false,"epss":0.03373,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-35247","vendor_project":"SolarWinds","product":"Serv-U","vulnerability_name":"SolarWinds Serv-U Improper Input Validation Vulnerability","date_added":"2022-01-21T00:00:00.000000Z","due_date":"2022-02-04T00:00:00.000000Z","known_ransomware":false,"epss":0.03359,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2009-2055","vendor_project":"Cisco","product":"IOS XR","vulnerability_name":"Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.03326,"cvss_score":5.9,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-53104","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Out-of-Bounds Write Vulnerability","date_added":"2025-02-05T00:00:00.000000Z","due_date":"2025-02-26T00:00:00.000000Z","known_ransomware":false,"epss":0.03301,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-3569","vendor_project":"Cisco","product":"IOS XR","vulnerability_name":"Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.03293,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-3935","vendor_project":"ConnectWise","product":"ScreenConnect","vulnerability_name":"ConnectWise ScreenConnect Improper Authentication Vulnerability","date_added":"2025-06-02T00:00:00.000000Z","due_date":"2025-06-23T00:00:00.000000Z","known_ransomware":false,"epss":0.03292,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-32894","vendor_project":"Apple","product":"iOS and macOS","vulnerability_name":"Apple iOS and macOS Out-of-Bounds Write Vulnerability","date_added":"2022-08-18T00:00:00.000000Z","due_date":"2022-09-08T00:00:00.000000Z","known_ransomware":false,"epss":0.03259,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-0041","vendor_project":"Android","product":"Android Kernel","vulnerability_name":"Android Kernel Out-of-Bounds Write Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.03246,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-48503","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Unspecified Vulnerability","date_added":"2025-10-20T00:00:00.000000Z","due_date":"2025-11-10T00:00:00.000000Z","known_ransomware":false,"epss":0.03213,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-9934","vendor_project":"Apple","product":"iOS, iPadOS, and macOS","vulnerability_name":"Apple iOS, iPadOS, and macOS Input Validation Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":false,"epss":0.03208,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-6548","vendor_project":"Citrix","product":"NetScaler ADC and NetScaler Gateway","vulnerability_name":"Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability","date_added":"2024-01-17T00:00:00.000000Z","due_date":"2024-01-24T00:00:00.000000Z","known_ransomware":false,"epss":0.03191,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-27059","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Remote Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.03182,"cvss_score":7.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-8876","vendor_project":"N-able","product":"N-Central","vulnerability_name":"N-able N-Central Command Injection Vulnerability","date_added":"2025-08-13T00:00:00.000000Z","due_date":"2025-08-20T00:00:00.000000Z","known_ransomware":false,"epss":0.03171,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-41061","vendor_project":"Apple","product":"iOS, iPadOS, and watchOS","vulnerability_name":"Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability","date_added":"2023-09-11T00:00:00.000000Z","due_date":"2023-10-02T00:00:00.000000Z","known_ransomware":false,"epss":0.03151,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2011-4723","vendor_project":"D-Link","product":"DIR-300 Router","vulnerability_name":"D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability","date_added":"2022-09-08T00:00:00.000000Z","due_date":"2022-09-29T00:00:00.000000Z","known_ransomware":false,"epss":0.03128,"cvss_score":5.7,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-0001","vendor_project":"Microsoft","product":"Graphics Device Interface (GDI)","vulnerability_name":"Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.03114,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-27562","vendor_project":"Arm","product":"Trusted Firmware","vulnerability_name":"Arm Trusted Firmware Out-of-Bounds Write Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.03093,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-43226","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Escalation Vulnerability","date_added":"2025-10-06T00:00:00.000000Z","due_date":"2025-10-27T00:00:00.000000Z","known_ransomware":false,"epss":0.03072,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-36584","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability","date_added":"2023-11-16T00:00:00.000000Z","due_date":"2023-12-07T00:00:00.000000Z","known_ransomware":false,"epss":0.03055,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-36955","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":true,"epss":0.03054,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-40139","vendor_project":"Trend Micro","product":"Apex One and Apex One as a Service","vulnerability_name":"Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability","date_added":"2022-09-15T00:00:00.000000Z","due_date":"2022-10-06T00:00:00.000000Z","known_ransomware":false,"epss":0.03054,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-66644","vendor_project":"Array Networks ","product":"ArrayOS AG","vulnerability_name":"Array Networks ArrayOS AG OS Command Injection Vulnerability","date_added":"2025-12-08T00:00:00.000000Z","due_date":"2025-12-29T00:00:00.000000Z","known_ransomware":false,"epss":0.03046,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30666","vendor_project":"Apple","product":"iOS","vulnerability_name":"Apple iOS WebKit Buffer Overflow Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.03031,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-8589","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.03023,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-45659","vendor_project":"Microsoft","product":"SharePoint Server","vulnerability_name":"Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability","date_added":"2026-07-01T00:00:00.000000Z","due_date":"2026-07-04T00:00:00.000000Z","known_ransomware":false,"epss":0.03021,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41125","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability","date_added":"2022-11-08T00:00:00.000000Z","due_date":"2022-12-09T00:00:00.000000Z","known_ransomware":false,"epss":0.03021,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-29256","vendor_project":"Arm","product":"Mali Graphics Processing Unit (GPU)","vulnerability_name":"Arm Mali GPU Kernel Driver Use-After-Free Vulnerability","date_added":"2023-07-07T00:00:00.000000Z","due_date":"2023-07-28T00:00:00.000000Z","known_ransomware":false,"epss":0.0302,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-42599","vendor_project":"Qualitia","product":"Active! Mail","vulnerability_name":"Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability","date_added":"2025-04-28T00:00:00.000000Z","due_date":"2025-05-19T00:00:00.000000Z","known_ransomware":false,"epss":0.0302,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-11667","vendor_project":"Zyxel","product":"Multiple Firewalls","vulnerability_name":"Zyxel Multiple Firewalls Path Traversal Vulnerability","date_added":"2024-12-03T00:00:00.000000Z","due_date":"2024-12-24T00:00:00.000000Z","known_ransomware":true,"epss":0.03017,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-32896","vendor_project":"Android","product":"Pixel","vulnerability_name":"Android Pixel Privilege Escalation Vulnerability","date_added":"2024-06-13T00:00:00.000000Z","due_date":"2024-07-04T00:00:00.000000Z","known_ransomware":false,"epss":0.0301,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-24472","vendor_project":"Fortinet","product":"FortiOS and FortiProxy","vulnerability_name":"Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability","date_added":"2025-03-18T00:00:00.000000Z","due_date":"2025-04-08T00:00:00.000000Z","known_ransomware":true,"epss":0.02988,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-6819","vendor_project":"Mozilla","product":"Firefox and Thunderbird","vulnerability_name":"Mozilla Firefox And Thunderbird Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.02978,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-31199","vendor_project":"Microsoft","product":"Enhanced Cryptographic Provider","vulnerability_name":"Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.02954,"cvss_score":5.2,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-21919","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows User Profile Service Privilege Escalation Vulnerability","date_added":"2022-04-25T00:00:00.000000Z","due_date":"2022-05-16T00:00:00.000000Z","known_ransomware":false,"epss":0.0295,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-4344","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2022-06-27T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.02939,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-30983","vendor_project":"Apple","product":"iOS and iPadOS","vulnerability_name":"Apple iOS and iPadOS Buffer Overflow Vulnerability","date_added":"2022-06-27T00:00:00.000000Z","due_date":"2022-07-18T00:00:00.000000Z","known_ransomware":false,"epss":0.02934,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-0638","vendor_project":"Microsoft","product":"Update Notification Manager","vulnerability_name":"Microsoft Update Notification Manager Privilege Escalation Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":true,"epss":0.02928,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-41992","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Kernel Privilege Escalation Vulnerability","date_added":"2023-09-25T00:00:00.000000Z","due_date":"2023-10-16T00:00:00.000000Z","known_ransomware":false,"epss":0.02918,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-25337","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Improper Access Control Vulnerability","date_added":"2022-11-08T00:00:00.000000Z","due_date":"2022-11-29T00:00:00.000000Z","known_ransomware":false,"epss":0.02831,"cvss_score":4.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-16013","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Incorrect Implementation Vulnerabililty","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.02826,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-48384","vendor_project":"Git","product":"Git","vulnerability_name":"Git Link Following Vulnerability","date_added":"2025-08-25T00:00:00.000000Z","due_date":"2025-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.02775,"cvss_score":8.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-16017","vendor_project":"Google","product":"Chrome","vulnerability_name":"Google Chrome Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.02747,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2022-42948","vendor_project":"Fortra","product":"Cobalt Strike","vulnerability_name":"Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability","date_added":"2023-03-30T00:00:00.000000Z","due_date":"2023-04-20T00:00:00.000000Z","known_ransomware":false,"epss":0.02706,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-36971","vendor_project":"Android","product":"Kernel","vulnerability_name":"Android Kernel Remote Code Execution Vulnerability","date_added":"2024-08-07T00:00:00.000000Z","due_date":"2024-08-28T00:00:00.000000Z","known_ransomware":false,"epss":0.02701,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-0878","vendor_project":"Microsoft","product":"Edge and Internet Explorer","vulnerability_name":"Microsoft Edge and Internet Explorer Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":true,"epss":0.02696,"cvss_score":4.2,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-29492","vendor_project":"Novi Survey","product":"Novi Survey","vulnerability_name":"Novi Survey Insecure Deserialization Vulnerability","date_added":"2023-04-13T00:00:00.000000Z","due_date":"2023-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.0269,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-61932","vendor_project":"Motex","product":"LANSCOPE Endpoint Manager","vulnerability_name":"Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability","date_added":"2025-10-22T00:00:00.000000Z","due_date":"2025-11-12T00:00:00.000000Z","known_ransomware":false,"epss":0.02689,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2024-38226","vendor_project":"Microsoft","product":"Publisher","vulnerability_name":"Microsoft Publisher Protection Mechanism Failure Vulnerability","date_added":"2024-09-10T00:00:00.000000Z","due_date":"2024-10-01T00:00:00.000000Z","known_ransomware":false,"epss":0.02667,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-24557","vendor_project":"Trend Micro","product":"Apex One, OfficeScan, and Worry-Free Business Security","vulnerability_name":"Trend Micro Multiple Products Improper Access Control Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.02639,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-6223","vendor_project":"Apple","product":"iOS and macOS","vulnerability_name":"Apple iOS and macOS Group Facetime Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.02629,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-31201","vendor_project":"Microsoft","product":"Enhanced Cryptographic Provider","vulnerability_name":"Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.02617,"cvss_score":5.2,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-59230","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Improper Access Control Vulnerability","date_added":"2025-10-14T00:00:00.000000Z","due_date":"2025-11-04T00:00:00.000000Z","known_ransomware":false,"epss":0.02615,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-31979","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Kernel Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.02612,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-21492","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability","date_added":"2023-05-19T00:00:00.000000Z","due_date":"2023-06-09T00:00:00.000000Z","known_ransomware":false,"epss":0.02554,"cvss_score":4.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-41049","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability","date_added":"2022-11-14T00:00:00.000000Z","due_date":"2022-12-09T00:00:00.000000Z","known_ransomware":false,"epss":0.02482,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-34908","vendor_project":"Ubiquiti","product":"UniFi OS","vulnerability_name":"Ubiquiti UniFi OS Improper Access Control Vulnerability","date_added":"2026-06-23T00:00:00.000000Z","due_date":"2026-06-26T00:00:00.000000Z","known_ransomware":false,"epss":0.02452,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-21519","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Type Confusion Vulnerability","date_added":"2026-02-10T00:00:00.000000Z","due_date":"2026-03-03T00:00:00.000000Z","known_ransomware":false,"epss":0.0242,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-32975","vendor_project":"Quest","product":"KACE Systems Management Appliance (SMA)","vulnerability_name":"Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability","date_added":"2026-04-20T00:00:00.000000Z","due_date":"2026-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.02417,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-0880","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Escalation Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.02404,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41073","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Print Spooler Privilege Escalation Vulnerability","date_added":"2022-11-08T00:00:00.000000Z","due_date":"2022-12-09T00:00:00.000000Z","known_ransomware":true,"epss":0.02389,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-26486","vendor_project":"Mozilla","product":"Firefox","vulnerability_name":"Mozilla Firefox Use-After-Free Vulnerability","date_added":"2022-03-07T00:00:00.000000Z","due_date":"2022-03-21T00:00:00.000000Z","known_ransomware":false,"epss":0.02349,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-20109","vendor_project":"Cisco","product":"IOS and IOS XE","vulnerability_name":"Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability","date_added":"2023-10-10T00:00:00.000000Z","due_date":"2023-10-31T00:00:00.000000Z","known_ransomware":false,"epss":0.02344,"cvss_score":6.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-62221","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Use After Free Vulnerability","date_added":"2025-12-09T00:00:00.000000Z","due_date":"2025-12-30T00:00:00.000000Z","known_ransomware":false,"epss":0.02342,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-45321","vendor_project":"TanStack","product":"TanStack","vulnerability_name":"TanStack Unspecified Vulnerability","date_added":"2026-05-27T00:00:00.000000Z","due_date":"2026-06-10T00:00:00.000000Z","known_ransomware":true,"epss":0.02342,"cvss_score":9.6,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-30154","vendor_project":"reviewdog","product":"action-setup GitHub Action","vulnerability_name":"reviewdog\/action-setup GitHub Action Embedded Malicious Code Vulnerability","date_added":"2025-03-24T00:00:00.000000Z","due_date":"2025-04-14T00:00:00.000000Z","known_ransomware":false,"epss":0.02296,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-9818","vendor_project":"Apple","product":"iOS, iPadOS, and watchOS","vulnerability_name":"Apple iOS, iPadOS, and watchOS Out-of-Bounds Write Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.02286,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1130","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":true,"epss":0.02284,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-34909","vendor_project":"Ubiquiti","product":"UniFi OS","vulnerability_name":"Ubiquiti UniFi OS Path Traversal Vulnerability","date_added":"2026-06-23T00:00:00.000000Z","due_date":"2026-06-26T00:00:00.000000Z","known_ransomware":false,"epss":0.02269,"cvss_score":10,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-53521","vendor_project":"F5","product":"BIG-IP","vulnerability_name":"F5 BIG-IP Stack-Based Buffer Overflow Vulnerability","date_added":"2026-03-27T00:00:00.000000Z","due_date":"2026-03-30T00:00:00.000000Z","known_ransomware":false,"epss":0.02246,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-1782","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Race Condition Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.02222,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-35674","vendor_project":"Android","product":"Framework","vulnerability_name":"Android Framework Privilege Escalation Vulnerability","date_added":"2023-09-13T00:00:00.000000Z","due_date":"2023-10-04T00:00:00.000000Z","known_ransomware":false,"epss":0.02203,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-9819","vendor_project":"Apple","product":"iOS, iPadOS, and watchOS","vulnerability_name":"Apple iOS, iPadOS, and watchOS Memory Corruption Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.02178,"cvss_score":4.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2017-12232","vendor_project":"Cisco","product":"IOS software","vulnerability_name":"Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.02171,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-21391","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Storage Link Following Vulnerability","date_added":"2025-02-11T00:00:00.000000Z","due_date":"2025-03-04T00:00:00.000000Z","known_ransomware":false,"epss":0.02143,"cvss_score":7.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-6663","vendor_project":"Cisco","product":"IOS and IOS XE Software","vulnerability_name":"Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.02135,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-24993","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability","date_added":"2025-03-11T00:00:00.000000Z","due_date":"2025-04-01T00:00:00.000000Z","known_ransomware":false,"epss":0.02092,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-6448","vendor_project":"Unitronics","product":"Vision PLC and HMI","vulnerability_name":"Unitronics Vision PLC and HMI Insecure Default Password Vulnerability","date_added":"2023-12-11T00:00:00.000000Z","due_date":"2023-12-18T00:00:00.000000Z","known_ransomware":false,"epss":0.02089,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-32706","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability","date_added":"2025-05-13T00:00:00.000000Z","due_date":"2025-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.02059,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-0028","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability","date_added":"2022-08-22T00:00:00.000000Z","due_date":"2022-09-12T00:00:00.000000Z","known_ransomware":false,"epss":0.02041,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2017-12238","vendor_project":"Cisco","product":"Catalyst 6800 Series Switches","vulnerability_name":"Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability","date_added":"2022-03-03T00:00:00.000000Z","due_date":"2022-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.02034,"cvss_score":6.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-3910","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability","date_added":"2026-03-13T00:00:00.000000Z","due_date":"2026-03-27T00:00:00.000000Z","known_ransomware":false,"epss":0.02,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41091","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability","date_added":"2022-11-08T00:00:00.000000Z","due_date":"2022-12-09T00:00:00.000000Z","known_ransomware":true,"epss":0.01986,"cvss_score":5.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-2506","vendor_project":"QNAP Systems","product":"Helpdesk","vulnerability_name":"QNAP Helpdesk Improper Access Control Vulnerability","date_added":"2022-03-25T00:00:00.000000Z","due_date":"2022-04-15T00:00:00.000000Z","known_ransomware":false,"epss":0.01982,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-40450","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-04-25T00:00:00.000000Z","due_date":"2022-05-16T00:00:00.000000Z","known_ransomware":false,"epss":0.01968,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-41357","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2022-04-25T00:00:00.000000Z","due_date":"2022-05-16T00:00:00.000000Z","known_ransomware":false,"epss":0.01968,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-3928","vendor_project":"Commvault","product":"Web Server","vulnerability_name":"Commvault Web Server Unspecified Vulnerability","date_added":"2025-04-28T00:00:00.000000Z","due_date":"2025-05-19T00:00:00.000000Z","known_ransomware":false,"epss":0.01932,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-59689","vendor_project":"Libraesva","product":"Email Security Gateway","vulnerability_name":"Libraesva Email Security Gateway Command Injection Vulnerability","date_added":"2025-09-29T00:00:00.000000Z","due_date":"2025-10-20T00:00:00.000000Z","known_ransomware":false,"epss":0.01929,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-40602","vendor_project":"SonicWall","product":"SMA1000 appliance","vulnerability_name":"SonicWall SMA1000 Missing Authorization Vulnerability","date_added":"2025-12-17T00:00:00.000000Z","due_date":"2025-12-24T00:00:00.000000Z","known_ransomware":false,"epss":0.0191,"cvss_score":6.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-38649","vendor_project":"Microsoft","product":"Open Management Infrastructure (OMI)","vulnerability_name":"Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.01896,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-0797","vendor_project":"Microsoft","product":"Win32k","vulnerability_name":"Microsoft Win32k Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.0189,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2018-19322","vendor_project":"GIGABYTE","product":"Multiple Products","vulnerability_name":"GIGABYTE Multiple Products Code Execution Vulnerability","date_added":"2022-10-24T00:00:00.000000Z","due_date":"2022-11-14T00:00:00.000000Z","known_ransomware":true,"epss":0.01872,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-28229","vendor_project":"Microsoft","product":"Windows CNG Key Isolation Service","vulnerability_name":"Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability","date_added":"2023-10-04T00:00:00.000000Z","due_date":"2023-10-25T00:00:00.000000Z","known_ransomware":false,"epss":0.01872,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-0111","vendor_project":"Palo Alto Networks","product":"PAN-OS","vulnerability_name":"Palo Alto Networks PAN-OS File Read Vulnerability","date_added":"2025-02-20T00:00:00.000000Z","due_date":"2025-03-13T00:00:00.000000Z","known_ransomware":false,"epss":0.01862,"cvss_score":7.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-24991","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability","date_added":"2025-03-11T00:00:00.000000Z","due_date":"2025-04-01T00:00:00.000000Z","known_ransomware":false,"epss":0.01852,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-48027","vendor_project":"Nx","product":"Nx Console","vulnerability_name":"Nx Console Embedded Malicious Code Vulnerability","date_added":"2026-05-27T00:00:00.000000Z","due_date":"2026-06-10T00:00:00.000000Z","known_ransomware":true,"epss":0.0185,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2025-24984","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows NTFS Information Disclosure Vulnerability","date_added":"2025-03-11T00:00:00.000000Z","due_date":"2025-04-01T00:00:00.000000Z","known_ransomware":false,"epss":0.01831,"cvss_score":4.6,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-27920","vendor_project":"Srimax","product":"Output Messenger","vulnerability_name":"Srimax Output Messenger Directory Traversal Vulnerability","date_added":"2025-05-19T00:00:00.000000Z","due_date":"2025-06-09T00:00:00.000000Z","known_ransomware":false,"epss":0.01812,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-7694","vendor_project":"TeamT5","product":"ThreatSonar Anti-Ransomware","vulnerability_name":"TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability","date_added":"2026-02-17T00:00:00.000000Z","due_date":"2026-03-10T00:00:00.000000Z","known_ransomware":false,"epss":0.01807,"cvss_score":7.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-38645","vendor_project":"Microsoft","product":"Open Management Infrastructure (OMI)","vulnerability_name":"Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.01792,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1129","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability","date_added":"2022-03-15T00:00:00.000000Z","due_date":"2022-04-05T00:00:00.000000Z","known_ransomware":true,"epss":0.01782,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-41033","vendor_project":"Microsoft","product":"Windows COM+ Event System Service","vulnerability_name":"Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability","date_added":"2022-10-11T00:00:00.000000Z","due_date":"2022-11-01T00:00:00.000000Z","known_ransomware":false,"epss":0.01777,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-7262","vendor_project":"Kingsoft","product":"WPS Office","vulnerability_name":"Kingsoft WPS Office Path Traversal Vulnerability","date_added":"2024-09-03T00:00:00.000000Z","due_date":"2024-09-24T00:00:00.000000Z","known_ransomware":false,"epss":0.01773,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2020-11261","vendor_project":"Qualcomm","product":"Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables","vulnerability_name":"Qualcomm Multiple Chipsets Improper Input Validation Vulnerability","date_added":"2021-12-01T00:00:00.000000Z","due_date":"2022-06-01T00:00:00.000000Z","known_ransomware":false,"epss":0.01772,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-30400","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows DWM Core Library Use-After-Free Vulnerability","date_added":"2025-05-13T00:00:00.000000Z","due_date":"2025-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.01763,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-48700","vendor_project":"Synacor","product":"Zimbra Collaboration Suite (ZCS)","vulnerability_name":"Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability","date_added":"2026-04-20T00:00:00.000000Z","due_date":"2026-04-23T00:00:00.000000Z","known_ransomware":false,"epss":0.01761,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-48595","vendor_project":"Android","product":"Framework","vulnerability_name":"Android Framework Integer Overflow Vulnerability","date_added":"2026-06-02T00:00:00.000000Z","due_date":"2026-06-05T00:00:00.000000Z","known_ransomware":false,"epss":0.01714,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-22226","vendor_project":"VMware","product":"ESXi, Workstation, and Fusion","vulnerability_name":"VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability","date_added":"2025-03-04T00:00:00.000000Z","due_date":"2025-03-25T00:00:00.000000Z","known_ransomware":false,"epss":0.01676,"cvss_score":7.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-24989","vendor_project":"Microsoft","product":"Power Pages","vulnerability_name":"Microsoft Power Pages Improper Access Control Vulnerability","date_added":"2025-02-21T00:00:00.000000Z","due_date":"2025-03-14T00:00:00.000000Z","known_ransomware":false,"epss":0.01659,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-32709","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability","date_added":"2025-05-13T00:00:00.000000Z","due_date":"2025-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.01658,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-21590","vendor_project":"Juniper","product":"Junos OS","vulnerability_name":"Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability","date_added":"2025-03-13T00:00:00.000000Z","due_date":"2025-04-03T00:00:00.000000Z","known_ransomware":false,"epss":0.01657,"cvss_score":6.7,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-11645","vendor_project":"Google","product":"Chromium V8","vulnerability_name":"Google Chromium V8 Out-of-Bounds Read and Write Vulnerability","date_added":"2026-06-09T00:00:00.000000Z","due_date":"2026-06-23T00:00:00.000000Z","known_ransomware":false,"epss":0.01654,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-38107","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability","date_added":"2024-08-13T00:00:00.000000Z","due_date":"2024-09-03T00:00:00.000000Z","known_ransomware":false,"epss":0.01635,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-3909","vendor_project":"Google","product":"Skia","vulnerability_name":"Google Skia Out-of-Bounds Write Vulnerability","date_added":"2026-03-13T00:00:00.000000Z","due_date":"2026-03-27T00:00:00.000000Z","known_ransomware":false,"epss":0.01629,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-8875","vendor_project":"N-able","product":"N-Central","vulnerability_name":"N-able N-Central Insecure Deserialization Vulnerability","date_added":"2025-08-13T00:00:00.000000Z","due_date":"2025-08-20T00:00:00.000000Z","known_ransomware":false,"epss":0.01582,"cvss_score":9.4,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2019-8720","vendor_project":"WebKitGTK","product":"WebKitGTK","vulnerability_name":"WebKitGTK Memory Corruption Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.01556,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-21334","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability","date_added":"2025-01-14T00:00:00.000000Z","due_date":"2025-02-04T00:00:00.000000Z","known_ransomware":false,"epss":0.0153,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-22224","vendor_project":"VMware","product":"ESXi and Workstation","vulnerability_name":"VMware ESXi and Workstation TOCTOU Race Condition Vulnerability","date_added":"2025-03-04T00:00:00.000000Z","due_date":"2025-03-25T00:00:00.000000Z","known_ransomware":false,"epss":0.01524,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-21514","vendor_project":"Microsoft","product":"Office","vulnerability_name":"Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability","date_added":"2026-02-10T00:00:00.000000Z","due_date":"2026-03-03T00:00:00.000000Z","known_ransomware":false,"epss":0.01517,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2013-2597","vendor_project":"Code Aurora","product":"ACDB Audio Driver","vulnerability_name":"Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability","date_added":"2022-09-15T00:00:00.000000Z","due_date":"2022-10-06T00:00:00.000000Z","known_ransomware":false,"epss":0.01516,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-21287","vendor_project":"Oracle","product":"Agile Product Lifecycle Management (PLM)","vulnerability_name":"Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability","date_added":"2024-11-21T00:00:00.000000Z","due_date":"2024-12-12T00:00:00.000000Z","known_ransomware":false,"epss":0.01496,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-36742","vendor_project":"Trend Micro","product":"Apex One, Apex One as a Service, and Worry-Free Business Security","vulnerability_name":"Trend Micro Multiple Products Improper Input Validation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.01482,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-23225","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2024-03-06T00:00:00.000000Z","due_date":"2024-03-27T00:00:00.000000Z","known_ransomware":false,"epss":0.01481,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-31277","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Buffer Overflow Vulnerability","date_added":"2026-03-20T00:00:00.000000Z","due_date":"2026-04-03T00:00:00.000000Z","known_ransomware":false,"epss":0.01481,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-39891","vendor_project":"Twilio","product":"Authy","vulnerability_name":"Twilio Authy Information Disclosure Vulnerability","date_added":"2024-07-23T00:00:00.000000Z","due_date":"2024-08-13T00:00:00.000000Z","known_ransomware":false,"epss":0.01477,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-21418","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability","date_added":"2025-02-11T00:00:00.000000Z","due_date":"2025-03-04T00:00:00.000000Z","known_ransomware":false,"epss":0.01459,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-8398","vendor_project":"Daemon","product":"Daemon Tools Lite","vulnerability_name":"Daemon Tools Lite Embedded Malicious Code Vulnerability","date_added":"2026-05-27T00:00:00.000000Z","due_date":"2026-05-30T00:00:00.000000Z","known_ransomware":false,"epss":0.01456,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-20963","vendor_project":"Android","product":"Framework","vulnerability_name":"Android Framework Privilege Escalation Vulnerability","date_added":"2023-04-13T00:00:00.000000Z","due_date":"2023-05-04T00:00:00.000000Z","known_ransomware":false,"epss":0.01445,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-21043","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Out-of-Bounds Write Vulnerability","date_added":"2025-10-02T00:00:00.000000Z","due_date":"2025-10-23T00:00:00.000000Z","known_ransomware":false,"epss":0.01435,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-26083","vendor_project":"Arm","product":"Mali Graphics Processing Unit (GPU)","vulnerability_name":"Arm Mali GPU Kernel Driver Information Disclosure Vulnerability","date_added":"2023-04-07T00:00:00.000000Z","due_date":"2023-04-28T00:00:00.000000Z","known_ransomware":false,"epss":0.01417,"cvss_score":3.3,"cvss_severity":"LOW"},{"cve_id":"CVE-2024-23296","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2024-03-06T00:00:00.000000Z","due_date":"2024-03-27T00:00:00.000000Z","known_ransomware":false,"epss":0.01411,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-41974","vendor_project":"Apple","product":"iOS and iPadOS","vulnerability_name":"Apple iOS and iPadOS Use-After-Free Vulnerability","date_added":"2026-03-05T00:00:00.000000Z","due_date":"2026-03-26T00:00:00.000000Z","known_ransomware":false,"epss":0.0141,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-8068","vendor_project":"Citrix","product":"Session Recording","vulnerability_name":"Citrix Session Recording Improper Privilege Management Vulnerability","date_added":"2025-08-25T00:00:00.000000Z","due_date":"2025-09-15T00:00:00.000000Z","known_ransomware":false,"epss":0.01399,"cvss_score":5.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-21335","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability","date_added":"2025-01-14T00:00:00.000000Z","due_date":"2025-02-04T00:00:00.000000Z","known_ransomware":false,"epss":0.01363,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-4211","vendor_project":"Arm","product":"Mali GPU Kernel Driver","vulnerability_name":"Arm Mali GPU Kernel Driver Use-After-Free Vulnerability","date_added":"2023-10-03T00:00:00.000000Z","due_date":"2023-10-24T00:00:00.000000Z","known_ransomware":false,"epss":0.01361,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-38352","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability","date_added":"2025-09-04T00:00:00.000000Z","due_date":"2025-09-25T00:00:00.000000Z","known_ransomware":false,"epss":0.01345,"cvss_score":7.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-49035","vendor_project":"Microsoft","product":"Partner Center","vulnerability_name":"Microsoft Partner Center Improper Access Control Vulnerability","date_added":"2025-02-25T00:00:00.000000Z","due_date":"2025-03-18T00:00:00.000000Z","known_ransomware":false,"epss":0.01339,"cvss_score":8.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-53150","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Out-of-Bounds Read Vulnerability","date_added":"2025-04-09T00:00:00.000000Z","due_date":"2025-04-30T00:00:00.000000Z","known_ransomware":false,"epss":0.01325,"cvss_score":7.1,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-1214","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.01324,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-20700","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Buffer Overflow Vulnerability","date_added":"2026-02-12T00:00:00.000000Z","due_date":"2026-03-05T00:00:00.000000Z","known_ransomware":false,"epss":0.01319,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2020-0069","vendor_project":"MediaTek","product":"Multiple Chipsets","vulnerability_name":"Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.01299,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-32701","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability","date_added":"2025-05-13T00:00:00.000000Z","due_date":"2025-06-03T00:00:00.000000Z","known_ransomware":false,"epss":0.01291,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-15556","vendor_project":"Notepad++","product":"Notepad++","vulnerability_name":"Notepad++ Download of Code Without Integrity Check Vulnerability","date_added":"2026-02-12T00:00:00.000000Z","due_date":"2026-03-05T00:00:00.000000Z","known_ransomware":false,"epss":0.01268,"cvss_score":7.7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-24983","vendor_project":"Microsoft","product":"Windows","vulnerability_name":"Microsoft Windows Win32k Use-After-Free Vulnerability","date_added":"2025-03-11T00:00:00.000000Z","due_date":"2025-04-01T00:00:00.000000Z","known_ransomware":false,"epss":0.01267,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-54420","vendor_project":"LiteSpeed","product":"cPanel Plugin","vulnerability_name":"LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability","date_added":"2026-06-15T00:00:00.000000Z","due_date":"2026-06-18T00:00:00.000000Z","known_ransomware":false,"epss":0.01261,"cvss_score":8.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-22706","vendor_project":"Arm","product":"Mali Graphics Processing Unit (GPU)","vulnerability_name":"Arm Mali GPU Kernel Driver Unspecified Vulnerability","date_added":"2023-03-30T00:00:00.000000Z","due_date":"2023-04-20T00:00:00.000000Z","known_ransomware":false,"epss":0.01216,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2026-48558","vendor_project":"SimpleHelp ","product":"SimpleHelp","vulnerability_name":"SimpleHelp Authentication Bypass Vulnerability","date_added":"2026-06-29T00:00:00.000000Z","due_date":"2026-07-02T00:00:00.000000Z","known_ransomware":false,"epss":0.0116,"cvss_score":9.5,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-1905","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Use-After-Free Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.0115,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-41990","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Code Execution Vulnerability","date_added":"2024-01-08T00:00:00.000000Z","due_date":"2024-01-29T00:00:00.000000Z","known_ransomware":false,"epss":0.01145,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-42827","vendor_project":"Apple","product":"iOS and iPadOS","vulnerability_name":"Apple iOS and iPadOS Out-of-Bounds Write Vulnerability","date_added":"2022-10-25T00:00:00.000000Z","due_date":"2022-11-15T00:00:00.000000Z","known_ransomware":false,"epss":0.01136,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2022-22674","vendor_project":"Apple","product":"macOS","vulnerability_name":"Apple macOS Out-of-Bounds Read Vulnerability","date_added":"2022-04-04T00:00:00.000000Z","due_date":"2022-04-25T00:00:00.000000Z","known_ransomware":false,"epss":0.01132,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-67038","vendor_project":"Lantronix","product":"EDS5000","vulnerability_name":"Lantronix EDS5000 Code Injection Vulnerability","date_added":"2026-06-23T00:00:00.000000Z","due_date":"2026-06-26T00:00:00.000000Z","known_ransomware":false,"epss":0.01131,"cvss_score":9.8,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2021-25369","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Improper Access Control Vulnerability","date_added":"2022-11-08T00:00:00.000000Z","due_date":"2022-11-29T00:00:00.000000Z","known_ransomware":false,"epss":0.01121,"cvss_score":6.2,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-35939","vendor_project":"Craft CMS","product":"Craft CMS","vulnerability_name":"Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability","date_added":"2025-06-02T00:00:00.000000Z","due_date":"2025-06-23T00:00:00.000000Z","known_ransomware":false,"epss":0.01119,"cvss_score":6.9,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-12569","vendor_project":"PTC","product":"Windchill and FlexPLM","vulnerability_name":"PTC Windchill and FlexPLM Improper Input Validation Vulnerability","date_added":"2026-06-25T00:00:00.000000Z","due_date":"2026-06-28T00:00:00.000000Z","known_ransomware":false,"epss":0.01106,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2023-36851","vendor_project":"Juniper","product":"Junos OS","vulnerability_name":"Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability","date_added":"2023-11-13T00:00:00.000000Z","due_date":"2023-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.011,"cvss_score":5.3,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-59374","vendor_project":"ASUS","product":"Live Update","vulnerability_name":"ASUS Live Update Embedded Malicious Code Vulnerability","date_added":"2025-12-17T00:00:00.000000Z","due_date":"2026-01-07T00:00:00.000000Z","known_ransomware":false,"epss":0.01084,"cvss_score":9.3,"cvss_severity":"CRITICAL"},{"cve_id":"CVE-2026-21385","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Memory Corruption Vulnerability","date_added":"2026-03-03T00:00:00.000000Z","due_date":"2026-03-24T00:00:00.000000Z","known_ransomware":false,"epss":0.01068,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-1048","vendor_project":"Android","product":"Kernel","vulnerability_name":"Android Kernel Use-After-Free Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.01047,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-23874","vendor_project":"McAfee","product":"McAfee Total Protection (MTP)","vulnerability_name":"McAfee Total Protection (MTP) Improper Privilege Management Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.01026,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-43200","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Unspecified Vulnerability","date_added":"2025-06-16T00:00:00.000000Z","due_date":"2025-07-07T00:00:00.000000Z","known_ransomware":false,"epss":0.01009,"cvss_score":4.2,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2023-38606","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Kernel Unspecified Vulnerability","date_added":"2023-07-26T00:00:00.000000Z","due_date":"2023-08-16T00:00:00.000000Z","known_ransomware":false,"epss":0.01002,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-22225","vendor_project":"VMware","product":"ESXi","vulnerability_name":"VMware ESXi Arbitrary Write Vulnerability","date_added":"2025-03-04T00:00:00.000000Z","due_date":"2025-03-25T00:00:00.000000Z","known_ransomware":true,"epss":0.00963,"cvss_score":8.2,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-42824","vendor_project":"Apple","product":"iOS and iPadOS","vulnerability_name":"Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability","date_added":"2023-10-05T00:00:00.000000Z","due_date":"2023-10-26T00:00:00.000000Z","known_ransomware":false,"epss":0.00943,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-33107","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Integer Overflow Vulnerability","date_added":"2023-12-05T00:00:00.000000Z","due_date":"2023-12-26T00:00:00.000000Z","known_ransomware":false,"epss":0.00892,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-25370","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Memory Corruption Vulnerability","date_added":"2022-11-08T00:00:00.000000Z","due_date":"2022-11-29T00:00:00.000000Z","known_ransomware":false,"epss":0.0089,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-44168","vendor_project":"Fortinet","product":"FortiOS","vulnerability_name":"Fortinet FortiOS Arbitrary File Download","date_added":"2021-12-10T00:00:00.000000Z","due_date":"2021-12-24T00:00:00.000000Z","known_ransomware":false,"epss":0.00873,"cvss_score":3.3,"cvss_severity":"LOW"},{"cve_id":"CVE-2023-33106","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability","date_added":"2023-12-05T00:00:00.000000Z","due_date":"2023-12-26T00:00:00.000000Z","known_ransomware":false,"epss":0.00854,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-25372","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Improper Boundary Check Vulnerability","date_added":"2023-06-29T00:00:00.000000Z","due_date":"2023-07-20T00:00:00.000000Z","known_ransomware":false,"epss":0.00852,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-25371","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Unspecified Vulnerability","date_added":"2023-06-29T00:00:00.000000Z","due_date":"2023-07-20T00:00:00.000000Z","known_ransomware":false,"epss":0.00842,"cvss_score":6.1,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2026-7473","vendor_project":"Arista","product":"Extensible Operating System","vulnerability_name":"Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability","date_added":"2026-06-09T00:00:00.000000Z","due_date":"2026-06-23T00:00:00.000000Z","known_ransomware":false,"epss":0.00836,"cvss_score":6.9,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2020-9859","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Code Execution Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2022-05-03T00:00:00.000000Z","known_ransomware":false,"epss":0.00829,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-0920","vendor_project":"Android","product":"Kernel","vulnerability_name":"Android Kernel Race Condition Vulnerability","date_added":"2022-05-23T00:00:00.000000Z","due_date":"2022-06-13T00:00:00.000000Z","known_ransomware":false,"epss":0.00811,"cvss_score":6.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2024-50302","vendor_project":"Linux","product":"Kernel","vulnerability_name":"Linux Kernel Use of Uninitialized Resource Vulnerability","date_added":"2025-03-04T00:00:00.000000Z","due_date":"2025-03-25T00:00:00.000000Z","known_ransomware":false,"epss":0.00809,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-27038","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Use-After-Free Vulnerability","date_added":"2025-06-03T00:00:00.000000Z","due_date":"2025-06-24T00:00:00.000000Z","known_ransomware":false,"epss":0.00802,"cvss_score":7.5,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-4610","vendor_project":"Arm","product":"Mali GPU Kernel Driver","vulnerability_name":"Arm Mali GPU Kernel Driver Use-After-Free Vulnerability","date_added":"2024-06-12T00:00:00.000000Z","due_date":"2024-07-03T00:00:00.000000Z","known_ransomware":false,"epss":0.00758,"cvss_score":7.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-1976","vendor_project":"Broadcom","product":"Brocade Fabric OS","vulnerability_name":"Broadcom Brocade Fabric OS Code Injection Vulnerability","date_added":"2025-04-28T00:00:00.000000Z","due_date":"2025-05-19T00:00:00.000000Z","known_ransomware":false,"epss":0.00736,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-39793","vendor_project":"Google","product":"Pixel","vulnerability_name":"Google Pixel Out-of-Bounds Write Vulnerability","date_added":"2022-04-11T00:00:00.000000Z","due_date":"2022-05-02T00:00:00.000000Z","known_ransomware":false,"epss":0.00726,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-43093","vendor_project":"Android","product":"Framework","vulnerability_name":"Android Framework Privilege Escalation Vulnerability","date_added":"2024-11-07T00:00:00.000000Z","due_date":"2024-11-28T00:00:00.000000Z","known_ransomware":false,"epss":0.00714,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2019-8526","vendor_project":"Apple","product":"macOS","vulnerability_name":"Apple macOS Use-After-Free Vulnerability","date_added":"2023-04-17T00:00:00.000000Z","due_date":"2023-05-08T00:00:00.000000Z","known_ransomware":false,"epss":0.00701,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-33063","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Use-After-Free Vulnerability","date_added":"2023-12-05T00:00:00.000000Z","due_date":"2023-12-26T00:00:00.000000Z","known_ransomware":false,"epss":0.007,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-29748","vendor_project":"Android","product":"Pixel","vulnerability_name":"Android Pixel Privilege Escalation Vulnerability","date_added":"2024-04-04T00:00:00.000000Z","due_date":"2024-04-25T00:00:00.000000Z","known_ransomware":false,"epss":0.0068,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-43047","vendor_project":"Qualcomm","product":"Multiple Chipsets ","vulnerability_name":"Qualcomm Multiple Chipsets Use-After-Free Vulnerability","date_added":"2024-10-08T00:00:00.000000Z","due_date":"2024-10-29T00:00:00.000000Z","known_ransomware":false,"epss":0.00673,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-21479","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability","date_added":"2025-06-03T00:00:00.000000Z","due_date":"2025-06-24T00:00:00.000000Z","known_ransomware":false,"epss":0.00665,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-25487","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Out-of-Bounds Read Vulnerability","date_added":"2023-06-29T00:00:00.000000Z","due_date":"2023-07-20T00:00:00.000000Z","known_ransomware":false,"epss":0.0062,"cvss_score":7.3,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-48543","vendor_project":"Android","product":"Runtime","vulnerability_name":"Android Runtime Use-After-Free Vulnerability","date_added":"2025-09-04T00:00:00.000000Z","due_date":"2025-09-25T00:00:00.000000Z","known_ransomware":false,"epss":0.00545,"cvss_score":8.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-1906","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability","date_added":"2021-11-03T00:00:00.000000Z","due_date":"2021-11-17T00:00:00.000000Z","known_ransomware":false,"epss":0.0052,"cvss_score":6.2,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-25489","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Improper Input Validation Vulnerability","date_added":"2023-06-29T00:00:00.000000Z","due_date":"2023-07-20T00:00:00.000000Z","known_ransomware":false,"epss":0.00518,"cvss_score":3.3,"cvss_severity":"LOW"},{"cve_id":"CVE-2022-48618","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Memory Corruption Vulnerability","date_added":"2024-01-31T00:00:00.000000Z","due_date":"2024-02-21T00:00:00.000000Z","known_ransomware":false,"epss":0.00487,"cvss_score":7,"cvss_severity":"HIGH"},{"cve_id":"CVE-2024-29745","vendor_project":"Android","product":"Pixel","vulnerability_name":"Android Pixel Information Disclosure Vulnerability","date_added":"2024-04-04T00:00:00.000000Z","due_date":"2024-04-25T00:00:00.000000Z","known_ransomware":false,"epss":0.00482,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2022-22071","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Use-After-Free Vulnerability","date_added":"2023-12-05T00:00:00.000000Z","due_date":"2023-12-26T00:00:00.000000Z","known_ransomware":false,"epss":0.0045,"cvss_score":8.4,"cvss_severity":"HIGH"},{"cve_id":"CVE-2021-25394","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Race Condition Vulnerability","date_added":"2023-06-29T00:00:00.000000Z","due_date":"2023-07-20T00:00:00.000000Z","known_ransomware":false,"epss":0.00422,"cvss_score":6.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-43520","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Classic Buffer Overflow Vulnerability","date_added":"2026-03-20T00:00:00.000000Z","due_date":"2026-04-03T00:00:00.000000Z","known_ransomware":false,"epss":0.00401,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-47729","vendor_project":"TeleMessage","product":"TM SGNL","vulnerability_name":"TeleMessage TM SGNL Hidden Functionality Vulnerability","date_added":"2025-05-12T00:00:00.000000Z","due_date":"2025-06-02T00:00:00.000000Z","known_ransomware":false,"epss":0.00394,"cvss_score":1.9,"cvss_severity":"LOW"},{"cve_id":"CVE-2022-22265","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Use-After-Free Vulnerability","date_added":"2023-09-18T00:00:00.000000Z","due_date":"2023-10-09T00:00:00.000000Z","known_ransomware":false,"epss":0.00392,"cvss_score":5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2021-25395","vendor_project":"Samsung","product":"Mobile Devices","vulnerability_name":"Samsung Mobile Devices Race Condition Vulnerability","date_added":"2023-06-29T00:00:00.000000Z","due_date":"2023-07-20T00:00:00.000000Z","known_ransomware":false,"epss":0.00385,"cvss_score":6.4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-48928","vendor_project":"TeleMessage","product":"TM SGNL","vulnerability_name":"TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability","date_added":"2025-07-01T00:00:00.000000Z","due_date":"2025-07-22T00:00:00.000000Z","known_ransomware":false,"epss":0.00366,"cvss_score":4,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-21480","vendor_project":"Qualcomm","product":"Multiple Chipsets","vulnerability_name":"Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability","date_added":"2025-06-03T00:00:00.000000Z","due_date":"2025-06-24T00:00:00.000000Z","known_ransomware":false,"epss":0.00361,"cvss_score":8.6,"cvss_severity":"HIGH"},{"cve_id":"CVE-2025-43510","vendor_project":"Apple","product":"Multiple Products","vulnerability_name":"Apple Multiple Products Improper Locking Vulnerability","date_added":"2026-03-20T00:00:00.000000Z","due_date":"2026-04-03T00:00:00.000000Z","known_ransomware":false,"epss":0.00348,"cvss_score":7.8,"cvss_severity":"HIGH"},{"cve_id":"CVE-2023-21237","vendor_project":"Android","product":"Pixel","vulnerability_name":"Android Pixel Information Disclosure Vulnerability ","date_added":"2024-03-05T00:00:00.000000Z","due_date":"2024-03-26T00:00:00.000000Z","known_ransomware":false,"epss":0.00264,"cvss_score":6.2,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-48633","vendor_project":"Android","product":"Framework","vulnerability_name":"Android Framework Information Disclosure Vulnerability","date_added":"2025-12-02T00:00:00.000000Z","due_date":"2025-12-23T00:00:00.000000Z","known_ransomware":false,"epss":0.00245,"cvss_score":5.5,"cvss_severity":"MEDIUM"},{"cve_id":"CVE-2025-48572","vendor_project":"Android","product":"Framework","vulnerability_name":"Android Framework Privilege Escalation Vulnerability","date_added":"2025-12-02T00:00:00.000000Z","due_date":"2025-12-23T00:00:00.000000Z","known_ransomware":false,"epss":0.00228,"cvss_score":7.8,"cvss_severity":"HIGH"}]}