| | CVE-2024-23670 | Fortinet | high | 7.8 | 0.4%
| | An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, Fo… | Jun 3, 2024 | Jul 8, 2026 |
| | CVE-2024-23668 | Fortinet | high | 8.8 | 0.7%
| | An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, Fo… | Jun 3, 2024 | Jul 8, 2026 |
| | CVE-2024-23667 | Fortinet | high | 7.8 | 0.4%
| | An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, Fo… | Jun 3, 2024 | Jul 8, 2026 |
| | CVE-2024-29853 | Veeam | high | 7.8 | — | | An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privile… | May 22, 2024 | Jul 3, 2025 |
| | CVE-2024-29852 | Veeam | low | 2.7 | — | | Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs. | May 22, 2024 | Jul 3, 2025 |
| | CVE-2024-29851 | Veeam | high | 7.2 | — | | Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manage… | May 22, 2024 | Jul 3, 2025 |
| | CVE-2024-29850 | Veeam | high | 8.8 | — | | Veeam Backup Enterprise Manager allows account takeover via NTLM relay. | May 22, 2024 | Jul 3, 2025 |
| | CVE-2024-29849 | Veeam | critical | 9.8 | — | | Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise man… | May 22, 2024 | Jul 3, 2025 |
| | CVE-2024-31491 | Fortinet | high | 8.8 | 1.1%
| | A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 throu… | May 14, 2024 | Jan 14, 2026 |
| | CVE-2023-45583 | Fortinet | medium | 6.7 | 0.2%
| | A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 … | May 14, 2024 | Jun 12, 2026 |
| | CVE-2023-36640 | Fortinet | medium | 6.7 | 0.1%
| | A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 … | May 14, 2024 | Jun 12, 2026 |
| | CVE-2024-29212 | Veeam | critical | 9.9 | — | | Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server in… | May 14, 2024 | Jun 30, 2025 |
| | CVE-2024-27460 | HPE | medium | 6.7 | 2.5%
| | A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below. | May 14, 2024 | Jan 21, 2026 |
| | CVE-2024-32761 | F5 | medium | 6.5 | 0.3%
| | Under certain conditions, a data leak may occur in the Traffic Management Microkernels (TMMs) of BIG… | May 8, 2024 | Feb 4, 2026 |
| | CVE-2024-28893 | HPE | high | 7.7 | 0.4%
| | Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when … | May 1, 2024 | Jan 14, 2026 |
| | CVE-2024-20358 | Cisco | medium | 6.0 | 0.0%
| | A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is availab… | Apr 24, 2024 | Mar 4, 2026 |
| | CVE-2024-24910 | Check Point | high | 7.3 | 0.1%
| | A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen,… | Apr 18, 2024 | Jan 15, 2026 |
| | CVE-2024-1249 | Apache | high | 7.4 | 0.2%
| | A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unvalidated cr… | Apr 17, 2024 | Apr 30, 2026 |
| | CVE-2024-26257 | Microsoft | high | 7.8 | 0.5%
| | Microsoft Excel Remote Code Execution Vulnerability | Apr 9, 2024 | May 19, 2026 |
| | CVE-2024-31487 | Fortinet | medium | 5.9 | 0.5%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-23671 | Fortinet | high | 8.1 | 0.8%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-21756 | Fortinet | high | 8.8 | 1.0%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-21755 | Fortinet | high | 8.8 | 1.0%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2023-47541 | Fortinet | medium | 6.7 | 0.1%
| | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in F… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2023-47540 | Fortinet | medium | 6.7 | 0.1%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2023-0582 | ForgeRock | high | 8.1 | — | | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Forg… | Mar 27, 2024 | Apr 14, 2025 |
| | CVE-2023-42790 | Fortinet | high | 8.1 | 1.1%
| | A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 t… | Mar 12, 2024 | Jul 8, 2026 |
| | CVE-2023-42789 | Fortinet | critical | 9.8 | 3.3%
| | A out-of-bounds write vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7… | Mar 12, 2024 | Jul 8, 2026 |
| | CVE-2023-41842 | Fortinet | medium | 6.7 | 0.1%
| | A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allo… | Mar 12, 2024 | Jan 14, 2026 |
| | CVE-2024-0590 | Microsoft | medium | 6.1 | 24.8%
| | The Microsoft Clarity plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versio… | Feb 29, 2024 | Apr 8, 2026 |
| | CVE-2024-1635 | Apache | high | 7.5 | 22.7%
| | A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly… | Feb 19, 2024 | Jun 10, 2026 |
| | CVE-2024-20673 | Microsoft | high | 7.8 | 0.4%
| | Microsoft Office Remote Code Execution Vulnerability | Feb 13, 2024 | May 19, 2026 |
| | CVE-2024-22022 | Veeam | high | 8.8 | — | | Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-… | Feb 7, 2024 | Jun 3, 2025 |
| | CVE-2024-22021 | Veeam | medium | 4.3 | — | | Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (P… | Feb 7, 2024 | Jun 5, 2025 |
| | CVE-2023-40545 | ForgeRock | high | 8.8 | — | | Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method … | Feb 6, 2024 | Nov 21, 2024 |
| | CVE-2024-23109 | Fortinet | critical | 10.0 | 7.0%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Feb 5, 2024 | Jan 14, 2026 |
| | CVE-2024-23108 | Fortinet | critical | 10.0 | 90.4%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Feb 5, 2024 | Jan 14, 2026 |
| | CVE-2023-36496 | ForgeRock | high | 7.7 | — | | Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated u… | Feb 1, 2024 | Nov 21, 2024 |
| | CVE-2023-51702 | Apache | medium | 6.5 | 0.4%
| | Since version 5.2.0, when using deferrable mode with the path of a Kubernetes configuration file for… | Jan 24, 2024 | Jul 2, 2026 |
| | CVE-2023-48795 | Apache | medium | 5.9 | 53.6%
| | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other pr… | Dec 18, 2023 | May 12, 2026 |
| | CVE-2023-41844 | Fortinet | low | 3.5 | 0.4%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Dec 13, 2023 | Jan 14, 2026 |
| | CVE-2023-45587 | Fortinet | low | 3.4 | 0.4%
| | An improper neutralization of input during web page generation ('cross-site scripting') vulnerabilit… | Dec 13, 2023 | Jul 8, 2026 |
| | CVE-2023-36009 | Microsoft | medium | 5.5 | 0.2%
| | Microsoft Word Information Disclosure Vulnerability | Dec 12, 2023 | May 19, 2026 |
| | CVE-2023-36424 | Microsoft | high | 7.8 | 10.3%
| ⚠ KEV | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Nov 14, 2023 | Apr 14, 2026 |
| | CVE-2023-41723 | Veeam | medium | 4.3 | — | | A vulnerability in Veeam ONE allows a user with the Veeam ONE Read-Only User role to view the Dashbo… | Nov 7, 2023 | Nov 21, 2024 |
| | CVE-2023-38549 | Veeam | medium | 5.4 | — | | A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client … | Nov 7, 2023 | Nov 21, 2024 |
| | CVE-2023-38548 | Veeam | medium | 4.3 | — | | A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client … | Nov 7, 2023 | Mar 6, 2025 |
| | CVE-2023-38547 | Veeam | critical | 9.8 | — | | A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server… | Nov 7, 2023 | Mar 6, 2025 |
| | CVE-2023-39930 | ForgeRock | high | 7.5 | — | | A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV… | Oct 25, 2023 | Nov 21, 2024 |
| | CVE-2023-39231 | ForgeRock | high | 7.3 | — | | PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring se… | Oct 25, 2023 | Nov 21, 2024 |