Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Mar 3, 2022 | CVE-2013-1347 | Microsoft Internet Explorer |
Microsoft Internet Explorer Remote Code Execution Vulnerability
This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.
|
— | 87.7% |
| Mar 3, 2022 | CVE-2013-3897 | Microsoft Internet Explorer |
Microsoft Internet Explorer Use-After-Free Vulnerability
A use-after-free vulnerability exists within CDisplayPointer in Microsoft Internet Explorer that allows an attacker to remotely execute arbitrary code.
|
— | 88.2% |
| Mar 3, 2022 | CVE-2013-5065 | Microsoft Windows |
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.
|
— | 73.0% |
| Mar 3, 2022 | CVE-2014-4114 | Microsoft Windows |
Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability
A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.
|
— | 92.5% |
| Mar 3, 2022 | CVE-2015-1642 | Microsoft Office |
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document.
|
— | 72.9% |
| Mar 3, 2022 |
CVE-2015-1701
Ransomware |
Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privilege…
|
— | 90.4% |
| Mar 3, 2022 | CVE-2015-2387 | Microsoft ATM Font Driver |
Microsoft ATM Font Driver Privilege Escalation Vulnerability
ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application.
|
— | 24.7% |
| Mar 3, 2022 | CVE-2015-2424 | Microsoft PowerPoint |
Microsoft PowerPoint Memory Corruption Vulnerability
Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.
|
— | 64.5% |
| Mar 3, 2022 | CVE-2015-2545 | Microsoft Office |
Microsoft Office Malformed EPS File Vulnerability
Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image.
|
— | 93.2% |
| Mar 3, 2022 |
CVE-2016-0099
Ransomware |
Microsoft Windows |
Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who success…
|
— | 90.4% |
| Mar 3, 2022 | CVE-2016-7193 | Microsoft Office |
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution.
|
— | 73.8% |
| Mar 3, 2022 | CVE-2016-7262 | Microsoft Excel |
Microsoft Office Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary com…
|
— | 88.2% |
| Mar 3, 2022 | CVE-2017-0001 | Microsoft Graphics Device Interface (GDI) |
Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1…
|
— | 47.8% |
| Mar 3, 2022 | CVE-2017-0261 | Microsoft Office |
Microsoft Office Use-After-Free Vulnerability
Microsoft Office contains a use-after-free vulnerability which can allow for remote code execution.
|
— | 92.3% |
| Mar 3, 2022 | CVE-2017-11826 | Microsoft Office |
Microsoft Office Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the …
|
— | 91.7% |
| Mar 3, 2022 | CVE-2017-8540 | Microsoft Malware Protection Engine |
Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows …
|
— | 79.4% |
| Mar 3, 2022 |
CVE-2018-8581
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of …
|
— | 91.8% |
| Mar 3, 2022 | CVE-2019-1297 | Microsoft Excel |
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.
|
— | 40.7% |
| Mar 3, 2022 |
CVE-2021-41379
Ransomware |
Microsoft Windows |
Microsoft Windows Installer Privilege Escalation Vulnerability
Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.
|
— | 1.0% |
| Feb 25, 2022 | CVE-2014-6352 | Microsoft Windows |
Microsoft Windows Code Injection Vulnerability
Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.
|
— | 90.7% |
| Feb 25, 2022 | CVE-2017-0222 | Microsoft Internet Explorer |
Microsoft Internet Explorer Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.
|
— | 65.3% |
| Feb 25, 2022 | CVE-2017-8570 | Microsoft Office |
Microsoft Office Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.
|
— | 94.2% |
| Feb 15, 2022 | CVE-2013-3906 | Microsoft Graphics Component |
Microsoft Graphics Component Memory Corruption Vulnerability
Microsoft Graphics Component contains a memory corruption vulnerability which can allow for remote code execution.
|
— | 92.4% |
| Feb 15, 2022 | CVE-2014-1761 | Microsoft Word |
Microsoft Word Memory Corruption Vulnerability
Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution.
|
— | 93.3% |
| Feb 15, 2022 |
CVE-2018-8174
Ransomware |
Microsoft Windows |
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
|
— | 94.3% |
| Feb 15, 2022 |
CVE-2019-0752
Ransomware |
Microsoft Internet Explorer |
Microsoft Internet Explorer Type Confusion Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer
|
— | 91.5% |
| Feb 11, 2022 | CVE-2022-22620 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could i…
|
— | 4.0% |
| Feb 10, 2022 | CVE-2014-4404 | Apple OS X |
Apple OS X Heap-Based Buffer Overflow Vulnerability
Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.
|
— | 62.0% |
| Feb 10, 2022 | CVE-2015-1130 | Apple OS X |
Apple OS X Authentication Bypass Vulnerability
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.
|
— | 23.4% |
| Feb 10, 2022 | CVE-2015-1635 | Microsoft HTTP.sys |
Microsoft HTTP.sys Remote Code Execution Vulnerability
Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability that allows for remote code execution.
|
— | 94.3% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.