Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Mar 3, 2022 | CVE-2016-7262 | Microsoft Excel |
Microsoft Office Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary com…
|
— | 88.2% |
| Mar 3, 2022 | CVE-2016-7855 | Adobe Flash Player |
Adobe Flash Player Use-After-Free Vulnerability
Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.
|
— | 59.0% |
| Mar 3, 2022 | CVE-2017-0001 | Microsoft Graphics Device Interface (GDI) |
Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1…
|
— | 47.8% |
| Mar 3, 2022 | CVE-2017-0261 | Microsoft Office |
Microsoft Office Use-After-Free Vulnerability
Microsoft Office contains a use-after-free vulnerability which can allow for remote code execution.
|
— | 92.3% |
| Mar 3, 2022 | CVE-2017-11292 | Adobe Flash Player |
Adobe Flash Player Type Confusion Vulnerability
Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution.
|
— | 34.4% |
| Mar 3, 2022 | CVE-2017-11826 | Microsoft Office |
Microsoft Office Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the …
|
— | 91.7% |
| Mar 3, 2022 | CVE-2017-8540 | Microsoft Malware Protection Engine |
Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows …
|
— | 79.4% |
| Mar 3, 2022 |
CVE-2018-8581
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of …
|
— | 91.8% |
| Mar 3, 2022 | CVE-2019-1297 | Microsoft Excel |
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.
|
— | 40.7% |
| Mar 3, 2022 |
CVE-2021-41379
Ransomware |
Microsoft Windows |
Microsoft Windows Installer Privilege Escalation Vulnerability
Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.
|
— | 1.0% |
| Feb 25, 2022 | CVE-2014-6352 | Microsoft Windows |
Microsoft Windows Code Injection Vulnerability
Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.
|
— | 90.7% |
| Feb 25, 2022 | CVE-2017-0222 | Microsoft Internet Explorer |
Microsoft Internet Explorer Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.
|
— | 65.3% |
| Feb 25, 2022 | CVE-2017-8570 | Microsoft Office |
Microsoft Office Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.
|
— | 94.2% |
| Feb 15, 2022 | CVE-2013-3906 | Microsoft Graphics Component |
Microsoft Graphics Component Memory Corruption Vulnerability
Microsoft Graphics Component contains a memory corruption vulnerability which can allow for remote code execution.
|
— | 92.4% |
| Feb 15, 2022 | CVE-2014-1761 | Microsoft Word |
Microsoft Word Memory Corruption Vulnerability
Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution.
|
— | 93.3% |
| Feb 15, 2022 |
CVE-2018-15982
Ransomware |
Adobe Flash Player |
Adobe Flash Player Use-After-Free Vulnerability
Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability
|
— | 93.6% |
| Feb 15, 2022 |
CVE-2018-8174
Ransomware |
Microsoft Windows |
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
|
— | 94.3% |
| Feb 15, 2022 |
CVE-2019-0752
Ransomware |
Microsoft Internet Explorer |
Microsoft Internet Explorer Type Confusion Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer
|
— | 91.5% |
| Feb 15, 2022 | CVE-2022-0609 | Google Chromium Animation |
Google Chromium Animation Use-After-Free Vulnerability
Google Chromium Animation contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
|
— | 49.0% |
| Feb 15, 2022 | CVE-2022-24086 | Adobe Commerce and Magento Open Source |
Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability
Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.
|
— | 93.7% |
| Feb 11, 2022 | CVE-2022-22620 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could i…
|
— | 4.0% |
| Feb 10, 2022 | CVE-2014-4404 | Apple OS X |
Apple OS X Heap-Based Buffer Overflow Vulnerability
Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.
|
— | 62.0% |
| Feb 10, 2022 | CVE-2015-1130 | Apple OS X |
Apple OS X Authentication Bypass Vulnerability
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.
|
— | 23.4% |
| Feb 10, 2022 | CVE-2015-1635 | Microsoft HTTP.sys |
Microsoft HTTP.sys Remote Code Execution Vulnerability
Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability that allows for remote code execution.
|
— | 94.3% |
| Feb 10, 2022 |
CVE-2017-0144
Ransomware |
Microsoft SMBv1 |
Microsoft SMBv1 Remote Code Execution Vulnerability
The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.
|
— | 94.3% |
| Feb 10, 2022 |
CVE-2017-0145
Ransomware |
Microsoft SMBv1 |
Microsoft SMBv1 Remote Code Execution Vulnerability
The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.
|
— | 93.3% |
| Feb 10, 2022 | CVE-2017-0262 | Microsoft Office |
Microsoft Office Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Office.
|
— | 65.0% |
| Feb 10, 2022 | CVE-2017-0263 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.
|
— | 20.8% |
| Feb 10, 2022 | CVE-2017-8464 | Microsoft Windows |
Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability
Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file
|
— | 93.9% |
| Feb 10, 2022 |
CVE-2020-0796
Ransomware |
Microsoft SMBv3 |
Microsoft SMBv3 Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully explo…
|
— | 94.4% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.