Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 31–60 of 117 CVEs · Page 2 of 4 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Sep 25, 2023 CVE-2023-41993 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Code Execution Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability c…
24.2%
Sep 13, 2023 CVE-2023-4863 Google Chromium WebP
browser smb essential
Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulne…
93.3%
Jul 13, 2023 CVE-2023-37450 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Code Execution Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability c…
0.1%
Jun 23, 2023 CVE-2023-32435 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerabil…
0.4%
Jun 23, 2023 CVE-2023-32439 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Type Confusion Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability…
1.2%
Jun 22, 2023 CVE-2016-9079 Mozilla Firefox, Firefox ESR, and Thunderbird
browser smb essential
Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability
Mozilla Firefox, Firefox ESR, and Thunderbird contain a use-after-free vulnerability in SVG Animation, targeting Firefox and Tor browser users on Windows.
84.8%
Jun 7, 2023 CVE-2023-3079 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
1.7%
May 22, 2023 CVE-2023-28204 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted …
0.1%
May 22, 2023 CVE-2023-32373 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. Thi…
0.0%
May 22, 2023 CVE-2023-32409 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Sandbox Escape Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vuln…
0.3%
Apr 21, 2023 CVE-2023-2136 Google Chromium Skia
browser smb essential
Google Chrome Skia Integer Overflow Vulnerability
Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape vi…
0.4%
Apr 17, 2023 CVE-2023-2033 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
22.8%
Apr 10, 2023 CVE-2023-28205 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability…
0.1%
Mar 30, 2023 CVE-2022-3038 Google Chromium Network Service
browser smb essential
Google Chromium Network Service Use-After-Free Vulnerability
Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerab…
36.0%
Feb 14, 2023 CVE-2023-23529 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Type Confusion Vulnerability
Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability …
0.1%
Dec 5, 2022 CVE-2022-4262 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
8.6%
Nov 28, 2022 CVE-2022-4135 Google Chromium GPU
browser smb essential
Google Chromium GPU Heap Buffer Overflow Vulnerability
Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape …
0.1%
Oct 28, 2022 CVE-2022-3723 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
0.5%
Sep 8, 2022 CVE-2022-3075 Google Chromium Mojo
browser smb essential
Google Chromium Mojo Insufficient Data Validation Vulnerability
Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandb…
2.1%
Aug 18, 2022 CVE-2022-2856 Google Chromium Intents
browser smb essential
Google Chromium Intents Insufficient Input Validation Vulnerability
Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attacker to browse to a malicious website via a crafted HTML page…
3.3%
Jun 27, 2022 CVE-2021-30533 Google Chromium PopupBlocker
browser smb essential
Google Chromium PopupBlocker Security Bypass Vulnerability
Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This v…
16.7%
Jun 8, 2022 CVE-2016-1646 Google Chromium V8
browser smb essential
Google Chromium V8 Out-of-Bounds Read Vulnerability
Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via c…
66.9%
Jun 8, 2022 CVE-2016-5198 Google Chromium V8
browser smb essential
Google Chromium V8 Out-of-Bounds Memory Vulnerability
Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to perform read/write operations, leading to code execution, via a cr…
78.7%
Jun 8, 2022 CVE-2017-5030 Google Chromium V8
browser smb essential
Google Chromium V8 Memory Corruption Vulnerability
Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multipl…
50.3%
Jun 8, 2022 CVE-2017-5070 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could …
74.4%
Jun 8, 2022 CVE-2018-17463 Google Chromium V8
browser smb essential
Google Chromium V8 Remote Code Execution Vulnerability
Google Chromium V8 Engine contains an unspecified vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could af…
92.2%
Jun 8, 2022 CVE-2018-17480 Google Chromium V8
browser smb essential
Google Chromium V8 Out-of-Bounds Write Vulnerability
Google Chromium V8 Engine contains out-of-bounds write vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability cou…
30.4%
Jun 8, 2022 CVE-2018-6065 Google Chromium V8
browser smb essential
Google Chromium V8 Integer Overflow Vulnerability
Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerabili…
89.6%
Jun 8, 2022 CVE-2019-5825 Google Chromium V8
browser smb essential
Google Chromium V8 Out-of-Bounds Write Vulnerability
Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerab…
78.2%
May 25, 2022 CVE-2015-4495 Mozilla Firefox
browser smb essential
Mozilla Firefox Security Feature Bypass Vulnerability
Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges.
71.6%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.