Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 31–60 of 171 CVEs · Page 2 of 6 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Apr 4, 2024 CVE-2024-29745 Android Pixel
mobile
Android Pixel Information Disclosure Vulnerability
Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.
0.2%
Apr 4, 2024 CVE-2024-29748 Android Pixel
mobile
Android Pixel Privilege Escalation Vulnerability
Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app.
0.4%
Mar 6, 2024 CVE-2024-23225 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to b…
0.2%
Mar 6, 2024 CVE-2024-23296 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kerne…
0.3%
Mar 5, 2024 CVE-2023-21237 Android Pixel
mobile
Android Pixel Information Disclosure Vulnerability
Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means to hide a foreground service notification. Thi…
1.0%
Jan 31, 2024 CVE-2022-48618 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a time-of-check/time-of-use (TOCTOU) memory corruption vulnerability that allows an attacker with read and write capabilities t…
0.1%
Jan 23, 2024 CVE-2024-23222 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Type Confusion Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnera…
0.6%
Jan 8, 2024 CVE-2023-41990 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Code Execution Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability that allows for code execution when processing a font file.
2.7%
Dec 4, 2023 CVE-2023-42916 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. Th…
0.1%
Dec 4, 2023 CVE-2023-42917 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerabil…
0.1%
Oct 23, 2023 CVE-2023-20273 Cisco Cisco IOS XE Web UI
mobile network
Cisco IOS XE Web UI Command Injection Vulnerability
Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privil…
92.6%
Oct 16, 2023 CVE-2023-20198 Cisco IOS XE Web UI
mobile network
Cisco IOS XE Web UI Privilege Escalation Vulnerability
Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege…
94.0%
Oct 10, 2023 CVE-2023-20109 Cisco IOS and IOS XE
mobile network vpn remote
Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has…
0.6%
Oct 5, 2023 CVE-2023-42824 Apple iOS and iPadOS
endpoint mobile smb essential
Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability
Apple iOS and iPadOS contain an unspecified vulnerability that allows for local privilege escalation.
1.0%
Sep 25, 2023 CVE-2023-41991 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Improper Certificate Validation Vulnerability
Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation.
3.9%
Sep 25, 2023 CVE-2023-41992 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Kernel Privilege Escalation Vulnerability
Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation.
1.1%
Sep 25, 2023 CVE-2023-41993 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Code Execution Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability c…
24.2%
Sep 18, 2023 CVE-2022-22265 Samsung Mobile Devices
mobile
Samsung Mobile Devices Use-After-Free Vulnerability
Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.
0.2%
Sep 13, 2023 CVE-2023-35674 Android Framework
mobile
Android Framework Privilege Escalation Vulnerability
Android Framework contains an unspecified vulnerability that allows for privilege escalation.
0.1%
Sep 11, 2023 CVE-2023-41061 Apple iOS, iPadOS, and watchOS
endpoint mobile smb essential
Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability
Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which a maliciously crafted attachment may result in code executi…
1.1%
Sep 11, 2023 CVE-2023-41064 Apple iOS, iPadOS, and macOS
endpoint mobile smb essential
Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability
Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted image, which may lead to code execution. This vulnerability w…
85.4%
Jul 26, 2023 CVE-2023-38606 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Kernel Unspecified Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability allowing an app to modify a sensitive kernel state.
0.1%
Jul 13, 2023 CVE-2023-37450 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Code Execution Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability c…
0.1%
Jun 29, 2023 CVE-2021-25371 Samsung Mobile Devices
mobile
Samsung Mobile Devices Unspecified Vulnerability
Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.
1.6%
Jun 29, 2023 CVE-2021-25372 Samsung Mobile Devices
mobile
Samsung Mobile Devices Improper Boundary Check Vulnerability
Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access.
1.8%
Jun 29, 2023 CVE-2021-25394 Samsung Mobile Devices
mobile
Samsung Mobile Devices Race Condition Vulnerability
Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromi…
0.4%
Jun 29, 2023 CVE-2021-25395 Samsung Mobile Devices
mobile
Samsung Mobile Devices Race Condition Vulnerability
Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromi…
0.2%
Jun 29, 2023 CVE-2021-25487 Samsung Mobile Devices
mobile
Samsung Mobile Devices Out-of-Bounds Read Vulnerability
Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to r…
2.6%
Jun 29, 2023 CVE-2021-25489 Samsung Mobile Devices
mobile
Samsung Mobile Devices Improper Input Validation Vulnerability
Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.
0.3%
Jun 23, 2023 CVE-2023-32434 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Integer Overflow Vulnerability
Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to execute code with kernel privileges.
52.4%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.