Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Oct 20, 2022 | CVE-2021-3493 | Linux Kernel |
Linux Kernel Privilege Escalation Vulnerability
The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalatio…
|
— | 80.0% |
| Oct 20, 2022 | CVE-2022-41352 | Synacor Zimbra Collaboration Suite (ZCS) |
Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability
Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.
|
— | 94.0% |
| Oct 11, 2022 |
CVE-2022-40684
Ransomware |
Fortinet Multiple Products |
Fortinet Multiple Products Authentication Bypass Vulnerability
Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the admin…
|
— | 94.4% |
| Oct 11, 2022 | CVE-2022-41033 | Microsoft Windows COM+ Event System Service |
Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability
Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.
|
— | 1.7% |
| Sep 30, 2022 | CVE-2022-36804 | Atlassian Bitbucket Server and Data Center |
Atlassian Bitbucket Server and Data Center Command Injection Vulnerability
Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or w…
|
— | 94.4% |
| Sep 30, 2022 |
CVE-2022-41040
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Server-Side Request Forgery Vulnerability
Microsoft Exchange Server allows for server-side request forgery. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41082 which allows for remote code executio…
|
— | 94.1% |
| Sep 30, 2022 |
CVE-2022-41082
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed "ProxyNotShell," this vulnerability is chainable with C…
|
— | 90.8% |
| Sep 23, 2022 | CVE-2022-3236 | Sophos Firewall |
Sophos Firewall Code Injection Vulnerability
A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.
|
— | 92.8% |
| Sep 22, 2022 | CVE-2022-35405 | Zoho ManageEngine |
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability that allows for remote code execution.
|
— | 94.2% |
| Sep 15, 2022 | CVE-2010-2568 | Microsoft Windows |
Microsoft Windows Remote Code Execution Vulnerability
Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attac…
|
— | 92.1% |
| Sep 15, 2022 | CVE-2013-2094 | Linux Kernel |
Linux Kernel Privilege Escalation Vulnerability
Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explot…
|
— | 65.9% |
| Sep 15, 2022 | CVE-2013-2596 | Linux Kernel |
Linux Kernel Integer Overflow Vulnerability
Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation.
|
— | 3.1% |
| Sep 15, 2022 | CVE-2013-2597 | Code Aurora ACDB Audio Driver |
Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability
The Code Aurora audio calibration database (acdb) audio driver contains a stack-based buffer overflow vulnerability that allows for privilege escalation. Code Aurora is used in th…
|
— | 6.1% |
| Sep 15, 2022 | CVE-2013-6282 | Linux Kernel |
Linux Kernel Improper Input Validation Vulnerability
The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and wri…
|
— | 67.7% |
| Sep 15, 2022 | CVE-2022-40139 | Trend Micro Apex One and Apex One as a Service |
Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability
Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.
|
— | 8.9% |
| Sep 14, 2022 | CVE-2022-32917 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability
Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.
|
— | 0.9% |
| Sep 14, 2022 | CVE-2022-37969 | Microsoft Windows |
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
|
— | 12.8% |
| Sep 8, 2022 | CVE-2011-1823 | Android Android OS |
Android OS Privilege Escalation Vulnerability
The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is…
|
— | 38.3% |
| Sep 8, 2022 | CVE-2011-4723 | D-Link DIR-300 Router |
D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability
The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.
|
— | 14.1% |
| Sep 8, 2022 | CVE-2017-5521 | NETGEAR Multiple Devices |
NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability
Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server.
|
— | 93.8% |
| Sep 8, 2022 |
CVE-2018-13374
Ransomware |
Fortinet FortiOS and FortiADC |
Fortinet FortiOS and FortiADC Improper Access Control Vulnerability
Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointin…
|
— | 3.4% |
| Sep 8, 2022 | CVE-2018-2628 | Oracle WebLogic Server |
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability which can allow an unauthenticated attacker with T3 network access to compromise the server.
|
— | 94.4% |
| Sep 8, 2022 |
CVE-2018-6530
Ransomware |
D-Link Multiple Routers |
D-Link Multiple Routers OS Command Injection Vulnerability
Multiple D-Link routers contain an unspecified vulnerability that allows for execution of OS commands.
|
— | 94.2% |
| Sep 8, 2022 | CVE-2018-7445 | MikroTik RouterOS |
MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability
In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerabi…
|
— | 87.6% |
| Sep 8, 2022 | CVE-2020-9934 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Input Validation Vulnerability
Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information.
|
— | 2.1% |
| Sep 8, 2022 | CVE-2022-26258 | D-Link DIR-820L |
D-Link DIR-820L Remote Code Execution Vulnerability
D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.
|
— | 87.2% |
| Sep 8, 2022 |
CVE-2022-27593
Ransomware |
QNAP Photo Station |
QNAP Photo Station Externally Controlled Reference Vulnerability
Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system f…
|
— | 93.8% |
| Sep 8, 2022 | CVE-2022-3075 | Google Chromium Mojo |
Google Chromium Mojo Insufficient Data Validation Vulnerability
Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandb…
|
— | 2.1% |
| Aug 25, 2022 | CVE-2020-28949 | PEAR Archive_Tar |
PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-sou…
|
— | 93.4% |
| Aug 25, 2022 | CVE-2020-36193 | PEAR Archive_Tar |
PEAR Archive_Tar Improper Link Resolution Vulnerability
PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository an…
|
— | 71.1% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.