Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Jun 23, 2023 | CVE-2023-32435 | Apple Multiple Products |
Apple Multiple Products WebKit Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerabil…
|
— | 0.4% |
| Jun 23, 2023 | CVE-2023-32439 | Apple Multiple Products |
Apple Multiple Products WebKit Type Confusion Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability…
|
— | 1.2% |
| May 22, 2023 | CVE-2023-28204 | Apple Multiple Products |
Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted …
|
— | 0.1% |
| May 22, 2023 | CVE-2023-32373 | Apple Multiple Products |
Apple Multiple Products WebKit Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. Thi…
|
— | 0.0% |
| May 22, 2023 | CVE-2023-32409 | Apple Multiple Products |
Apple Multiple Products WebKit Sandbox Escape Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vuln…
|
— | 0.3% |
| May 19, 2023 | CVE-2004-1464 | Cisco IOS |
Cisco IOS Denial-of-Service Vulnerability
Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Proto…
|
— | 2.2% |
| May 19, 2023 | CVE-2016-6415 | Cisco IOS, IOS XR, and IOS XE |
Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability
Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. con…
|
— | 92.7% |
| May 19, 2023 | CVE-2023-21492 | Samsung Mobile Devices |
Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability
Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct…
|
— | 0.4% |
| Apr 19, 2023 | CVE-2017-6742 | Cisco IOS and IOS XE Software |
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute cod…
|
— | 14.8% |
| Apr 17, 2023 | CVE-2019-8526 | Apple macOS |
Apple macOS Use-After-Free Vulnerability
Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.
|
— | 0.2% |
| Apr 13, 2023 | CVE-2023-20963 | Android Framework |
Android Framework Privilege Escalation Vulnerability
Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges n…
|
— | 1.1% |
| Apr 10, 2023 | CVE-2023-28205 | Apple Multiple Products |
Apple Multiple Products WebKit Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability…
|
— | 0.1% |
| Apr 10, 2023 | CVE-2023-28206 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges.
|
— | 21.6% |
| Mar 30, 2023 | CVE-2021-30900 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.
|
— | 0.5% |
| Feb 14, 2023 | CVE-2023-23529 | Apple Multiple Products |
Apple Multiple Products WebKit Type Confusion Vulnerability
Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability …
|
— | 0.1% |
| Dec 14, 2022 | CVE-2022-42856 | Apple iOS |
Apple iOS Type Confusion Vulnerability
Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.
|
— | 0.2% |
| Nov 8, 2022 | CVE-2021-25337 | Samsung Mobile Devices |
Samsung Mobile Devices Improper Access Control Vulnerability
Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerabili…
|
— | 0.8% |
| Nov 8, 2022 | CVE-2021-25369 | Samsung Mobile Devices |
Samsung Mobile Devices Improper Access Control Vulnerability
Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to …
|
— | 0.2% |
| Nov 8, 2022 | CVE-2021-25370 | Samsung Mobile Devices |
Samsung Mobile Devices Memory Corruption Vulnerability
Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leadi…
|
— | 0.5% |
| Oct 25, 2022 | CVE-2022-42827 | Apple iOS and iPadOS |
Apple iOS and iPadOS Out-of-Bounds Write Vulnerability
Apple iOS and iPadOS kernel contain an out-of-bounds write vulnerability which can allow an application to perform code execution with kernel privileges.
|
— | 0.2% |
| Sep 14, 2022 | CVE-2022-32917 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability
Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.
|
— | 0.9% |
| Sep 8, 2022 | CVE-2011-1823 | Android Android OS |
Android OS Privilege Escalation Vulnerability
The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is…
|
— | 38.3% |
| Sep 8, 2022 | CVE-2020-9934 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Input Validation Vulnerability
Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information.
|
— | 2.1% |
| Aug 25, 2022 | CVE-2021-31010 | Apple iOS, macOS, watchOS |
Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability
In affected versions of Apple iOS, macOS, and watchOS, a sandboxed process may be able to circumvent sandbox restrictions.
|
— | 0.7% |
| Aug 18, 2022 | CVE-2022-32893 | Apple iOS and macOS |
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.
|
— | 0.1% |
| Aug 18, 2022 | CVE-2022-32894 | Apple iOS and macOS |
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.
|
— | 0.3% |
| Jun 27, 2022 | CVE-2018-4344 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.
|
— | 0.2% |
| Jun 27, 2022 | CVE-2019-8605 | Apple Multiple Products |
Apple Multiple Products Use-After-Free Vulnerability
A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.
|
— | 13.8% |
| Jun 27, 2022 | CVE-2020-3837 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
|
— | 6.4% |
| Jun 27, 2022 | CVE-2020-9907 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
|
— | 0.5% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.