Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 61–90 of 171 CVEs · Page 3 of 6 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Jun 23, 2023 CVE-2023-32435 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerabil…
0.4%
Jun 23, 2023 CVE-2023-32439 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Type Confusion Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability…
1.2%
May 22, 2023 CVE-2023-28204 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted …
0.1%
May 22, 2023 CVE-2023-32373 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. Thi…
0.0%
May 22, 2023 CVE-2023-32409 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Sandbox Escape Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vuln…
0.3%
May 19, 2023 CVE-2004-1464 Cisco IOS
mobile network
Cisco IOS Denial-of-Service Vulnerability
Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Proto…
2.2%
May 19, 2023 CVE-2016-6415 Cisco IOS, IOS XR, and IOS XE
mobile network
Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability
Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. con…
92.7%
May 19, 2023 CVE-2023-21492 Samsung Mobile Devices
mobile
Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability
Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct…
0.4%
Apr 19, 2023 CVE-2017-6742 Cisco IOS and IOS XE Software
mobile network
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute cod…
14.8%
Apr 17, 2023 CVE-2019-8526 Apple macOS
endpoint mobile smb essential
Apple macOS Use-After-Free Vulnerability
Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.
0.2%
Apr 13, 2023 CVE-2023-20963 Android Framework
mobile
Android Framework Privilege Escalation Vulnerability
Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges n…
1.1%
Apr 10, 2023 CVE-2023-28205 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability…
0.1%
Apr 10, 2023 CVE-2023-28206 Apple iOS, iPadOS, and macOS
endpoint mobile smb essential
Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges.
21.6%
Mar 30, 2023 CVE-2021-30900 Apple iOS, iPadOS, and macOS
endpoint mobile smb essential
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.
0.5%
Feb 14, 2023 CVE-2023-23529 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Type Confusion Vulnerability
Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability …
0.1%
Dec 14, 2022 CVE-2022-42856 Apple iOS
endpoint mobile smb essential
Apple iOS Type Confusion Vulnerability
Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.
0.2%
Nov 8, 2022 CVE-2021-25337 Samsung Mobile Devices
mobile
Samsung Mobile Devices Improper Access Control Vulnerability
Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerabili…
0.8%
Nov 8, 2022 CVE-2021-25369 Samsung Mobile Devices
mobile
Samsung Mobile Devices Improper Access Control Vulnerability
Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to …
0.2%
Nov 8, 2022 CVE-2021-25370 Samsung Mobile Devices
mobile
Samsung Mobile Devices Memory Corruption Vulnerability
Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leadi…
0.5%
Oct 25, 2022 CVE-2022-42827 Apple iOS and iPadOS
endpoint mobile smb essential
Apple iOS and iPadOS Out-of-Bounds Write Vulnerability
Apple iOS and iPadOS kernel contain an out-of-bounds write vulnerability which can allow an application to perform code execution with kernel privileges.
0.2%
Sep 14, 2022 CVE-2022-32917 Apple iOS, iPadOS, and macOS
endpoint mobile smb essential
Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability
Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.
0.9%
Sep 8, 2022 CVE-2011-1823 Android Android OS
mobile
Android OS Privilege Escalation Vulnerability
The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is…
38.3%
Sep 8, 2022 CVE-2020-9934 Apple iOS, iPadOS, and macOS
endpoint mobile smb essential
Apple iOS, iPadOS, and macOS Input Validation Vulnerability
Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information.
2.1%
Aug 25, 2022 CVE-2021-31010 Apple iOS, macOS, watchOS
endpoint mobile smb essential
Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability
In affected versions of Apple iOS, macOS, and watchOS, a sandboxed process may be able to circumvent sandbox restrictions.
0.7%
Aug 18, 2022 CVE-2022-32893 Apple iOS and macOS
endpoint mobile smb essential
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.
0.1%
Aug 18, 2022 CVE-2022-32894 Apple iOS and macOS
endpoint mobile smb essential
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.
0.3%
Jun 27, 2022 CVE-2018-4344 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.
0.2%
Jun 27, 2022 CVE-2019-8605 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Use-After-Free Vulnerability
A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.
13.8%
Jun 27, 2022 CVE-2020-3837 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
6.4%
Jun 27, 2022 CVE-2020-9907 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
0.5%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.