Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Apr 13, 2022 | CVE-2015-5122 | Adobe Flash Player |
Adobe Flash Player Use-After-Free Vulnerability
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-…
|
— | 92.7% |
| Apr 13, 2022 | CVE-2015-5123 | Adobe Flash Player |
Adobe Flash Player Use-After-Free Vulnerability
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-…
|
— | 41.0% |
| Apr 13, 2022 |
CVE-2018-20753
Ransomware |
Kaseya Virtual System/Server Administrator (VSA) |
Kaseya VSA Remote Code Execution Vulnerability
Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.
|
— | 47.9% |
| Apr 13, 2022 |
CVE-2018-7602
Ransomware |
Drupal Core |
Drupal Core Remote Code Execution Vulnerability
A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.
|
— | 94.4% |
| Apr 13, 2022 |
CVE-2022-24521
Ransomware |
Microsoft Windows |
Microsoft Windows CLFS Driver Privilege Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.
|
— | 7.5% |
| Apr 11, 2022 | CVE-2017-11317 | Telerik User Interface (UI) for ASP.NET AJAX |
Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
|
— | 92.0% |
| Apr 11, 2022 | CVE-2020-2509 | QNAP QNAP Network-Attached Storage (NAS) |
QNAP Network-Attached Storage (NAS) Command Injection Vulnerability
QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.
|
— | 84.0% |
| Apr 11, 2022 | CVE-2021-22600 | Linux Kernel |
Linux Kernel Privilege Escalation Vulnerability
Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service …
|
— | 0.2% |
| Apr 11, 2022 | CVE-2021-27852 | Checkbox Checkbox Survey |
Checkbox Survey Deserialization of Untrusted Data Vulnerability
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.
|
— | 25.5% |
| Apr 11, 2022 | CVE-2021-39793 | Google Pixel |
Google Pixel Out-of-Bounds Write Vulnerability
Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.
|
— | 0.1% |
| Apr 11, 2022 |
CVE-2021-42278
Ransomware |
Microsoft Active Directory |
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.
|
— | 94.1% |
| Apr 11, 2022 |
CVE-2021-42287
Ransomware |
Microsoft Active Directory |
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.
|
— | 94.0% |
| Apr 11, 2022 | CVE-2022-23176 | WatchGuard Firebox and XTM |
WatchGuard Firebox and XTM Privilege Escalation Vulnerability
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.
|
— | 10.2% |
| Apr 6, 2022 |
CVE-2017-0148
Ransomware |
Microsoft SMBv1 server |
Microsoft SMBv1 Server Remote Code Execution Vulnerability
The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets.
|
— | 94.1% |
| Apr 6, 2022 | CVE-2021-31166 | Microsoft HTTP Protocol Stack |
Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability
Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.
|
— | 93.1% |
| Apr 6, 2022 | CVE-2021-3156 | Sudo Sudo |
Sudo Heap-Based Buffer Overflow Vulnerability
Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.
|
— | 92.6% |
| Apr 4, 2022 | CVE-2021-45382 | D-Link Multiple Routers |
D-Link Multiple Routers Remote Code Execution Vulnerability
A remote code execution vulnerability exists in all series H/W revisions routers via the DDNS function in ncc2 binary file.
|
— | 94.4% |
| Apr 4, 2022 | CVE-2022-22674 | Apple macOS |
Apple macOS Out-of-Bounds Read Vulnerability
macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory.
|
— | 0.2% |
| Apr 4, 2022 | CVE-2022-22675 | Apple macOS |
Apple macOS Out-of-Bounds Write Vulnerability
macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges.
|
— | 1.4% |
| Apr 4, 2022 | CVE-2022-22965 | VMware Spring Framework |
Spring Framework JDK 9+ Remote Code Execution Vulnerability
Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
|
— | 94.4% |
| Mar 31, 2022 | CVE-2018-10561 | Dasan Gigabit Passive Optical Network (GPON) Routers |
Dasan GPON Routers Authentication Bypass Vulnerability
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution.
|
— | 93.3% |
| Mar 31, 2022 |
CVE-2018-10562
Ransomware |
Dasan Gigabit Passive Optical Network (GPON) Routers |
Dasan GPON Routers Command Injection Vulnerability
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution.
|
— | 94.0% |
| Mar 31, 2022 | CVE-2021-21551 | Dell dbutil Driver |
Dell dbutil Driver Insufficient Access Control Vulnerability
Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.
|
— | 74.5% |
| Mar 31, 2022 |
CVE-2021-28799
Ransomware |
QNAP Network Attached Storage (NAS) |
QNAP NAS Improper Authorization Vulnerability
QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.
|
— | 92.4% |
| Mar 31, 2022 | CVE-2021-34484 | Microsoft Windows |
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
|
— | 2.8% |
| Mar 31, 2022 | CVE-2022-1040 | Sophos Firewall |
Sophos Firewall Authentication Bypass Vulnerability
An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.
|
— | 94.4% |
| Mar 31, 2022 | CVE-2022-26871 | Trend Micro Apex Central |
Trend Micro Apex Central Arbitrary File Upload Vulnerability
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.
|
— | 21.3% |
| Mar 28, 2022 | CVE-2010-4398 | Microsoft Windows |
Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (U…
|
— | 7.7% |
| Mar 28, 2022 | CVE-2011-2005 | Microsoft Ancillary Function Driver (afd.sys) |
Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability
afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a c…
|
— | 67.1% |
| Mar 28, 2022 | CVE-2012-0518 | Oracle Fusion Middleware |
Oracle Fusion Middleware Unspecified Vulnerability
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors
|
— | 20.9% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.