Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Feb 10, 2022 | CVE-2017-0263 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.
|
— | 20.8% |
| Feb 10, 2022 |
CVE-2017-10271
Ransomware |
Oracle WebLogic Server |
Oracle Corporation WebLogic Server Remote Code Execution Vulnerability
Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.
|
— | 94.4% |
| Feb 10, 2022 | CVE-2017-8464 | Microsoft Windows |
Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability
Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file
|
— | 93.9% |
| Feb 10, 2022 | CVE-2017-9791 | Apache Struts 1 |
Apache Struts 1 Improper Input Validation Vulnerability
The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
|
— | 94.1% |
| Feb 10, 2022 | CVE-2018-1000861 | Jenkins Jenkins Stapler Web Framework |
Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability
A code execution vulnerability exists in the Stapler web framework used by Jenkins
|
— | 94.5% |
| Feb 10, 2022 |
CVE-2020-0796
Ransomware |
Microsoft SMBv3 |
Microsoft SMBv3 Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully explo…
|
— | 94.4% |
| Feb 10, 2022 | CVE-2021-36934 | Microsoft Windows |
Microsoft Windows SAM Local Privilege Escalation Vulnerability
If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.
|
— | 90.4% |
| Feb 4, 2022 | CVE-2022-21882 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
|
— | 89.1% |
| Jan 28, 2022 | CVE-2014-1776 | Microsoft Internet Explorer |
Microsoft Internet Explorer Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.
|
— | 84.0% |
| Jan 28, 2022 | CVE-2014-6271 | GNU Bourne-Again Shell (Bash) |
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.
|
— | 94.2% |
| Jan 28, 2022 | CVE-2014-7169 | GNU Bourne-Again Shell (Bash) |
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctl…
|
— | 89.1% |
| Jan 28, 2022 | CVE-2017-5689 | Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability |
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privile…
Intel products contain a vulnerability which can allow attackers to perform privilege escalation.
|
— | 94.2% |
| Jan 28, 2022 |
CVE-2020-0787
Ransomware |
Microsoft Windows |
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrar…
|
— | 59.3% |
| Jan 28, 2022 | CVE-2020-5722 | Grandstream UCM6200 |
Grandstream Networks UCM6200 Series SQL Injection Vulnerability
Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.
|
— | 92.7% |
| Jan 28, 2022 |
CVE-2021-20038
Ransomware |
SonicWall SMA 100 Appliances |
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.
|
— | 94.3% |
| Jan 28, 2022 | CVE-2022-22587 | Apple iOS and macOS |
Apple Memory Corruption Vulnerability
Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.
|
— | 0.4% |
| Jan 21, 2022 | CVE-2006-1547 | Apache Struts 1 |
Apache Struts 1 ActionForm Denial-of-Service Vulnerability
ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS).
|
— | 22.2% |
| Jan 21, 2022 | CVE-2012-0391 | Apache Struts 2 |
Apache Struts 2 Improper Input Validation Vulnerability
The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.
|
— | 87.5% |
| Jan 21, 2022 |
CVE-2018-8453
Ransomware |
Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Windows Win32k contains a vulnerability that allows an attacker to escalate privileges.
|
— | 81.3% |
| Jan 21, 2022 | CVE-2021-35247 | SolarWinds Serv-U |
SolarWinds Serv-U Improper Input Validation Vulnerability
SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.
|
— | 5.3% |
| Jan 18, 2022 | CVE-2020-11978 | Apache Airflow |
Apache Airflow Command Injection
A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.
|
— | 94.3% |
| Jan 18, 2022 | CVE-2020-13671 | Drupal Drupal core |
Drupal core Un-restricted Upload of File
Improper sanitization in the extension file names is present in Drupal core.
|
— | 2.6% |
| Jan 18, 2022 | CVE-2020-13927 | Apache Airflow's Experimental API |
Apache Airflow's Experimental API Authentication Bypass
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.
|
— | 94.1% |
| Jan 18, 2022 | CVE-2020-14864 | Oracle Intelligence Enterprise Edition |
Oracle Business Intelligence Enterprise Edition Path Transversal
Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.
|
— | 94.0% |
| Jan 18, 2022 | CVE-2021-21315 | Npm package System Information Library for Node.JS |
System Information Library for Node.JS Command Injection
In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.
|
— | 94.0% |
| Jan 18, 2022 |
CVE-2021-21975
Ransomware |
VMware vRealize Operations Manager API |
VMware Server Side Request Forgery in vRealize Operations Manager API
Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perfor…
|
— | 94.4% |
| Jan 18, 2022 | CVE-2021-22991 | F5 BIG-IP Traffic Management Microkernel |
F5 BIG-IP Traffic Management Microkernel Buffer Overflow
The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.
|
— | 73.1% |
| Jan 18, 2022 | CVE-2021-25296 | Nagios Nagios XI |
Nagios XI OS Command Injection
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
|
— | 93.3% |
| Jan 18, 2022 | CVE-2021-25297 | Nagios Nagios XI |
Nagios XI OS Command Injection
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
|
— | 81.9% |
| Jan 18, 2022 | CVE-2021-25298 | Nagios Nagios XI |
Nagios XI OS Command Injection
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
|
— | 75.2% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.