Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 121–150 of 171 CVEs · Page 5 of 6 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Mar 3, 2022 CVE-2017-6739 Cisco IOS and IOS XE Software
mobile network
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute cod…
20.4%
Mar 3, 2022 CVE-2017-6740 Cisco IOS and IOS XE Software
mobile network
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute cod…
16.1%
Mar 3, 2022 CVE-2017-6743 Cisco IOS and IOS XE Software
mobile network
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute cod…
20.4%
Mar 3, 2022 CVE-2017-6744 Cisco IOS software
mobile network
Cisco IOS Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an a…
7.6%
Mar 3, 2022 CVE-2018-0151 Cisco IOS and IOS XE Software
mobile network
Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability
A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of serv…
5.9%
Mar 3, 2022 CVE-2018-0154 Cisco IOS Software
mobile network vpn remote
Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause …
11.7%
Mar 3, 2022 CVE-2018-0156 Cisco IOS Software and Cisco IOS XE Software
mobile network
Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected dev…
15.5%
Mar 3, 2022 CVE-2018-0158 Cisco IOS Software and Cisco IOS XE Software
m365 mobile network
Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability
A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remo…
14.6%
Mar 3, 2022 CVE-2018-0159 Cisco IOS Software and Cisco IOS XE Software
m365 mobile network
Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability
A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remo…
7.0%
Mar 3, 2022 CVE-2018-0161 Cisco IOS Software
mobile network
Cisco IOS Software Resource Management Errors Vulnerability
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated,…
0.9%
Mar 3, 2022 CVE-2018-0167 Cisco IOS, XR, and XE Software
mobile network
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could …
1.2%
Mar 3, 2022 CVE-2018-0172 Cisco IOS and IOS XE Software
mobile network
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
6.2%
Mar 3, 2022 CVE-2018-0173 Cisco IOS and IOS XE Software
mobile network
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for deni…
5.4%
Mar 3, 2022 CVE-2018-0174 Cisco IOS XE Software
mobile network
Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
5.4%
Mar 3, 2022 CVE-2018-0175 Cisco IOS, XR, and XE Software
mobile network
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenti…
2.9%
Mar 3, 2022 CVE-2018-0179 Cisco IOS Software
mobile network
Cisco IOS Software Denial-of-Service Vulnerability
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, re…
2.0%
Mar 3, 2022 CVE-2018-0180 Cisco IOS Software
mobile network
Cisco IOS Software Denial-of-Service Vulnerability
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, re…
1.7%
Feb 11, 2022 CVE-2022-22620 Apple iOS, iPadOS, and macOS
browser endpoint mobile smb essential
Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could i…
4.0%
Feb 10, 2022 CVE-2014-4404 Apple OS X
endpoint mobile smb essential
Apple OS X Heap-Based Buffer Overflow Vulnerability
Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.
62.0%
Feb 10, 2022 CVE-2015-1130 Apple OS X
endpoint mobile smb essential
Apple OS X Authentication Bypass Vulnerability
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.
23.4%
Jan 28, 2022 CVE-2022-22587 Apple iOS and macOS
endpoint mobile smb essential
Apple Memory Corruption Vulnerability
Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.
0.4%
Nov 3, 2021 CVE-2018-0171 Cisco IOS and IOS XE
mobile network
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (…
92.9%
Nov 3, 2021 CVE-2019-2215 Android Android Kernel
mobile
Android Kernel Use-After-Free Vulnerability
Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed ch…
53.1%
Nov 3, 2021 CVE-2019-6223 Apple iOS and macOS
endpoint mobile smb essential
Apple iOS and macOS Group Facetime Vulnerability
Apple iOS and macOS Group FaceTime contains an unspecified vulnerability where the call initiator can cause the recipient's Apple device to answer unknowingly or without user inte…
0.4%
Nov 3, 2021 CVE-2020-0041 Android Android Kernel
mobile
Android Kernel Out-of-Bounds Write Vulnerability
Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This …
23.9%
Nov 3, 2021 CVE-2020-16010 Google Chrome for Android UI
browser mobile smb essential
Google Chrome for Android UI Heap Buffer Overflow Vulnerability
Google Chrome for Android UI contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbo…
19.6%
Nov 3, 2021 CVE-2020-27930 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front.
43.9%
Nov 3, 2021 CVE-2020-27932 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Type Confusion Vulnerability
Apple iOS, iPadOS, macOS, and watchOS contain a type confusion vulnerability that may allow a malicious application to execute code with kernel privileges.
15.7%
Nov 3, 2021 CVE-2020-27950 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Initialization Vulnerability
Apple iOS, iPadOS, macOS, and watchOS contain a memory initialization vulnerability that may allow a malicious application to disclose kernel memory.
43.8%
Nov 3, 2021 CVE-2020-3118 Cisco IOS XR
mobile network
Cisco IOS XR Software Discovery Protocol Format String Vulnerability
Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute …
0.2%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.