Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Nov 8, 2022 |
CVE-2022-41091
Ransomware |
Microsoft Windows |
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.
|
— | 6.3% |
| Nov 8, 2022 | CVE-2022-41125 | Microsoft Windows |
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.
|
— | 0.7% |
| Nov 8, 2022 | CVE-2022-41128 | Microsoft Windows |
Microsoft Windows Scripting Languages Remote Code Execution Vulnerability
Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution.
|
— | 39.2% |
| Oct 25, 2022 | CVE-2022-42827 | Apple iOS and iPadOS |
Apple iOS and iPadOS Out-of-Bounds Write Vulnerability
Apple iOS and iPadOS kernel contain an out-of-bounds write vulnerability which can allow an application to perform code execution with kernel privileges.
|
— | 0.2% |
| Oct 24, 2022 |
CVE-2020-3153
Ransomware |
Cisco AnyConnect Secure |
Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious…
|
— | 25.1% |
| Oct 24, 2022 |
CVE-2020-3433
Ransomware |
Cisco AnyConnect Secure |
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at …
|
— | 3.9% |
| Oct 11, 2022 | CVE-2022-41033 | Microsoft Windows COM+ Event System Service |
Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability
Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.
|
— | 1.7% |
| Sep 30, 2022 |
CVE-2022-41040
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Server-Side Request Forgery Vulnerability
Microsoft Exchange Server allows for server-side request forgery. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41082 which allows for remote code executio…
|
— | 94.1% |
| Sep 30, 2022 |
CVE-2022-41082
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed "ProxyNotShell," this vulnerability is chainable with C…
|
— | 90.8% |
| Sep 23, 2022 | CVE-2022-3236 | Sophos Firewall |
Sophos Firewall Code Injection Vulnerability
A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.
|
— | 92.8% |
| Sep 15, 2022 | CVE-2010-2568 | Microsoft Windows |
Microsoft Windows Remote Code Execution Vulnerability
Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attac…
|
— | 92.1% |
| Sep 15, 2022 | CVE-2022-40139 | Trend Micro Apex One and Apex One as a Service |
Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability
Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.
|
— | 8.9% |
| Sep 14, 2022 | CVE-2022-32917 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability
Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.
|
— | 0.9% |
| Sep 14, 2022 | CVE-2022-37969 | Microsoft Windows |
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
|
— | 12.8% |
| Sep 8, 2022 | CVE-2020-9934 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Input Validation Vulnerability
Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information.
|
— | 2.1% |
| Aug 25, 2022 | CVE-2021-31010 | Apple iOS, macOS, watchOS |
Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability
In affected versions of Apple iOS, macOS, and watchOS, a sandboxed process may be able to circumvent sandbox restrictions.
|
— | 0.7% |
| Aug 18, 2022 | CVE-2022-21971 | Microsoft Windows |
Microsoft Windows Runtime Remote Code Execution Vulnerability
Microsoft Windows Runtime contains an unspecified vulnerability that allows for remote code execution.
|
— | 87.8% |
| Aug 18, 2022 | CVE-2022-26923 | Microsoft Active Directory |
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow fo…
|
— | 91.6% |
| Aug 18, 2022 | CVE-2022-32893 | Apple iOS and macOS |
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.
|
— | 0.1% |
| Aug 18, 2022 | CVE-2022-32894 | Apple iOS and macOS |
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.
|
— | 0.3% |
| Aug 9, 2022 | CVE-2022-34713 | Microsoft Windows |
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application.
|
— | 4.5% |
| Jul 12, 2022 | CVE-2022-22047 | Microsoft Windows |
Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability
Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.
|
— | 1.2% |
| Jul 1, 2022 | CVE-2022-26925 | Microsoft Windows |
Microsoft Windows LSA Spoofing Vulnerability
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.
|
— | 37.4% |
| Jun 27, 2022 | CVE-2018-4344 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.
|
— | 0.2% |
| Jun 27, 2022 | CVE-2019-8605 | Apple Multiple Products |
Apple Multiple Products Use-After-Free Vulnerability
A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.
|
— | 13.8% |
| Jun 27, 2022 | CVE-2020-3837 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
|
— | 6.4% |
| Jun 27, 2022 | CVE-2020-9907 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
|
— | 0.5% |
| Jun 27, 2022 | CVE-2021-30983 | Apple iOS and iPadOS |
Apple iOS and iPadOS Buffer Overflow Vulnerability
Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.
|
— | 0.5% |
| Jun 14, 2022 |
CVE-2022-30190
Ransomware |
Microsoft Windows |
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnera…
|
— | 93.6% |
| Jun 8, 2022 | CVE-2006-2492 | Microsoft Word |
Microsoft Word Malformed Object Pointer Vulnerability
Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code.
|
— | 79.1% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.