US Public Data LabU.S. public data, made readable
Data areas
Federal Register Congress bills CISA KEV / NVD SEC EDGAR USAspending Defense contracts Trade Economy Energy Places FDA recalls AI Research Grants NIH research grants Fiscal & national debt
Tools
Search Recent Rankings Compare Money flows Timeline Compare indicators Topics
Profiles
Company profiles Agency profiles Glossary
EN
日本語 English
Browse all

Known Exploited Vulnerabilities (CISA KEV) — all

The full CISA KEV catalog of vulnerabilities confirmed exploited in the wild — filter and search by year, ransomware use, and date added.

Clear

1,621 results

UrgencyCVEName / productVendorKEV added
High CVE-2024-43461 ↗ Microsoft Windows — Microsoft Windows MSHTML Platform Spoofing Vulnerability Microsoft Sep 16, 2024
Critical CVE-2024-6670 ↗ Progress WhatsUp Gold — Progress WhatsUp Gold SQL Injection Vulnerability Progress Sep 16, 2024
High CVE-2024-8190 ↗ Ivanti Cloud Services Appliance — Ivanti Cloud Services Appliance OS Command I... Ivanti Sep 13, 2024
High CVE-2024-38226 ↗ Microsoft Publisher — Microsoft Publisher Protection Mechanism Failure Vulnera... Microsoft Sep 10, 2024
High CVE-2024-38014 ↗ Microsoft Windows — Microsoft Windows Installer Improper Privilege Management... Microsoft Sep 10, 2024
High CVE-2024-38217 ↗ Microsoft Windows — Microsoft Windows Mark of the Web (MOTW) Protection Mechan... Microsoft Sep 10, 2024
High CVE-2016-3714 ↗ ImageMagick ImageMagick — ImageMagick Improper Input Validation Vulnerability ImageMagick Sep 9, 2024
Critical CVE-2017-1000253 ↗ Linux Kernel — Linux Kernel PIE Stack Buffer Corruption Vulnerability Linux Sep 9, 2024
Critical CVE-2024-40766 ↗ SonicWall SonicOS — SonicWall SonicOS Improper Access Control Vulnerability SonicWall Sep 9, 2024
High CVE-2021-20123 ↗ DrayTek VigorConnect — Draytek VigorConnect Path Traversal Vulnerability DrayTek Sep 3, 2024
High CVE-2021-20124 ↗ DrayTek VigorConnect — Draytek VigorConnect Path Traversal Vulnerability DrayTek Sep 3, 2024
High CVE-2024-7262 ↗ Kingsoft WPS Office — Kingsoft WPS Office Path Traversal Vulnerability Kingsoft Sep 3, 2024
High CVE-2024-7965 ↗ Google Chromium V8 — Google Chromium V8 Inappropriate Implementation Vulnerabi... Google Aug 28, 2024
High CVE-2024-38856 ↗ Apache OFBiz — Apache OFBiz Incorrect Authorization Vulnerability Apache Aug 27, 2024
High CVE-2024-7971 ↗ Google Chromium V8 — Google Chromium V8 Type Confusion Vulnerability Google Aug 26, 2024
High CVE-2024-39717 ↗ Versa Director — Versa Director Dangerous File Type Upload Vulnerability Versa Aug 23, 2024
High CVE-2021-33044 ↗ Dahua IP Camera Firmware — Dahua IP Camera Authentication Bypass Vulnerability Dahua Aug 21, 2024
High CVE-2021-33045 ↗ Dahua IP Camera Firmware — Dahua IP Camera Authentication Bypass Vulnerability Dahua Aug 21, 2024
High CVE-2022-0185 ↗ Linux Kernel — Linux Kernel Heap-Based Buffer Overflow Vulnerability Linux Aug 21, 2024
High CVE-2021-31196 ↗ Microsoft Exchange Server — Microsoft Exchange Server Information Disclosure V... Microsoft Aug 21, 2024
Critical CVE-2024-23897 ↗ Jenkins Jenkins Command Line Interface (CLI) — Jenkins Command Line Interface... Jenkins Aug 19, 2024
High CVE-2024-28986 ↗ SolarWinds Web Help Desk — SolarWinds Web Help Desk Deserialization of Untrust... SolarWinds Aug 15, 2024
High CVE-2024-38189 ↗ Microsoft Project — Microsoft Project Remote Code Execution Vulnerability Microsoft Aug 13, 2024
High CVE-2024-38178 ↗ Microsoft Windows — Microsoft Windows Scripting Engine Memory Corruption Vulne... Microsoft Aug 13, 2024
High CVE-2024-38213 ↗ Microsoft Windows — Microsoft Windows SmartScreen Security Feature Bypass Vuln... Microsoft Aug 13, 2024
High CVE-2024-38193 ↗ Microsoft Windows — Microsoft Windows Ancillary Function Driver for WinSock Pr... Microsoft Aug 13, 2024
High CVE-2024-38106 ↗ Microsoft Windows — Microsoft Windows Kernel Privilege Escalation Vulnerabilit... Microsoft Aug 13, 2024
High CVE-2024-38107 ↗ Microsoft Windows — Microsoft Windows Power Dependency Coordinator Privilege E... Microsoft Aug 13, 2024
High CVE-2024-36971 ↗ Android Kernel — Android Kernel Remote Code Execution Vulnerability Android Aug 7, 2024
High CVE-2024-32113 ↗ Apache OFBiz — Apache OFBiz Path Traversal Vulnerability Apache Aug 7, 2024
High CVE-2018-0824 ↗ Microsoft Windows — Microsoft COM for Windows Deserialization of Untrusted Dat... Microsoft Aug 5, 2024
Critical CVE-2024-37085 ↗ VMware ESXi — VMware ESXi Authentication Bypass Vulnerability VMware Jul 30, 2024
High CVE-2024-4879 ↗ ServiceNow Utah, Vancouver, and Washington DC Now Platform — ServiceNow Improp... ServiceNow Jul 29, 2024
High CVE-2024-5217 ↗ ServiceNow Utah, Vancouver, and Washington DC Now Platform — ServiceNow Incomp... ServiceNow Jul 29, 2024
High CVE-2023-45249 ↗ Acronis Cyber Infrastructure (ACI) — Acronis Cyber Infrastructure (ACI) Insecu... Acronis Jul 29, 2024
High CVE-2012-4792 ↗ Microsoft Internet Explorer — Microsoft Internet Explorer Use-After-Free Vulne... Microsoft Jul 23, 2024
High CVE-2024-39891 ↗ Twilio Authy — Twilio Authy Information Disclosure Vulnerability Twilio Jul 23, 2024
High CVE-2024-34102 ↗ Adobe Commerce and Magento Open Source — Adobe Commerce and Magento Open Sourc... Adobe Jul 17, 2024
High CVE-2024-28995 ↗ SolarWinds Serv-U — SolarWinds Serv-U Path Traversal Vulnerability SolarWinds Jul 17, 2024
High CVE-2022-22948 ↗ VMware vCenter Server — VMware vCenter Server Incorrect Default File Permissio... VMware Jul 17, 2024
High CVE-2024-36401 ↗ OSGeo GeoServer — OSGeo GeoServer GeoTools Eval Injection Vulnerability OSGeo Jul 15, 2024
High CVE-2024-38112 ↗ Microsoft Windows — Microsoft Windows MSHTML Platform Spoofing Vulnerability Microsoft Jul 9, 2024
High CVE-2024-38080 ↗ Microsoft Windows — Microsoft Windows Hyper-V Privilege Escalation Vulnerabili... Microsoft Jul 9, 2024
High CVE-2024-23692 ↗ Rejetto HTTP File Server — Rejetto HTTP File Server Improper Neutralization of... Rejetto Jul 9, 2024
High CVE-2024-20399 ↗ Cisco NX-OS — Cisco NX-OS Command Injection Vulnerability Cisco Jul 2, 2024
High CVE-2022-24816 ↗ OSGeo JAI-EXT — OSGeo GeoServer JAI-EXT Code Injection Vulnerability OSGeo Jun 26, 2024
High CVE-2022-2586 ↗ Linux Kernel — Linux Kernel Use-After-Free Vulnerability Linux Jun 26, 2024
High CVE-2020-13965 ↗ Roundcube Webmail — Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability Roundcube Jun 26, 2024
High CVE-2024-32896 ↗ Android Pixel — Android Pixel Privilege Escalation Vulnerability Android Jun 13, 2024
Critical CVE-2024-26169 ↗ Microsoft Windows — Microsoft Windows Error Reporting Service Improper Privile... Microsoft Jun 13, 2024

Source: official U.S. government open data. This is an organized index, not an official U.S. government site. "Explained" links to our summary page; otherwise links go to the official primary source.

Disclaimer: This site independently summarizes and classifies information based on official data sources. Always verify the latest and accurate information with the official sources. Content on finance, health, legal, and security is information, not advice. This site is not an official website of the U.S. government.