US Public Data LabU.S. public data, made readable
Data areas
Federal Register Congress bills CISA KEV / NVD SEC EDGAR USAspending Defense contracts Trade Economy Energy Places FDA recalls AI Research Grants NIH research grants Fiscal & national debt
Tools
Search Recent Rankings Compare Money flows Timeline Compare indicators Topics
Profiles
Company profiles Agency profiles Glossary
EN
日本語 English
Browse all

Known Exploited Vulnerabilities (CISA KEV) — all

The full CISA KEV catalog of vulnerabilities confirmed exploited in the wild — filter and search by year, ransomware use, and date added.

Clear

1,621 results

UrgencyCVEName / productVendorKEV added
High CVE-2023-1389 ↗ TP-Link Archer AX21 — TP-Link Archer AX-21 Command Injection Vulnerability TP-Link May 1, 2023
High CVE-2023-2136 ↗ Google Chromium Skia — Google Chrome Skia Integer Overflow Vulnerability Google Apr 21, 2023
Critical CVE-2023-27350 ↗ PaperCut MF/NG — PaperCut MF/NG Improper Access Control Vulnerability PaperCut Apr 21, 2023
High CVE-2023-28432 ↗ MinIO MinIO — MinIO Information Disclosure Vulnerability MinIO Apr 21, 2023
High CVE-2017-6742 ↗ Cisco IOS and IOS XE Software — Cisco IOS and IOS XE Software SNMP Remote Code... Cisco Apr 19, 2023
High CVE-2023-2033 ↗ Google Chromium V8 — Google Chromium V8 Type Confusion Vulnerability Google Apr 17, 2023
High CVE-2019-8526 ↗ Apple macOS — Apple macOS Use-After-Free Vulnerability Apple Apr 17, 2023
High CVE-2023-29492 ↗ Novi Survey Novi Survey — Novi Survey Insecure Deserialization Vulnerability Novi Survey Apr 13, 2023
High CVE-2023-20963 ↗ Android Framework — Android Framework Privilege Escalation Vulnerability Android Apr 13, 2023
Critical CVE-2023-28252 ↗ Microsoft Windows — Microsoft Windows Common Log File System (CLFS) Driver Pri... Microsoft Apr 11, 2023
High CVE-2023-28206 ↗ Apple iOS, iPadOS, and macOS — Apple iOS, iPadOS, and macOS IOSurfaceAccelerat... Apple Apr 10, 2023
High CVE-2023-28205 ↗ Apple Multiple Products — Apple Multiple Products WebKit Use-After-Free Vulner... Apple Apr 10, 2023
High CVE-2023-26083 ↗ Arm Mali Graphics Processing Unit (GPU) — Arm Mali GPU Kernel Driver Informati... Arm Apr 7, 2023
Critical CVE-2019-1388 ↗ Microsoft Windows — Microsoft Windows Certificate Dialog Privilege Escalation... Microsoft Apr 7, 2023
Critical CVE-2021-27878 ↗ Veritas Backup Exec Agent — Veritas Backup Exec Agent Command Execution Vulner... Veritas Apr 7, 2023
Critical CVE-2021-27877 ↗ Veritas Backup Exec Agent — Veritas Backup Exec Agent Improper Authentication... Veritas Apr 7, 2023
Critical CVE-2021-27876 ↗ Veritas Backup Exec Agent — Veritas Backup Exec Agent File Access Vulnerabilit... Veritas Apr 7, 2023
High CVE-2022-27926 ↗ Synacor Zimbra Collaboration Suite (ZCS) — Synacor Zimbra Collaboration Suite... Synacor Apr 3, 2023
High CVE-2022-22706 ↗ Arm Mali Graphics Processing Unit (GPU) — Arm Mali GPU Kernel Driver Unspecifi... Arm Mar 30, 2023
High CVE-2022-3038 ↗ Google Chromium Network Service — Google Chromium Network Service Use-After-Fr... Google Mar 30, 2023
High CVE-2023-0266 ↗ Linux Kernel — Linux Kernel Use-After-Free Vulnerability Linux Mar 30, 2023
High CVE-2022-38181 ↗ Arm Mali Graphics Processing Unit (GPU) — Arm Mali GPU Kernel Driver Use-After... Arm Mar 30, 2023
High CVE-2021-30900 ↗ Apple iOS, iPadOS, and macOS — Apple iOS, iPadOS, and macOS Out-of-Bounds Writ... Apple Mar 30, 2023
High CVE-2022-39197 ↗ Fortra Cobalt Strike — Fortra Cobalt Strike Teamserver Cross-Site Scripting (X... Fortra Mar 30, 2023
High CVE-2022-42948 ↗ Fortra Cobalt Strike — Fortra Cobalt Strike User Interface Remote Code Executi... Fortra Mar 30, 2023
Critical CVE-2017-7494 ↗ Samba Samba — Samba Remote Code Execution Vulnerability Samba Mar 30, 2023
High CVE-2013-3163 ↗ Microsoft Internet Explorer — Microsoft Internet Explorer Memory Corruption Vu... Microsoft Mar 30, 2023
High CVE-2023-26360 ↗ Adobe ColdFusion — Adobe ColdFusion Deserialization of Untrusted Data Vulnerab... Adobe Mar 15, 2023
High CVE-2022-41328 ↗ Fortinet FortiOS — Fortinet FortiOS Path Traversal Vulnerability Fortinet Mar 14, 2023
Critical CVE-2023-24880 ↗ Microsoft Windows — Microsoft Windows SmartScreen Security Feature Bypass Vuln... Microsoft Mar 14, 2023
High CVE-2023-23397 ↗ Microsoft Office — Microsoft Office Outlook Privilege Escalation Vulnerability Microsoft Mar 14, 2023
High CVE-2020-5741 ↗ Plex Media Server — Plex Media Server Remote Code Execution Vulnerability Plex Mar 10, 2023
High CVE-2021-39144 ↗ XStream XStream — XStream Remote Code Execution Vulnerability XStream Mar 10, 2023
High CVE-2022-35914 ↗ Teclib GLPI — Teclib GLPI Remote Code Execution Vulnerability Teclib Mar 7, 2023
High CVE-2022-33891 ↗ Apache Spark — Apache Spark Command Injection Vulnerability Apache Mar 7, 2023
High CVE-2022-28810 ↗ Zoho ManageEngine — Zoho ManageEngine ADSelfService Plus Remote Code Execution... Zoho Mar 7, 2023
Critical CVE-2022-36537 ↗ ZK Framework AuUploader — ZK Framework AuUploader Unspecified Vulnerability ZK Framework Feb 27, 2023
Critical CVE-2022-40765 ↗ Mitel MiVoice Connect — Mitel MiVoice Connect Command Injection Vulnerability Mitel Feb 21, 2023
Critical CVE-2022-41223 ↗ Mitel MiVoice Connect — Mitel MiVoice Connect Code Injection Vulnerability Mitel Feb 21, 2023
Critical CVE-2022-47986 ↗ IBM Aspera Faspex — IBM Aspera Faspex Code Execution Vulnerability IBM Feb 21, 2023
High CVE-2022-46169 ↗ Cacti Cacti — Cacti Command Injection Vulnerability Cacti Feb 16, 2023
High CVE-2023-21823 ↗ Microsoft Windows — Microsoft Windows Graphic Component Privilege Escalation V... Microsoft Feb 14, 2023
High CVE-2023-23529 ↗ Apple Multiple Products — Apple Multiple Products WebKit Type Confusion Vulner... Apple Feb 14, 2023
Critical CVE-2023-23376 ↗ Microsoft Windows — Microsoft Windows Common Log File System (CLFS) Driver Pri... Microsoft Feb 14, 2023
High CVE-2023-21715 ↗ Microsoft Office — Microsoft Office Publisher Security Feature Bypass Vulnerab... Microsoft Feb 14, 2023
Critical CVE-2023-0669 ↗ Fortra GoAnywhere MFT — Fortra GoAnywhere MFT Remote Code Execution Vulnerabil... Fortra Feb 10, 2023
Critical CVE-2022-24990 ↗ TerraMaster TerraMaster OS — TerraMaster OS Remote Command Execution Vulnerabi... TerraMaster Feb 10, 2023
Critical CVE-2015-2291 ↗ Intel Ethernet Diagnostics Driver for Windows — Intel Ethernet Diagnostics Dri... Intel Feb 10, 2023
High CVE-2023-22952 ↗ SugarCRM Multiple Products — Multiple SugarCRM Products Remote Code Execution... SugarCRM Feb 2, 2023
Critical CVE-2022-21587 ↗ Oracle E-Business Suite — Oracle E-Business Suite Unspecified Vulnerability Oracle Feb 2, 2023

Source: official U.S. government open data. This is an organized index, not an official U.S. government site. "Explained" links to our summary page; otherwise links go to the official primary source.

Disclaimer: This site independently summarizes and classifies information based on official data sources. Always verify the latest and accurate information with the official sources. Content on finance, health, legal, and security is information, not advice. This site is not an official website of the U.S. government.