US Public Data LabU.S. public data, made readable
Data areas
Federal Register Congress bills CISA KEV / NVD SEC EDGAR USAspending Defense contracts Trade Economy Energy Places FDA recalls AI Research Grants NIH research grants Fiscal & national debt
Tools
Search Recent Rankings Compare Money flows Timeline Compare indicators Topics
Profiles
Company profiles Agency profiles Glossary
EN
日本語 English
Browse all

Known Exploited Vulnerabilities (CISA KEV) — all

The full CISA KEV catalog of vulnerabilities confirmed exploited in the wild — filter and search by year, ransomware use, and date added.

Clear

1,621 results

UrgencyCVEName / productVendorKEV added
High CVE-2011-4723 ↗ D-Link DIR-300 Router — D-Link DIR-300 Router Cleartext Storage of a Password... D-Link Sep 8, 2022
High CVE-2017-5521 ↗ NETGEAR Multiple Devices — NETGEAR Multiple Devices Exposure of Sensitive Info... NETGEAR Sep 8, 2022
Critical CVE-2018-13374 ↗ Fortinet FortiOS and FortiADC — Fortinet FortiOS and FortiADC Improper Access... Fortinet Sep 8, 2022
High CVE-2018-2628 ↗ Oracle WebLogic Server — Oracle WebLogic Server Unspecified Vulnerability Oracle Sep 8, 2022
Critical CVE-2018-6530 ↗ D-Link Multiple Routers — D-Link Multiple Routers OS Command Injection Vulnera... D-Link Sep 8, 2022
High CVE-2018-7445 ↗ MikroTik RouterOS — MikroTik RouterOS Stack-Based Buffer Overflow Vulnerabilit... MikroTik Sep 8, 2022
High CVE-2020-9934 ↗ Apple iOS, iPadOS, and macOS — Apple iOS, iPadOS, and macOS Input Validation V... Apple Sep 8, 2022
High CVE-2022-26258 ↗ D-Link DIR-820L — D-Link DIR-820L Remote Code Execution Vulnerability D-Link Sep 8, 2022
Critical CVE-2022-27593 ↗ QNAP Photo Station — QNAP Photo Station Externally Controlled Reference Vulner... QNAP Sep 8, 2022
High CVE-2022-3075 ↗ Google Chromium Mojo — Google Chromium Mojo Insufficient Data Validation Vulne... Google Sep 8, 2022
High CVE-2020-28949 ↗ PEAR Archive_Tar — PEAR Archive_Tar Deserialization of Untrusted Data Vulnerab... PEAR Aug 25, 2022
High CVE-2020-36193 ↗ PEAR Archive_Tar — PEAR Archive_Tar Improper Link Resolution Vulnerability PEAR Aug 25, 2022
High CVE-2021-31010 ↗ Apple iOS, macOS, watchOS — Apple iOS, macOS, watchOS Sandbox Bypass Vulnerabi... Apple Aug 25, 2022
High CVE-2021-38406 ↗ Delta Electronics DOPSoft 2 — Delta Electronics DOPSoft 2 Improper Input Valid... Delta Electronics Aug 25, 2022
High CVE-2021-39226 ↗ Grafana Labs Grafana — Grafana Authentication Bypass Vulnerability Grafana Labs Aug 25, 2022
Critical CVE-2022-2294 ↗ WebRTC WebRTC — WebRTC Heap Buffer Overflow Vulnerability WebRTC Aug 25, 2022
High CVE-2022-22963 ↗ VMware Tanzu Spring Cloud — VMware Tanzu Spring Cloud Function Remote Code Exe... VMware Tanzu Aug 25, 2022
High CVE-2022-24112 ↗ Apache APISIX — Apache APISIX Authentication Bypass Vulnerability Apache Aug 25, 2022
High CVE-2022-24706 ↗ Apache CouchDB — Apache CouchDB Insecure Default Initialization of Resource Vu... Apache Aug 25, 2022
Critical CVE-2022-26352 ↗ dotCMS dotCMS — dotCMS Unrestricted Upload of File Vulnerability dotCMS Aug 25, 2022
High CVE-2022-0028 ↗ Palo Alto Networks PAN-OS — Palo Alto Networks PAN-OS Reflected Amplification... Palo Alto Networks Aug 22, 2022
High CVE-2017-15944 ↗ Palo Alto Networks PAN-OS — Palo Alto Networks PAN-OS Remote Code Execution Vu... Palo Alto Networks Aug 18, 2022
High CVE-2022-21971 ↗ Microsoft Windows — Microsoft Windows Runtime Remote Code Execution Vulnerabil... Microsoft Aug 18, 2022
High CVE-2022-26923 ↗ Microsoft Active Directory — Microsoft Active Directory Domain Services Privil... Microsoft Aug 18, 2022
High CVE-2022-2856 ↗ Google Chromium Intents — Google Chromium Intents Insufficient Input Validatio... Google Aug 18, 2022
High CVE-2022-32893 ↗ Apple iOS and macOS — Apple iOS and macOS Out-of-Bounds Write Vulnerability Apple Aug 18, 2022
High CVE-2022-32894 ↗ Apple iOS and macOS — Apple iOS and macOS Out-of-Bounds Write Vulnerability Apple Aug 18, 2022
High CVE-2022-22536 ↗ SAP Multiple Products — SAP Multiple Products HTTP Request Smuggling Vulnerabi... SAP Aug 18, 2022
Critical CVE-2022-37042 ↗ Synacor Zimbra Collaboration Suite (ZCS) — Synacor Zimbra Collaboration Suite... Synacor Aug 11, 2022
Critical CVE-2022-27925 ↗ Synacor Zimbra Collaboration Suite (ZCS) — Synacor Zimbra Collaboration Suite... Synacor Aug 11, 2022
Critical CVE-2022-30333 ↗ RARLAB UnRAR — RARLAB UnRAR Directory Traversal Vulnerability RARLAB Aug 9, 2022
High CVE-2022-34713 ↗ Microsoft Windows — Microsoft Windows Support Diagnostic Tool (MSDT) Remote Co... Microsoft Aug 9, 2022
Critical CVE-2022-27924 ↗ Synacor Zimbra Collaboration Suite (ZCS) — Synacor Zimbra Collaboration Suite... Synacor Aug 4, 2022
High CVE-2022-26138 ↗ Atlassian Confluence — Atlassian Questions For Confluence App Hard-coded Crede... Atlassian Jul 29, 2022
High CVE-2022-22047 ↗ Microsoft Windows — Microsoft Windows Client Server Runtime Subsystem (CSRSS)... Microsoft Jul 12, 2022
High CVE-2022-26925 ↗ Microsoft Windows — Microsoft Windows LSA Spoofing Vulnerability Microsoft Jul 1, 2022
High CVE-2018-4344 ↗ Apple Multiple Products — Apple Multiple Products Memory Corruption Vulnerabil... Apple Jun 27, 2022
High CVE-2019-8605 ↗ Apple Multiple Products — Apple Multiple Products Use-After-Free Vulnerability Apple Jun 27, 2022
High CVE-2020-9907 ↗ Apple Multiple Products — Apple Multiple Products Memory Corruption Vulnerabil... Apple Jun 27, 2022
High CVE-2020-3837 ↗ Apple Multiple Products — Apple Multiple Products Memory Corruption Vulnerabil... Apple Jun 27, 2022
High CVE-2021-30983 ↗ Apple iOS and iPadOS — Apple iOS and iPadOS Buffer Overflow Vulnerability Apple Jun 27, 2022
High CVE-2021-4034 ↗ Red Hat Polkit — Red Hat Polkit Out-of-Bounds Read and Write Vulnerability Red Hat Jun 27, 2022
High CVE-2021-30533 ↗ Google Chromium PopupBlocker — Google Chromium PopupBlocker Security Bypass Vu... Google Jun 27, 2022
Critical CVE-2022-29499 ↗ Mitel MiVoice Connect — Mitel MiVoice Connect Data Validation Vulnerability Mitel Jun 27, 2022
Critical CVE-2022-30190 ↗ Microsoft Windows — Microsoft Windows Support Diagnostic Tool (MSDT) Remote Co... Microsoft Jun 14, 2022
High CVE-2016-2388 ↗ SAP NetWeaver — SAP NetWeaver Information Disclosure Vulnerability SAP Jun 9, 2022
High CVE-2016-2386 ↗ SAP NetWeaver — SAP NetWeaver SQL Injection Vulnerability SAP Jun 9, 2022
High CVE-2021-38163 ↗ SAP NetWeaver — SAP NetWeaver Unrestricted File Upload Vulnerability SAP Jun 9, 2022
High CVE-2006-2492 ↗ Microsoft Word — Microsoft Word Malformed Object Pointer Vulnerability Microsoft Jun 8, 2022
High CVE-2007-5659 ↗ Adobe Acrobat and Reader — Adobe Acrobat and Reader Buffer Overflow Vulnerabil... Adobe Jun 8, 2022

Source: official U.S. government open data. This is an organized index, not an official U.S. government site. "Explained" links to our summary page; otherwise links go to the official primary source.

Disclaimer: This site independently summarizes and classifies information based on official data sources. Always verify the latest and accurate information with the official sources. Content on finance, health, legal, and security is information, not advice. This site is not an official website of the U.S. government.