Browse all
Known Exploited Vulnerabilities (CISA KEV) — all
The full CISA KEV catalog of vulnerabilities confirmed exploited in the wild — filter and search by year, ransomware use, and date added.
1,622 results
| Urgency | CVE | Name / product | Vendor | KEV added |
|---|---|---|---|---|
| High | CVE-2022-0543 ↗ | Redis Debian-specific Redis Servers — Debian-specific Redis Server Lua Sandbox... | Redis | Mar 28, 2022 |
| High | CVE-2022-1096 ↗ | Google Chromium V8 — Google Chromium V8 Type Confusion Vulnerability | Mar 28, 2022 | |
| High | CVE-2005-2773 ↗ | Hewlett Packard (HP) OpenView Network Node Manager — HP OpenView Network Node... | Hewlett Packard (HP) | Mar 25, 2022 |
| High | CVE-2009-0927 ↗ | Adobe Reader and Acrobat — Adobe Reader and Adobe Acrobat Stack-Based Buffer O... | Adobe | Mar 25, 2022 |
| High | CVE-2009-1151 ↗ | phpMyAdmin phpMyAdmin — phpMyAdmin Remote Code Execution Vulnerability | phpMyAdmin | Mar 25, 2022 |
| High | CVE-2009-2055 ↗ | Cisco IOS XR — Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vu... | Cisco | Mar 25, 2022 |
| Critical | CVE-2010-2861 ↗ | Adobe ColdFusion — Adobe ColdFusion Directory Traversal Vulnerability | Adobe | Mar 25, 2022 |
| High | CVE-2010-3035 ↗ | Cisco IOS XR — Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vu... | Cisco | Mar 25, 2022 |
| High | CVE-2010-4344 ↗ | Exim Exim — Exim Heap-Based Buffer Overflow Vulnerability | Exim | Mar 25, 2022 |
| High | CVE-2010-4345 ↗ | Exim Exim — Exim Privilege Escalation Vulnerability | Exim | Mar 25, 2022 |
| High | CVE-2012-1823 ↗ | PHP PHP — PHP-CGI Query String Parameter Vulnerability | PHP | Mar 25, 2022 |
| High | CVE-2013-2251 ↗ | Apache Struts — Apache Struts Improper Input Validation Vulnerability | Apache | Mar 25, 2022 |
| High | CVE-2013-4810 ↗ | Hewlett Packard (HP) ProCurve Manager (PCM), PCM+, Identity Driven Manager (ID... | Hewlett Packard (HP) | Mar 25, 2022 |
| High | CVE-2013-5223 ↗ | D-Link DSL-2760U — D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability | D-Link | Mar 25, 2022 |
| High | CVE-2014-0130 ↗ | Rails Ruby on Rails — Ruby on Rails Directory Traversal Vulnerability | Rails | Mar 25, 2022 |
| High | CVE-2014-3120 ↗ | Elastic Elasticsearch — Elasticsearch Remote Code Execution Vulnerability | Elastic | Mar 25, 2022 |
| High | CVE-2014-6287 ↗ | Rejetto HTTP File Server (HFS) — Rejetto HTTP File Server (HFS) Remote Code Ex... | Rejetto | Mar 25, 2022 |
| High | CVE-2014-6324 ↗ | Microsoft Kerberos Key Distribution Center (KDC) — Microsoft Kerberos Key Dist... | Microsoft | Mar 25, 2022 |
| High | CVE-2014-6332 ↗ | Microsoft Windows — Microsoft Windows Object Linking & Embedding (OLE) Automat... | Microsoft | Mar 25, 2022 |
| High | CVE-2015-0666 ↗ | Cisco Prime Data Center Network Manager (DCNM) — Cisco Prime Data Center Netwo... | Cisco | Mar 25, 2022 |
| High | CVE-2015-1187 ↗ | D-Link and TRENDnet Multiple Devices — D-Link and TRENDnet Multiple Devices Re... | D-Link and TRENDnet | Mar 25, 2022 |
| High | CVE-2015-1427 ↗ | Elastic Elasticsearch — Elasticsearch Groovy Scripting Engine Remote Code Exec... | Elastic | Mar 25, 2022 |
| High | CVE-2015-3035 ↗ | TP-Link Multiple Archer Devices — TP-Link Multiple Archer Devices Directory Tr... | TP-Link | Mar 25, 2022 |
| High | CVE-2015-4068 ↗ | Arcserve Unified Data Protection (UDP) — Arcserve Unified Data Protection (UDP... | Arcserve | Mar 25, 2022 |
| High | CVE-2016-0752 ↗ | Rails Ruby on Rails — Ruby on Rails Directory Traversal Vulnerability | Rails | Mar 25, 2022 |
| High | CVE-2016-10174 ↗ | NETGEAR WNR2000v5 Router — NETGEAR WNR2000v5 Router Buffer Overflow Vulnerabil... | NETGEAR | Mar 25, 2022 |
| High | CVE-2016-11021 ↗ | D-Link DCS-930L Devices — D-Link DCS-930L Devices OS Command Injection Vulnera... | D-Link | Mar 25, 2022 |
| High | CVE-2016-1555 ↗ | NETGEAR Wireless Access Point (WAP) Devices — NETGEAR Multiple WAP Devices Com... | NETGEAR | Mar 25, 2022 |
| High | CVE-2016-4171 ↗ | Adobe Flash Player — Adobe Flash Player Remote Code Execution Vulnerability | Adobe | Mar 25, 2022 |
| High | CVE-2016-7892 ↗ | Adobe Flash Player — Adobe Flash Player Use-After-Free Vulnerability | Adobe | Mar 25, 2022 |
| Critical | CVE-2017-0146 ↗ | Microsoft Windows — Microsoft Windows SMB Remote Code Execution Vulnerability | Microsoft | Mar 25, 2022 |
| Critical | CVE-2017-12615 ↗ | Apache Tomcat — Apache Tomcat on Windows Remote Code Execution Vulnerability | Apache | Mar 25, 2022 |
| High | CVE-2017-12617 ↗ | Apache Tomcat — Apache Tomcat Remote Code Execution Vulnerability | Apache | Mar 25, 2022 |
| High | CVE-2017-3881 ↗ | Cisco IOS and IOS XE — Cisco IOS and IOS XE Remote Code Execution Vulnerabilit... | Cisco | Mar 25, 2022 |
| High | CVE-2017-6316 ↗ | Citrix NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Ser... | Citrix | Mar 25, 2022 |
| High | CVE-2017-6334 ↗ | NETGEAR DGN2200 Devices — NETGEAR DGN2200 Devices OS Command Injection Vulnera... | NETGEAR | Mar 25, 2022 |
| High | CVE-2018-0125 ↗ | Cisco VPN Routers — Cisco VPN Routers Remote Code Execution Vulnerability | Cisco | Mar 25, 2022 |
| High | CVE-2018-0147 ↗ | Cisco Secure Access Control System (ACS) — Cisco Secure Access Control System... | Cisco | Mar 25, 2022 |
| Critical | CVE-2018-11138 ↗ | Quest KACE System Management Appliance — Quest KACE System Management Applianc... | Quest | Mar 25, 2022 |
| Critical | CVE-2018-1273 ↗ | VMware Tanzu Spring Data Commons — VMware Tanzu Spring Data Commons Property B... | VMware Tanzu | Mar 25, 2022 |
| High | CVE-2018-14839 ↗ | LG N1A1 NAS — LG N1A1 NAS Remote Command Execution Vulnerability | LG | Mar 25, 2022 |
| High | CVE-2018-6961 ↗ | VMware SD-WAN Edge — VMware SD-WAN Edge by VeloCloud Command Injection Vulnera... | VMware | Mar 25, 2022 |
| High | CVE-2018-8373 ↗ | Microsoft Internet Explorer Scripting Engine — Microsoft Scripting Engine Memo... | Microsoft | Mar 25, 2022 |
| High | CVE-2018-8414 ↗ | Microsoft Windows — Microsoft Windows Shell Remote Code Execution Vulnerabilit... | Microsoft | Mar 25, 2022 |
| High | CVE-2019-0903 ↗ | Microsoft Graphics Device Interface (GDI) — Microsoft GDI Remote Code Executio... | Microsoft | Mar 25, 2022 |
| High | CVE-2019-1003030 ↗ | Jenkins Matrix Project Plugin — Jenkins Matrix Project Plugin Remote Code Exec... | Jenkins | Mar 25, 2022 |
| High | CVE-2019-10068 ↗ | Kentico Xperience — Kentico Xperience Deserialization of Untrusted Data Vulner... | Kentico | Mar 25, 2022 |
| Critical | CVE-2019-11043 ↗ | PHP FastCGI Process Manager (FPM) — PHP FastCGI Process Manager (FPM) Buffer O... | PHP | Mar 25, 2022 |
| High | CVE-2019-12989 ↗ | Citrix SD-WAN and NetScaler — Citrix SD-WAN and NetScaler SQL Injection Vulner... | Citrix | Mar 25, 2022 |
| High | CVE-2019-12991 ↗ | Citrix SD-WAN and NetScaler — Citrix SD-WAN and NetScaler Command Injection Vu... | Citrix | Mar 25, 2022 |
Source: official U.S. government open data. This is an organized index, not an official U.S. government site. "Explained" links to our summary page; otherwise links go to the official primary source.