US Public Data LabU.S. public data, made readable
Data areas
Federal Register Congress bills CISA KEV / NVD SEC EDGAR USAspending Defense contracts Trade Economy Energy Places FDA recalls AI Research Grants NIH research grants Fiscal & national debt
Tools
Search Recent Rankings Compare Money flows Timeline Compare indicators Topics
Profiles
Company profiles Agency profiles Glossary
EN
日本語 English
Browse all

Known Exploited Vulnerabilities (CISA KEV) — all

The full CISA KEV catalog of vulnerabilities confirmed exploited in the wild — filter and search by year, ransomware use, and date added.

Clear

1,622 results

UrgencyCVEName / productVendorKEV added
Critical CVE-2019-15107 ↗ Webmin Webmin — Webmin Command Injection Vulnerability Webmin Mar 25, 2022
High CVE-2019-16920 ↗ D-Link Multiple Routers — D-Link Multiple Routers Command Injection Vulnerabil... D-Link Mar 25, 2022
High CVE-2019-2616 ↗ Oracle BI Publisher (Formerly XML Publisher) — Oracle BI Publisher Unauthorize... Oracle Mar 25, 2022
High CVE-2019-6340 ↗ Drupal Core — Drupal Core Remote Code Execution Vulnerability Drupal Mar 25, 2022
High CVE-2020-1631 ↗ Juniper Junos OS — Juniper Junos OS Path Traversal Vulnerability Juniper Mar 25, 2022
High CVE-2020-1956 ↗ Apache Kylin — Apache Kylin OS Command Injection Vulnerability Apache Mar 25, 2022
Critical CVE-2020-2021 ↗ Palo Alto Networks PAN-OS — Palo Alto Networks PAN-OS Authentication Bypass Vu... Palo Alto Networks Mar 25, 2022
High CVE-2020-2506 ↗ QNAP Systems Helpdesk — QNAP Helpdesk Improper Access Control Vulnerability QNAP Systems Mar 25, 2022
High CVE-2020-25223 ↗ Sophos SG UTM — Sophos SG UTM Remote Code Execution Vulnerability Sophos Mar 25, 2022
High CVE-2020-5410 ↗ VMware Tanzu Spring Cloud Configuration (Config) Server — VMware Tanzu Spring... VMware Tanzu Mar 25, 2022
High CVE-2020-7247 ↗ OpenBSD OpenSMTPD — OpenSMTPD Remote Code Execution Vulnerability OpenBSD Mar 25, 2022
High CVE-2020-9054 ↗ Zyxel Multiple Network-Attached Storage (NAS) Devices — Zyxel Multiple NAS Dev... Zyxel Mar 25, 2022
High CVE-2020-9377 ↗ D-Link DIR-610 Devices — D-Link DIR-610 Devices Remote Command Execution D-Link Mar 25, 2022
Critical CVE-2021-22941 ↗ Citrix ShareFile — Citrix ShareFile Improper Access Control Vulnerability Citrix Mar 25, 2022
Critical CVE-2021-42237 ↗ Sitecore XP — Sitecore XP Remote Command Execution Vulnerability Sitecore Mar 25, 2022
Critical CVE-2022-21999 ↗ Microsoft Windows — Microsoft Windows Print Spooler Privilege Escalation Vulne... Microsoft Mar 25, 2022
High CVE-2022-26143 ↗ Mitel MiCollab, MiVoice Business Express — MiCollab, MiVoice Business Express... Mitel Mar 25, 2022
High CVE-2022-26318 ↗ WatchGuard Firebox and XTM Appliances — WatchGuard Firebox and XTM Appliances... WatchGuard Mar 25, 2022
Critical CVE-2015-2546 ↗ Microsoft Win32k — Microsoft Win32k Memory Corruption Vulnerability Microsoft Mar 15, 2022
Critical CVE-2016-3309 ↗ Microsoft Windows — Microsoft Windows Kernel Privilege Escalation Vulnerabilit... Microsoft Mar 15, 2022
Critical CVE-2017-0101 ↗ Microsoft Windows — Microsoft Windows Transaction Manager Privilege Escalation... Microsoft Mar 15, 2022
Critical CVE-2018-8120 ↗ Microsoft Win32k — Microsoft Win32k Privilege Escalation Vulnerability Microsoft Mar 15, 2022
Critical CVE-2019-0543 ↗ Microsoft Windows — Microsoft Windows Privilege Escalation Vulnerability Microsoft Mar 15, 2022
Critical CVE-2019-0841 ↗ Microsoft Windows — Microsoft Windows AppX Deployment Service (AppXSVC) Privil... Microsoft Mar 15, 2022
Critical CVE-2019-1064 ↗ Microsoft Windows — Microsoft Windows AppX Deployment Service (AppXSVC) Privil... Microsoft Mar 15, 2022
Critical CVE-2019-1069 ↗ Microsoft Task Scheduler — Microsoft Task Scheduler Privilege Escalation Vulne... Microsoft Mar 15, 2022
Critical CVE-2019-1129 ↗ Microsoft Windows — Microsoft Windows AppX Deployment Service (AppXSVC) Privil... Microsoft Mar 15, 2022
High CVE-2019-1132 ↗ Microsoft Win32k — Microsoft Win32k Privilege Escalation Vulnerability Microsoft Mar 15, 2022
Critical CVE-2019-1253 ↗ Microsoft Windows — Microsoft Windows AppX Deployment Server Privilege Escalat... Microsoft Mar 15, 2022
Critical CVE-2019-1315 ↗ Microsoft Windows — Microsoft Windows Error Reporting Manager Privilege Escala... Microsoft Mar 15, 2022
Critical CVE-2019-1322 ↗ Microsoft Windows — Microsoft Windows Privilege Escalation Vulnerability Microsoft Mar 15, 2022
Critical CVE-2019-1405 ↗ Microsoft Windows — Microsoft Windows Universal Plug and Play (UPnP) Service P... Microsoft Mar 15, 2022
High CVE-2020-5135 ↗ SonicWall SonicOS — SonicWall SonicOS Buffer Overflow Vulnerability SonicWall Mar 15, 2022
Critical CVE-2009-3960 ↗ Adobe BlazeDS — Adobe BlazeDS Information Disclosure Vulnerability Adobe Mar 7, 2022
High CVE-2013-0625 ↗ Adobe ColdFusion — Adobe ColdFusion Authentication Bypass Vulnerability Adobe Mar 7, 2022
High CVE-2013-0629 ↗ Adobe ColdFusion — Adobe ColdFusion Directory Traversal Vulnerability Adobe Mar 7, 2022
High CVE-2013-0631 ↗ Adobe ColdFusion — Adobe ColdFusion Information Disclosure Vulnerability Adobe Mar 7, 2022
High CVE-2016-6277 ↗ NETGEAR Multiple Routers — NETGEAR Multiple Routers Remote Code Execution Vuln... NETGEAR Mar 7, 2022
High CVE-2017-6077 ↗ NETGEAR Wireless Router DGN2200 — NETGEAR DGN2200 Remote Code Execution Vulner... NETGEAR Mar 7, 2022
High CVE-2019-11581 ↗ Atlassian Jira Server and Data Center — Atlassian Jira Server and Data Center... Atlassian Mar 7, 2022
High CVE-2020-8218 ↗ Pulse Secure Pulse Connect Secure — Pulse Connect Secure Code Injection Vulner... Pulse Secure Mar 7, 2022
High CVE-2021-21973 ↗ VMware vCenter Server and Cloud Foundation — VMware vCenter Server and Cloud F... VMware Mar 7, 2022
High CVE-2022-26485 ↗ Mozilla Firefox — Mozilla Firefox Use-After-Free Vulnerability Mozilla Mar 7, 2022
High CVE-2022-26486 ↗ Mozilla Firefox — Mozilla Firefox Use-After-Free Vulnerability Mozilla Mar 7, 2022
High CVE-2002-0367 ↗ Microsoft Windows — Microsoft Windows Privilege Escalation Vulnerability Microsoft Mar 3, 2022
High CVE-2004-0210 ↗ Microsoft Windows — Microsoft Windows Privilege Escalation Vulnerability Microsoft Mar 3, 2022
Critical CVE-2008-2992 ↗ Adobe Acrobat and Reader — Adobe Reader and Acrobat Input Validation Vulnerabi... Adobe Mar 3, 2022
High CVE-2008-3431 ↗ Oracle VirtualBox — Oracle VirtualBox Insufficient Input Validation Vulnerabil... Oracle Mar 3, 2022
High CVE-2009-1123 ↗ Microsoft Windows — Microsoft Windows Improper Input Validation Vulnerability Microsoft Mar 3, 2022
High CVE-2009-3129 ↗ Microsoft Excel — Microsoft Excel Featheader Record Memory Corruption Vulnerab... Microsoft Mar 3, 2022

Source: official U.S. government open data. This is an organized index, not an official U.S. government site. "Explained" links to our summary page; otherwise links go to the official primary source.

Disclaimer: This site independently summarizes and classifies information based on official data sources. Always verify the latest and accurate information with the official sources. Content on finance, health, legal, and security is information, not advice. This site is not an official website of the U.S. government.