CVE DATABASE · CISA KEV
Known Exploited
Vulnerabilities.
Every CVE in CISA’s KEV catalog — 1602 vulnerabilities confirmed exploited in the wild. The authoritative “patch this first” list. Search any one with our CVE Lookup or KEV search tool.
CVE-2022-40765
added 2023-02-21
RANSOMWARE
Mitel MiVoice Connect Command Injection Vulnerability
Mitel MiVoice Connect
CVE-2022-46169
added 2023-02-16
Cacti Command Injection Vulnerability
Cacti Cacti
CVE-2023-21715
added 2023-02-14
Microsoft Office Publisher Security Feature Bypass Vulnerability
Microsoft Office
CVE-2023-23376
added 2023-02-14
RANSOMWARE
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows
CVE-2023-23529
added 2023-02-14
Apple Multiple Products WebKit Type Confusion Vulnerability
Apple Multiple Products
CVE-2023-21823
added 2023-02-14
Microsoft Windows Graphic Component Privilege Escalation Vulnerability
Microsoft Windows
CVE-2015-2291
added 2023-02-10
RANSOMWARE
Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability
Intel Ethernet Diagnostics Driver for Windows
CVE-2022-24990
added 2023-02-10
RANSOMWARE
TerraMaster OS Remote Command Execution Vulnerability
TerraMaster TerraMaster OS
CVE-2023-0669
added 2023-02-10
RANSOMWARE
Fortra GoAnywhere MFT Remote Code Execution Vulnerability
Fortra GoAnywhere MFT
CVE-2022-21587
added 2023-02-02
RANSOMWARE
Oracle E-Business Suite Unspecified Vulnerability
Oracle E-Business Suite
CVE-2023-22952
added 2023-02-02
Multiple SugarCRM Products Remote Code Execution Vulnerability
SugarCRM Multiple Products
CVE-2017-11357
added 2023-01-26
RANSOMWARE
Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability
Telerik User Interface (UI) for ASP.NET AJAX
CVE-2022-47966
added 2023-01-23
RANSOMWARE
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Zoho ManageEngine
CVE-2022-44877
added 2023-01-17
CWP Control Web Panel OS Command Injection Vulnerability
CWP Control Web Panel
CVE-2022-41080
added 2023-01-10
RANSOMWARE
Microsoft Exchange Server Privilege Escalation Vulnerability
Microsoft Exchange Server
CVE-2023-21674
added 2023-01-10
Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability
Microsoft Windows
CVE-2018-5430
added 2022-12-29
TIBCO JasperReports Server Information Disclosure Vulnerability
TIBCO JasperReports
CVE-2018-18809
added 2022-12-29
TIBCO JasperReports Library Directory Traversal Vulnerability
TIBCO JasperReports
CVE-2022-42856
added 2022-12-14
Apple iOS Type Confusion Vulnerability
Apple iOS
CVE-2022-42475
added 2022-12-13
RANSOMWARE
Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
Fortinet FortiOS
CVE-2022-44698
added 2022-12-13
RANSOMWARE
Microsoft Defender SmartScreen Security Feature Bypass Vulnerability
Microsoft Defender
CVE-2022-27518
added 2022-12-13
Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability
Citrix Application Delivery Controller (ADC) and Gateway
CVE-2022-26500
added 2022-12-13
RANSOMWARE
Veeam Backup & Replication Remote Code Execution Vulnerability
Veeam Backup & Replication
CVE-2022-26501
added 2022-12-13
RANSOMWARE
Veeam Backup & Replication Remote Code Execution Vulnerability
Veeam Backup & Replication
CVE-2022-4262
added 2022-12-05
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8
CVE-2021-35587
added 2022-11-28
Oracle Fusion Middleware Unspecified Vulnerability
Oracle Fusion Middleware
CVE-2022-4135
added 2022-11-28
Google Chromium GPU Heap Buffer Overflow Vulnerability
Google Chromium GPU
CVE-2022-41049
added 2022-11-14
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
Microsoft Windows
CVE-2022-41091
added 2022-11-08
RANSOMWARE
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
Microsoft Windows
CVE-2022-41073
added 2022-11-08
RANSOMWARE
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Microsoft Windows
CVE-2022-41125
added 2022-11-08
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
Microsoft Windows
CVE-2022-41128
added 2022-11-08
Microsoft Windows Scripting Languages Remote Code Execution Vulnerability
Microsoft Windows
CVE-2021-25337
added 2022-11-08
Samsung Mobile Devices Improper Access Control Vulnerability
Samsung Mobile Devices
CVE-2021-25369
added 2022-11-08
Samsung Mobile Devices Improper Access Control Vulnerability
Samsung Mobile Devices
CVE-2021-25370
added 2022-11-08
Samsung Mobile Devices Memory Corruption Vulnerability
Samsung Mobile Devices
CVE-2022-3723
added 2022-10-28
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8
CVE-2022-42827
added 2022-10-25
Apple iOS and iPadOS Out-of-Bounds Write Vulnerability
Apple iOS and iPadOS
CVE-2020-3433
added 2022-10-24
RANSOMWARE
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
Cisco AnyConnect Secure
CVE-2020-3153
added 2022-10-24
RANSOMWARE
Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
Cisco AnyConnect Secure
CVE-2018-19323
added 2022-10-24
RANSOMWARE
GIGABYTE Multiple Products Privilege Escalation Vulnerability
GIGABYTE Multiple Products
CVE-2018-19322
added 2022-10-24
RANSOMWARE
GIGABYTE Multiple Products Code Execution Vulnerability
GIGABYTE Multiple Products
CVE-2018-19321
added 2022-10-24
RANSOMWARE
GIGABYTE Multiple Products Privilege Escalation Vulnerability
GIGABYTE Multiple Products
CVE-2018-19320
added 2022-10-24
RANSOMWARE
GIGABYTE Multiple Products Unspecified Vulnerability
GIGABYTE Multiple Products
CVE-2022-41352
added 2022-10-20
Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability
Synacor Zimbra Collaboration Suite (ZCS)
CVE-2021-3493
added 2022-10-20
Linux Kernel Privilege Escalation Vulnerability
Linux Kernel
CVE-2022-40684
added 2022-10-11
RANSOMWARE
Fortinet Multiple Products Authentication Bypass Vulnerability
Fortinet Multiple Products
CVE-2022-41033
added 2022-10-11
Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability
Microsoft Windows COM+ Event System Service
CVE-2022-41082
added 2022-09-30
RANSOMWARE
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server
CVE-2022-41040
added 2022-09-30
RANSOMWARE
Microsoft Exchange Server Server-Side Request Forgery Vulnerability
Microsoft Exchange Server
CVE-2022-36804
added 2022-09-30
Atlassian Bitbucket Server and Data Center Command Injection Vulnerability
Atlassian Bitbucket Server and Data Center
CVE-2022-3236
added 2022-09-23
Sophos Firewall Code Injection Vulnerability
Sophos Firewall
CVE-2022-35405
added 2022-09-22
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Zoho ManageEngine
CVE-2022-40139
added 2022-09-15
Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability
Trend Micro Apex One and Apex One as a Service
CVE-2013-6282
added 2022-09-15
Linux Kernel Improper Input Validation Vulnerability
Linux Kernel
CVE-2013-2597
added 2022-09-15
Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability
Code Aurora ACDB Audio Driver
CVE-2013-2596
added 2022-09-15
Linux Kernel Integer Overflow Vulnerability
Linux Kernel
CVE-2013-2094
added 2022-09-15
Linux Kernel Privilege Escalation Vulnerability
Linux Kernel
CVE-2010-2568
added 2022-09-15
Microsoft Windows Remote Code Execution Vulnerability
Microsoft Windows
CVE-2022-37969
added 2022-09-14
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows
CVE-2022-32917
added 2022-09-14
Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability
Apple iOS, iPadOS, and macOS