CVE DATABASE · CISA KEV
Known Exploited
Vulnerabilities.
Every CVE in CISA’s KEV catalog — 1602 vulnerabilities confirmed exploited in the wild. The authoritative “patch this first” list. Search any one with our CVE Lookup or KEV search tool.
CVE-2018-19953
added 2022-05-24
RANSOMWARE
QNAP NAS File Station Cross-Site Scripting Vulnerability
QNAP Network Attached Storage (NAS)
CVE-2018-19949
added 2022-05-24
RANSOMWARE
QNAP NAS File Station Command Injection Vulnerability
QNAP Network Attached Storage (NAS)
CVE-2018-19943
added 2022-05-24
RANSOMWARE
QNAP NAS File Station Cross-Site Scripting Vulnerability
QNAP Network Attached Storage (NAS)
CVE-2017-0147
added 2022-05-24
RANSOMWARE
Microsoft Windows SMBv1 Information Disclosure Vulnerability
Microsoft SMBv1 server
CVE-2017-0022
added 2022-05-24
Microsoft XML Core Services Information Disclosure Vulnerability
Microsoft XML Core Services
CVE-2017-0005
added 2022-05-24
Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability
Microsoft Windows
CVE-2017-0149
added 2022-05-24
Microsoft Internet Explorer Memory Corruption Vulnerability
Microsoft Internet Explorer
CVE-2017-0210
added 2022-05-24
Microsoft Internet Explorer Privilege Escalation Vulnerability
Microsoft Internet Explorer
CVE-2017-8291
added 2022-05-24
Artifex Ghostscript Type Confusion Vulnerability
Artifex Ghostscript
CVE-2017-8543
added 2022-05-24
Microsoft Windows Search Remote Code Execution Vulnerability
Microsoft Windows
CVE-2017-18362
added 2022-05-24
RANSOMWARE
Kaseya VSA SQL Injection Vulnerability
Kaseya Virtual System/Server Administrator (VSA)
CVE-2016-0162
added 2022-05-24
Microsoft Internet Explorer Information Disclosure Vulnerability
Microsoft Internet Explorer
CVE-2016-3351
added 2022-05-24
RANSOMWARE
Microsoft Internet Explorer and Edge Information Disclosure Vulnerability
Microsoft Internet Explorer and Edge
CVE-2016-4655
added 2022-05-24
Apple iOS Information Disclosure Vulnerability
Apple iOS
CVE-2016-4656
added 2022-05-24
Apple iOS Memory Corruption Vulnerability
Apple iOS
CVE-2016-4657
added 2022-05-24
Apple iOS Webkit Memory Corruption Vulnerability
Apple iOS
CVE-2016-6366
added 2022-05-24
Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
Cisco Adaptive Security Appliance (ASA)
CVE-2016-6367
added 2022-05-24
Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability
Cisco Adaptive Security Appliance (ASA)
CVE-2016-3298
added 2022-05-24
Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability
Microsoft Internet Explorer
CVE-2022-20821
added 2022-05-23
Cisco IOS XR Open Port Vulnerability
Cisco IOS XR
CVE-2021-1048
added 2022-05-23
Android Kernel Use-After-Free Vulnerability
Android Kernel
CVE-2021-0920
added 2022-05-23
Android Kernel Race Condition Vulnerability
Android Kernel
CVE-2021-30883
added 2022-05-23
Apple Multiple Products Memory Corruption Vulnerability
Apple Multiple Products
CVE-2020-1027
added 2022-05-23
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows
CVE-2020-0638
added 2022-05-23
RANSOMWARE
Microsoft Update Notification Manager Privilege Escalation Vulnerability
Microsoft Update Notification Manager
CVE-2019-7286
added 2022-05-23
Apple Multiple Products Memory Corruption Vulnerability
Apple Multiple Products
CVE-2019-7287
added 2022-05-23
Apple iOS Memory Corruption Vulnerability
Apple iOS
CVE-2019-0676
added 2022-05-23
Microsoft Internet Explorer Information Disclosure Vulnerability
Microsoft Internet Explorer
CVE-2019-5786
added 2022-05-23
Google Chrome Blink Use-After-Free Vulnerability
Google Chrome Blink
CVE-2019-0703
added 2022-05-23
Microsoft Windows SMB Information Disclosure Vulnerability
Microsoft Windows
CVE-2019-0880
added 2022-05-23
Microsoft Windows Privilege Escalation Vulnerability
Microsoft Windows
CVE-2019-13720
added 2022-05-23
Google Chrome WebAudio Use-After-Free Vulnerability
Google Chrome WebAudio
CVE-2019-11707
added 2022-05-23
Mozilla Firefox and Thunderbird Type Confusion Vulnerability
Mozilla Firefox and Thunderbird
CVE-2019-11708
added 2022-05-23
Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability
Mozilla Firefox and Thunderbird
CVE-2019-8720
added 2022-05-23
WebKitGTK Memory Corruption Vulnerability
WebKitGTK WebKitGTK
CVE-2019-18426
added 2022-05-23
WhatsApp Cross-Site Scripting Vulnerability
Meta Platforms WhatsApp
CVE-2019-1385
added 2022-05-23
RANSOMWARE
Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability
Microsoft Windows
CVE-2019-1130
added 2022-05-23
RANSOMWARE
Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability
Microsoft Windows
CVE-2018-5002
added 2022-05-23
Adobe Flash Player Stack-based Buffer Overflow Vulnerability
Adobe Flash Player
CVE-2018-8589
added 2022-05-23
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k
CVE-2022-30525
added 2022-05-16
Zyxel Multiple Firewalls OS Command Injection Vulnerability
Zyxel Multiple Firewalls
CVE-2022-22947
added 2022-05-16
VMware Spring Cloud Gateway Code Injection Vulnerability
VMware Spring Cloud Gateway
CVE-2022-1388
added 2022-05-10
RANSOMWARE
F5 BIG-IP Missing Authentication Vulnerability
F5 BIG-IP
CVE-2021-1789
added 2022-05-04
Apple Multiple Products Type Confusion Vulnerability
Apple Multiple Products
CVE-2019-8506
added 2022-05-04
Apple Multiple Products Type Confusion Vulnerability
Apple Multiple Products
CVE-2014-4113
added 2022-05-04
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k
CVE-2014-0322
added 2022-05-04
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer
CVE-2014-0160
added 2022-05-04
OpenSSL Information Disclosure Vulnerability
OpenSSL OpenSSL
CVE-2022-29464
added 2022-04-25
RANSOMWARE
WSO2 Multiple Products Unrestrictive Upload of File Vulnerability
WSO2 Multiple Products
CVE-2022-26904
added 2022-04-25
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Microsoft Windows
CVE-2022-21919
added 2022-04-25
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Microsoft Windows
CVE-2022-0847
added 2022-04-25
Linux Kernel Privilege Escalation Vulnerability
Linux Kernel
CVE-2021-41357
added 2022-04-25
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k
CVE-2021-40450
added 2022-04-25
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k
CVE-2019-1003029
added 2022-04-25
Jenkins Script Security Plugin Sandbox Bypass Vulnerability
Jenkins Script Security Plugin
CVE-2018-6882
added 2022-04-19
RANSOMWARE
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Synacor Zimbra Collaboration Suite (ZCS)
CVE-2019-3568
added 2022-04-19
WhatsApp VOIP Stack Buffer Overflow Vulnerability
Meta Platforms WhatsApp
CVE-2022-22718
added 2022-04-19
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Microsoft Windows
CVE-2022-22960
added 2022-04-15
VMware Multiple Products Privilege Escalation Vulnerability
VMware Multiple Products
CVE-2022-1364
added 2022-04-15
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8