CVE DATABASE · CISA KEV
Known Exploited
Vulnerabilities.
Every CVE in CISA’s KEV catalog — 1602 vulnerabilities confirmed exploited in the wild. The authoritative “patch this first” list. Search any one with our CVE Lookup or KEV search tool.
CVE-2013-0640
added 2022-03-03
Adobe Reader and Acrobat Memory Corruption Vulnerability
Adobe Reader and Acrobat
CVE-2013-0632
added 2022-03-03
Adobe ColdFusion Authentication Bypass Vulnerability
Adobe ColdFusion
CVE-2012-4681
added 2022-03-03
RANSOMWARE
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
Oracle Java SE
CVE-2012-1856
added 2022-03-03
Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability
Microsoft Office
CVE-2012-1723
added 2022-03-03
RANSOMWARE
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
Oracle Java SE
CVE-2012-1535
added 2022-03-03
Adobe Flash Player Arbitrary Code Execution Vulnerability
Adobe Flash Player
CVE-2012-0507
added 2022-03-03
RANSOMWARE
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
Oracle Java SE
CVE-2011-3544
added 2022-03-03
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
Oracle Java SE JDK and JRE
CVE-2011-1889
added 2022-03-03
Microsoft Forefront TMG Remote Code Execution Vulnerability
Microsoft Forefront Threat Management Gateway (TMG)
CVE-2011-0611
added 2022-03-03
Adobe Flash Player Remote Code Execution Vulnerability
Adobe Flash Player
CVE-2010-3333
added 2022-03-03
Microsoft Office Stack-based Buffer Overflow Vulnerability
Microsoft Office
CVE-2010-0232
added 2022-03-03
Microsoft Windows Kernel Exception Handler Vulnerability
Microsoft Windows
CVE-2010-0188
added 2022-03-03
RANSOMWARE
Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability
Adobe Reader and Acrobat
CVE-2009-3129
added 2022-03-03
Microsoft Excel Featheader Record Memory Corruption Vulnerability
Microsoft Excel
CVE-2009-1123
added 2022-03-03
Microsoft Windows Improper Input Validation Vulnerability
Microsoft Windows
CVE-2008-3431
added 2022-03-03
Oracle VirtualBox Insufficient Input Validation Vulnerability
Oracle VirtualBox
CVE-2008-2992
added 2022-03-03
RANSOMWARE
Adobe Reader and Acrobat Input Validation Vulnerability
Adobe Acrobat and Reader
CVE-2004-0210
added 2022-03-03
Microsoft Windows Privilege Escalation Vulnerability
Microsoft Windows
CVE-2002-0367
added 2022-03-03
Microsoft Windows Privilege Escalation Vulnerability
Microsoft Windows
CVE-2022-24682
added 2022-02-25
RANSOMWARE
Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability
Synacor Zimbra Collaborate Suite (ZCS)
CVE-2017-8570
added 2022-02-25
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office
CVE-2017-0222
added 2022-02-25
Microsoft Internet Explorer Remote Code Execution Vulnerability
Microsoft Internet Explorer
CVE-2014-6352
added 2022-02-25
Microsoft Windows Code Injection Vulnerability
Microsoft Windows
CVE-2022-23131
added 2022-02-22
Zabbix Frontend Authentication Bypass Vulnerability
Zabbix Frontend
CVE-2022-23134
added 2022-02-22
Zabbix Frontend Improper Access Control Vulnerability
Zabbix Frontend
CVE-2022-24086
added 2022-02-15
Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability
Adobe Commerce and Magento Open Source
CVE-2022-0609
added 2022-02-15
Google Chromium Animation Use-After-Free Vulnerability
Google Chromium Animation
CVE-2019-0752
added 2022-02-15
RANSOMWARE
Microsoft Internet Explorer Type Confusion Vulnerability
Microsoft Internet Explorer
CVE-2018-8174
added 2022-02-15
RANSOMWARE
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
Microsoft Windows
CVE-2018-20250
added 2022-02-15
RANSOMWARE
WinRAR Absolute Path Traversal Vulnerability
RARLAB WinRAR
CVE-2018-15982
added 2022-02-15
RANSOMWARE
Adobe Flash Player Use-After-Free Vulnerability
Adobe Flash Player
CVE-2017-9841
added 2022-02-15
PHPUnit Command Injection Vulnerability
PHPUnit PHPUnit
CVE-2014-1761
added 2022-02-15
Microsoft Word Memory Corruption Vulnerability
Microsoft Word
CVE-2013-3906
added 2022-02-15
Microsoft Graphics Component Memory Corruption Vulnerability
Microsoft Graphics Component
CVE-2022-22620
added 2022-02-11
Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability
Apple iOS, iPadOS, and macOS
CVE-2021-36934
added 2022-02-10
Microsoft Windows SAM Local Privilege Escalation Vulnerability
Microsoft Windows
CVE-2020-0796
added 2022-02-10
RANSOMWARE
Microsoft SMBv3 Remote Code Execution Vulnerability
Microsoft SMBv3
CVE-2018-1000861
added 2022-02-10
Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability
Jenkins Jenkins Stapler Web Framework
CVE-2017-9791
added 2022-02-10
Apache Struts 1 Improper Input Validation Vulnerability
Apache Struts 1
CVE-2017-8464
added 2022-02-10
Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability
Microsoft Windows
CVE-2017-10271
added 2022-02-10
RANSOMWARE
Oracle Corporation WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server
CVE-2017-0263
added 2022-02-10
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k
CVE-2017-0262
added 2022-02-10
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office
CVE-2017-0145
added 2022-02-10
RANSOMWARE
Microsoft SMBv1 Remote Code Execution Vulnerability
Microsoft SMBv1
CVE-2017-0144
added 2022-02-10
RANSOMWARE
Microsoft SMBv1 Remote Code Execution Vulnerability
Microsoft SMBv1
CVE-2016-3088
added 2022-02-10
Apache ActiveMQ Improper Input Validation Vulnerability
Apache ActiveMQ
CVE-2015-2051
added 2022-02-10
D-Link DIR-645 Router Remote Code Execution Vulnerability
D-Link DIR-645 Router
CVE-2015-1635
added 2022-02-10
Microsoft HTTP.sys Remote Code Execution Vulnerability
Microsoft HTTP.sys
CVE-2015-1130
added 2022-02-10
Apple OS X Authentication Bypass Vulnerability
Apple OS X
CVE-2014-4404
added 2022-02-10
Apple OS X Heap-Based Buffer Overflow Vulnerability
Apple OS X
CVE-2022-21882
added 2022-02-04
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k
CVE-2022-22587
added 2022-01-28
Apple Memory Corruption Vulnerability
Apple iOS and macOS
CVE-2021-20038
added 2022-01-28
RANSOMWARE
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
SonicWall SMA 100 Appliances
CVE-2020-5722
added 2022-01-28
Grandstream Networks UCM6200 Series SQL Injection Vulnerability
Grandstream UCM6200
CVE-2020-0787
added 2022-01-28
RANSOMWARE
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
Microsoft Windows
CVE-2017-5689
added 2022-01-28
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability
CVE-2014-1776
added 2022-01-28
Microsoft Internet Explorer Memory Corruption Vulnerability
Microsoft Internet Explorer
CVE-2014-6271
added 2022-01-28
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU Bourne-Again Shell (Bash)
CVE-2014-7169
added 2022-01-28
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU Bourne-Again Shell (Bash)
CVE-2006-1547
added 2022-01-21
Apache Struts 1 ActionForm Denial-of-Service Vulnerability
Apache Struts 1