1,619 totalEPSS avg 51.6%

KEVKnown Exploited Vulnerabilities

CISA’s actively-exploited catalogue · refreshed weekly · authored by Adam Lundqvist

VendorEPSS ≥0%Since

Showing 1,619 of 1,619 · page 13 of 33

CVE	Vendor / Product	Title	KEV added	EPSS
CVE-2023-20198	Cisco / IOS XE Web UI	Cisco IOS XE Web UI Privilege Escalation Vulnerability	2023-10-16	99.6%
CVE-2023-20109	Cisco / IOS and IOS XE	Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulner…	2023-10-10	2.3%
CVE-2023-21608	adobe / acrobat_dc	CVE-2023-21608	2023-10-10	61.5%
CVE-2023-36563	Microsoft / WordPad	Microsoft WordPad Information Disclosure Vulnerability	2023-10-10	20.9%
CVE-2023-41763	Microsoft / Skype for Business	Microsoft Skype for Business Privilege Escalation Vulnerability	2023-10-10	90.4%
CVE-2023-44487	IETF / HTTP/2	HTTP/2 Rapid Reset Attack Vulnerability	2023-10-10	100.0%
CVE-2023-22515	Atlassian / Confluence Data Center and Server	Atlassian Confluence Data Center and Server Broken Access Control Vulnerability	2023-10-05	99.7%
CVE-2023-40044	Progress / WS_FTP Server	Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability	2023-10-05	90.0%
CVE-2023-42824	Apple / iOS and iPadOS	Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability	2023-10-05	0.9%
CVE-2023-28229	Microsoft / Windows CNG Key Isolation Service	Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability	2023-10-04	1.9%
CVE-2023-42793	JetBrains / TeamCity	JetBrains TeamCity Authentication Bypass Vulnerability	2023-10-04	100.0%
CVE-2023-4211	Arm / Mali GPU Kernel Driver	Arm Mali GPU Kernel Driver Use-After-Free Vulnerability	2023-10-03	1.4%
CVE-2023-5217	Google / Chromium libvpx	Google Chromium libvpx Heap Buffer Overflow Vulnerability	2023-10-02	34.4%
CVE-2018-14667	Red Hat / JBoss RichFaces Framework	Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability	2023-09-28	74.2%
CVE-2023-41991	Apple / Multiple Products	Apple Multiple Products Improper Certificate Validation Vulnerability	2023-09-25	4.5%
CVE-2023-41992	Apple / Multiple Products	Apple Multiple Products Kernel Privilege Escalation Vulnerability	2023-09-25	2.9%
CVE-2023-41993	Apple / Multiple Products	Apple Multiple Products WebKit Code Execution Vulnerability	2023-09-25	29.2%
CVE-2023-41179	Trend Micro / Apex One and Worry-Free Business Security	Trend Micro Apex One and Worry-Free Business Security Remote Code Execution V…	2023-09-21	4.7%
CVE-2023-28434	MinIO / MinIO	MinIO Security Feature Bypass Vulnerability	2023-09-19	6.7%
CVE-2014-8361	Realtek / SDK	Realtek SDK Improper Input Validation Vulnerability	2023-09-18	100.0%
CVE-2017-6884	Zyxel / EMG2926 Routers	Zyxel EMG2926 Routers Command Injection Vulnerability	2023-09-18	37.6%
CVE-2021-3129	Laravel / Ignition	Laravel Ignition File Upload Vulnerability	2023-09-18	99.9%
CVE-2022-22265	Samsung / Mobile Devices	Samsung Mobile Devices Use-After-Free Vulnerability	2023-09-18	0.4%
CVE-2023-26369	Adobe / Acrobat and Reader	Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability	2023-09-14	7.0%
CVE-2023-20269	Cisco / Adaptive Security Appliance and Firepower Threat Defense	Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized A…	2023-09-13	21.6%
CVE-2023-35674	Android / Framework	Android Framework Privilege Escalation Vulnerability	2023-09-13	2.2%
CVE-2023-4863	Google / Chromium WebP	Google Chromium WebP Heap-Based Buffer Overflow Vulnerability	2023-09-13	99.7%
CVE-2023-36761	Microsoft / Word	Microsoft Word Information Disclosure Vulnerability	2023-09-12	19.0%
CVE-2023-36802	Microsoft / Streaming Service Proxy	Microsoft Streaming Service Proxy Privilege Escalation Vulnerability	2023-09-12	26.1%
CVE-2023-41061	Apple / iOS, iPadOS, and watchOS	Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability	2023-09-11	3.2%
CVE-2023-41064	Apple / iOS, iPadOS, and macOS	Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability	2023-09-11	15.3%
CVE-2023-33246	Apache / RocketMQ	Apache RocketMQ Command Execution Vulnerability	2023-09-06	96.6%
CVE-2023-32315	Ignite Realtime / Openfire	Ignite Realtime Openfire Path Traversal Vulnerability	2023-08-24	100.0%
CVE-2023-38831	RARLAB / WinRAR	RARLAB WinRAR Code Execution Vulnerability	2023-08-24	97.8%
CVE-2023-27532	Veeam / Backup & Replication	Veeam Backup & Replication Cloud Connect Missing Authentication for Critical …	2023-08-22	77.6%
CVE-2023-38035	Ivanti / Sentry	Ivanti Sentry Authentication Bypass Vulnerability	2023-08-22	99.9%
CVE-2023-26359	Adobe / ColdFusion	Adobe ColdFusion Deserialization of Untrusted Data Vulnerability	2023-08-21	17.9%
CVE-2023-24489	Citrix / Content Collaboration	Citrix Content Collaboration ShareFile Improper Access Control Vulnerability	2023-08-16	95.1%
CVE-2023-38180	Microsoft / .NET Core and Visual Studio	Microsoft .NET Core and Visual Studio Denial-of-Service Vulnerability	2023-08-09	15.5%
CVE-2017-18368	Zyxel / P660HN-T1A Routers	Zyxel P660HN-T1A Routers Command Injection Vulnerability	2023-08-07	94.5%
CVE-2023-35081	Ivanti / Endpoint Manager Mobile (EPMM)	Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability	2023-07-31	63.3%
CVE-2023-37580	Synacor / Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerabi…	2023-07-27	59.0%
CVE-2023-38606	Apple / Multiple Products	Apple Multiple Products Kernel Unspecified Vulnerability	2023-07-26	1.0%
CVE-2023-35078	Ivanti / Endpoint Manager Mobile (EPMM)	Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability	2023-07-25	100.0%
CVE-2023-29298	Adobe / ColdFusion	Adobe ColdFusion Improper Access Control Vulnerability	2023-07-20	99.8%
CVE-2023-38205	Adobe / ColdFusion	Adobe ColdFusion Improper Access Control Vulnerability	2023-07-20	99.7%
CVE-2023-3519	Citrix / NetScaler ADC and NetScaler Gateway	Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability	2023-07-19	99.3%
CVE-2023-36884	Microsoft / Windows	Microsoft Windows Search Remote Code Execution Vulnerability	2023-07-17	99.1%
CVE-2022-29303	SolarView / Compact	SolarView Compact Command Injection Vulnerability	2023-07-13	99.9%
CVE-2023-37450	Apple / Multiple Products	Apple Multiple Products WebKit Code Execution Vulnerability	2023-07-13	18.2%

Sourced from CISA Known Exploited Vulnerabilities — current weekly refresh. EPSS scores from FIRST.org via epss.cyentia.com. Curated by Adam Lundqvist, Founder at SQUR.