1,619 totalEPSS avg 51.6%

KEVKnown Exploited Vulnerabilities

CISA’s actively-exploited catalogue · refreshed weekly · authored by Adam Lundqvist

Showing 1,619 of 1,619 · page 14 of 33

CVEVendor / ProductTitleKEV addedEPSS
CVE-2022-31199Netwrix / AuditorNetwrix Auditor Insecure Object Deserialization Vulnerability2023-07-11
36.4%
CVE-2023-32046Microsoft / WindowsMicrosoft Windows MSHTML Platform Privilege Escalation Vulnerability2023-07-11
9.1%
CVE-2023-32049Microsoft / WindowsMicrosoft Windows Defender SmartScreen Security Feature Bypass Vulnerability2023-07-11
4.4%
CVE-2023-35311Microsoft / OutlookMicrosoft Outlook Security Feature Bypass Vulnerability2023-07-11
15.0%
CVE-2023-36874Microsoft / WindowsMicrosoft Windows Error Reporting Service Privilege Escalation Vulnerability2023-07-11
32.3%
CVE-2021-29256Arm / Mali Graphics Processing Unit (GPU)Arm Mali GPU Kernel Driver Use-After-Free Vulnerability2023-07-07
3.0%
CVE-2019-17621D-Link / DIR-859 RouterD-Link DIR-859 Router Command Execution Vulnerability2023-06-29
89.6%
CVE-2019-20500D-Link / DWL-2600AP Access PointD-Link DWL-2600AP Access Point Command Injection Vulnerability2023-06-29
95.8%
CVE-2021-25371Samsung / Mobile DevicesSamsung Mobile Devices Unspecified Vulnerability2023-06-29
0.8%
CVE-2021-25372Samsung / Mobile DevicesSamsung Mobile Devices Improper Boundary Check Vulnerability2023-06-29
0.9%
CVE-2021-25394Samsung / Mobile DevicesSamsung Mobile Devices Race Condition Vulnerability2023-06-29
0.4%
CVE-2021-25395Samsung / Mobile DevicesSamsung Mobile Devices Race Condition Vulnerability2023-06-29
0.4%
CVE-2021-25487Samsung / Mobile DevicesSamsung Mobile Devices Out-of-Bounds Read Vulnerability2023-06-29
0.6%
CVE-2021-25489Samsung / Mobile DevicesSamsung Mobile Devices Improper Input Validation Vulnerability2023-06-29
0.5%
CVE-2023-20867VMware / ToolsVMware Tools Authentication Bypass Vulnerability2023-06-23
13.6%
CVE-2023-27992Zyxel / Multiple Network-Attached Storage (NAS) DevicesZyxel Multiple NAS Devices Command Injection Vulnerability2023-06-23
86.7%
CVE-2023-32434Apple / Multiple ProductsApple Multiple Products Integer Overflow Vulnerability2023-06-23
19.2%
CVE-2023-32435Apple / Multiple ProductsApple Multiple Products WebKit Memory Corruption Vulnerability2023-06-23
18.6%
CVE-2023-32439Apple / Multiple ProductsApple Multiple Products WebKit Type Confusion Vulnerability2023-06-23
18.6%
CVE-2016-0165Microsoft / Win32kMicrosoft Win32k Privilege Escalation Vulnerability2023-06-22
13.5%
CVE-2016-9079Mozilla / Firefox, Firefox ESR, and ThunderbirdMozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability2023-06-22
87.9%
CVE-2020-12641Roundcube / Roundcube WebmailRoundcube Webmail Remote Code Execution Vulnerability2023-06-22
84.5%
CVE-2020-35730Roundcube / Roundcube WebmailRoundcube Webmail Cross-Site Scripting (XSS) Vulnerability2023-06-22
32.4%
CVE-2021-44026Roundcube / Roundcube WebmailRoundcube Webmail SQL Injection Vulnerability2023-06-22
42.9%
CVE-2023-20887VMware / Aria Operations for NetworksVmware Aria Operations for Networks Command Injection Vulnerability2023-06-22
98.1%
CVE-2023-27997Fortinet / FortiOS and FortiProxy SSL-VPNFortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability2023-06-13
85.7%
CVE-2023-3079Google / Chromium V8Google Chromium V8 Type Confusion Vulnerability2023-06-07
31.7%
CVE-2023-33009Zyxel / Multiple FirewallsZyxel Multiple Firewalls Buffer Overflow Vulnerability2023-06-05
28.1%
CVE-2023-33010Zyxel / Multiple FirewallsZyxel Multiple Firewalls Buffer Overflow Vulnerability2023-06-05
28.8%
CVE-2023-34362Progress / MOVEit TransferProgress MOVEit Transfer SQL Injection Vulnerability2023-06-02
99.9%
CVE-2023-28771Zyxel / Multiple FirewallsZyxel Multiple Firewalls OS Command Injection Vulnerability2023-05-31
99.3%
CVE-2023-2868Barracuda Networks / Email Security Gateway (ESG) ApplianceBarracuda Networks ESG Appliance Improper Input Validation Vulnerability2023-05-26
87.0%
CVE-2023-28204Apple / Multiple ProductsApple Multiple Products WebKit Out-of-Bounds Read Vulnerability2023-05-22
14.4%
CVE-2023-32373Apple / Multiple ProductsApple Multiple Products WebKit Use-After-Free Vulnerability2023-05-22
12.3%
CVE-2023-32409Apple / Multiple ProductsApple Multiple Products WebKit Sandbox Escape Vulnerability2023-05-22
16.5%
CVE-2004-1464Cisco / IOSCisco IOS Denial-of-Service Vulnerability2023-05-19
5.2%
CVE-2016-6415Cisco / IOS, IOS XR, and IOS XECisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability2023-05-19
87.7%
CVE-2023-21492Samsung / Mobile DevicesSamsung Mobile Devices Insertion of Sensitive Information Into Log File Vulne…2023-05-19
2.6%
CVE-2010-3904Linux / KernelLinux Kernel Improper Input Validation Vulnerability2023-05-12
11.2%
CVE-2014-0196Linux / KernelLinux Kernel Race Condition Vulnerability2023-05-12
22.5%
CVE-2015-5317Jenkins / Jenkins User Interface (UI)Jenkins User Interface (UI) Information Disclosure Vulnerability2023-05-12
22.4%
CVE-2016-3427Oracle / Java SE and JRockitOracle Java SE and JRockit Unspecified Vulnerability2023-05-12
92.3%
CVE-2016-8735Apache / TomcatApache Tomcat Remote Code Execution Vulnerability2023-05-12
90.3%
CVE-2021-3560Red Hat / PolkitRed Hat Polkit Incorrect Authorization Vulnerability2023-05-12
22.2%
CVE-2023-25717ruckuswireless / ruckus_wireless_adminCVE-2023-257172023-05-12
95.1%
CVE-2023-29336Microsoft / Win32kMicrosoft Win32K Privilege Escalation Vulnerability2023-05-09
40.9%
CVE-2021-45046Apache / Log4j2Apache Log4j2 Deserialization of Untrusted Data Vulnerability2023-05-01
100.0%
CVE-2023-1389TP-Link / Archer AX21TP-Link Archer AX-21 Command Injection Vulnerability2023-05-01
100.0%
CVE-2023-21839oracle / weblogic_serverCVE-2023-218392023-05-01
99.8%
CVE-2023-2136Google / Chromium SkiaGoogle Chrome Skia Integer Overflow Vulnerability2023-04-21
5.8%
Sourced from CISA Known Exploited Vulnerabilities — current weekly refresh. EPSS scores from FIRST.org via epss.cyentia.com. Curated by Adam Lundqvist, Founder at SQUR.