1,619 totalEPSS avg 51.6%

KEVKnown Exploited Vulnerabilities

CISA’s actively-exploited catalogue · refreshed weekly · authored by Adam Lundqvist

VendorEPSS ≥0%Since

Showing 1,619 of 1,619 · page 20 of 33

CVE	Vendor / Product	Title	KEV added	EPSS
CVE-2019-8720	WebKitGTK / WebKitGTK	WebKitGTK Memory Corruption Vulnerability	2022-05-23	1.6%
CVE-2020-0638	Microsoft / Update Notification Manager	Microsoft Update Notification Manager Privilege Escalation Vulnerability	2022-05-23	3.0%
CVE-2020-1027	Microsoft / Windows	Microsoft Windows Kernel Privilege Escalation Vulnerability	2022-05-23	4.5%
CVE-2021-0920	Android / Kernel	Android Kernel Race Condition Vulnerability	2022-05-23	0.8%
CVE-2021-1048	Android / Kernel	Android Kernel Use-After-Free Vulnerability	2022-05-23	1.0%
CVE-2021-30883	Apple / Multiple Products	Apple Multiple Products Memory Corruption Vulnerability	2022-05-23	14.7%
CVE-2022-20821	Cisco / IOS XR	Cisco IOS XR Open Port Vulnerability	2022-05-23	11.8%
CVE-2022-22947	VMware / Spring Cloud Gateway	VMware Spring Cloud Gateway Code Injection Vulnerability	2022-05-16	98.3%
CVE-2022-30525	Zyxel / Multiple Firewalls	Zyxel Multiple Firewalls OS Command Injection Vulnerability	2022-05-16	99.9%
CVE-2022-1388	F5 / BIG-IP	F5 BIG-IP Missing Authentication Vulnerability	2022-05-10	100.0%
CVE-2014-0160	OpenSSL / OpenSSL	OpenSSL Information Disclosure Vulnerability	2022-05-04	100.0%
CVE-2014-0322	Microsoft / Internet Explorer	Microsoft Internet Explorer Use-After-Free Vulnerability	2022-05-04	85.2%
CVE-2014-4113	Microsoft / Win32k	Microsoft Win32k Privilege Escalation Vulnerability	2022-05-04	87.0%
CVE-2019-8506	Apple / Multiple Products	Apple Multiple Products Type Confusion Vulnerability	2022-05-04	18.2%
CVE-2021-1789	Apple / Multiple Products	Apple Multiple Products Type Confusion Vulnerability	2022-05-04	14.5%
CVE-2019-1003029	Jenkins / Script Security Plugin	Jenkins Script Security Plugin Sandbox Bypass Vulnerability	2022-04-25	74.3%
CVE-2021-40450	Microsoft / Win32k	Microsoft Win32k Privilege Escalation Vulnerability	2022-04-25	2.0%
CVE-2021-41357	Microsoft / Win32k	Microsoft Win32k Privilege Escalation Vulnerability	2022-04-25	2.0%
CVE-2022-0847	Linux / Kernel	Linux Kernel Privilege Escalation Vulnerability	2022-04-25	89.1%
CVE-2022-21919	Microsoft / Windows	Microsoft Windows User Profile Service Privilege Escalation Vulnerability	2022-04-25	2.9%
CVE-2022-26904	Microsoft / Windows	Microsoft Windows User Profile Service Privilege Escalation Vulnerability	2022-04-25	9.7%
CVE-2022-29464	WSO2 / Multiple Products	WSO2 Multiple Products Unrestrictive Upload of File Vulnerability	2022-04-25	100.0%
CVE-2018-6882	Synacor / Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerabi…	2022-04-19	23.7%
CVE-2019-3568	Meta Platforms / WhatsApp	WhatsApp VOIP Stack Buffer Overflow Vulnerability	2022-04-19	39.2%
CVE-2022-22718	Microsoft / Windows	Microsoft Windows Print Spooler Privilege Escalation Vulnerability	2022-04-19	18.5%
CVE-2007-3010	Alcatel / OmniPCX Enterprise	Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability	2022-04-15	97.4%
CVE-2010-5330	Ubiquiti / AirOS	Ubiquiti AirOS Command Injection Vulnerability	2022-04-15	34.0%
CVE-2014-0780	InduSoft / Web Studio	InduSoft Web Studio NTWebServer Directory Traversal Vulnerability	2022-04-15	74.5%
CVE-2016-4523	Trihedral / VTScada (formerly VTS)	Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability	2022-04-15	31.4%
CVE-2018-7841	Schneider Electric / U.motion Builder	Schneider Electric U.motion Builder SQL Injection Vulnerability	2022-04-15	72.5%
CVE-2019-16057	D-Link / DNS-320 Storage Device	D-Link DNS-320 Remote Code Execution Vulnerability	2022-04-15	87.2%
CVE-2019-3929	Crestron / Multiple Products	Crestron Multiple Products Command Injection Vulnerability	2022-04-15	99.0%
CVE-2022-1364	Google / Chromium V8	Google Chromium V8 Type Confusion Vulnerability	2022-04-15	13.7%
CVE-2022-22960	VMware / Multiple Products	VMware Multiple Products Privilege Escalation Vulnerability	2022-04-15	37.2%
CVE-2022-22954	VMware / Workspace ONE Access and Identity Manager	VMware Workspace ONE Access and Identity Manager Server-Side Template Injecti…	2022-04-14	100.0%
CVE-2014-9163	Adobe / Flash Player	Adobe Flash Player Stack-Based Buffer Overflow Vulnerability	2022-04-13	20.4%
CVE-2015-0311	Adobe / Flash Player	Adobe Flash Player Remote Code Execution Vulnerability	2022-04-13	85.8%
CVE-2015-0313	Adobe / Flash Player	Adobe Flash Player Use-After-Free Vulnerability	2022-04-13	95.7%
CVE-2015-2502	Microsoft / Internet Explorer	Microsoft Internet Explorer Memory Corruption Vulnerability	2022-04-13	51.1%
CVE-2015-3113	Adobe / Flash Player	Adobe Flash Player Heap-Based Buffer Overflow Vulnerability	2022-04-13	99.9%
CVE-2015-5122	Adobe / Flash Player	Adobe Flash Player Use-After-Free Vulnerability	2022-04-13	93.7%
CVE-2015-5123	Adobe / Flash Player	Adobe Flash Player Use-After-Free Vulnerability	2022-04-13	18.5%
CVE-2018-20753	Kaseya / Virtual System/Server Administrator (VSA)	Kaseya VSA Remote Code Execution Vulnerability	2022-04-13	29.6%
CVE-2018-7602	Drupal / Core	Drupal Core Remote Code Execution Vulnerability	2022-04-13	99.1%
CVE-2022-24521	Microsoft / Windows	Microsoft Windows CLFS Driver Privilege Escalation Vulnerability	2022-04-13	7.3%
CVE-2017-11317	Telerik / User Interface (UI) for ASP.NET AJAX	Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability	2022-04-11	83.5%
CVE-2020-2509	QNAP / QNAP Network-Attached Storage (NAS)	QNAP Network-Attached Storage (NAS) Command Injection Vulnerability	2022-04-11	34.2%
CVE-2021-22600	Linux / Kernel	Linux Kernel Privilege Escalation Vulnerability	2022-04-11	5.9%
CVE-2021-27852	Checkbox / Checkbox Survey	Checkbox Survey Deserialization of Untrusted Data Vulnerability	2022-04-11	31.9%
CVE-2021-39793	Google / Pixel	Google Pixel Out-of-Bounds Write Vulnerability	2022-04-11	0.7%

Sourced from CISA Known Exploited Vulnerabilities — current weekly refresh. EPSS scores from FIRST.org via epss.cyentia.com. Curated by Adam Lundqvist, Founder at SQUR.