Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

KEV

Categories

All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Tag groups

All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Popular tags (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

Filtering: Group: products Clear

ID	Title	Severity	Tags	Detected
CVE-2023-42824 KEV	[KEV] Vulnerability in Apple ios-and-ipados (CVE-2023-42824) vulnerability in Apple ios-and-ipados (CVE-2023-42824). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Ios And Ipados	2 years ago
CVE-2023-42793 KEV	[KEV] Vulnerability in Jetbrains teamcity (CVE-2023-42793) vulnerability in Jetbrains teamcity (CVE-2023-42793). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Jetbrains Teamcity Cwe 288	2 years ago
CVE-2023-28229 KEV	[KEV] Vulnerability in Microsoft windows-cng-key-isolation-service (CVE-2023-28229) vulnerability in Microsoft windows-cng-key-isolation-service (CVE-2023-28229). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cng Key Isolation Service Cwe 591	2 years ago
CVE-2023-4211 KEV	[KEV] Use-After-Free in Arm mali-gpu-kernel-driver (CVE-2023-4211) vulnerability in Arm mali-gpu-kernel-driver (CVE-2023-4211). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Arm Mali Gpu Kernel Driver Cwe 416	2 years ago
CVE-2023-5217 KEV	[KEV] Out-of-Bounds Write in Google chromium-libvpx (CVE-2023-5217) out-of-bounds write in Google chromium-libvpx (CVE-2023-5217). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Google Chromium Libvpx Cwe 787	2 years ago
CVE-2018-14667 KEV	[KEV] Code Injection in Red hat red-hat (CVE-2018-14667) code injection in Red hat red-hat (CVE-2018-14667). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Red Hat Jboss Richfaces Framework Cwe 94	2 years ago
CVE-2023-41993 KEV	[KEV] Vulnerability in Apple java (CVE-2023-41993) vulnerability in Apple java (CVE-2023-41993). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.	High	Apple Multiple Products Cwe 754 Bitnami +3	2 years ago
CVE-2023-41991 KEV	[KEV] Vulnerability in Apple multiple-products (CVE-2023-41991) vulnerability in Apple multiple-products (CVE-2023-41991). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 295	2 years ago
CVE-2023-41992 KEV	[KEV] Vulnerability in Apple multiple-products (CVE-2023-41992) vulnerability in Apple multiple-products (CVE-2023-41992). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 754	2 years ago
CVE-2023-41179 KEV	[KEV] Vulnerability in Trend micro trend-micro (CVE-2023-41179) vulnerability in Trend micro trend-micro (CVE-2023-41179). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Trend Micro Apex One And Worry Free Business Security	2 years ago
CVE-2023-28434 KEV	[KEV] Privilege Escalation in minio (CVE-2023-28434) vulnerability in minio (CVE-2023-28434). Risk of unauthorized operations or information disclosure. Exploitable via ``PostPolicyBucket``. Listed in CISA KEV — actively exploited.	High	Minio Cwe 269	2 years ago
CVE-2022-22265 KEV	[KEV] Vulnerability in Samsung mobile-devices (CVE-2022-22265) vulnerability in Samsung mobile-devices (CVE-2022-22265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Samsung Mobile Devices Cwe 703	2 years ago
CVE-2014-8361 KEV	[KEV] Vulnerability in Realtek sdk (CVE-2014-8361) vulnerability in Realtek sdk (CVE-2014-8361). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Realtek Sdk Cwe 20	2 years ago
CVE-2017-6884 KEV	[KEV] OS Command Injection in Zyxel emg2926-routers (CVE-2017-6884) OS command injection in Zyxel emg2926-routers (CVE-2017-6884). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zyxel Emg2926 Routers Cwe 78	2 years ago
CVE-2021-3129 KEV	[KEV] Vulnerability in Laravel ignition (CVE-2021-3129) vulnerability in Laravel ignition (CVE-2021-3129). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Laravel Ignition	2 years ago
CVE-2023-26369 KEV	[KEV] Out-of-Bounds Write in Adobe acrobat-and-reader (CVE-2023-26369) out-of-bounds write in Adobe acrobat-and-reader (CVE-2023-26369). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Adobe Acrobat And Reader Cwe 787	2 years ago
CVE-2023-35674 KEV	[KEV] Vulnerability in Android framework (CVE-2023-35674) vulnerability in Android framework (CVE-2023-35674). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Android Framework	2 years ago
CVE-2023-20269 KEV	[KEV] Vulnerability in Cisco adaptive-security-appliance-and-firepower-threat-defense (CVE-2023-20269) vulnerability in Cisco adaptive-security-appliance-and-firepower-threat-defense (CVE-2023-20269). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Cisco Adaptive Security Appliance And Firepower Threat Defense Cwe 288	2 years ago
CVE-2023-4863 KEV	[KEV] Out-of-Bounds Write in Google chromium-webp (CVE-2023-4863) out-of-bounds write in Google chromium-webp (CVE-2023-4863). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Google Chromium Webp Cwe 787	2 years ago
CVE-2023-36761 KEV	[KEV] Vulnerability in Microsoft word (CVE-2023-36761) vulnerability in Microsoft word (CVE-2023-36761). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Word Cwe 668	2 years ago
CVE-2023-36802 KEV	[KEV] Use-After-Free in Microsoft streaming-service-proxy (CVE-2023-36802) vulnerability in Microsoft streaming-service-proxy (CVE-2023-36802). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Streaming Service Proxy Cwe 416	2 years ago
CVE-2023-41064 KEV	[KEV] Vulnerability in Apple ios (CVE-2023-41064) vulnerability in Apple ios (CVE-2023-41064). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple iOS Ipados And Macos +1	2 years ago
CVE-2023-41061 KEV	[KEV] Vulnerability in Apple ios (CVE-2023-41061) vulnerability in Apple ios (CVE-2023-41061). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple iOS Ipados And Watchos	2 years ago
CVE-2023-33246 KEV	[KEV] Code Injection in Apache rocketmq (CVE-2023-33246) code injection in Apache rocketmq (CVE-2023-33246). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apache Rocketmq Cwe 94	2 years ago
CVE-2023-38831 KEV	[KEV] Vulnerability in Rarlab winrar (CVE-2023-38831) vulnerability in Rarlab winrar (CVE-2023-38831). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Rarlab Winrar Cwe 351	2 years ago
CVE-2023-32315 KEV	[KEV] Path Traversal in Ignite realtime ignite-realtime (CVE-2023-32315) path traversal in Ignite realtime ignite-realtime (CVE-2023-32315). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Ignite Realtime Openfire Cwe 22	2 years ago
CVE-2023-38035 KEV	[KEV] Authorization Flaw in Ivanti sentry (CVE-2023-38035) vulnerability in Ivanti sentry (CVE-2023-38035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Ivanti Sentry Cwe 863	2 years ago
CVE-2023-27532 KEV	[KEV] Vulnerability in Veeam backup-replication (CVE-2023-27532) vulnerability in Veeam backup-replication (CVE-2023-27532). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Veeam Backup Replication Cwe 306	2 years ago
CVE-2023-26359 KEV	[KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2023-26359) vulnerability in Adobe coldfusion (CVE-2023-26359). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Adobe Coldfusion Cwe 502	2 years ago
CVE-2023-24489 KEV	[KEV] Vulnerability in Citrix content-collaboration (CVE-2023-24489) vulnerability in Citrix content-collaboration (CVE-2023-24489). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Citrix Content Collaboration Cwe 284	2 years ago
CVE-2023-38180 KEV	[KEV] Vulnerability in Microsoft net-core-and-visual-studio (CVE-2023-38180) vulnerability in Microsoft net-core-and-visual-studio (CVE-2023-38180). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Net Core And Visual Studio	2 years ago
CVE-2017-18368 KEV	[KEV] OS Command Injection in Zyxel p660hn-t1a-routers (CVE-2017-18368) OS command injection in Zyxel p660hn-t1a-routers (CVE-2017-18368). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zyxel P660Hn T1A Routers Cwe 78	2 years ago
CVE-2023-35081 KEV	[KEV] Path Traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081) path traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Ivanti Endpoint Manager Mobile Epmm Cwe 22	2 years ago
CVE-2023-37580 KEV	[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580) cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Synacor Zimbra Collaboration Suite Zcs Cwe 79	2 years ago
CVE-2023-38606 KEV	[KEV] Vulnerability in Apple multiple-products (CVE-2023-38606) vulnerability in Apple multiple-products (CVE-2023-38606). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products	2 years ago
CVE-2023-35078 KEV	[KEV] Authentication Bypass in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35078) authentication bypass in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35078). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Ivanti Endpoint Manager Mobile Epmm Cwe 287	2 years ago
CVE-2023-29298 KEV	[KEV] Vulnerability in Adobe coldfusion (CVE-2023-29298) vulnerability in Adobe coldfusion (CVE-2023-29298). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Adobe Coldfusion Cwe 284	2 years ago
CVE-2023-38205 KEV	[KEV] Vulnerability in Adobe coldfusion (CVE-2023-38205) vulnerability in Adobe coldfusion (CVE-2023-38205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Adobe Coldfusion Cwe 284	2 years ago
CVE-2023-3519 KEV	[KEV] Code Injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-3519) code injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-3519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Citrix Netscaler Adc And Netscaler Gateway Cwe 94	2 years ago
CVE-2023-36884 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2023-36884) vulnerability in Microsoft windows (CVE-2023-36884). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 362	2 years ago
CVE-2022-29303 KEV	[KEV] OS Command Injection in Solarview compact (CVE-2022-29303) OS command injection in Solarview compact (CVE-2022-29303). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Solarview Compact Cwe 78	2 years ago
CVE-2023-37450 KEV	[KEV] Vulnerability in Apple multiple-products (CVE-2023-37450) vulnerability in Apple multiple-products (CVE-2023-37450). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products	2 years ago
CVE-2023-32046 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2023-32046) vulnerability in Microsoft windows (CVE-2023-32046). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows	2 years ago
CVE-2023-32049 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2023-32049) vulnerability in Microsoft windows (CVE-2023-32049). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows	2 years ago
CVE-2023-35311 KEV	[KEV] Vulnerability in Microsoft outlook (CVE-2023-35311) vulnerability in Microsoft outlook (CVE-2023-35311). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Outlook Cwe 367	2 years ago
CVE-2023-36874 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2023-36874) vulnerability in Microsoft windows (CVE-2023-36874). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 59	2 years ago
CVE-2022-31199 KEV	[KEV] Unsafe Deserialization in Netwrix auditor (CVE-2022-31199) vulnerability in Netwrix auditor (CVE-2022-31199). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Netwrix Auditor Cwe 502 Cwe 122	2 years ago
CVE-2021-29256 KEV	[KEV] Use-After-Free in Arm mali-graphics-processing-unit-gpu (CVE-2021-29256) vulnerability in Arm mali-graphics-processing-unit-gpu (CVE-2021-29256). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Arm Mali Graphics Processing Unit Gpu Cwe 416	2 years ago
CVE-2019-17621 KEV	[KEV] OS Command Injection in D-link dir-859-router (CVE-2019-17621) OS command injection in D-link dir-859-router (CVE-2019-17621). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	D Link Dir 859 Router Cwe 78	2 years ago
CVE-2019-20500 KEV	[KEV] OS Command Injection in D-link dwl-2600ap-access-point (CVE-2019-20500) OS command injection in D-link dwl-2600ap-access-point (CVE-2019-20500). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	D Link Dwl 2600Ap Access Point Cwe 78	2 years ago

Vulnerabilities

🍪 About cookies