Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

KEV

Categories

All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Tag groups

All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Popular tags (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

ID	Title	Severity	Tags	Detected
CVE-2023-28205 KEV	[KEV] Use-After-Free in Apple multiple-products (CVE-2023-28205) vulnerability in Apple multiple-products (CVE-2023-28205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 416	3 years ago
CVE-2023-28206 KEV	[KEV] Out-of-Bounds Write in Apple ios (CVE-2023-28206) out-of-bounds write in Apple ios (CVE-2023-28206). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple iOS Ipados And Macos +1	3 years ago
CVE-2021-27876 KEV	[KEV] Authentication Bypass in Veritas backup-exec-agent (CVE-2021-27876) authentication bypass in Veritas backup-exec-agent (CVE-2021-27876). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Veritas Backup Exec Agent Cwe 287	3 years ago
CVE-2021-27877 KEV	[KEV] Authentication Bypass in Veritas backup-exec-agent (CVE-2021-27877) authentication bypass in Veritas backup-exec-agent (CVE-2021-27877). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Veritas Backup Exec Agent Cwe 287	3 years ago
CVE-2021-27878 KEV	[KEV] Authentication Bypass in Veritas backup-exec-agent (CVE-2021-27878) authentication bypass in Veritas backup-exec-agent (CVE-2021-27878). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Veritas Backup Exec Agent Cwe 287	3 years ago
CVE-2019-1388 KEV	[KEV] Privilege Escalation in Microsoft windows (CVE-2019-1388) vulnerability in Microsoft windows (CVE-2019-1388). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 269	3 years ago
CVE-2023-26083 KEV	[KEV] Vulnerability in Arm mali-graphics-processing-unit-gpu (CVE-2023-26083) vulnerability in Arm mali-graphics-processing-unit-gpu (CVE-2023-26083). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Arm Mali Graphics Processing Unit Gpu Cwe 401	3 years ago
CVE-2022-27926 KEV	[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27926) cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27926). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Synacor Zimbra Collaboration Suite Zcs Cwe 79 Cwe 138	3 years ago
CVE-2013-3163 KEV	[KEV] Code Injection in Microsoft internet-explorer (CVE-2013-3163) code injection in Microsoft internet-explorer (CVE-2013-3163). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Internet Explorer Cwe 94	3 years ago
CVE-2017-7494 KEV	[KEV] Code Injection in samba (CVE-2017-7494) code injection in samba (CVE-2017-7494). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Samba Cwe 94	3 years ago
CVE-2022-42948 KEV	[KEV] Cross-Site Scripting (XSS) in Fortra cobalt-strike (CVE-2022-42948) cross-site scripting in Fortra cobalt-strike (CVE-2022-42948). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortra Cobalt Strike Cwe 79 Cwe 116	3 years ago
CVE-2022-39197 KEV	[KEV] Vulnerability in Fortra cobalt-strike (CVE-2022-39197) vulnerability in Fortra cobalt-strike (CVE-2022-39197). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortra Cobalt Strike Cwe 20 Cwe 79	3 years ago
CVE-2021-30900 KEV	[KEV] Vulnerability in Apple ios (CVE-2021-30900) vulnerability in Apple ios (CVE-2021-30900). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple iOS Ipados And Macos +2	3 years ago
CVE-2022-38181 KEV	[KEV] Use-After-Free in Arm mali-graphics-processing-unit-gpu (CVE-2022-38181) vulnerability in Arm mali-graphics-processing-unit-gpu (CVE-2022-38181). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Arm Mali Graphics Processing Unit Gpu Cwe 416	3 years ago
CVE-2023-0266 KEV	[KEV] Use-After-Free in Linux kernel (CVE-2023-0266) vulnerability in Linux kernel (CVE-2023-0266). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Linux Kernel Cwe 416	3 years ago
CVE-2022-3038 KEV	[KEV] Use-After-Free in Google chromium-network-service (CVE-2022-3038) vulnerability in Google chromium-network-service (CVE-2022-3038). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Google Chromium Network Service Cwe 416	3 years ago
CVE-2022-22706 KEV	[KEV] Buffer Overflow in Arm mali-graphics-processing-unit-gpu (CVE-2022-22706) vulnerability in Arm mali-graphics-processing-unit-gpu (CVE-2022-22706). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Arm Mali Graphics Processing Unit Gpu Cwe 119	3 years ago
CVE-2023-26360 KEV	[KEV] Vulnerability in Adobe coldfusion (CVE-2023-26360) vulnerability in Adobe coldfusion (CVE-2023-26360). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Adobe Coldfusion Cwe 284	3 years ago
CVE-2023-23397 KEV	[KEV] Vulnerability in Microsoft office (CVE-2023-23397) vulnerability in Microsoft office (CVE-2023-23397). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Office Cwe 294	3 years ago
CVE-2023-24880 KEV	[KEV] Authorization Flaw in Microsoft windows (CVE-2023-24880) vulnerability in Microsoft windows (CVE-2023-24880). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 863	3 years ago
CVE-2022-41328 KEV	[KEV] Path Traversal in Fortinet fortios (CVE-2022-41328) path traversal in Fortinet fortios (CVE-2022-41328). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortinet Fortios Cwe 22	3 years ago
CVE-2021-39144 KEV	[KEV] Code Injection in xstream (CVE-2021-39144) code injection in xstream (CVE-2021-39144). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Xstream Cwe 94 Cwe 502	3 years ago
CVE-2020-5741 KEV	[KEV] Unsafe Deserialization in Plex media-server (CVE-2020-5741) vulnerability in Plex media-server (CVE-2020-5741). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Plex Media Server Cwe 502	3 years ago
CVE-2022-28810 KEV	[KEV] OS Command Injection in Zoho manageengine (CVE-2022-28810) OS command injection in Zoho manageengine (CVE-2022-28810). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zoho Manageengine Cwe 78 Cwe 259	3 years ago
CVE-2022-33891 KEV	[KEV] OS Command Injection in Apache spark (CVE-2022-33891) OS command injection in Apache spark (CVE-2022-33891). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apache Spark Cwe 78	3 years ago
CVE-2022-35914 KEV	[KEV] Vulnerability in Teclib glpi (CVE-2022-35914) vulnerability in Teclib glpi (CVE-2022-35914). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Teclib Glpi Cwe 74	3 years ago
CVE-2022-36537 KEV	[KEV] Vulnerability in Zk framework zk-framework (CVE-2022-36537) vulnerability in Zk framework zk-framework (CVE-2022-36537). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zk Framework Auuploader Cwe 441	3 years ago
CVE-2022-47986 KEV	[KEV] Unsafe Deserialization in Ibm aspera-faspex (CVE-2022-47986) vulnerability in Ibm aspera-faspex (CVE-2022-47986). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Ibm Aspera Faspex Cwe 502	3 years ago
CVE-2022-41223 KEV	[KEV] Code Injection in Mitel mivoice-connect (CVE-2022-41223) code injection in Mitel mivoice-connect (CVE-2022-41223). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Mitel Mivoice Connect Cwe 94	3 years ago
CVE-2022-40765 KEV	[KEV] Command Injection in Mitel mivoice-connect (CVE-2022-40765) command injection in Mitel mivoice-connect (CVE-2022-40765). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Mitel Mivoice Connect Cwe 77	3 years ago
CVE-2022-46169 KEV	[KEV] Vulnerability in cacti (CVE-2022-46169) vulnerability in cacti (CVE-2022-46169). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Cacti Cwe 74	3 years ago
CVE-2023-21715 KEV	[KEV] Authorization Flaw in Microsoft office (CVE-2023-21715) vulnerability in Microsoft office (CVE-2023-21715). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Office Cwe 863	3 years ago
CVE-2023-23376 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2023-23376) vulnerability in Microsoft windows (CVE-2023-23376). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 122	3 years ago
CVE-2023-23529 KEV	[KEV] Vulnerability in Apple multiple-products (CVE-2023-23529) vulnerability in Apple multiple-products (CVE-2023-23529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 843	3 years ago
CVE-2023-21823 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2023-21823) vulnerability in Microsoft windows (CVE-2023-21823). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 190	3 years ago
CVE-2015-2291 KEV	[KEV] Vulnerability in Intel ethernet-diagnostics-driver-for-windows (CVE-2015-2291) vulnerability in Intel ethernet-diagnostics-driver-for-windows (CVE-2015-2291). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Intel Ethernet Diagnostics Driver For Windows Cwe 20	3 years ago
CVE-2022-24990 KEV	[KEV] Vulnerability in terramaster (CVE-2022-24990) vulnerability in terramaster (CVE-2022-24990). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Terramaster Terramaster Os Cwe 306	3 years ago
CVE-2023-0669 KEV	[KEV] Unsafe Deserialization in Fortra goanywhere-mft (CVE-2023-0669) vulnerability in Fortra goanywhere-mft (CVE-2023-0669). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortra Goanywhere Mft Cwe 502	3 years ago
CVE-2022-21587 KEV	[KEV] Vulnerability in Oracle e-business-suite (CVE-2022-21587) vulnerability in Oracle e-business-suite (CVE-2022-21587). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Oracle E Business Suite Cwe 306	3 years ago
CVE-2023-22952 KEV	[KEV] Vulnerability in Sugarcrm multiple-products (CVE-2023-22952) vulnerability in Sugarcrm multiple-products (CVE-2023-22952). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sugarcrm Multiple Products Cwe 20	3 years ago
CVE-2017-11357 KEV	[KEV] Vulnerability in Telerik user-interface-ui-for-aspnet-ajax (CVE-2017-11357) vulnerability in Telerik user-interface-ui-for-aspnet-ajax (CVE-2017-11357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Telerik User Interface Ui For Aspnet Ajax Cwe 20	3 years ago
CVE-2022-47966 KEV	[KEV] Vulnerability in Zoho manageengine (CVE-2022-47966) vulnerability in Zoho manageengine (CVE-2022-47966). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zoho Manageengine	3 years ago
CVE-2022-44877 KEV	[KEV] OS Command Injection in Cwp control-web-panel (CVE-2022-44877) OS command injection in Cwp control-web-panel (CVE-2022-44877). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Cwp Control Web Panel Cwe 78	3 years ago
CVE-2022-41080 KEV	[KEV] Vulnerability in Microsoft exchange-server (CVE-2022-41080) vulnerability in Microsoft exchange-server (CVE-2022-41080). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Exchange Server	3 years ago
CVE-2023-21674 KEV	[KEV] Use-After-Free in Microsoft windows (CVE-2023-21674) vulnerability in Microsoft windows (CVE-2023-21674). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 416	3 years ago
CVE-2018-5430 KEV	[KEV] Path Traversal in Tibco jasperreports (CVE-2018-5430) path traversal in Tibco jasperreports (CVE-2018-5430). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Tibco Jasperreports Cwe 22	3 years ago
CVE-2018-18809 KEV	[KEV] Path Traversal in Tibco jasperreports (CVE-2018-18809) path traversal in Tibco jasperreports (CVE-2018-18809). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Tibco Jasperreports Cwe 22	3 years ago
CVE-2022-42856 KEV	[KEV] Vulnerability in Apple ios (CVE-2022-42856) vulnerability in Apple ios (CVE-2022-42856). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple iOS Cwe 843	3 years ago
CVE-2022-42475 KEV	[KEV] Vulnerability in Fortinet fortios (CVE-2022-42475) vulnerability in Fortinet fortios (CVE-2022-42475). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortinet Fortios Cwe 197	3 years ago
CVE-2022-44698 KEV	[KEV] Vulnerability in Microsoft defender (CVE-2022-44698) vulnerability in Microsoft defender (CVE-2022-44698). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Defender Cwe 755	3 years ago

Vulnerabilities

🍪 About cookies