Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

KEV

Categories

All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Tag groups

All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Popular tags (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

ID	Title	Severity	Tags	Detected
CVE-2021-25372 KEV	[KEV] Out-of-Bounds Write in Samsung mobile-devices (CVE-2021-25372) out-of-bounds write in Samsung mobile-devices (CVE-2021-25372). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Samsung Mobile Devices Cwe 787	2 years ago
CVE-2021-25371 KEV	[KEV] Vulnerability in Samsung mobile-devices (CVE-2021-25371) vulnerability in Samsung mobile-devices (CVE-2021-25371). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Samsung Mobile Devices Cwe 912	2 years ago
CVE-2021-25395 KEV	[KEV] Vulnerability in Samsung mobile-devices (CVE-2021-25395) vulnerability in Samsung mobile-devices (CVE-2021-25395). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Samsung Mobile Devices Cwe 362	2 years ago
CVE-2021-25394 KEV	[KEV] Use-After-Free in Samsung mobile-devices (CVE-2021-25394) vulnerability in Samsung mobile-devices (CVE-2021-25394). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Samsung Mobile Devices Cwe 416	2 years ago
CVE-2021-25489 KEV	[KEV] Vulnerability in Samsung mobile-devices (CVE-2021-25489) vulnerability in Samsung mobile-devices (CVE-2021-25489). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Samsung Mobile Devices Cwe 20	2 years ago
CVE-2021-25487 KEV	[KEV] Out-of-Bounds Read in Samsung mobile-devices (CVE-2021-25487) vulnerability in Samsung mobile-devices (CVE-2021-25487). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Samsung Mobile Devices Cwe 125	2 years ago
CVE-2019-20500 KEV	[KEV] OS Command Injection in D-link dwl-2600ap-access-point (CVE-2019-20500) OS command injection in D-link dwl-2600ap-access-point (CVE-2019-20500). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	D Link Dwl 2600Ap Access Point Cwe 78	2 years ago
CVE-2019-17621 KEV	[KEV] OS Command Injection in D-link dir-859-router (CVE-2019-17621) OS command injection in D-link dir-859-router (CVE-2019-17621). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	D Link Dir 859 Router Cwe 78	2 years ago
OSV-2022-1277	Vulnerability in fluent-bit (OSV-2022-1277) vulnerability in fluent-bit (OSV-2022-1277). Risk of unauthorized operations or information disclosure.			2 years ago
OSV-2023-506	Vulnerability in cras (OSV-2023-506) vulnerability in cras (OSV-2023-506). Risk of unauthorized operations or information disclosure.			2 years ago
CVE-2023-27992 KEV	[KEV] OS Command Injection in Zyxel multiple-network-attached-storage-nas-devices (CVE-2023-27992) OS command injection in Zyxel multiple-network-attached-storage-nas-devices (CVE-2023-27992). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zyxel Multiple Network Attached Storage Nas Devices Cwe 78	2 years ago
CVE-2023-20867 KEV	[KEV] Authentication Bypass in Vmware tools (CVE-2023-20867) authentication bypass in Vmware tools (CVE-2023-20867). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Vmware Tools Cwe 287	2 years ago
CVE-2023-32439 KEV	[KEV] Vulnerability in Apple multiple-products (CVE-2023-32439) vulnerability in Apple multiple-products (CVE-2023-32439). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 843	2 years ago
CVE-2023-32435 KEV	[KEV] Out-of-Bounds Write in Apple multiple-products (CVE-2023-32435) out-of-bounds write in Apple multiple-products (CVE-2023-32435). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 787	2 years ago
CVE-2023-32434 KEV	[KEV] Vulnerability in Apple multiple-products (CVE-2023-32434) vulnerability in Apple multiple-products (CVE-2023-32434). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 190	2 years ago
CVE-2016-0165 KEV	[KEV] Vulnerability in Microsoft win32k (CVE-2016-0165) vulnerability in Microsoft win32k (CVE-2016-0165). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Win32K Cwe 264	2 years ago
CVE-2016-9079 KEV	[KEV] Use-After-Free in Mozilla firefox (CVE-2016-9079) vulnerability in Mozilla firefox (CVE-2016-9079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Mozilla Firefox Firefox Esr And Thunderbird +1	2 years ago
CVE-2021-44026 KEV	[KEV] SQL Injection in roundcube (CVE-2021-44026) SQL injection in roundcube (CVE-2021-44026). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Roundcube Roundcube Webmail Cwe 89	2 years ago
CVE-2020-12641 KEV	[KEV] OS Command Injection in roundcube (CVE-2020-12641) OS command injection in roundcube (CVE-2020-12641). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Roundcube Roundcube Webmail Cwe 78	2 years ago
CVE-2020-35730 KEV	[KEV] Cross-Site Scripting (XSS) in roundcube (CVE-2020-35730) cross-site scripting in roundcube (CVE-2020-35730). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Roundcube Roundcube Webmail Cwe 79	2 years ago
CVE-2023-20887 KEV	[KEV] Command Injection in Vmware aria-operations-for-networks (CVE-2023-20887) command injection in Vmware aria-operations-for-networks (CVE-2023-20887). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Vmware Aria Operations For Networks Cwe 77	2 years ago
CVE-2023-27997 KEV	[KEV] Vulnerability in Fortinet fortios-and-fortiproxy-ssl-vpn (CVE-2023-27997) vulnerability in Fortinet fortios-and-fortiproxy-ssl-vpn (CVE-2023-27997). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortinet Fortios And Fortiproxy Ssl Vpn Cwe 122	2 years ago
OSV-2023-467	Vulnerability in espeak-ng (OSV-2023-467) vulnerability in espeak-ng (OSV-2023-467). Risk of unauthorized operations or information disclosure.			2 years ago
CVE-2023-3079 KEV	[KEV] Vulnerability in Google chromium-v8 (CVE-2023-3079) vulnerability in Google chromium-v8 (CVE-2023-3079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Google Chromium V8 Cwe 843	2 years ago
UBUNTU-CVE-2023-32629	Vulnerability in linux-hwe-edge (UBUNTU-CVE-2023-32629) vulnerability in linux-hwe-edge (UBUNTU-CVE-2023-32629). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.0-1106.114~18.04.1` or later.			2 years ago
UBUNTU-CVE-2023-2640	Vulnerability in linux-hwe-edge (UBUNTU-CVE-2023-2640) vulnerability in linux-hwe-edge (UBUNTU-CVE-2023-2640). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.15.0-1106.113~20.04.1` or later.			2 years ago
CVE-2023-33010 KEV	[KEV] Vulnerability in Zyxel multiple-firewalls (CVE-2023-33010) vulnerability in Zyxel multiple-firewalls (CVE-2023-33010). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zyxel Multiple Firewalls Cwe 120	2 years ago
CVE-2023-33009 KEV	[KEV] Vulnerability in Zyxel multiple-firewalls (CVE-2023-33009) vulnerability in Zyxel multiple-firewalls (CVE-2023-33009). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zyxel Multiple Firewalls Cwe 120	2 years ago
CVE-2023-34362 KEV	[KEV] SQL Injection in Progress moveit-transfer (CVE-2023-34362) SQL injection in Progress moveit-transfer (CVE-2023-34362). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Progress Moveit Transfer Cwe 89	2 years ago
OSV-2023-444	Vulnerability in opencv (OSV-2023-444) vulnerability in opencv (OSV-2023-444). Risk of unauthorized operations or information disclosure.			2 years ago
CVE-2023-28771 KEV	[KEV] OS Command Injection in Zyxel multiple-firewalls (CVE-2023-28771) OS command injection in Zyxel multiple-firewalls (CVE-2023-28771). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zyxel Multiple Firewalls Cwe 78	2 years ago
OSV-2023-430	Vulnerability in hdf5 (OSV-2023-430) vulnerability in hdf5 (OSV-2023-430). Risk of unauthorized operations or information disclosure.			2 years ago
CVE-2023-2868 KEV	[KEV] Vulnerability in Barracuda networks barracuda-networks (CVE-2023-2868) vulnerability in Barracuda networks barracuda-networks (CVE-2023-2868). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Barracuda Networks Email Security Gateway Esg Appliance Cwe 20	2 years ago
UBUNTU-CVE-2023-25440	Vulnerability in civicrm (UBUNTU-CVE-2023-25440) vulnerability in civicrm (UBUNTU-CVE-2023-25440). Risk of unauthorized operations or information disclosure.			2 years ago
CVE-2023-32373 KEV	[KEV] Use-After-Free in Apple multiple-products (CVE-2023-32373) vulnerability in Apple multiple-products (CVE-2023-32373). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 416	2 years ago
CVE-2023-28204 KEV	[KEV] Out-of-Bounds Read in Apple multiple-products (CVE-2023-28204) vulnerability in Apple multiple-products (CVE-2023-28204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 125	2 years ago
CVE-2023-32409 KEV	[KEV] Vulnerability in Apple multiple-products (CVE-2023-32409) vulnerability in Apple multiple-products (CVE-2023-32409). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products	2 years ago
CVE-2023-21492 KEV	[KEV] Vulnerability in Samsung mobile-devices (CVE-2023-21492) vulnerability in Samsung mobile-devices (CVE-2023-21492). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Samsung Mobile Devices Cwe 532	2 years ago
CVE-2016-6415 KEV	[KEV] Information Disclosure in Cisco ios (CVE-2016-6415) vulnerability in Cisco ios (CVE-2016-6415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Cisco iOS Ios Xr And Ios Xe +1	2 years ago
CVE-2004-1464 KEV	[KEV] Vulnerability in Cisco ios (CVE-2004-1464) vulnerability in Cisco ios (CVE-2004-1464). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Cisco iOS	2 years ago
UBUNTU-CVE-2023-31722	Vulnerability in nasm (UBUNTU-CVE-2023-31722) vulnerability in nasm (UBUNTU-CVE-2023-31722). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.15.05-1ubuntu0.1~esm1` or later.			2 years ago
OSV-2023-395	Vulnerability in opensc (OSV-2023-395) vulnerability in opensc (OSV-2023-395). Risk of unauthorized operations or information disclosure.			2 years ago
OSV-2023-392	Vulnerability in hdf5 (OSV-2023-392) vulnerability in hdf5 (OSV-2023-392). Risk of unauthorized operations or information disclosure.			2 years ago
OSV-2023-390	Vulnerability in qemu (OSV-2023-390) vulnerability in qemu (OSV-2023-390). Risk of unauthorized operations or information disclosure.			2 years ago
CVE-2016-8735 KEV	[KEV] Vulnerability in Apache tomcat (CVE-2016-8735) vulnerability in Apache tomcat (CVE-2016-8735). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apache Tomcat Cwe 284	2 years ago
CVE-2016-3427 KEV	[KEV] Vulnerability in Oracle java-se-and-jrockit (CVE-2016-3427) vulnerability in Oracle java-se-and-jrockit (CVE-2016-3427). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Oracle Java Se And Jrockit	2 years ago
CVE-2015-5317 KEV	[KEV] Information Disclosure in jenkins (CVE-2015-5317) vulnerability in jenkins (CVE-2015-5317). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Jenkins Jenkins User Interface Ui Cwe 200	2 years ago
CVE-2010-3904 KEV	[KEV] Vulnerability in Linux kernel (CVE-2010-3904) vulnerability in Linux kernel (CVE-2010-3904). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Linux Kernel Cwe 20	2 years ago
CVE-2014-0196 KEV	[KEV] Vulnerability in Linux kernel (CVE-2014-0196) vulnerability in Linux kernel (CVE-2014-0196). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Linux Kernel Cwe 362	2 years ago
CVE-2021-3560 KEV	[KEV] Authorization Flaw in Red hat red-hat (CVE-2021-3560) vulnerability in Red hat red-hat (CVE-2021-3560). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Red Hat Polkit Cwe 863	2 years ago

Vulnerabilities

🍪 About cookies