Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Mozilla | Firefox

CVE-2015-4495

Mozilla Firefox Security Feature Bypass Vulnerability: Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges.

Related CWE: CWE-200

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Adobe | Flash Player

CVE-2015-8651

Adobe Flash Player Integer Overflow Vulnerability: Integer overflow in Adobe Flash Player allows attackers to execute code.

Related CWE: CWE-189

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Microsoft | Windows

CVE-2015-6175

Microsoft Windows Kernel Privilege Escalation Vulnerability: The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Microsoft | Windows

CVE-2015-1671

Microsoft Windows Remote Code Execution Vulnerability: A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts.

Related CWE: CWE-19

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Microsoft | Windows

CVE-2014-4148

Microsoft Windows Remote Code Execution Vulnerability: A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Microsoft | Internet Explorer

CVE-2014-4123

Microsoft Internet Explorer Privilege Escalation Vulnerability: Microsoft Internet Explorer contains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Adobe | Flash Player

CVE-2014-8439

Adobe Flash Player Dereferenced Pointer Vulnerability: Adobe Flash Player has a vulnerability in the way it handles a dereferenced memory pointer which could lead to code execution.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Red Hat | JBoss

CVE-2010-0738

Red Hat JBoss Authentication Bypass Vulnerability: The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Oracle | Java Runtime Environment (JRE)

CVE-2010-0840

Oracle JRE Unspecified Vulnerability: Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Red Hat | JBoss

CVE-2010-1428

Red Hat JBoss Information Disclosure Vulnerability: Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Oracle | Fusion Middleware

CVE-2012-1710

Oracle Fusion Middleware Unspecified Vulnerability: Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Designer.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Microsoft | Silverlight

CVE-2013-0074

Microsoft Silverlight Double Dereference Vulnerability: Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers to execute code via a crafted Silverlight application.

Known To Be Used in Ransomware Campaigns? Known

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Oracle | Java Runtime Environment (JRE)

CVE-2013-0422

Oracle JRE Remote Code Execution Vulnerability: A vulnerability in the way Java restricts the permissions of Java applets could allow an attacker to execute commands on a vulnerable system.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Oracle | Java Runtime Environment (JRE)

CVE-2013-0431

Oracle JRE Sandbox Bypass Vulnerability: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle allows remote attackers to bypass the Java security sandbox.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Microsoft | Silverlight

CVE-2013-3896

Microsoft Silverlight Information Disclosure Vulnerability: Microsoft Silverlight does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Oracle | Java Runtime Environment (JRE)

CVE-2013-2423

Oracle JRE Unspecified Vulnerability: Unspecified vulnerability in hotspot for Java Runtime Environment (JRE) allows remote attackers to affect integrity.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Adobe | Acrobat and Reader

CVE-2014-0546

Adobe Acrobat and Reader Sandbox Bypass Vulnerability: Adobe Acrobat and Reader on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Microsoft | Internet Explorer

CVE-2014-2817

Microsoft Internet Explorer Privilege Escalation Vulnerability: Microsoft Internet Explorer cotains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Microsoft | Input Method Editor (IME) Japanese

CVE-2014-4077

Microsoft IME Japanese Privilege Escalation Vulnerability: Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Microsoft | Internet Explorer

CVE-2013-7331

Microsoft Internet Explorer Information Disclosure Vulnerability: An information disclosure vulnerability exists in Internet Explorer which allows resources loaded into memory to be queried. This vulnerability could allow an attacker to detect anti-malware applications.

Related CWE: CWE-200

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-05-25
Due Date: 2022-06-15

Additional Notes

Known Exploited Vulnerabilities Catalog

Subscribe to the KEV Catalog Updates