Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Adobe | Acrobat and Reader

CVE-2023-21608

Adobe Acrobat and Reader Use-After-Free Vulnerability: Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the current user.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-10-10
Due Date: 2023-10-31

Additional Notes

Adobe | Acrobat and Reader

CVE-2023-26369

Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability: Adobe Acrobat and Reader contains an out-of-bounds write vulnerability that allows for code execution.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-09-14
Due Date: 2023-10-05

Additional Notes

Cisco | Adaptive Security Appliance and Firepower Threat Defense

CVE-2023-20269

Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability: Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.

Related CWE: CWE-288

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions for group-lock and vpn-simultaneous-logins or discontinue use of the product for unsupported devices.

Date Added: 2023-09-13
Due Date: 2023-10-04

Additional Notes

Adobe | ColdFusion

CVE-2023-26359

Adobe ColdFusion Deserialization of Untrusted Data Vulnerability: Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the context of the current user.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-08-21
Due Date: 2023-09-11

Additional Notes

Adobe | ColdFusion

CVE-2023-29298

Adobe ColdFusion Improper Access Control Vulnerability: Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.

Related CWE: CWE-284

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-07-20
Due Date: 2023-08-10

Additional Notes

Adobe | ColdFusion

CVE-2023-38205

Adobe ColdFusion Improper Access Control Vulnerability: Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.

Related CWE: CWE-284

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-07-20
Due Date: 2023-08-10

Additional Notes

Cisco | IOS

CVE-2004-1464

Cisco IOS Denial-of-Service Vulnerability: Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-05-19
Due Date: 2023-06-09

Additional Notes

Cisco | IOS, IOS XR, and IOS XE

CVE-2016-6415

Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability: Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure.

Related CWE: CWE-200

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-05-19
Due Date: 2023-06-09

Additional Notes

Cisco | IOS and IOS XE Software

CVE-2017-6742

Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability: The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-04-19
Due Date: 2023-05-10

Additional Notes

Adobe | ColdFusion

CVE-2023-26360

Adobe ColdFusion Deserialization of Untrusted Data Vulnerability: Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution.

Related CWE: CWE-284

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-03-15
Due Date: 2023-04-05

Additional Notes

Cisco | AnyConnect Secure

CVE-2020-3153

Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability: Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.

Related CWE: CWE-427

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-10-24
Due Date: 2022-11-14

Additional Notes

Cisco | AnyConnect Secure

CVE-2020-3433

Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability: Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.

Related CWE: CWE-427

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-10-24
Due Date: 2022-11-14

Additional Notes

Adobe | Flash Player

CVE-2010-1297

Adobe Flash Player Memory Corruption Vulnerability: Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

Adobe | Acrobat and Reader

CVE-2008-0655

Adobe Acrobat and Reader Unspecified Vulnerability: Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

Cisco | RV Series Routers

CVE-2019-15271

Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability: A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

Adobe | Acrobat and Reader, Flash Player

CVE-2009-1862

Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability: Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service (DoS).

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: For Adobe Acrobat and Reader, apply updates per vendor instructions. For Adobe Flash Player, the impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

Adobe | Acrobat and Reader

CVE-2009-4324

Adobe Acrobat and Reader Use-After-Free Vulnerability: Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.

Related CWE: CWE-399

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

Adobe | Acrobat and Reader

CVE-2018-4990

Adobe Acrobat and Reader Double Free Vulnerability: Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.

Related CWE: CWE-415

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

Adobe | Flash Player

CVE-2012-0754

Adobe Flash Player Memory Corruption Vulnerability: Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

Adobe | Acrobat and Reader

CVE-2010-2883

Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability: Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

Known Exploited Vulnerabilities Catalog

Subscribe to the KEV Catalog Updates