Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Apple | Multiple Products

CVE-2023-32409

Apple Multiple Products WebKit Sandbox Escape Vulnerability: Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-05-22
Due Date: 2023-06-12

Additional Notes

Apple | Multiple Products

CVE-2023-28204

Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability: Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Related CWE: CWE-125

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-05-22
Due Date: 2023-06-12

Additional Notes

Apple | Multiple Products

CVE-2023-32373

Apple Multiple Products WebKit Use-After-Free Vulnerability: Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-05-22
Due Date: 2023-06-12

Additional Notes

Microsoft | Win32k

CVE-2023-29336

Microsoft Win32K Privilege Escalation Vulnerability: Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-05-09
Due Date: 2023-05-30

Additional Notes

Apple | macOS

CVE-2019-8526

Apple macOS Use-After-Free Vulnerability: Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-04-17
Due Date: 2023-05-08

Additional Notes

Microsoft | Windows

CVE-2023-28252

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability: Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-122

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-04-11
Due Date: 2023-05-02

Additional Notes

Apple | Multiple Products

CVE-2023-28205

Apple Multiple Products WebKit Use-After-Free Vulnerability: Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-04-10
Due Date: 2023-05-01

Additional Notes

Apple | iOS, iPadOS, and macOS

CVE-2023-28206

Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability: Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-04-10
Due Date: 2023-05-01

Additional Notes

Microsoft | Windows

CVE-2019-1388

Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability: Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.

Related CWE: CWE-269

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-04-07
Due Date: 2023-04-28

Additional Notes

Apple | iOS, iPadOS, and macOS

CVE-2021-30900

Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability: Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.

Related CWEs: CWE-20| CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-03-30
Due Date: 2023-04-20

Additional Notes

Microsoft | Internet Explorer

CVE-2013-3163

Microsoft Internet Explorer Memory Corruption Vulnerability: Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2023-03-30
Due Date: 2023-04-20

Additional Notes

Microsoft | Office

CVE-2023-23397

Microsoft Office Outlook Privilege Escalation Vulnerability: Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.

Related CWE: CWE-294

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-03-14
Due Date: 2023-04-04

Additional Notes

Microsoft | Windows

CVE-2023-24880

Microsoft Windows SmartScreen Security Feature Bypass Vulnerability: Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-03-14
Due Date: 2023-04-04

Additional Notes

Microsoft | Windows

CVE-2023-23376

Related CWE: CWE-122

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-02-14
Due Date: 2023-03-07

Additional Notes

Apple | Multiple Products

CVE-2023-23529

Apple Multiple Products WebKit Type Confusion Vulnerability: Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Related CWE: CWE-843

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-02-14
Due Date: 2023-03-07

Additional Notes

Microsoft | Office

CVE-2023-21715

Microsoft Office Publisher Security Feature Bypass Vulnerability: Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-02-14
Due Date: 2023-03-07

Additional Notes

Microsoft | Windows

CVE-2023-21823

Microsoft Windows Graphic Component Privilege Escalation Vulnerability: Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-190

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-02-14
Due Date: 2023-03-07

Additional Notes

Microsoft | Windows

CVE-2023-21674

Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability: Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-01-10
Due Date: 2023-01-31

Additional Notes

Microsoft | Exchange Server

CVE-2022-41080

Microsoft Exchange Server Privilege Escalation Vulnerability: Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-01-10
Due Date: 2023-01-31

Additional Notes

Apple | iOS

CVE-2022-42856

Apple iOS Type Confusion Vulnerability: Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.

Related CWE: CWE-843

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-12-14
Due Date: 2023-01-04

Additional Notes

Known Exploited Vulnerabilities Catalog

Subscribe to the KEV Catalog Updates