Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 81 - 100 of 373
Filters:
Microsoft | Outlook

CVE-2023-35311

Microsoft Outlook Security Feature Bypass Vulnerability: Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt.

Related CWE: CWE-367

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
  • Date Added: 2023-07-11
  • Due Date: 2023-08-01
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-35311; https://nvd.nist.gov/vuln/detail/CVE-2023-35311
Oracle | Java SE and JRockit

CVE-2016-3427

Oracle Java SE and JRockit Unspecified Vulnerability: Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-05-12
  • Due Date: 2023-06-02
Additional Notes
https://www.oracle.com/security-alerts/cpuapr2016v3.html; https://nvd.nist.gov/vuln/detail/CVE-2016-3427
Microsoft | Win32k

CVE-2023-29336

Microsoft Win32K Privilege Escalation Vulnerability: Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-05-09
  • Due Date: 2023-05-30
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-29336; https://nvd.nist.gov/vuln/detail/CVE-2023-29336
Oracle | WebLogic Server

CVE-2023-21839

Oracle WebLogic Server Unspecified Vulnerability: Oracle WebLogic Server contains an unspecified vulnerability that allows an unauthenticated attacker with network access via T3, IIOP, to compromise Oracle WebLogic Server.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-05-01
  • Due Date: 2023-05-22
Additional Notes
https://www.oracle.com/security-alerts/cpujan2023.html; https://nvd.nist.gov/vuln/detail/CVE-2023-21839
Microsoft | Windows

CVE-2023-28252

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability: Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-122

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-04-11
  • Due Date: 2023-05-02
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252; https://nvd.nist.gov/vuln/detail/CVE-2023-28252
Microsoft | Windows

CVE-2019-1388

Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability: Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.

Related CWE: CWE-269

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-04-07
  • Due Date: 2023-04-28
Additional Notes
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1388; https://nvd.nist.gov/vuln/detail/CVE-2019-1388
Microsoft | Internet Explorer

CVE-2013-3163

Microsoft Internet Explorer Memory Corruption Vulnerability: Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.
  • Date Added: 2023-03-30
  • Due Date: 2023-04-20
Additional Notes
https://learn.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-055; https://nvd.nist.gov/vuln/detail/CVE-2013-3163
Microsoft | Windows

CVE-2023-24880

Microsoft Windows SmartScreen Security Feature Bypass Vulnerability: Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-03-14
  • Due Date: 2023-04-04
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-24880; https://nvd.nist.gov/vuln/detail/CVE-2023-24880
Microsoft | Office

CVE-2023-23397

Microsoft Office Outlook Privilege Escalation Vulnerability: Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.

Related CWE: CWE-294

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-03-14
  • Due Date: 2023-04-04
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23397, https://msrc.microsoft.com/blog/2023/03/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability/, ; https://nvd.nist.gov/vuln/detail/CVE-2023-23397
Microsoft | Windows

CVE-2023-21823

Microsoft Windows Graphic Component Privilege Escalation Vulnerability: Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-190

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-02-14
  • Due Date: 2023-03-07
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21823; https://nvd.nist.gov/vuln/detail/CVE-2023-21823
Microsoft | Office

CVE-2023-21715

Microsoft Office Publisher Security Feature Bypass Vulnerability: Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-02-14
  • Due Date: 2023-03-07
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21715; https://nvd.nist.gov/vuln/detail/CVE-2023-21715
Microsoft | Windows

CVE-2023-23376

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability: Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-122

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-02-14
  • Due Date: 2023-03-07
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23376; https://nvd.nist.gov/vuln/detail/CVE-2023-23376
Oracle | E-Business Suite

CVE-2022-21587

Oracle E-Business Suite Unspecified Vulnerability: Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.

Related CWE: CWE-306

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-02-02
  • Due Date: 2023-02-23
Additional Notes
https://www.oracle.com/security-alerts/cpuoct2022.html; https://nvd.nist.gov/vuln/detail/CVE-2022-21587
Microsoft | Windows

CVE-2023-21674

Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability: Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-01-10
  • Due Date: 2023-01-31
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21674; https://nvd.nist.gov/vuln/detail/CVE-2023-21674
Microsoft | Exchange Server

CVE-2022-41080

Microsoft Exchange Server Privilege Escalation Vulnerability: Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-01-10
  • Due Date: 2023-01-31
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41080; https://nvd.nist.gov/vuln/detail/CVE-2022-41080
Microsoft | Defender

CVE-2022-44698

Microsoft Defender SmartScreen Security Feature Bypass Vulnerability: Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.

Related CWE: CWE-755

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-13
  • Due Date: 2023-01-03
Additional Notes
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44698; https://nvd.nist.gov/vuln/detail/CVE-2022-44698
Oracle | Fusion Middleware

CVE-2021-35587

Oracle Fusion Middleware Unspecified Vulnerability: Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the Access Manager product.

Related CWEs: CWE-502| CWE-790

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-28
  • Due Date: 2022-12-19
Additional Notes
https://www.oracle.com/security-alerts/cpujan2022.html; https://nvd.nist.gov/vuln/detail/CVE-2021-35587
Microsoft | Windows

CVE-2022-41049

Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability: Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.

Related CWE: CWE-274

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-14
  • Due Date: 2022-12-09
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41049; https://nvd.nist.gov/vuln/detail/CVE-2022-41049
Microsoft | Windows

CVE-2022-41073

Microsoft Windows Print Spooler Privilege Escalation Vulnerability: Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-08
  • Due Date: 2022-12-09
Additional Notes
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41073; https://nvd.nist.gov/vuln/detail/CVE-2022-41073

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now