Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Adobe | Flash Player

CVE-2015-7645

Adobe Flash Player Arbitrary Code Execution Vulnerability: Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file.

Known To Be Used in Ransomware Campaigns? Known

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Adobe | Flash Player

CVE-2015-5119

Adobe Flash Player Use-After-Free Vulnerability: A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | Java SE

CVE-2015-4902

Oracle Java SE Integrity Check Vulnerability: Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Adobe | Flash Player

CVE-2015-3043

Adobe Flash Player Memory Corruption Vulnerability: A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | Java SE

CVE-2015-2590

Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability: An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Microsoft | Office

CVE-2015-2545

Microsoft Office Malformed EPS File Vulnerability: Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Microsoft | PowerPoint

CVE-2015-2424

Microsoft PowerPoint Memory Corruption Vulnerability: Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Microsoft | ATM Font Driver

CVE-2015-2387

Microsoft ATM Font Driver Privilege Escalation Vulnerability: ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Microsoft | Win32k

CVE-2015-1701

Microsoft Win32k Privilege Escalation Vulnerability: An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Microsoft | Office

CVE-2015-1642

Microsoft Office Memory Corruption Vulnerability: Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Microsoft | Windows

CVE-2014-4114

Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability: A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Adobe | Reader and Acrobat

CVE-2014-0496

Adobe Reader and Acrobat Use-After-Free Vulnerability: Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.

Related CWE: CWE-399

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Microsoft | Windows

CVE-2013-5065

Microsoft Windows Kernel Privilege Escalation Vulnerability: Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Microsoft | Internet Explorer

CVE-2013-3897

Microsoft Internet Explorer Use-After-Free Vulnerability: A use-after-free vulnerability exists within CDisplayPointer in Microsoft Internet Explorer that allows an attacker to remotely execute arbitrary code.

Related CWE: CWE-399

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Adobe | Reader and Acrobat

CVE-2013-3346

Adobe Reader and Acrobat Memory Corruption Vulnerability: Adobe Reader and Acrobat contain a memory corruption vulnerability which can allow attackers to execute arbitrary code or cause a denial of service.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Mozilla | Firefox

CVE-2013-1675

Mozilla Firefox Information Disclosure Vulnerability: Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Microsoft | Internet Explorer

CVE-2013-1347

Microsoft Internet Explorer Remote Code Execution Vulnerability: This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Adobe | Reader

CVE-2013-0641

Adobe Reader Buffer Overflow Vulnerability: A buffer overflow vulnerability exists in Adobe Reader which allows an attacker to perform remote code execution.

Related CWE: CWE-120

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Adobe | Reader and Acrobat

CVE-2013-0640

Adobe Reader and Acrobat Memory Corruption Vulnerability: An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Adobe | ColdFusion

CVE-2013-0632

Adobe ColdFusion Authentication Bypass Vulnerability: An authentication bypass vulnerability exists in Adobe ColdFusion which could result in an unauthorized user gaining administrative access.

Related CWE: CWE-200

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Known Exploited Vulnerabilities Catalog

Subscribe to the KEV Catalog Updates