Lucene search
+L
Cisa KevRecent

1652 matches found

CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•17 views

Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability

Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service DoS...

9.3CVSS7.5AI score0.82485EPSS
Exploits13
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•28 views

QNAP Photo Station Path Traversal Vulnerability

QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files...

9.8CVSS5AI score0.82966EPSS
Exploits8
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•57 views

Google Chromium V8 Integer Overflow Vulnerability

Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft...

8.8CVSS8.7AI score0.60304EPSS
Exploits2
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•44 views

Adobe Flash Player Integer Overflow Vulnerability

Adobe Flash Player contains an integer overflow vulnerability that allows remote attackers to execute code via malformed arguments...

9.3CVSS7.1AI score0.21194EPSS
Exploits2
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•16 views

Adobe Flash Player Memory Corruption Vulnerability

Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service DoS...

9.3CVSS7AI score0.9203EPSS
Exploits11
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•42 views

Microsoft Office Buffer Overflow Vulnerability

Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via a Word document with a crafted tag containing an invalid length field...

9.3CVSS6.8AI score0.63081EPSS
Exploits1
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•23 views

Adobe Flash Player Memory Corruption Vulnerability

Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service DoS...

9.3CVSS9.7AI score0.82365EPSS
Exploits22
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•19 views

Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability

Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML...

6.1CVSS5.8AI score0.06662EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•47 views

NETGEAR Multiple Devices Buffer Overflow Vulnerability

Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution...

9.8CVSS4.5AI score0.42696EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•43 views

Adobe Acrobat and Reader Unspecified Vulnerability

Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times...

9.3CVSS4AI score0.36844EPSS
Exploits2
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•175 views

Adobe Acrobat and Reader Buffer Overflow Vulnerability

Adobe Acrobat and Reader contain a buffer overflow vulnerability that allows remote attackers to execute code via a PDF file with long arguments to unspecified JavaScript methods...

9.3CVSS7.2AI score0.94222EPSS
Exploits9
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•28 views

Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability

Adobe Acrobat and Reader contains an array boundary issue in Universal 3D U3D support that could lead to remote code execution...

10CVSS5.4AI score0.83855EPSS
Exploits3
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/08 12:0 a.m.•21 views

Microsoft Office Object Record Corruption Vulnerability

Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object...

9.3CVSS6.8AI score0.58551EPSS
Exploits1
CISA KEV Catalog
CISA KEV Catalog
•added 2022/06/02 12:0 a.m.•48 views

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution...

9.8CVSS5.6AI score0.99999EPSS
Exploits76
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•33 views

Oracle JRE Remote Code Execution Vulnerability

A vulnerability in the way Java restricts the permissions of Java applets could allow an attacker to execute commands on a vulnerable system...

10CVSS5.1AI score0.97612EPSS
Exploits38
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•41 views

Linux Kernel Privilege Escalation Vulnerability

The futexrequeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges...

7.8CVSS6.1AI score0.37233EPSS
Exploits15
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•25 views

Oracle JRE Unspecified Vulnerability

Unspecified vulnerability in hotspot for Java Runtime Environment JRE allows remote attackers to affect integrity...

4.3CVSS6AI score0.85333EPSS
Exploits6
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•49 views

Microsoft Windows Open Type Font Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system...

9.3CVSS4.4AI score0.64835EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•67 views

Microsoft Windows TS WebProxy Directory Traversal Vulnerability

Directory traversal vulnerability in the TS WebProxy TSWbPrxy component in Microsoft Windows allows remote attackers to escalate privileges...

9.3CVSS6.4AI score0.7594EPSS
Exploits5
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•53 views

Microsoft Windows Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts...

9.3CVSS7.3AI score0.50703EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•48 views

Oracle Fusion Middleware Unspecified Vulnerability

Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Designer...

9.8CVSS6.2AI score0.11636EPSS
Exploits4
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•64 views

Microsoft Silverlight Runtime Remote Code Execution Vulnerability

Microsoft Silverlight mishandles negative offsets during decoding, which allows attackers to execute remote code or cause a denial-of-service DoS...

9.3CVSS8.8AI score0.69709EPSS
Exploits1
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•56 views

Microsoft Internet Explorer ASLR Bypass Vulnerability

Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization ASLR protection mechanism via a crafted web site...

6.5CVSS6.2AI score0.33581EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•29 views

Microsoft Win32k Privilege Escalation Vulnerability

Win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges or cause denial-of-service DoS...

8.8CVSS6.4AI score0.14958EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•50 views

Microsoft Windows Mount Manager Privilege Escalation Vulnerability

A privilege escalation vulnerability exists when the Windows Mount Manager component improperly processes symbolic links...

7.2CVSS6.6AI score0.04339EPSS
Exploits1
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•25 views

Microsoft Windows Kernel Privilege Escalation Vulnerability

The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application...

7.8CVSS6.1AI score0.05169EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•15 views

Adobe Flash Player Dereferenced Pointer Vulnerability

Adobe Flash Player has a vulnerability in the way it handles a dereferenced memory pointer which could lead to code execution...

10CVSS6.5AI score0.20008EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•26 views

Red Hat JBoss Information Disclosure Vulnerability

Unauthenticated access to the JBoss Application Server Web Console /web-console is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information...

7.5CVSS0.8AI score0.62308EPSS
Exploits4
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•20 views

Adobe Flash Player and AIR Integer Overflow Vulnerability

Integer overflow vulnerability in Adobe Flash Player and AIR allows attackers to execute code...

9.3CVSS6.2AI score0.19785EPSS
Exploits1
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•23 views

Microsoft Internet Explorer Privilege Escalation Vulnerability

Microsoft Internet Explorer cotains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site...

8.8CVSS7.3AI score0.26349EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•63 views

Microsoft Silverlight Double Dereference Vulnerability

Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers to execute code via a crafted Silverlight application...

9.3CVSS6AI score0.81868EPSS
Exploits8
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•31 views

Microsoft Internet Explorer Information Disclosure Vulnerability

An information disclosure vulnerability exists in Internet Explorer which allows resources loaded into memory to be queried. This vulnerability could allow an attacker to detect anti-malware applications...

6.5CVSS2.6AI score0.58023EPSS
Exploits3
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•25 views

Oracle JRE Sandbox Bypass Vulnerability

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle allows remote attackers to bypass the Java security sandbox...

5.3CVSS6AI score0.89987EPSS
Exploits8
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•66 views

Red Hat JBoss Authentication Bypass Vulnerability

The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method...

5.3CVSS4.8AI score0.79415EPSS
Exploits28
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•19 views

Adobe Flash Player ASLR Bypass Vulnerability

Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization ASLR protection mechanism...

10CVSS6.3AI score0.15217EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•34 views

Microsoft Internet Explorer Memory Corruption Vulnerability

Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service DoS...

9.3CVSS7AI score0.44851EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•75 views

Microsoft Windows Remote Code Execution Vulnerability

A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts...

9.3CVSS7.3AI score0.54628EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•17 views

IBM InfoSphere BigInsights Invalid Input Vulnerability

Certain APIs within BigInsights can take invalid input that might allow attackers unauthorized access to read, write, modify, or delete data...

6.5CVSS5.1AI score0.05236EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•26 views

Microsoft Silverlight Information Disclosure Vulnerability

Microsoft Silverlight does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application...

5.5CVSS4.5AI score0.6961EPSS
Exploits5
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•41 views

Microsoft IME Japanese Privilege Escalation Vulnerability

Microsoft Input Method Editor IME Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default with the default set as disabled. IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE IME for Japanese is installed which allows...

9.3CVSS8.3AI score0.47679EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•23 views

Adobe Flash Player Integer Overflow Vulnerability

Integer overflow in Adobe Flash Player allows attackers to execute code...

9.3CVSS9.3AI score0.67922EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•39 views

Microsoft Internet Explorer Privilege Escalation Vulnerability

Microsoft Internet Explorer contains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site...

8.8CVSS6.5AI score0.40289EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•21 views

Adobe Reader and Acrobat Sandbox Bypass Vulnerability

Adobe Reader and Acrobat on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context...

10CVSS9.2AI score0.2233EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•29 views

Oracle JRE Unspecified Vulnerability

Unspecified vulnerability in the Java Runtime Environment JRE in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors...

9.8CVSS6.3AI score0.96319EPSS
Exploits5
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•42 views

Oracle Solaris Privilege Escalation Vulnerability

Oracle Solaris component: XScreenSaver contains an unspecified vulnerability that allows for privilege escalation...

8.8CVSS8.3AI score0.13399EPSS
Exploits8
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•51 views

Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system...

9.3CVSS3.8AI score0.68684EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•18 views

Adobe Flash Player and AIR Use-After-Free Vulnerability

Use-after-free vulnerability in Adobe Flash Player and Adobe AIR allows attackers to execute code...

9.3CVSS5.6AI score0.55375EPSS
Exploits2
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/25 12:0 a.m.•22 views

Mozilla Firefox Security Feature Bypass Vulnerability

Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges...

8.8CVSS7.3AI score0.70226EPSS
Exploits8
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/24 12:0 a.m.•42 views

QNAP NAS File Station Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code...

6.1CVSS4.8AI score0.23894EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
•added 2022/05/24 12:0 a.m.•38 views

Microsoft Internet Explorer Memory Corruption Vulnerability

Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial-of-service DoS via a crafted website...

8.8CVSS7.7AI score0.29189EPSS
Exploits0
Total number of security vulnerabilities1652