CISA Catalog
Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.
KEV Entries
1,619
Ransomware Use
327
Overdue
1,615
Vendors
266
Products
655
377 results · Page 4/16
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Microsoft · Windows
Microsoft Windows MSHTML Platform contains a user interface (UI) misrepresentation of critical information vulnerability that allows an attacker to spoof a web page. This vulnerability was exploited in conjunction with CVE-2024-38112.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability
Microsoft · Windows
Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Installer Improper Privilege Management Vulnerability
Microsoft · Windows
Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Publisher Protection Mechanism Failure Vulnerability
Microsoft · Publisher
Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft · Exchange Server
Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability
Microsoft · Windows
Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to obtain SYSTEM privileges.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft · Windows
Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Successful exploitation of this vulnerability requires an attacker to win a race condition.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Microsoft · Windows
Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft · Windows
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience via a malicious file.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Microsoft · Windows
Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Project Remote Code Execution Vulnerability
Microsoft · Project
Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability
Microsoft · Windows
Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution via a specially crafted file or script.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft · Internet Explorer
Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Microsoft Windows Hyper-V Privilege Escalation Vulnerability
Microsoft · Windows
Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Microsoft · Windows
Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability
Microsoft · Windows
Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
Required Action
Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability
Microsoft · Windows
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft DWM Core Library Privilege Escalation Vulnerability
Microsoft · DWM Core Library
Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privileges.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability
Microsoft · SmartScreen Prompt
Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Microsoft · Windows
Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft SharePoint Server Code Injection Vulnerability
Microsoft · SharePoint Server
Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Microsoft · Windows
Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability
Microsoft · Streaming Service
Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Exchange Server Privilege Escalation Vulnerability
Microsoft · Exchange Server
Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability
Microsoft · Windows
Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
