CVE Tracker
Track known exploited vulnerabilities, CISA KEV alerts, and linked threat intelligence.
1,540
Total CVEs
1,540
CISA KEV
1540
Critical & High
Mar 11, 2026
Last KEV Update
| CVE ID | Severity | Vendor | Description | Published | KEV |
|---|---|---|---|---|---|
| CVE-2013-0625 | High | AdobeColdFusion | Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access. | Mar 7, 2022 | KEV |
| CVE-2009-3960 | High | AdobeBlazeDS | Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure. | Mar 7, 2022 | KEV |
| CVE-2022-20708 | High | CiscoSmall Business RV160, RV260, RV340, and RV345 Series Routers | A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS). | Mar 3, 2022 | KEV |
| CVE-2022-20701 | High | CiscoSmall Business RV160, RV260, RV340, and RV345 Series Routers | A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS). | Mar 3, 2022 | KEV |
| CVE-2022-20700 | High | CiscoSmall Business RV160, RV260, RV340, and RV345 Series Routers | A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS). | Mar 3, 2022 | KEV |
| CVE-2022-20699 | High | CiscoSmall Business RV160, RV260, RV340, and RV345 Series Routers | A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS). | Mar 3, 2022 | KEV |
| CVE-2021-41379 | High | MicrosoftWindows | Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation. | Mar 3, 2022 | KEV |
| CVE-2020-1938 | High | ApacheTomcat | Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited. | Mar 3, 2022 | KEV |
| CVE-2020-11899 | High | Treck TCP/IP stackIPv6 | The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability. | Mar 3, 2022 | KEV |
| CVE-2019-1652 | High | CiscoSmall Business RV320 and RV325 Dual Gigabit WAN VPN Routers | A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. | Mar 3, 2022 | KEV |
| CVE-2022-20703 | High | CiscoSmall Business RV160, RV260, RV340, and RV345 Series Routers | A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS). | Mar 3, 2022 | KEV |
| CVE-2019-16928 | High | EximExim Internet Mailer | Exim contains an out-of-bounds write vulnerability which can allow for remote code execution. | Mar 3, 2022 | KEV |
| CVE-2019-1297 | High | MicrosoftExcel | A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory. | Mar 3, 2022 | KEV |
| CVE-2018-8298 | High | ChakraCoreChakraCore scripting engine | The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution. | Mar 3, 2022 | KEV |
| CVE-2018-0172 | High | CiscoIOS and IOS XE Software | A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS). | Mar 3, 2022 | KEV |
| CVE-2017-12237 | High | CiscoIOS and IOS XE Software | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service. | Mar 3, 2022 | KEV |
| CVE-2017-12235 | High | CiscoIOS software | A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service. | Mar 3, 2022 | KEV |
| CVE-2017-12233 | High | CiscoIOS software | There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service. | Mar 3, 2022 | KEV |
| CVE-2017-12231 | High | CiscoIOS software | A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service. | Mar 3, 2022 | KEV |
| CVE-2017-11292 | High | AdobeFlash Player | Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution. | Mar 3, 2022 | KEV |