CVE Tracker
Track known exploited vulnerabilities, CISA KEV alerts, and linked threat intelligence.
1,542
Total CVEs
1,542
CISA KEV
1542
Critical & High
Mar 13, 2026
Last KEV Update
| CVE ID | Severity | Vendor | Description | Published | KEV |
|---|---|---|---|---|---|
| CVE-2017-12231 | High | CiscoIOS software | A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service. | Mar 3, 2022 | KEV |
| CVE-2017-11292 | High | AdobeFlash Player | Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution. | Mar 3, 2022 | KEV |
| CVE-2015-2424 | High | MicrosoftPowerPoint | Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document. | Mar 3, 2022 | KEV |
| CVE-2014-4114 | High | MicrosoftWindows | A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object. | Mar 3, 2022 | KEV |
| CVE-2013-5065 | High | MicrosoftWindows | Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges. | Mar 3, 2022 | KEV |
| CVE-2013-3346 | High | AdobeReader and Acrobat | Adobe Reader and Acrobat contain a memory corruption vulnerability which can allow attackers to execute arbitrary code or cause a denial of service. | Mar 3, 2022 | KEV |
| CVE-2013-1675 | High | MozillaFirefox | Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site. | Mar 3, 2022 | KEV |
| CVE-2018-8581 | High | MicrosoftExchange Server | A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server. | Mar 3, 2022 | KEV |
| CVE-2018-0180 | High | CiscoIOS Software | A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. | Mar 3, 2022 | KEV |
| CVE-2018-0179 | High | CiscoIOS Software | A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. | Mar 3, 2022 | KEV |
| CVE-2018-0175 | High | CiscoIOS, XR, and XE Software | Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. | Mar 3, 2022 | KEV |
| CVE-2018-0174 | High | CiscoIOS XE Software | A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS). | Mar 3, 2022 | KEV |
| CVE-2018-0173 | High | CiscoIOS and IOS XE Software | A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS). | Mar 3, 2022 | KEV |
| CVE-2018-0167 | High | CiscoIOS, XR, and XE Software | There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code. | Mar 3, 2022 | KEV |
| CVE-2018-0161 | High | CiscoIOS Software | A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition. | Mar 3, 2022 | KEV |
| CVE-2018-0159 | High | CiscoIOS Software and Cisco IOS XE Software | A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition. | Mar 3, 2022 | KEV |
| CVE-2018-0158 | High | CiscoIOS Software and Cisco IOS XE Software | A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition. | Mar 3, 2022 | KEV |
| CVE-2018-0156 | High | CiscoIOS Software and Cisco IOS XE Software | A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service (DoS) condition. | Mar 3, 2022 | KEV |
| CVE-2018-0155 | High | CiscoCatalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches | A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition. | Mar 3, 2022 | KEV |
| CVE-2018-0154 | High | CiscoIOS Software | A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition. | Mar 3, 2022 | KEV |