Vulnérabilités activement exploitées (KEV CISA)
12 entrées
| CVE | Sévérité | KEV | Publié | Description |
|---|---|---|---|---|
| CVE-2025-55177 | MEDIUM 5.4 | KEV | Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsAp… | |
| CVE-2024-39891 | MEDIUM 5.3 | KEV | In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-numb… | |
| CVE-2023-36761 | MEDIUM 6.5 | KEV | Microsoft Word Information Disclosure Vulnerability | |
| CVE-2022-2856 | MEDIUM 6.5 | KEV | Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a … | |
| CVE-2021-38000 | MEDIUM 6.1 | KEV | Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a m… | |
| CVE-2021-37976 | MEDIUM 6.5 | KEV | Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from proces… | |
| CVE-2021-30533 | MEDIUM 6.5 | KEV | Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafte… | |
| CVE-2020-0878 | MEDIUM 4.2 | KEV | <p>A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way th… | |
| CVE-2019-5825 | MEDIUM 6.5 | KEV | Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pa… | |
| CVE-2019-5786 | MEDIUM 6.5 | KEV | Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a craft… | |
| CVE-2016-3351 | MEDIUM 6.5 | KEV | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Brows… | |
| CVE-2013-1675 | MEDIUM 6.5 | KEV | Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data … |