KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,016 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,499

Total Known exploited

351

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2009-0556	8.8 High	Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute... Remote Low complexity	Microsoft	Office PowerPoint	about 17 years ago
CVE-2009-1054	9.3 Critical	Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 2008, Lite2, and Ichitaro viewer 5.1.5.0 and earlier allows remote attackers to... Remote	JustSystems	Ichitaro	about 17 years ago
CVE-2009-0238	8.8 High	Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word,... Remote Low complexity	Microsoft	Office Excel	over 17 years ago
CVE-2009-0658	7.8 High	Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF... Low complexity	Adobe	Reader	over 17 years ago
CVE-2009-0259	9.3 Critical	The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute... Remote	OpenOffice.org	OpenOffice	over 17 years ago
CVE-2008-4844	9.3 Critical	Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1,... Remote	Microsoft	Internet Explorer	over 17 years ago
CVE-2008-4841	9.3 Critical	The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute... Remote	Microsoft	Windows	over 17 years ago
CVE-2008-5227	10.0 Critical	Unspecified vulnerability in PHPCow allows remote attackers to execute arbitrary code via unknown vectors, related to a "file inclusion... Remote Low complexity	PHPCow	PHPCow	over 17 years ago
CVE-2008-4250	9.8 Critical	The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows... Remote Low complexity No user interaction	Microsoft	Windows	over 17 years ago
CVE-2008-3919	9.3 Critical	Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document,... Remote	JustSystems	Ichitaro	over 17 years ago
CVE-2008-3873	4.3 Medium	The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to populate the clipboard with a... Remote	Adobe	Flash Player	almost 18 years ago
CVE-2008-3704	9.3 Critical	Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft... Remote	Microsoft	Visual Studio	almost 18 years ago
CVE-2008-3648	9.3 Critical	nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary code, as demonstrated by an attempted DNS zone... Remote	Microsoft	Windows XP SP2	almost 18 years ago
CVE-2008-2244	9.3 Critical	Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the... Remote	Microsoft	Office Word 2002 SP3	almost 18 years ago
CVE-2008-1841	6.8 Medium	SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Coppermine Photo Gallery (CPG) 1.4.17 and earlier... Remote	Coppermine	Photo Gallery	about 18 years ago
CVE-2008-1092	9.3 Critical	Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted... Remote	Microsoft	Jet Database Engine	about 18 years ago
CVE-2008-0647	10.0 Critical	Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld... Remote Low complexity	Ourgame	GLWorld	over 18 years ago
CVE-2007-6436	9.3 Critical	Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-assisted remote attackers to execute arbitrary... Remote	JustSystems	Ichitaro	over 18 years ago
CVE-2007-5807	6.8 Medium	Buffer overflow in the register function in Ultra Star Reader ActiveX control in SSReader allows remote attackers to execute arbitrary code via... Remote	SSReader	Ultra Star Reader ActiveX control	over 18 years ago
CVE-2007-5722	7.5 High	Stack-based buffer overflow in a certain ActiveX control in GLChat.ocx 2.5.1.32 in GlobalLink 2.7.0.8, as used in Ourgame GLWorld and possibly... Remote Low complexity	Ourgame	GLWorld	over 18 years ago
CVE-2007-4429	5.0 Medium	Unspecified vulnerability in Skype allows remote attackers to cause a denial of service (server hang) via unknown vectors related to sending long... Remote Low complexity	Skype	Skype	almost 19 years ago
CVE-2007-4428	6.8 Medium	Lhaz 1.33 allows remote attackers to execute arbitrary code via unknown vectors, as actively exploited in August 2007 by the Exploit-LHAZ.a gzip... Remote	Lhaz	Lhaz 1.33	almost 19 years ago
CVE-2007-4246	6.8 Medium	Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code... Remote	Justsystem	Ichitaro	almost 19 years ago
CVE-2006-4326	7.5 High	Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and... Remote Low complexity	Justsystem	Ichitaro	almost 20 years ago

Displaying vulnerabilities 2476 - 2499 of 2499 in total