Known Exploited Vulnerabilities

Focus on What Matters

There are 349,964 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2018-13379	An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to...	Fortinet	Fortinet FortiOS, FortiProxy	2021-11-03 00:00:00 UTC	CISA
CVE-2020-12812	An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in...	Fortinet	Fortinet FortiOS	2021-11-03 00:00:00 UTC	CISA
CVE-2019-5591	A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by...	Fortinet	Fortinet FortiOS	2021-11-03 00:00:00 UTC	CISA
CVE-2021-35464	ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does...	ForgeRock	AM server	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22986	On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd...	F5	BIG-IP; BIG-IQ	2021-11-03 00:00:00 UTC	CISA
CVE-2020-5902	In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface...	F5	BIG-IP	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8655	An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user...	EyesOfNetwork	EyesOfNetwork	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8657	An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API...	EyesOfNetwork	EyesOfNetwork	2021-11-03 00:00:00 UTC	CISA
CVE-2018-6789	An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may...	Exim	Exim	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22205	An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were...	GitLab	GitLab	2021-11-03 00:00:00 UTC	CISA
CVE-2018-7600	Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an...	Drupal	Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8515	DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as...	DrayTek	Vigor2960, Vigor3900, Vigor300B	2021-11-03 00:00:00 UTC	CISA
CVE-2019-15752	Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file...	Docker	Docker Desktop Community Edition	2021-11-03 00:00:00 UTC	CISA
CVE-2017-9822	DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."	DotNetNuke	DotNetNuke CMS Fixed in 9.1.1	2021-11-03 00:00:00 UTC	CISA
CVE-2018-18325	DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an...	DNN Software	DNN Platform	2021-11-03 00:00:00 UTC	CISA
CVE-2018-15811	DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.	DNN	DotNetNuke	2021-11-03 00:00:00 UTC	CISA
CVE-2020-25506	D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code...	D-Link	DNS-320	2021-11-03 00:00:00 UTC	CISA
CVE-2020-29557	An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer overflow in the web interface allows attackers to...	D-Link	DIR-825 R1	2021-11-03 00:00:00 UTC	CISA
CVE-2019-11634	Citrix Workspace App before 1904 for Windows has Incorrect Access Control.	Citrix	Workspace App	2021-11-03 00:00:00 UTC	CISA
CVE-2019-19781	An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.	Citrix	Application Delivery Controller and Gateway	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8196	Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix...	Citrix	Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8195	Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix...	Citrix	Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8193	Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix...	Citrix	Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP	2021-11-03 00:00:00 UTC	CISA
CVE-2019-13608	Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.	Citrix	StoreFront Server	2021-11-03 00:00:00 UTC	CISA
CVE-2018-0296	A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an...	Cisco	Cisco Adaptive Security Appliance unknown	2021-11-03 00:00:00 UTC	CISA

Displaying vulnerabilities 3176 - 3200 of 3822 in total