Known Exploited Vulnerabilities

Focus on What Matters

There are 349,964 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2021-1905	Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute,...	Qualcomm, Inc.	Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables	2021-11-03 00:00:00 UTC	CISA
CVE-2021-1906	Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute,...	Qualcomm, Inc.	Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables	2021-11-03 00:00:00 UTC	CISA
CVE-2019-11539	In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2019-11510	In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22899	A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8260	A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code...	Pulse Secure	Pulse Connect Secure / Pulse Policy Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22894	A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22900	A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to...	Pulse Secure	Pulse Secure Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8243	A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to...	Pulse Secure	Pulse Connect Secre	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22893	Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2019-18935	Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is...	Progress	Telerik UI for ASP.NET AJAX	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8644	PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.	PlaySMS	PlaySMS	2021-11-03 00:00:00 UTC	CISA
CVE-2020-14883	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are...	Oracle Corporation	WebLogic Server	2021-11-03 00:00:00 UTC	CISA
CVE-2020-14882	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are...	Oracle Corporation	WebLogic Server	2021-11-03 00:00:00 UTC	CISA
CVE-2020-14750	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are...	Oracle Corporation	WebLogic Server	2021-11-03 00:00:00 UTC	CISA
CVE-2015-4852	The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary...	Oracle	WebLogic Server	2021-11-03 00:00:00 UTC	CISA
CVE-2020-14871	Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected...	Oracle Corporation	Solaris Operating System	2021-11-03 00:00:00 UTC	CISA
CVE-2012-3152	Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote...	Oracle	Fusion Middleware	2021-11-03 00:00:00 UTC	CISA
CVE-2020-2555	Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are...	Oracle Corporation	WebCenter Portal, Utilities Framework	2021-11-03 00:00:00 UTC	CISA
CVE-2019-19356	Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been...	Netis	WF2419	2021-11-03 00:00:00 UTC	CISA
CVE-2020-26919	NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level.	NETGEAR	JGS516PE	2021-11-03 00:00:00 UTC	CISA
CVE-2019-15949	Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the...	Nagios	XI	2021-11-03 00:00:00 UTC	CISA
CVE-2019-17026	Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks...	Mozilla	Firefox ESR, Thunderbird, Firefox	2021-11-03 00:00:00 UTC	CISA
CVE-2020-6820	Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild...	Mozilla	Thunderbird, Firefox, Firefox ESR	2021-11-03 00:00:00 UTC	CISA
CVE-2020-6819	Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in...	Mozilla	Thunderbird, Firefox, Firefox ESR	2021-11-03 00:00:00 UTC	CISA

Displaying vulnerabilities 3326 - 3350 of 3822 in total