Known Exploited Vulnerabilities

Focus on What Matters

There are 349,964 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2020-0674	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting...	Microsoft	Internet Explorer 10, Internet Explorer 11, Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems, Internet Explorer 11 on Windows Server 2012, Internet Explorer 9	2021-11-03 00:00:00 UTC	CISA
CVE-2017-11882	Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow...	Microsoft Corporation	Microsoft Office	2021-11-03 00:00:00 UTC	CISA
CVE-2019-0541	A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution...	Microsoft	Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office	2021-11-03 00:00:00 UTC	CISA
CVE-2021-27085	Internet Explorer Remote Code Execution Vulnerability	Microsoft	Internet Explorer 11	2021-11-03 00:00:00 UTC	CISA
CVE-2015-1641	Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word...	Microsoft	Word	2021-11-03 00:00:00 UTC	CISA
CVE-2012-0158	The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003...	Microsoft	Office	2021-11-03 00:00:00 UTC	CISA
CVE-2018-0802	Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution...	Microsoft Corporation	Equation Editor	2021-11-03 00:00:00 UTC	CISA
CVE-2018-0798	Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution...	Microsoft Corporation	Equation Editor	2021-11-03 00:00:00 UTC	CISA
CVE-2020-16846	An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in...	SaltStack	Salt	2021-11-03 00:00:00 UTC	CISA
CVE-2020-11651	An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly...	SaltStack	Salt	2021-11-03 00:00:00 UTC	CISA
CVE-2020-11652	An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some...	SaltStack	Salt	2021-11-03 00:00:00 UTC	CISA
CVE-2017-16651	Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem,...	Roundcube	Roundcube Webmail	2021-11-03 00:00:00 UTC	CISA
CVE-2021-35395	Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access...	Realtek	Jungle SDK	2021-11-03 00:00:00 UTC	CISA
CVE-2020-10221	lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in...	rConfig	rConfig	2021-11-03 00:00:00 UTC	CISA
CVE-2021-1905	Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute,...	Qualcomm, Inc.	Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables	2021-11-03 00:00:00 UTC	CISA
CVE-2021-1906	Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute,...	Qualcomm, Inc.	Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables	2021-11-03 00:00:00 UTC	CISA
CVE-2019-11539	In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2019-11510	In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22899	A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8260	A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code...	Pulse Secure	Pulse Connect Secure / Pulse Policy Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22894	A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22900	A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to...	Pulse Secure	Pulse Secure Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8243	A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to...	Pulse Secure	Pulse Connect Secre	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22893	Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and...	Pulse Secure	Pulse Connect Secure	2021-11-03 00:00:00 UTC	CISA
CVE-2019-18935	Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is...	Progress	Telerik UI for ASP.NET AJAX	2021-11-03 00:00:00 UTC	CISA

Displaying vulnerabilities 3376 - 3400 of 3822 in total