Known Exploited Vulnerabilities

Focus on What Matters

There are 349,612 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2021-21972	The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port...	VMware	VMware vCenter Server, VMware Cloud Foundation	2021-11-03 00:00:00 UTC	CISA
CVE-2020-3952	Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does...	VMware	VMware vCenter Server	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22005	The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on...	VMware	VMware vCenter Server, VMware Cloud Foundation	2021-11-03 00:00:00 UTC	CISA
CVE-2020-3950	VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before...	VMware	VMware Fusion, VMware Remote Console for Mac and Horizon Client for Mac	2021-11-03 00:00:00 UTC	CISA
CVE-2020-3992	OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a...	VMware	VMware ESXi	2021-11-03 00:00:00 UTC	CISA
CVE-2019-5544	OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the...	VMware	ESXi and Horizon DaaS	2021-11-03 00:00:00 UTC	CISA
CVE-2020-17496	vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel...	vBulletin	vBulletin	2021-11-03 00:00:00 UTC	CISA
CVE-2019-16759	vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.	vBulletin	vBulletin	2021-11-03 00:00:00 UTC	CISA
CVE-2020-5847	Unraid through 6.8.0 allows Remote Code Execution.	Lime Technology	Unraid	2021-11-03 00:00:00 UTC	CISA
CVE-2020-5849	Unraid 6.8.0 allows authentication bypass.	Limetech	Unraid	2021-11-03 00:00:00 UTC	CISA
CVE-2019-20085	TVT NVMS-1000 devices allow GET /.. Directory Traversal	TVT	NVMS-1000	2021-11-03 00:00:00 UTC	CISA
CVE-2021-36741	An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1...	Trend Micro	Trend Micro Apex One, Trend Micro OfficeScan, Trend Micro Worry-Free Business Security	2021-11-03 00:00:00 UTC	CISA
CVE-2021-36742	A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1...	Trend Micro	Trend Micro Apex One, Trend Micro OfficeScan, Trend Micro Worry-Free Business Security	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8599	Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an...	Trend Micro	Trend Micro OfficeScan, Trend Micro Apex One	2021-11-03 00:00:00 UTC	CISA
CVE-2020-24557	A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a...	Trend Micro	Trend Micro Apex One, Trend Micro Worry-Free Business Security	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8468	Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape...	Trend Micro	Trend Micro OfficeScan, Trend Micro Apex One, Trend Micro Worry-Free Business Security (WFBS)	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8467	A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute...	Trend Micro	Trend Micro OfficeScan, Trend Micro Apex One	2021-11-03 00:00:00 UTC	CISA
CVE-2019-18187	Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files...	Trend Micro	Trend Micro OfficeScan	2021-11-03 00:00:00 UTC	CISA
CVE-2019-9082	ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via...	ThinkPHP	ThinkPHP	2021-11-03 00:00:00 UTC	CISA
CVE-2018-20062	An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of...	NoneCms	NoneCms	2021-11-03 00:00:00 UTC	CISA
CVE-2018-14558	An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through...	Tenda	AC7, AC9, AC10	2021-11-03 00:00:00 UTC	CISA
CVE-2020-10987	The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the...	Tenda	AC15 AC1900	2021-11-03 00:00:00 UTC	CISA
CVE-2021-31755	An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows...	Tenda	AC11	2021-11-03 00:00:00 UTC	CISA
CVE-2017-9248	Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect...	Progress	Telerik UI for ASP.NET AJAX	2021-11-03 00:00:00 UTC	CISA
CVE-2019-18988	TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers'...	TeamViewer	TeamViewer Desktop	2021-11-03 00:00:00 UTC	CISA

Displaying vulnerabilities 3626 - 3650 of 3822 in total