Known Exploited Vulnerabilities

Focus on What Matters

There are 297,582 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2021-40407	An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2],...	n/a	n/a	2024-12-18 00:00:00 UTC	CISA
CVE-2018-14933	upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir...	NUUO	NVRmini	2024-12-18 00:00:00 UTC	CISA
CVE-2022-23227	NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users...	n/a	n/a	2024-12-18 00:00:00 UTC	CISA
CVE-2019-11001	On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality...	Reolink	RLC-410W, C1 Pro, C2 Pro, RLC-422W, RLC-511W	2024-12-18 00:00:00 UTC	CISA
CVE-2024-55956	In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary...	n/a	n/a	2024-12-17 00:00:00 UTC	CISA
CVE-2024-20767	ColdFusion \| Improper Access Control (CWE-284)	Adobe	ColdFusion	2024-12-16 00:00:00 UTC	CISA
CVE-2024-35250	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-12-16 00:00:00 UTC	CISA
CVE-2024-50623	In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that...	n/a	n/a	2024-12-13 00:00:00 UTC	CISA
CVE-2024-49138	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-12-10 00:00:00 UTC	CISA
CVE-2024-51378	getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and...	n/a	n/a	2024-12-04 00:00:00 UTC	CISA
CVE-2024-11667	A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series...	Zyxel	ATP series firmware, USG FLEX series firmware, USG FLEX 50(W) series firmware, USG20(W)-VPN series firmware	2024-12-03 00:00:00 UTC	CISA
CVE-2023-45727	Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and...	North Grid Corporation	Proself Enterprise/Standard Edition, Proself Gateway Edition, Proself Mail Sanitize Edition	2024-12-03 00:00:00 UTC	CISA
CVE-2024-11680	ProjectSend Unauthenticated Configuration Modification	ProjectSend	ProjectSend	2024-12-03 00:00:00 UTC	CISA
CVE-2023-28461	Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN...	n/a	n/a	2024-11-25 00:00:00 UTC	CISA
CVE-2024-44308	The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1...	Apple	Safari, macOS, iOS and iPadOS, visionOS	2024-11-21 00:00:00 UTC	CISA
CVE-2024-44309	A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS...	Apple	Safari, macOS, iOS and iPadOS, visionOS	2024-11-21 00:00:00 UTC	CISA
CVE-2024-21287	Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The...	Oracle Corporation	Oracle Agile PLM Framework	2024-11-21 00:00:00 UTC	CISA
CVE-2024-38813	Privilege escalation vulnerability	n/a	VMware vCenter Server, VMware Cloud Foundation	2024-11-20 00:00:00 UTC	CISA
CVE-2024-38812	Heap-overflow vulnerability	n/a	VMware vCenter Server, VMware Cloud Foundation	2024-11-20 00:00:00 UTC	CISA
CVE-2024-9474	PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	2024-11-18 00:00:00 UTC	CISA
CVE-2024-0012	PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	2024-11-18 00:00:00 UTC	CISA
CVE-2024-1212	LoadMaster Pre-Authenticated OS Command Injection	Progress Software	LoadMaster	2024-11-18 00:00:00 UTC	CISA
CVE-2024-9463	Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure	Palo Alto Networks	Expedition	2024-11-14 00:00:00 UTC	CISA
CVE-2024-9465	Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure	Palo Alto Networks	Expedition	2024-11-14 00:00:00 UTC	CISA
CVE-2024-4741	Use After Free with SSL_free_buffers	OpenSSL	OpenSSL	2024-11-13 10:20:50 UTC	CVE

Displaying vulnerabilities 401 - 425 of 1851 in total