Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2023-38606	This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and...	Apple	tvOS, iOS and iPadOS, macOS, watchOS	2023-07-26 00:00:00 UTC	CISA
CVE-2023-35078	An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application...	Ivanti	Endpoint Manager Mobile	2023-07-25 00:00:00 UTC	CISA
CVE-2023-38205	ColdFusion Bypass - Vulnerability disclosure in ColdFusion \| BYPASS CVE-2023-29298	Adobe	ColdFusion	2023-07-20 00:00:00 UTC	CISA
CVE-2023-29298	Adobe ColdFusion Improper Access Control Security feature bypass	Adobe	ColdFusion	2023-07-20 00:00:00 UTC	CISA
CVE-2023-3519	Unauthenticated remote code execution	Citrix	NetScaler ADC, NetScaler Gateway	2023-07-19 00:00:00 UTC	CISA
CVE-2023-36884	Windows Search Remote Code Execution Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2023-07-17 00:00:00 UTC	CISA
CVE-2022-29303	SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.	n/a	n/a	2023-07-13 00:00:00 UTC	CISA
CVE-2023-37450	The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5,...	Apple	Safari, tvOS, iOS and iPadOS, macOS, watchOS	2023-07-13 00:00:00 UTC	CISA
CVE-2022-31199	Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor...	n/a	n/a	2023-07-11 00:00:00 UTC	CISA
CVE-2023-36874	Windows Error Reporting Service Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2023-07-11 00:00:00 UTC	CISA
CVE-2023-35311	Microsoft Outlook Security Feature Bypass Vulnerability	Microsoft	Microsoft 365 Apps for Enterprise, Microsoft Office LTSC 2021, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft Outlook 2013, Microsoft Outlook 2013 Service Pack 1	2023-07-11 00:00:00 UTC	CISA
CVE-2023-32049	Windows SmartScreen Security Feature Bypass Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	2023-07-11 00:00:00 UTC	CISA
CVE-2023-32046	Windows MSHTML Platform Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2023-07-11 00:00:00 UTC	CISA
CVE-2021-29256	. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege...	n/a	n/a	2023-07-07 00:00:00 UTC	CISA
CVE-2019-20500	D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the...	n/a	n/a	2023-06-29 00:00:00 UTC	CISA
CVE-2019-17621	The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute...	n/a	n/a	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25395	A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is...	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25394	A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio...	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25372	An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25489	Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string...	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25371	A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25487	Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in...	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2023-32439	A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS...	Apple	iOS and iPadOS, Safari, macOS	2023-06-23 00:00:00 UTC	CISA
CVE-2023-32435	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS...	Apple	macOS, iOS and iPadOS, Safari	2023-06-23 00:00:00 UTC	CISA
CVE-2023-20867	VMware Tools Authentication Bypass Vulnerability	VMware	VMware Tools	2023-06-23 00:00:00 UTC	CISA

Displaying vulnerabilities 426 - 450 of 1402 in total