Known Exploited Vulnerabilities

Focus on What Matters

There are 297,599 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2024-4741	Use After Free with SSL_free_buffers	OpenSSL	OpenSSL	2024-11-13 10:20:50 UTC	CVE
CVE-2021-26086	Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in...	Atlassian	Jira Server, Jira Data Center	2024-11-12 00:00:00 UTC	CISA
CVE-2024-49039	Windows Task Scheduler Elevation of Privilege Vulnerability	Microsoft	Windows Server 2025, Windows Server 2025 (Server Core installation), Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	2024-11-12 00:00:00 UTC	CISA
CVE-2021-41277	GeoJSON URL validation can expose server files and environment variables to unauthorized users	metabase	metabase	2024-11-12 00:00:00 UTC	CISA
CVE-2014-2120	Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to...	Cisco	Cisco Adaptive Security Appliance (ASA)	2024-11-12 00:00:00 UTC	CISA
CVE-2024-43451	NTLM Hash Disclosure Spoofing Vulnerability	Microsoft	Windows Server 2025, Windows Server 2025 (Server Core installation), Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-11-12 00:00:00 UTC	CISA
CVE-2024-5910	Expedition: Missing Authentication Leads to Admin Account Takeover	Palo Alto Networks	Expedition	2024-11-07 00:00:00 UTC	CISA
CVE-2024-43093	In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive...	Google	Android	2024-11-07 00:00:00 UTC	CISA
CVE-2024-51567	upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and...	n/a	n/a	2024-11-07 00:00:00 UTC	CISA
CVE-2019-16278	Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted...	nostromo	nhttpd	2024-11-07 00:00:00 UTC	CISA
CVE-2024-8957	PTZOptics NDI and SDI Cameras Command Injection via NTP Address Configuration	PTZOptics	PT30X-SDI, PT30X-NDI	2024-11-04 00:00:00 UTC	CISA
CVE-2024-8956	PTZOptics NDI and SDI Cameras /cgi-bin/param.cgi Insufficient Authentication	PTZOptics	PT30X-SDI, PT30X-NDI	2024-11-04 00:00:00 UTC	CISA
CVE-2024-37383	Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.	n/a	n/a	2024-10-24 00:00:00 UTC	CISA
CVE-2024-20481	A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...	Cisco	Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense Software	2024-10-24 00:00:00 UTC	CISA
CVE-2024-47575	A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7,...	Fortinet	FortiManager	2024-10-23 00:00:00 UTC	CISA
CVE-2024-38094	Microsoft SharePoint Remote Code Execution Vulnerability	Microsoft	Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition	2024-10-22 00:00:00 UTC	CISA
CVE-2024-9537	ScienceLogic SL1 unspecified vulnerability	ScienceLogic	SL1	2024-10-21 00:00:00 UTC	CISA
CVE-2024-40711	A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).	Veeam	Backup and Recovery	2024-10-17 00:00:00 UTC	CISA
CVE-2021-4444	Product Filter by WooBeWoo <= 1.4.9 - Missing Authorization	woobewoo	Product Filter by WBW	2024-10-16 06:43:26 UTC	CVE
CVE-2024-28987	SolarWinds Web Help Desk Hardcoded Credential Vulnerability	SolarWinds	Web Help Desk	2024-10-15 00:00:00 UTC	CISA
CVE-2024-30088	Windows Kernel Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	2024-10-15 00:00:00 UTC	CISA
CVE-2024-9680	An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of...	Mozilla	Firefox, Firefox ESR, Thunderbird	2024-10-15 00:00:00 UTC	CISA
CVE-2024-23113	A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,...	Fortinet	FortiSwitchManager, FortiOS, FortiPAM, FortiProxy	2024-10-09 00:00:00 UTC	CISA
CVE-2024-9379	SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run...	Ivanti	CSA (Cloud Services Appliance)	2024-10-09 00:00:00 UTC	CISA
CVE-2024-9380	An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin...	Ivanti	CSA (Cloud Services Appliance)	2024-10-09 00:00:00 UTC	CISA

Displaying vulnerabilities 426 - 450 of 1852 in total