Known Exploited Vulnerabilities

Focus on What Matters

There are 297,599 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2024-43573	Windows MSHTML Platform Spoofing Vulnerability	Microsoft	Windows 10 Version 22H2, Windows 11 version 21H2, Windows 11 version 22H2, Windows 11 version 22H3, Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 21H2, Windows 11 Version 23H2, Windows Server 2019, Windows 10 Version 1809, Windows Server 2019 (Server Core installation), Windows 11 Version 24H2, Windows 10 Version 1507, Windows Server 2016, Windows 10 Version 1607, Windows Server 2012 R2 (Server Core installation), Windows Server 2016 (Server Core installation), Windows Server 2012 R2	2024-10-08 00:00:00 UTC	CISA
CVE-2024-43047	Use After Free in DSP Service	Qualcomm, Inc.	Snapdragon	2024-10-08 00:00:00 UTC	CISA
CVE-2024-43572	Microsoft Management Console Remote Code Execution Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-10-08 00:00:00 UTC	CISA
CVE-2024-45519	The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1...	n/a	n/a	2024-10-03 00:00:00 UTC	CISA
CVE-2024-29824	An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same...	Ivanti	EPM	2024-10-02 00:00:00 UTC	CISA
CVE-2023-25280	OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the...	n/a	n/a	2024-09-30 00:00:00 UTC	CISA
CVE-2020-15415	On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via...	DrayTek	Vigor	2024-09-30 00:00:00 UTC	CISA
CVE-2019-0344	Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to...	SAP SE	SAP Commerce Cloud (virtualjdbc extension)	2024-09-30 00:00:00 UTC	CISA
CVE-2024-7593	Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker...	Ivanti	vTM	2024-09-24 00:00:00 UTC	CISA
CVE-2024-8963	Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.	Ivanti	CSA (Cloud Services Appliance)	2024-09-19 00:00:00 UTC	CISA
CVE-2020-14644	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are...	Oracle Corporation	WebLogic Server	2024-09-18 00:00:00 UTC	CISA
CVE-2022-21445	Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF Faces). Supported versions...	Oracle Corporation	Application Development Framework (ADF)	2024-09-18 00:00:00 UTC	CISA
CVE-2024-27348	Apache HugeGraph-Server: Command execution in gremlin	Apache Software Foundation	Apache HugeGraph-Server	2024-09-18 00:00:00 UTC	CISA
CVE-2020-0618	A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft...	Microsoft	Microsoft SQL Server, Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR), Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU), Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR), Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR), Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU)	2024-09-18 00:00:00 UTC	CISA
CVE-2014-0497	Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before...	Adobe	Flash Player	2024-09-17 00:00:00 UTC	CISA
CVE-2013-0643	The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x...	Adobe	Flash Player	2024-09-17 00:00:00 UTC	CISA
CVE-2013-0648	Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171...	Adobe	Flash Player	2024-09-17 00:00:00 UTC	CISA
CVE-2014-0502	Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before...	Adobe	Flash Player	2024-09-17 00:00:00 UTC	CISA
CVE-2024-6670	WhatsUp Gold HasErrors SQL Injection Authentication Bypass Vulnerability	Progress Software Corporation	WhatsUp Gold	2024-09-16 00:00:00 UTC	CISA
CVE-2024-43461	Windows MSHTML Platform Spoofing Vulnerability	Microsoft	Windows 11 Version 24H2, Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-09-16 00:00:00 UTC	CISA
CVE-2024-8190	An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker...	Ivanti	CSA (Cloud Services Appliance)	2024-09-13 00:00:00 UTC	CISA
CVE-2024-43491	Microsoft Windows Update Remote Code Execution Vulnerability	Microsoft	Windows 10 Version 1507	2024-09-10 07:00:00 UTC	Microsoft CVRF
CVE-2024-38226	Microsoft Publisher Security Feature Bypass Vulnerability	Microsoft	Microsoft Office 2019, Microsoft Office LTSC 2021, Microsoft Publisher 2016	2024-09-10 00:00:00 UTC	CISA
CVE-2024-38014	Windows Installer Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-09-10 00:00:00 UTC	CISA
CVE-2024-38217	Windows Mark of the Web Security Feature Bypass Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-09-10 00:00:00 UTC	CISA

Displaying vulnerabilities 451 - 475 of 1852 in total