Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2017-7927	A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN,...	n/a	Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras	2025-04-27 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2018-3760	There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially...	HackerOne	Sprockets	2025-04-27 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2020-35665	An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in...	n/a	n/a	2025-04-27 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-21899	QTS, QuTS hero, QuTScloud	QNAP Systems Inc.	QTS, QuTS hero, QuTScloud	2025-04-27 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2019-5128	A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable...	n/a	YouPHPTube	2025-04-27 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2019-17506	There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the...	n/a	n/a	2025-04-27 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2020-11530	A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter...	n/a	n/a	2025-04-27 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2023-39026	Directory Traversal vulnerability in FileMage Gateway Windows Deployments v.1.10.8 and before allows a remote attacker to obtain sensitive...	n/a	n/a	2025-04-27 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2018-17431	Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL.	n/a	n/a	2025-04-27 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2023-43795	WPS Server Side Request Forgery in GeoServer	geoserver	geoserver	2025-04-26 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2018-9866	A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual...	SonicWall	Global Management System (GMS)	2025-04-26 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2021-35250	Directory Transversal Vulnerability in Serv-U 15.3	SolarWinds	Serv-U	2025-04-26 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2025-32432	Craft CMS Allows Remote Code Execution	craftcms	cms	2025-04-26 00:00:00 UTC	ONYPHE Blog
CVE-2024-0778	Uniview ISC 2500-S VM.php setNatConfig os command injection	Uniview	ISC 2500-S	2025-04-26 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2021-40822	GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host.	n/a	n/a	2025-04-26 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2018-13315	Incorrect access control in formPasswordSetup in TOTOLINK A3002RU version 1.0.8 allows attackers to change the admin user's password via an...	n/a	n/a	2025-04-26 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2019-5129	A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable...	n/a	YouPHPTube	2025-04-25 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2018-10737	A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter.	n/a	n/a	2025-04-25 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2019-19824	On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the...	n/a	n/a	2025-04-25 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2025-31324	Missing Authorization check in SAP NetWeaver (Visual Composer development server)	SAP_SE	SAP NetWeaver (Visual Composer development server)	2025-04-25 00:00:00 UTC	Tenable Blog
CVE-2019-5127	A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable...	n/a	YouPHPTube"	2025-04-25 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2017-12635	Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before...	Apache Software Foundation	Apache CouchDB	2025-04-25 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2019-11248	Kubernetes kubelet exposes /debug/pprof info on healthz port	Kubernetes	Kubernetes	2025-04-24 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-21762	A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0...	Fortinet	FortiProxy, FortiOS	2025-04-24 00:00:00 UTC	CVE
CVE-2024-27199	In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible	JetBrains	TeamCity	2025-04-24 00:00:00 UTC	The Shadowserver (via CIRCL)

Displaying vulnerabilities 26 - 50 of 1400 in total