Known Exploited Vulnerabilities

Focus on What Matters

There are 297,623 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2017-1000253	Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86...	Linux	Kernel	2024-09-09 00:00:00 UTC	CISA
CVE-2024-40766	An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized...	SonicWall	SonicOS	2024-09-09 00:00:00 UTC	CISA
CVE-2016-3714	The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before...	ImageMagick	ImageMagick	2024-09-09 00:00:00 UTC	CISA
CVE-2024-45506	HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding...	n/a	n/a	2024-09-04 00:00:00 UTC	CVE
CVE-2024-45389	Pagefind DOM clobbering could escalate to Cross-site Scripting (XSS)	CloudCannon	pagefind	2024-09-03 19:30:15 UTC	CVE
CVE-2024-7262	Arbitrary Code Execution in WPS Office	Kingsoft	WPS Office	2024-09-03 00:00:00 UTC	CISA
CVE-2021-20124	A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An...	DrayTek	VigorConnect	2024-09-03 00:00:00 UTC	CISA
CVE-2021-20123	A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet...	DrayTek	VigorConnect	2024-09-03 00:00:00 UTC	CISA
CVE-2024-7965	Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a...	Google	Chrome	2024-08-28 00:00:00 UTC	CISA
CVE-2024-38856	Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code	Apache Software Foundation	Apache OFBiz	2024-08-27 00:00:00 UTC	CISA
CVE-2024-7971	Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page....	Google	Chrome	2024-08-26 00:00:00 UTC	CISA
CVE-2024-39717	The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged...	Versa	Director	2024-08-23 00:00:00 UTC	CISA
CVE-2024-28000	WordPress LiteSpeed Cache plugin <= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability	LiteSpeed Technologies	LiteSpeed Cache	2024-08-21 07:11:12 UTC	Wordfence
CVE-2021-31196	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft	Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 21, Microsoft Exchange Server 2019 Cumulative Update 10	2024-08-21 00:00:00 UTC	CISA
CVE-2022-0185	A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel...	n/a	kernel	2024-08-21 00:00:00 UTC	CISA
CVE-2021-33044	The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity...	n/a	Some Dahua IP Camera, Video Intercom, PTZ Dome Camera, Thermal Camera devices	2024-08-21 00:00:00 UTC	CISA
CVE-2021-33045	The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity...	n/a	Some Dahua IP Camera, Video Intercom, NVR, XVR devices	2024-08-21 00:00:00 UTC	CISA
CVE-2024-23897	Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by...	Jenkins Project	Jenkins	2024-08-19 00:00:00 UTC	CISA
CVE-2024-28986	SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability	SolarWinds	Web Help Desk	2024-08-15 00:00:00 UTC	CISA
CVE-2024-38107	Windows Power Dependency Coordinator Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows 11 Version 24H2	2024-08-13 00:00:00 UTC	CISA
CVE-2024-38106	Windows Kernel Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 11 Version 24H2	2024-08-13 00:00:00 UTC	CISA
CVE-2024-38189	Microsoft Project Remote Code Execution Vulnerability	Microsoft	Microsoft Office 2019, Microsoft 365 Apps for Enterprise, Microsoft Project 2016, Microsoft Office LTSC 2021	2024-08-13 00:00:00 UTC	CISA
CVE-2024-38213	Windows Mark of the Web Security Feature Bypass Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-08-13 00:00:00 UTC	CISA
CVE-2024-38193	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Microsoft	Windows 11 Version 24H2, Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-08-13 00:00:00 UTC	CISA
CVE-2024-38178	Scripting Engine Memory Corruption Vulnerability	Microsoft	Windows 11 Version 24H2, Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2024-08-13 00:00:00 UTC	CISA

Displaying vulnerabilities 476 - 500 of 1852 in total