Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2022-2294	Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a...	Google	Chrome	2022-08-25 00:00:00 UTC	CISA
CVE-2022-0028	PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	2022-08-22 00:00:00 UTC	CISA
CVE-2022-22536	SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are...	SAP SE	SAP NetWeaver and ABAP Platform, SAP Web Dispatcher, SAP Content Server	2022-08-18 00:00:00 UTC	CISA
CVE-2022-32894	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey...	Apple	iOS and iPadOS, macOS	2022-08-18 00:00:00 UTC	CISA
CVE-2022-26923	Active Directory Domain Services Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 8.1, Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-08-18 00:00:00 UTC	CISA
CVE-2022-2856	Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily...	Google	Chrome	2022-08-18 00:00:00 UTC	CISA
CVE-2022-32893	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey...	Apple	Safari, iOS and iPadOS, macOS	2022-08-18 00:00:00 UTC	CISA
CVE-2017-15944	Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute...	n/a	n/a	2022-08-18 00:00:00 UTC	CISA
CVE-2022-21971	Windows Runtime Remote Code Execution Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2	2022-08-18 00:00:00 UTC	CISA
CVE-2022-37042	Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing...	n/a	n/a	2022-08-11 00:00:00 UTC	CISA
CVE-2022-27925	Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated...	n/a	n/a	2022-08-11 00:00:00 UTC	CISA
CVE-2022-30333	RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated...	n/a	n/a	2022-08-09 00:00:00 UTC	CISA
CVE-2022-34713	Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-08-09 00:00:00 UTC	CISA
CVE-2022-27924	Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance....	n/a	n/a	2022-08-04 00:00:00 UTC	CISA
CVE-2022-26138	The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group...	Atlassian	Questions For Confluence	2022-07-29 00:00:00 UTC	CISA
CVE-2022-22047	Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-07-12 00:00:00 UTC	CISA
CVE-2022-26925	Windows LSA Spoofing Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-07-01 00:00:00 UTC	CISA
CVE-2022-29499	The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The...	n/a	n/a	2022-06-27 00:00:00 UTC	CISA
CVE-2021-30533	Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions...	Google	Chrome	2022-06-27 00:00:00 UTC	CISA
CVE-2020-3837	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3,...	Apple	iOS, macOS, tvOS, watchOS	2022-06-27 00:00:00 UTC	CISA
CVE-2021-30983	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to...	Apple	iOS and iPadOS	2022-06-27 00:00:00 UTC	CISA
CVE-2021-4034	A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow...	n/a	polkit	2022-06-27 00:00:00 UTC	CISA
CVE-2018-4344	A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12,...	n/a	iOS, macOS, tvOS, watchOS	2022-06-27 00:00:00 UTC	CISA
CVE-2019-8605	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS...	Apple	iOS, macOS, tvOS, watchOS	2022-06-27 00:00:00 UTC	CISA
CVE-2020-9907	A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An...	Apple	iOS, tvOS	2022-06-27 00:00:00 UTC	CISA

Displaying vulnerabilities 601 - 625 of 1402 in total