Known Exploited Vulnerabilities

Focus on What Matters

There are 297,775 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2023-22515	Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown...	Atlassian	Confluence Data Center, Confluence Server	2023-10-05 00:00:00 UTC	CISA
CVE-2023-42793	In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible	JetBrains	TeamCity	2023-10-04 00:00:00 UTC	CISA
CVE-2023-28229	Windows CNG Key Isolation Service Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2023-10-04 00:00:00 UTC	CISA
CVE-2023-4211	Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations	Arm Ltd	Midgard GPU Kernel Driver, Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver, Arm 5th Gen GPU Architecture Kernel Driver	2023-10-03 00:00:00 UTC	CISA
CVE-2023-5217	Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially...	Google	Chrome, libvpx	2023-10-02 00:00:00 UTC	CISA
CVE-2018-14667	The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote,...	[UNKNOWN]	RichFaces	2023-09-28 00:00:00 UTC	CISA
CVE-2023-41993	The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution....	Apple	macOS	2023-09-25 00:00:00 UTC	CISA
CVE-2023-41992	The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local...	Apple	macOS, iOS and iPadOS	2023-09-25 00:00:00 UTC	CISA
CVE-2023-41991	A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to...	Apple	iOS and iPadOS, macOS	2023-09-25 00:00:00 UTC	CISA
CVE-2023-41179	A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and...	Trend Micro, Inc.	Trend Micro Apex One, Trend Micro Worry-Free Business Security, Trend Micro Worry-Free Business Security Services	2023-09-21 00:00:00 UTC	CISA
CVE-2023-28434	MinIO is vulnerable to privilege escalation on Linux/MacOS	minio	minio	2023-09-19 00:00:00 UTC	CISA
CVE-2021-3129	Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure...	n/a	n/a	2023-09-18 00:00:00 UTC	CISA
CVE-2017-6884	A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in...	Zyxel	EMG2926 home router	2023-09-18 00:00:00 UTC	CISA
CVE-2014-8361	The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in...	Realtek	SDK	2023-09-18 00:00:00 UTC	CISA
CVE-2022-22265	An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code...	Samsung Mobile	Samsung Mobile Devices	2023-09-18 00:00:00 UTC	CISA
CVE-2023-26369	[Google Project Zero] Adobe Acrobat DC OOBW 0-day actively exploited in the wild	Adobe	Acrobat Reader	2023-09-14 00:00:00 UTC	CISA
CVE-2023-35674	In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local...	Google	Android	2023-09-13 00:00:00 UTC	CISA
CVE-2023-20269	A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)...	Cisco	Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense Software	2023-09-13 00:00:00 UTC	CISA
CVE-2023-4863	Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds...	Google	Chrome, libwebp	2023-09-13 00:00:00 UTC	CISA
CVE-2023-36802	Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2	2023-09-12 00:00:00 UTC	CISA
CVE-2023-36761	Microsoft Word Information Disclosure Vulnerability	Microsoft	Microsoft Office 2019, Microsoft 365 Apps for Enterprise, Microsoft Office LTSC 2021, Microsoft Word 2016, Microsoft Word 2013 Service Pack 1	2023-09-12 00:00:00 UTC	CISA
CVE-2023-41064	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9,...	Apple	macOS, iOS and iPadOS	2023-09-11 00:00:00 UTC	CISA
CVE-2023-41061	A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted...	Apple	iOS and iPadOS, watchOS	2023-09-11 00:00:00 UTC	CISA
CVE-2023-33246	Apache RocketMQ: Possible remote code execution vulnerability when using the update configuration function	Apache Software Foundation	Apache RocketMQ	2023-09-06 00:00:00 UTC	CISA
CVE-2023-38831	RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue...	n/a	n/a	2023-08-24 00:00:00 UTC	CISA

Displaying vulnerabilities 651 - 675 of 1853 in total