Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2013-0422	Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2013-0431	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2013-2423	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2013-3896	Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2013-3993	IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2013-7331	The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames,...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2014-3153	The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses,...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2014-4077	Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2014-2817	Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2014-0546	Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2014-4123	Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2014-4148	win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-1671	The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2;...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-6175	The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-8651	Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux,...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-4495	The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-1769	Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-2425	Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-2360	win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-0071	Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-0016	Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2015-0310	Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2016-0034	Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2016-0984	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before...	n/a	n/a	2022-05-25 00:00:00 UTC	CISA
CVE-2016-4656	The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory...	n/a	n/a	2022-05-24 00:00:00 UTC	CISA

Displaying vulnerabilities 676 - 700 of 1402 in total