Known Exploited Vulnerabilities

Focus on What Matters

There are 297,780 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2023-32049	Windows SmartScreen Security Feature Bypass Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	2023-07-11 00:00:00 UTC	CISA
CVE-2023-32046	Windows MSHTML Platform Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2023-07-11 00:00:00 UTC	CISA
CVE-2021-29256	. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege...	n/a	n/a	2023-07-07 00:00:00 UTC	CISA
CVE-2023-3460	Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation	Unknown	Ultimate Member	2023-07-04 07:23:28 UTC	CVE
CVE-2019-20500	D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the...	D-Link	DWL-2600AP	2023-06-29 00:00:00 UTC	CISA
CVE-2019-17621	The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute...	D-Link	DIR-859	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25395	A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is...	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25394	A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio...	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25372	An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25489	Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string...	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25371	A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2021-25487	Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in...	Samsung Mobile	Samsung Mobile Devices	2023-06-29 00:00:00 UTC	CISA
CVE-2023-32439	A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS...	Apple	iOS and iPadOS, Safari, macOS	2023-06-23 00:00:00 UTC	CISA
CVE-2023-32435	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS...	Apple	macOS, iOS and iPadOS, Safari	2023-06-23 00:00:00 UTC	CISA
CVE-2023-20867	VMware Tools Authentication Bypass Vulnerability	VMware	VMware Tools	2023-06-23 00:00:00 UTC	CISA
CVE-2023-32434	An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS...	Apple	macOS, iOS and iPadOS, watchOS	2023-06-23 00:00:00 UTC	CISA
CVE-2023-27992	The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions...	Zyxel	NAS326 firmware, NAS540 firmware, NAS542 firmware	2023-06-23 00:00:00 UTC	CISA
CVE-2023-20887	Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for...	n/a	Aria Operations for Networks (Formerly vRealize Network Insight)	2023-06-22 00:00:00 UTC	CISA
CVE-2016-0165	The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and...	Microsoft	Windows	2023-06-22 00:00:00 UTC	CISA
CVE-2016-9079	A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild...	Mozilla	Firefox, Firefox ESR, Thunderbird	2023-06-22 00:00:00 UTC	CISA
CVE-2021-44026	Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.	n/a	n/a	2023-06-22 00:00:00 UTC	CISA
CVE-2020-12641	rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting...	n/a	n/a	2023-06-22 00:00:00 UTC	CISA
CVE-2020-35730	An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text...	n/a	n/a	2023-06-22 00:00:00 UTC	CISA
CVE-2023-27997	A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below,...	Fortinet	FortiOS-6K7K, FortiProxy, FortiOS	2023-06-13 00:00:00 UTC	CISA
CVE-2023-35042	GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime().exec in wps:LiteralData...	n/a	n/a	2023-06-12 00:00:00 UTC	CVE

Displaying vulnerabilities 701 - 725 of 1853 in total