Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2018-8611	An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of...	Microsoft	Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers	2022-05-24 00:00:00 UTC	CISA
CVE-2018-19953	If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in...	QNAP Systems Inc.	QTS	2022-05-24 00:00:00 UTC	CISA
CVE-2018-19949	If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the...	QNAP Systems Inc.	QTS	2022-05-24 00:00:00 UTC	CISA
CVE-2018-19943	If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in...	QNAP Systems Inc.	QTS	2022-05-24 00:00:00 UTC	CISA
CVE-2017-0147	The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2;...	Microsoft Corporation	Windows SMB	2022-05-24 00:00:00 UTC	CISA
CVE-2017-0022	Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2...	Microsoft Corporation	XML Core Services	2022-05-24 00:00:00 UTC	CISA
CVE-2017-0005	The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server...	Microsoft Corporation	Windows GDI	2022-05-24 00:00:00 UTC	CISA
CVE-2017-0149	Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a...	Microsoft Corporation	Internet Explorer	2022-05-24 00:00:00 UTC	CISA
CVE-2017-0210	An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an...	Microsoft Corporation	Internet Explorer	2022-05-24 00:00:00 UTC	CISA
CVE-2017-8291	Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile...	n/a	n/a	2022-05-24 00:00:00 UTC	CISA
CVE-2017-8543	Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8,...	Microsoft Corporation	Microsoft Windows	2022-05-24 00:00:00 UTC	CISA
CVE-2017-18362	ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to...	n/a	n/a	2022-05-24 00:00:00 UTC	CISA
CVE-2016-0162	Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet...	n/a	n/a	2022-05-24 00:00:00 UTC	CISA
CVE-2016-3351	Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka...	n/a	n/a	2022-05-24 00:00:00 UTC	CISA
CVE-2016-4655	The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.	n/a	n/a	2022-05-24 00:00:00 UTC	CISA
CVE-2016-4656	The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory...	n/a	n/a	2022-05-24 00:00:00 UTC	CISA
CVE-2016-4657	WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted...	n/a	n/a	2022-05-24 00:00:00 UTC	CISA
CVE-2016-6366	Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv,...	n/a	n/a	2022-05-24 00:00:00 UTC	CISA
CVE-2016-6367	Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges...	n/a	n/a	2022-05-24 00:00:00 UTC	CISA
CVE-2019-7286	A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental...	Apple	iOS, macOS	2022-05-23 00:00:00 UTC	CISA
CVE-2018-8589	An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege...	Microsoft	Windows Server 2008, Windows 7, Windows Server 2008 R2	2022-05-23 00:00:00 UTC	CISA
CVE-2018-5002	Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to...	n/a	Adobe Flash Player 29.0.0.171 and earlier versions	2022-05-23 00:00:00 UTC	CISA
CVE-2019-1130	An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation...	Microsoft	Windows Server, Windows, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-05-23 00:00:00 UTC	CISA
CVE-2019-1385	An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in...	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-05-23 00:00:00 UTC	CISA
CVE-2019-18426	A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site...	Facebook	WhatsApp Desktop	2022-05-23 00:00:00 UTC	CISA

Displaying vulnerabilities 701 - 725 of 1402 in total