Known Exploited Vulnerabilities

Focus on What Matters

There are 298,188 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2018-19322	The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before...	GIGABYTE	APP Center, AORUS GRAPHICS ENGINE, XTREME GAMING ENGINE, OC GURU II	2022-10-24 00:00:00 UTC	CISA
CVE-2022-42889	Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults	Apache Software Foundation	Apache Commons Text	2022-10-20 11:40:50 UTC	Wordfence
CVE-2021-3493	The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on...	Ubuntu	linux kernel	2022-10-20 00:00:00 UTC	CISA
CVE-2022-41352	An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole...	n/a	n/a	2022-10-20 00:00:00 UTC	CISA
CVE-2017-20149	The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and...	MikroTik	RouterOS	2022-10-15 00:00:00 UTC	CVE
CVE-2022-40684	An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6,...	Fortinet	Fortinet FortiOS, FortiProxy, FortiSwitchManager	2022-10-11 00:00:00 UTC	CISA
CVE-2022-41033	Windows COM+ Event System Service Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-10-11 00:00:00 UTC	CISA
CVE-2022-41082	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft	Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 23	2022-09-30 00:00:00 UTC	CISA
CVE-2022-41040	Microsoft Exchange Server Elevation of Privilege Vulnerability	Microsoft	Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 23	2022-09-30 00:00:00 UTC	CISA
CVE-2022-36804	Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from...	Atlassian	Bitbucket Server, Bitbucket Data Center	2022-09-30 00:00:00 UTC	CISA
CVE-2022-3236	A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and...	Sophos	Sophos Firewall	2022-09-23 00:00:00 UTC	CISA
CVE-2022-35405	Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also...	n/a	n/a	2022-09-22 00:00:00 UTC	CISA
CVE-2022-40769	profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses...	n/a	n/a	2022-09-18 16:01:08 UTC	CVE
CVE-2022-40139	Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could...	Trend Micro	Trend Micro Apex One	2022-09-15 00:00:00 UTC	CISA
CVE-2013-6282	The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses,...	Linux	Linux Kernel	2022-09-15 00:00:00 UTC	CISA
CVE-2013-2094	The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local...	Linux	Linux Kernel	2022-09-15 00:00:00 UTC	CISA
CVE-2013-2596	Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android...	Linux	Linux Kernel	2022-09-15 00:00:00 UTC	CISA
CVE-2013-2597	Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in...	Qualcomm	Linux Kernel	2022-09-15 00:00:00 UTC	CISA
CVE-2010-2568	Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote...	Microsoft	Windows	2022-09-15 00:00:00 UTC	CISA
CVE-2022-32917	The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur...	Apple	iOS, macOS	2022-09-14 00:00:00 UTC	CISA
CVE-2022-37969	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-09-14 00:00:00 UTC	CISA
CVE-2022-40734	UniSharp laravel-filemanager (aka Laravel Filemanager) before 2.6.4 allows download?working_dir=%2F.. directory traversal to read arbitrary files,...	n/a	n/a	2022-09-14 00:00:00 UTC	CVE
CVE-2022-3180	WPGateway <= 3.5 - Unauthenticated Privilege Escalation	Jack Hopman	WPGateway	2022-09-13 08:50:53 UTC	Wordfence
CVE-2018-6530	OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous...	D-Link	DIR-880L, DIR-868L, DIR-865L, DIR-860L	2022-09-08 00:00:00 UTC	CISA
CVE-2018-7445	A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to...	MikroTik	RouterOS	2022-09-08 00:00:00 UTC	CISA

Displaying vulnerabilities 851 - 875 of 1857 in total