Known Exploited Vulnerabilities

Focus on What Matters

There are 298,188 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2020-9934	An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and...	Apple	iOS, macOS	2022-09-08 00:00:00 UTC	CISA
CVE-2022-26258	D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.	n/a	n/a	2022-09-08 00:00:00 UTC	CISA
CVE-2022-27593	DeadBolt Ransomware	QNAP Systems Inc.	Photo Station	2022-09-08 00:00:00 UTC	CISA
CVE-2018-13374	A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the...	Fortinet	Fortinet FortiOS, fortiADC	2022-09-08 00:00:00 UTC	CISA
CVE-2018-2628	Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are...	Oracle Corporation	WebLogic Server	2022-09-08 00:00:00 UTC	CISA
CVE-2022-3075	Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to...	Google	Chrome	2022-09-08 00:00:00 UTC	CISA
CVE-2011-1823	The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local...	Google	Android	2022-09-08 00:00:00 UTC	CISA
CVE-2011-4723	The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified...	D-Link	DIR-300	2022-09-08 00:00:00 UTC	CISA
CVE-2017-5521	An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000...	NETGEAR	Routers	2022-09-08 00:00:00 UTC	CISA
CVE-2022-31474	WordPress BackupBuddy Plugin 8.5.8.0-8.7.4.1 is vulnerable to Directory Traversal	iThemes	BackupBuddy	2022-09-07 07:56:11 UTC	Wordfence
CVE-2022-26352	An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose...	n/a	n/a	2022-08-25 00:00:00 UTC	CISA
CVE-2022-24706	Remote Code Execution Vulnerability in Packaging	Apache Software Foundation	Apache CouchDB	2022-08-25 00:00:00 UTC	CISA
CVE-2022-22963	In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to...	n/a	Spring Cloud Function	2022-08-25 00:00:00 UTC	CISA
CVE-2022-24112	apisix/batch-requests plugin allows overwriting the X-REAL-IP header	Apache Software Foundation	Apache APISIX	2022-08-25 00:00:00 UTC	CISA
CVE-2020-28949	Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to...	n/a	n/a	2022-08-25 00:00:00 UTC	CISA
CVE-2021-31010	A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8...	Apple	macOS, watchOS	2022-08-25 00:00:00 UTC	CISA
CVE-2020-36193	Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related...	n/a	n/a	2022-08-25 00:00:00 UTC	CISA
CVE-2021-38406	Delta Electronics DOPSoft 2 Out-of-Bounds Write	Delta Electronics	DOPSoft 2	2022-08-25 00:00:00 UTC	CISA
CVE-2021-39226	Snapshot authentication bypass in grafana	grafana	grafana	2022-08-25 00:00:00 UTC	CISA
CVE-2022-2294	Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a...	Google	Chrome	2022-08-25 00:00:00 UTC	CISA
CVE-2022-0028	PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	2022-08-22 00:00:00 UTC	CISA
CVE-2022-22536	SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are...	SAP SE	SAP NetWeaver and ABAP Platform, SAP Web Dispatcher, SAP Content Server	2022-08-18 00:00:00 UTC	CISA
CVE-2022-32894	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey...	Apple	iOS and iPadOS, macOS	2022-08-18 00:00:00 UTC	CISA
CVE-2022-26923	Active Directory Domain Services Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 8.1, Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-08-18 00:00:00 UTC	CISA
CVE-2022-2856	Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily...	Google	Chrome	2022-08-18 00:00:00 UTC	CISA

Displaying vulnerabilities 876 - 900 of 1857 in total