Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2024-58136	Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the...	yiiframework	Yii	2025-04-10 00:00:00 UTC	CVE
CVE-2024-53197	ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices	Linux	Linux	2025-04-09 00:00:00 UTC	CISA
CVE-2024-53150	ALSA: usb-audio: Fix out of bounds reads when finding clock sources	Linux	Linux	2025-04-09 00:00:00 UTC	CISA
CVE-2025-30406	Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's...	Gladinet	CentreStack	2025-04-08 00:00:00 UTC	CISA
CVE-2025-29824	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2025-04-08 00:00:00 UTC	CISA
CVE-2025-31161	CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instance is...	CrushFTP	CrushFTP	2025-04-07 00:00:00 UTC	CISA
CVE-2025-22457	A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA...	Ivanti	Connect Secure, Policy Secure, Neurons for ZTA gateways	2025-04-04 00:00:00 UTC	CISA
CVE-2025-24813	Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT	Apache Software Foundation	Apache Tomcat	2025-04-01 00:00:00 UTC	CISA
CVE-2024-20439	A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a...	Cisco	Cisco Smart License Utility	2025-03-31 00:00:00 UTC	CISA
CVE-2025-30355	Synapse vulnerable to federation denial of service via malformed events	element-hq	synapse	2025-03-27 00:00:00 UTC	CVE
CVE-2025-2857	Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised...	Mozilla	Firefox, Firefox ESR	2025-03-27 00:00:00 UTC	CVE
CVE-2025-2783	Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to...	Google	Chrome	2025-03-27 00:00:00 UTC	CISA
CVE-2019-9874	Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2...	n/a	n/a	2025-03-26 00:00:00 UTC	CISA
CVE-2019-9875	Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by...	n/a	n/a	2025-03-26 00:00:00 UTC	CISA
CVE-2025-30154	Multiple Reviewdog actions were compromised during a specific time period	reviewdog	reviewdog	2025-03-24 00:00:00 UTC	CISA
CVE-2025-30349	Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted...	Horde	IMP	2025-03-21 00:00:00 UTC	CVE
CVE-2025-30259	The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and...	Meta	WhatsApp cloud service	2025-03-20 00:00:00 UTC	CVE
CVE-2025-1316	Edimax IC-7100 IP Camera OS Command Injection	Edimax	IC-7100 IP Camera	2025-03-19 00:00:00 UTC	CISA
CVE-2024-48248	NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to...	NAKIVO	Backup & Replication Director	2025-03-19 00:00:00 UTC	CISA
CVE-2017-12637	Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote...	n/a	n/a	2025-03-19 00:00:00 UTC	CISA
CVE-2025-24472	An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0...	Fortinet	FortiOS, FortiProxy	2025-03-18 00:00:00 UTC	CISA
CVE-2025-30066	tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected...	tj-actions	changed-files	2025-03-18 00:00:00 UTC	CISA
CVE-2025-21590	Junos OS: An local attacker with shell access can execute arbitrary code	Juniper Networks	Junos OS	2025-03-13 00:00:00 UTC	CISA
CVE-2025-24201	An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2...	Apple	iOS and iPadOS, macOS, visionOS, Safari, watchOS, iPadOS	2025-03-13 00:00:00 UTC	CISA
CVE-2025-24983	Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2025-03-11 00:00:00 UTC	CISA

Displaying vulnerabilities 76 - 100 of 1400 in total