Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2019-0752	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting...	Microsoft	Internet Explorer 11, Internet Explorer 10	2022-02-15 00:00:00 UTC	CISA
CVE-2018-8174	A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote...	Microsoft	Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers	2022-02-15 00:00:00 UTC	CISA
CVE-2018-20250	In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in...	Check Point Software Technologies Ltd.	WinRAR	2022-02-15 00:00:00 UTC	CISA
CVE-2018-15982	Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to...	n/a	n/a	2022-02-15 00:00:00 UTC	CISA
CVE-2017-9841	Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data...	n/a	n/a	2022-02-15 00:00:00 UTC	CISA
CVE-2014-1761	Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word...	n/a	n/a	2022-02-15 00:00:00 UTC	CISA
CVE-2013-3906	GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync...	n/a	n/a	2022-02-15 00:00:00 UTC	CISA
CVE-2022-22620	A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1,...	Apple	Safari (v and ), macOS	2022-02-11 00:00:00 UTC	CISA
CVE-2021-36934	Windows Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows 10 Version 1909, Windows 10 Version 21H1, Windows 10 Version 2004, Windows 10 Version 20H2	2022-02-10 00:00:00 UTC	CISA
CVE-2020-0796	A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests,...	Microsoft	Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation), Windows 10 Version 1909 for 32-bit Systems, Windows 10 Version 1909 for x64-based Systems, Windows 10 Version 1909 for ARM64-based Systems, Windows Server, version 1909 (Server Core installation)	2022-02-10 00:00:00 UTC	CISA
CVE-2018-1000861	A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in...	n/a	n/a	2022-02-10 00:00:00 UTC	CISA
CVE-2017-9791	The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the...	Apache Software Foundation	Apache Struts	2022-02-10 00:00:00 UTC	CISA
CVE-2017-8464	Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT...	Microsoft Corporation	Windows Shell	2022-02-10 00:00:00 UTC	CISA
CVE-2017-10271	Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are...	Oracle Corporation	WebLogic Server	2022-02-10 00:00:00 UTC	CISA
CVE-2017-0263	The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT...	Microsoft Corporation	Microsoft Windows	2022-02-10 00:00:00 UTC	CISA
CVE-2017-0262	Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle...	Microsoft Corporation	Microsoft Office	2022-02-10 00:00:00 UTC	CISA
CVE-2017-0145	The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2;...	Microsoft Corporation	Windows SMB	2022-02-10 00:00:00 UTC	CISA
CVE-2017-0144	The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2;...	Microsoft Corporation	Windows SMB	2022-02-10 00:00:00 UTC	CISA
CVE-2016-3088	The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT...	n/a	n/a	2022-02-10 00:00:00 UTC	CISA
CVE-2015-2051	The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a...	n/a	n/a	2022-02-10 00:00:00 UTC	CISA
CVE-2015-1635	HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote...	n/a	n/a	2022-02-10 00:00:00 UTC	CISA
CVE-2015-1130	The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via...	n/a	n/a	2022-02-10 00:00:00 UTC	CISA
CVE-2014-4404	Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged...	n/a	n/a	2022-02-10 00:00:00 UTC	CISA
CVE-2022-21882	Win32k Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2	2022-02-04 00:00:00 UTC	CISA
CVE-2014-1776	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of...	n/a	n/a	2022-01-28 00:00:00 UTC	CISA

Displaying vulnerabilities 1026 - 1050 of 1400 in total