Known Exploited Vulnerabilities

Focus on What Matters

There are 298,222 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2021-30883	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, macOS Monterey 12.0.1,...	Apple	iOS and iPadOS, macOS	2022-05-23 00:00:00 UTC	CISA
CVE-2021-0920	In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege...	n/a	Android	2022-05-23 00:00:00 UTC	CISA
CVE-2021-1048	In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of...	n/a	Android	2022-05-23 00:00:00 UTC	CISA
CVE-2022-20821	Cisco IOS XR Software Health Check Open Port Vulnerability	Cisco	Cisco IOS XR Software	2022-05-23 00:00:00 UTC	CISA
CVE-2019-13720	Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted...	Google	Chrome	2022-05-23 00:00:00 UTC	CISA
CVE-2019-11708	Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed...	Mozilla	Firefox ESR, Firefox, Thunderbird	2022-05-23 00:00:00 UTC	CISA
CVE-2019-8720	A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code...	WebKit	webkitgtk	2022-05-23 00:00:00 UTC	CISA
CVE-2019-18426	A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site...	Facebook	WhatsApp Desktop	2022-05-23 00:00:00 UTC	CISA
CVE-2019-1385	An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in...	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-05-23 00:00:00 UTC	CISA
CVE-2019-1130	An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation...	Microsoft	Windows Server, Windows, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-05-23 00:00:00 UTC	CISA
CVE-2018-5002	Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to...	Adobe	Adobe Flash Player 29.0.0.171 and earlier versions	2022-05-23 00:00:00 UTC	CISA
CVE-2022-30525	A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware...	Zyxel	USG FLEX 100(W) firmware, USG FLEX 200 firmware, USG FLEX 500 firmware, USG FLEX 700 firmware, ATP series firmware, VPN series firmware, USG FLEX 50(W) firmware, USG 20(W)-VPN firmware	2022-05-16 00:00:00 UTC	CISA
CVE-2022-22947	In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator...	n/a	Spring Cloud Gateway	2022-05-16 00:00:00 UTC	CISA
CVE-2022-1388	On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to...	F5	BIG-IP	2022-05-10 00:00:00 UTC	CISA
CVE-2021-1789	A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina,...	Apple	iOS and iPadOS, macOS	2022-05-04 00:00:00 UTC	CISA
CVE-2014-0160	The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote...	OpenSSL	OpenSSL	2022-05-04 00:00:00 UTC	CISA
CVE-2014-0322	Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving...	Microsoft	Internet Explorer	2022-05-04 00:00:00 UTC	CISA
CVE-2014-4113	win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,...	Microsoft	Windows	2022-05-04 00:00:00 UTC	CISA
CVE-2019-8506	A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes...	Apple	iOS, tvOS, watchOS, Safari, iTunes for Windows, iCloud for Windows	2022-05-04 00:00:00 UTC	CISA
CVE-2022-26904	Windows User Profile Service Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-04-25 00:00:00 UTC	CISA
CVE-2022-29464	Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a...	n/a	n/a	2022-04-25 00:00:00 UTC	CISA
CVE-2019-1003029	A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in...	Jenkins project	Jenkins Script Security Plugin	2022-04-25 00:00:00 UTC	CISA
CVE-2021-40450	Win32k Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2	2022-04-25 00:00:00 UTC	CISA
CVE-2021-41357	Win32k Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2	2022-04-25 00:00:00 UTC	CISA
CVE-2022-0847	A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and...	n/a	kernel	2022-04-25 00:00:00 UTC	CISA

Displaying vulnerabilities 1026 - 1050 of 1857 in total