KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,016 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,499

Total Known exploited

351

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2025-0411	7.0 High	7-Zip Mark-of-the-Web Bypass Vulnerability	7-Zip	7-Zip	over 1 year ago
CVE-2024-53104	7.8 High	media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Low complexity No user interaction	Linux	Linux	over 1 year ago
CVE-2018-9276	7.2 High	An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with... Remote Low complexity No user interaction	Paessler AG	PRTG Network Monitor	over 1 year ago
CVE-2018-19410	9.8 Critical	PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges (including... Remote Low complexity No user interaction	Paessler	PRTG Network Monitor	over 1 year ago
CVE-2024-45195	9.8 Critical	Apache OFBiz: Confused controller-view authorization logic (forced browsing) Remote Low complexity No user interaction	Apache Software Foundation	Apache OFBiz	over 1 year ago
CVE-2024-29059	7.5 High	.NET Framework Information Disclosure Vulnerability Remote Low complexity No user interaction	Microsoft	Microsoft .NET Framework 4.8, Microsoft .NET Framework 3.5 AND 4.8, Microsoft .NET Framework 3.5 AND 4.7.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5 AND 4.8.1, Microsoft .NET Framework 4.6.2, Microsoft .NET Framework 3.5 AND 4.6/4.6.2, Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.0 Service Pack 2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1	over 1 year ago
CVE-2025-24085	10.0 Critical	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia... Remote Low complexity No user interaction	Apple	iOS and iPadOS, iPadOS, macOS, tvOS, visionOS, watchOS	over 1 year ago
CVE-2025-23006	9.8 Critical	Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and... Malware Remote Low complexity No user interaction	SonicWall	SMA1000	over 1 year ago
CVE-2020-11023	6.9 Medium	Potential XSS vulnerability in jQuery Remote	jquery	jQuery	over 1 year ago
CVE-2024-50603	10.0 Critical	An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements... Remote Low complexity No user interaction	Aviatrix	Controller	over 1 year ago
CVE-2025-21335	7.8 High	Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	over 1 year ago
CVE-2024-55591	9.6 Critical	An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and... Malware Remote Low complexity No user interaction	Fortinet	FortiOS, FortiProxy	over 1 year ago
CVE-2025-21333	7.8 High	Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	over 1 year ago
CVE-2025-21334	7.8 High	Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	over 1 year ago
CVE-2023-48365	9.6 Critical	Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation... Malware Remote Low complexity No user interaction	Qlik	Sense Enterprise for Windows	over 1 year ago
CVE-2024-12686	6.6 Medium	Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA) Remote No user interaction	BeyondTrust	Remote Support(RS) & Privileged Remote Access(PRA)	over 1 year ago
CVE-2024-12847	9.8 Critical	NETGEAR DGN setup.cgi OS Command Injection Remote Low complexity No user interaction	NETGEAR	DGN1000	over 1 year ago
CVE-2025-0282	9.0 Critical	A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons... Malware Remote No user interaction	Ivanti	Connect Secure, Policy Secure, Neurons for ZTA gateways	over 1 year ago
CVE-2024-41713	9.1 Critical	A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated... Malware Remote Low complexity No user interaction	Mitel	MiCollab	over 1 year ago
CVE-2024-55550	2.7 Low	Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to... Malware Remote Low complexity No user interaction	Mitel	MiCollab	over 1 year ago
CVE-2020-2883	9.8 Critical	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are... Remote Low complexity No user interaction	Oracle Corporation	WebLogic Server	over 1 year ago
CVE-2024-3393	8.7 High	PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet Remote Low complexity No user interaction	Palo Alto Networks	Cloud NGFW, PAN-OS	over 1 year ago
CVE-2021-44207	8.1 High	Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. Remote No user interaction	Acclaim Systems	USAHERDS	over 1 year ago
CVE-2024-12356	9.8 Critical	Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA) Remote Low complexity No user interaction	BeyondTrust	Remote Support, Privileged Remote Access	over 1 year ago
CVE-2022-23227	9.8 Critical	NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users... Remote Low complexity No user interaction	NUUO	NVRmini2	over 1 year ago

Displaying vulnerabilities 1026 - 1050 of 2499 in total