KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,016 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,499

Total Known exploited

351

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2019-11001	7.2 High	On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality... Remote Low complexity No user interaction	Reolink	RLC-410W, C1 Pro, C2 Pro, RLC-422W, RLC-511W	over 1 year ago
CVE-2018-14933	9.8 Critical	upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir... Remote Low complexity No user interaction	NUUO	NVRmini	over 1 year ago
CVE-2021-40407	9.1 Critical	An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2],... Remote Low complexity No user interaction	reolink	RLC-410W	over 1 year ago
CVE-2024-55956	9.8 Critical	In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary... Malware Remote Low complexity No user interaction	Cleo	["Harmony", "VLTrader", "LexiCom"]	over 1 year ago
CVE-2024-20767	7.4 High	ColdFusion \| Improper Access Control (CWE-284) Remote No user interaction	Adobe	ColdFusion	over 1 year ago
CVE-2024-35250	7.8 High	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	over 1 year ago
CVE-2024-50623	9.8 Critical	In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that... Malware Remote Low complexity No user interaction	Cleo	["Harmony", "VLTrader", "LexiCom"]	over 1 year ago
CVE-2024-49138	7.8 High	Windows Common Log File System Driver Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	over 1 year ago
CVE-2024-51378	10.0 Critical	getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and... Malware Remote Low complexity No user interaction	CyberPanel	CyberPanel	over 1 year ago
CVE-2023-45727	7.5 High	Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and... Remote Low complexity No user interaction	North Grid Corporation	Proself Enterprise/Standard Edition, Proself Gateway Edition, Proself Mail Sanitize Edition	over 1 year ago
CVE-2024-11680	9.8 Critical	ProjectSend Unauthenticated Configuration Modification Remote Low complexity No user interaction	ProjectSend	ProjectSend	over 1 year ago
CVE-2024-11667	7.5 High	A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series... Malware Remote Low complexity No user interaction	Zyxel	ATP series firmware, USG FLEX series firmware, USG FLEX 50(W) series firmware, USG20(W)-VPN series firmware	over 1 year ago
CVE-2023-28461	9.8 Critical	Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN... Malware Remote Low complexity No user interaction	Array Networks	Array AG Series and vxAG	over 1 year ago
CVE-2024-21287	7.5 High	Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The... Remote Low complexity No user interaction	Oracle Corporation	Oracle Agile PLM Framework	over 1 year ago
CVE-2024-44308	8.8 High	The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1,... Remote Low complexity	Apple	Safari, iOS and iPadOS, macOS, visionOS	over 1 year ago
CVE-2024-44309	6.3 Medium	A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS... Remote Low complexity	Apple	Safari, iOS and iPadOS, macOS, visionOS	over 1 year ago
CVE-2024-38812	9.8 Critical	Heap-overflow vulnerability Remote Low complexity No user interaction	VMware	VMware vCenter Server, VMware Cloud Foundation	over 1 year ago
CVE-2024-38813	7.5 High	Privilege escalation vulnerability Remote No user interaction	VMware	VMware vCenter Server, VMware Cloud Foundation	over 1 year ago
CVE-2024-1212	10.0 Critical	LoadMaster Pre-Authenticated OS Command Injection Remote Low complexity No user interaction	Progress Software	LoadMaster	over 1 year ago
CVE-2024-0012	9.3 Critical	PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) Malware Remote Low complexity No user interaction	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	over 1 year ago
CVE-2024-9474	6.9 Medium	PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface Malware Remote Low complexity No user interaction	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	over 1 year ago
CVE-2024-9463	9.9 Critical	Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure Remote Low complexity No user interaction	Palo Alto Networks	Expedition	over 1 year ago
CVE-2024-9465	9.2 Critical	Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure Remote Low complexity No user interaction	Palo Alto Networks	Expedition	over 1 year ago
CVE-2024-4741	7.5 High	Use After Free with SSL_free_buffers Remote Low complexity No user interaction	OpenSSL	OpenSSL	over 1 year ago
CVE-2024-43451	6.5 Medium	NTLM Hash Disclosure Spoofing Vulnerability Remote Low complexity	Microsoft	Windows Server 2025, Windows Server 2025 (Server Core installation), Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	over 1 year ago

Displaying vulnerabilities 1051 - 1075 of 2499 in total