Known Exploited Vulnerabilities

Focus on What Matters

There are 298,214 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2019-3568	A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target...	Facebook	WhatsApp for Android, WhatsApp Business for Android, WhatsApp for iOS, WhatsApp Business for iOS, WhatsApp for Windows Phone, WhatsApp for Tizen	2022-04-19 00:00:00 UTC	CISA
CVE-2022-22718	Windows Print Spooler Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-04-19 00:00:00 UTC	CISA
CVE-2018-6882	Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1...	Zimbra	Collaboration Suite	2022-04-19 00:00:00 UTC	CISA
CVE-2019-3929	The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W...	Crestron	Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4.	2022-04-15 00:00:00 UTC	CISA
CVE-2019-16057	The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection.	D-Link	DNS-320	2022-04-15 00:00:00 UTC	CISA
CVE-2018-7841	A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution when an improper...	U.motion	U.motion Builder software version 1.3.4	2022-04-15 00:00:00 UTC	CISA
CVE-2016-4523	The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to cause a denial of service...	Trihedral	VTScada	2022-04-15 00:00:00 UTC	CISA
CVE-2014-0780	Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative...	InduSoft	Web Studio	2022-04-15 00:00:00 UTC	CISA
CVE-2010-5330	On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not...	Ubiquiti	AirOS	2022-04-15 00:00:00 UTC	CISA
CVE-2022-22960	VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in...	n/a	VMware Workspace ONE Access, Identity Manager and vRealize Automation	2022-04-15 00:00:00 UTC	CISA
CVE-2022-1364	Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a...	Google	Chrome	2022-04-15 00:00:00 UTC	CISA
CVE-2007-3010	masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute...	Alcatel	OmniPCX Enterprise Communication Server	2022-04-15 00:00:00 UTC	CISA
CVE-2022-22954	VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious...	n/a	VMware Workspace ONE Access and Identity Manager	2022-04-14 00:00:00 UTC	CISA
CVE-2022-24521	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-04-13 00:00:00 UTC	CISA
CVE-2018-7602	Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-004	Drupal	core	2022-04-13 00:00:00 UTC	CISA
CVE-2014-9163	Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425...	Adobe	Flash Player	2022-04-13 00:00:00 UTC	CISA
CVE-2015-0311	Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through...	Adobe	Flash Player	2022-04-13 00:00:00 UTC	CISA
CVE-2015-0313	Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before...	Adobe	Flash Player	2022-04-13 00:00:00 UTC	CISA
CVE-2015-2502	Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a...	Microsoft	Internet Explorer	2022-04-13 00:00:00 UTC	CISA
CVE-2015-3113	Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before...	Adobe	Flash Player	2022-04-13 00:00:00 UTC	CISA
CVE-2015-5122	Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on...	Adobe	Flash Player	2022-04-13 00:00:00 UTC	CISA
CVE-2015-5123	Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on...	Adobe	Flash Player	2022-04-13 00:00:00 UTC	CISA
CVE-2018-20753	Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell...	Kaseya	VSA RMM	2022-04-13 00:00:00 UTC	CISA
CVE-2021-42278	Active Directory Domain Services Elevation of Privilege Vulnerability	Microsoft	Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server version 2004, Windows Server version 20H2, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-04-11 00:00:00 UTC	CISA
CVE-2021-42287	Active Directory Domain Services Elevation of Privilege Vulnerability	Microsoft	Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server version 2004, Windows Server version 20H2, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-04-11 00:00:00 UTC	CISA

Displaying vulnerabilities 1051 - 1075 of 1856 in total