Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2021-22017	Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network...	n/a	VMware vCenter Server, VMware Cloud Foundation	2022-01-10 00:00:00 UTC	CISA
CVE-2021-36260	A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the...	n/a	n/a	2022-01-10 00:00:00 UTC	CISA
CVE-2020-6572	Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page.	Google	Chrome	2022-01-10 00:00:00 UTC	CISA
CVE-2019-1458	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k...	Microsoft	Windows, Windows Server	2022-01-10 00:00:00 UTC	CISA
CVE-2013-3900	WinVerifyTrust Signature Validation Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-01-10 00:00:00 UTC	CISA
CVE-2019-2725	Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are...	Oracle Corporation	Tape Library ACSLS	2022-01-10 00:00:00 UTC	CISA
CVE-2019-9670	mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as...	n/a	n/a	2022-01-10 00:00:00 UTC	CISA
CVE-2018-13382	An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to...	Fortinet	Fortinet FortiOS, FortiProxy	2022-01-10 00:00:00 UTC	CISA
CVE-2018-13383	A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy...	Fortinet	Fortinet FortiOS and FortiProxy	2022-01-10 00:00:00 UTC	CISA
CVE-2019-1579	Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or...	n/a	Palo Alto Networks GlobalProtect Portal/Gateway Interface	2022-01-10 00:00:00 UTC	CISA
CVE-2019-10149	A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in...	exim	exim	2022-01-10 00:00:00 UTC	CISA
CVE-2015-7450	Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow...	n/a	n/a	2022-01-10 00:00:00 UTC	CISA
CVE-2017-1000486	Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution	n/a	n/a	2022-01-10 00:00:00 UTC	CISA
CVE-2019-7609	Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the...	Elastic	Kibana	2022-01-10 00:00:00 UTC	CISA
CVE-2021-43890	Windows AppX Installer Spoofing Vulnerability	Microsoft	App Installer	2021-12-15 00:00:00 UTC	CISA
CVE-2021-4102	Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Google	Chrome	2021-12-15 00:00:00 UTC	CISA
CVE-2019-10758	mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to...	n/a	mongo-express	2021-12-10 00:00:00 UTC	CISA
CVE-2021-44515	Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild...	n/a	n/a	2021-12-10 00:00:00 UTC	CISA
CVE-2019-13272	In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a...	n/a	n/a	2021-12-10 00:00:00 UTC	CISA
CVE-2021-35394	Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The...	n/a	n/a	2021-12-10 00:00:00 UTC	CISA
CVE-2019-7238	Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.	n/a	n/a	2021-12-10 00:00:00 UTC	CISA
CVE-2019-0193	In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the...	Apache	Apache Solr	2021-12-10 00:00:00 UTC	CISA
CVE-2021-44168	A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local...	Fortinet	Fortinet FortiOS	2021-12-10 00:00:00 UTC	CISA
CVE-2017-17562	Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of...	n/a	n/a	2021-12-10 00:00:00 UTC	CISA
CVE-2017-12149	In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the...	Red Hat, Inc.	jbossas	2021-12-10 00:00:00 UTC	CISA

Displaying vulnerabilities 1076 - 1100 of 1400 in total