Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2020-0041	In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of...	n/a	Android	2021-11-03 00:00:00 UTC	CISA
CVE-2020-0069	In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and...	n/a	Android	2021-11-03 00:00:00 UTC	CISA
CVE-2017-9805	The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for...	Apache Software Foundation	Apache Struts	2021-11-03 00:00:00 UTC	CISA
CVE-2021-42013	Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)	Apache Software Foundation	Apache HTTP Server	2021-11-03 00:00:00 UTC	CISA
CVE-2021-41773	Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49	Apache Software Foundation	Apache HTTP Server	2021-11-03 00:00:00 UTC	CISA
CVE-2019-0211	In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or...	Apache	Apache HTTP Server	2021-11-03 00:00:00 UTC	CISA
CVE-2016-4437	Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2019-17558	Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be...	n/a	Apache Solr	2021-11-03 00:00:00 UTC	CISA
CVE-2020-17530	Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts...	Apache Software Foundation	Apache Struts	2021-11-03 00:00:00 UTC	CISA
CVE-2017-5638	The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message...	Apache Software Foundation	Apache Struts	2021-11-03 00:00:00 UTC	CISA
CVE-2018-11776	Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by...	Apache Software Foundation	Apache Struts	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30858	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6....	Apple	macOS, iOS	2021-11-03 00:00:00 UTC	CISA
CVE-2019-6223	A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS...	Apple	iOS, macOS	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30860	An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS...	Apple	macOS, watchOS, iOS	2021-11-03 00:00:00 UTC	CISA
CVE-2020-27930	A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9,...	Apple	watchOS, iOS and iPadOS, macOS	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30807	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1,...	Apple	macOS	2021-11-03 00:00:00 UTC	CISA
CVE-2020-27950	A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update...	Apple	watchOS, iOS and iPadOS, macOS	2021-11-03 00:00:00 UTC	CISA
CVE-2020-27932	A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS...	Apple	watchOS, iOS and iPadOS, macOS	2021-11-03 00:00:00 UTC	CISA
CVE-2020-9818	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS...	Apple	iOS, iOS-1, watchOS	2021-11-03 00:00:00 UTC	CISA
CVE-2020-9819	A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5,...	Apple	iOS, iOS-1, watchOS, watchOS-1	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30762	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content...	Apple	iOS	2021-11-03 00:00:00 UTC	CISA
CVE-2021-1782	A race condition was addressed with improved locking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update...	Apple	iOS and iPadOS, macOS	2021-11-03 00:00:00 UTC	CISA
CVE-2021-1870	A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security...	Apple	iOS and iPadOS, macOS	2021-11-03 00:00:00 UTC	CISA
CVE-2021-1871	A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security...	Apple	iOS and iPadOS, macOS	2021-11-03 00:00:00 UTC	CISA
CVE-2021-1879	This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS...	Apple	iOS and iPadOS, iOS, watchOS	2021-11-03 00:00:00 UTC	CISA

Displaying vulnerabilities 1126 - 1150 of 1400 in total