KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,131 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,501

Total Known exploited

353

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2024-4610	7.8 High	Mali GPU Kernel Driver allows improper GPU memory processing operations Low complexity No user interaction	Arm Ltd	Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver	almost 2 years ago
CVE-2017-3506	7.4 High	Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are... Remote No user interaction	Oracle Corporation	WebLogic Server	almost 2 years ago
CVE-2024-1086	7.8 High	Use-after-free in Linux kernel's netfilter: nf_tables component Malware Low complexity No user interaction	Linux	Kernel	about 2 years ago
CVE-2024-24919	8.6 High	Information disclosure Malware Remote Low complexity No user interaction	checkpoint	Check Point Quantum Gateway, Spark Gateway and CloudGuard Network	about 2 years ago
CVE-2024-4978	8.7 High	Malicious Code in Justice AV Solutions (JAVS) Viewer Remote Low complexity	Justice AV Solutions	Viewer	about 2 years ago
CVE-2024-5274	9.6 Critical	Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted... Remote Low complexity	Google	Chrome	about 2 years ago
CVE-2020-17519	7.5 High	Apache Flink directory traversal attack: reading remote files through the REST API Remote Low complexity No user interaction	Apache Software Foundation	Apache Flink	about 2 years ago
CVE-2021-47337	5.5 Medium	scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Low complexity No user interaction	Linux	Linux	about 2 years ago
CVE-2023-43208	9.8 Critical	NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is... Malware Remote Low complexity No user interaction	NextGen Healthcare	Mirth Connect	about 2 years ago
CVE-2024-4947	9.6 Critical	Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted... Remote Low complexity	Google	Chrome	about 2 years ago
CVE-2024-4761	8.8 High	Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted... Remote Low complexity	Google	Chrome	about 2 years ago
CVE-2021-40655	7.5 High	An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a... Remote Low complexity No user interaction	D-Link	DIR-605 B2 Firmware	about 2 years ago
CVE-2014-100005	8.0 High	Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers... Low complexity No user interaction	D-Link	DIR-600 router	about 2 years ago
CVE-2024-30051	7.8 High	Windows DWM Core Library Elevation of Privilege Vulnerability Malware Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	about 2 years ago
CVE-2024-30040	8.8 High	Windows MSHTML Platform Security Feature Bypass Vulnerability Remote Low complexity	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	about 2 years ago
CVE-2024-4671	9.6 Critical	Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to... Remote Low complexity	Google	Chrome	about 2 years ago
CVE-2023-7028	10.0 Critical	Weak Password Recovery Mechanism for Forgotten Password in GitLab Remote Low complexity No user interaction	GitLab	GitLab	about 2 years ago
CVE-2024-29988	8.8 High	SmartScreen Prompt Security Feature Bypass Vulnerability Remote Low complexity	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation)	about 2 years ago
CVE-2024-4040	9.8 Critical	Unauthenticated arbitrary file read and remote code execution in CrushFTP Remote Low complexity No user interaction	CrushFTP	CrushFTP	about 2 years ago
CVE-2024-20359	6.0 Medium	A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive... Low complexity No user interaction	Cisco	Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense Software	about 2 years ago
CVE-2024-20353	8.6 High	A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)... Remote Low complexity No user interaction	Cisco	Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense Software	about 2 years ago
CVE-2022-38028	7.8 High	Windows Print Spooler Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 8.1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	about 2 years ago
CVE-2024-26859	4.7 Medium	net/bnx2x: Prevent access to a freed page in page_pool No user interaction	Linux	Linux	about 2 years ago
CVE-2024-3400	10.0 Critical	PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect Malware Remote Low complexity No user interaction	Palo Alto Networks	PAN-OS, Cloud NGFW, Prisma Access	about 2 years ago
CVE-2024-3273	7.3 High	D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection Remote Low complexity No user interaction	D-Link	DNS-320L, DNS-325, DNS-327L, DNS-340L	about 2 years ago

Displaying vulnerabilities 1176 - 1200 of 2501 in total