Known Exploited Vulnerabilities

Focus on What Matters

There are 298,176 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2014-6324	The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7...	Microsoft	Windows	2022-03-25 00:00:00 UTC	CISA
CVE-2014-6332	OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows...	Microsoft	Windows	2022-03-25 00:00:00 UTC	CISA
CVE-2015-0666	Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers...	Cisco	Prime Data Center Network Manager	2022-03-25 00:00:00 UTC	CISA
CVE-2015-1187	The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.	["D-Link", "TRENDnet"]	n/a	2022-03-25 00:00:00 UTC	CISA
CVE-2015-1427	The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism...	Elastic	Elasticsearch	2022-03-25 00:00:00 UTC	CISA
CVE-2015-3035	Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with...	TP-LINK	n/a	2022-03-25 00:00:00 UTC	CISA
CVE-2015-4068	Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive information or cause a denial of...	Arcserve	UDP	2022-03-25 00:00:00 UTC	CISA
CVE-2016-0752	Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x...	Ruby on Rails	Action View	2022-03-25 00:00:00 UTC	CISA
CVE-2016-10174	The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This...	NETGEAR	WNR2000v5 router	2022-03-25 00:00:00 UTC	CISA
CVE-2016-11021	setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter.	D-Link	DCS-930L	2022-03-25 00:00:00 UTC	CISA
CVE-2016-1555	(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and...	NETGEAR	WN604, WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, WNDAP660	2022-03-25 00:00:00 UTC	CISA
CVE-2016-4171	Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as...	Adobe	Flash Player	2022-03-25 00:00:00 UTC	CISA
CVE-2016-7892	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField...	Adobe	Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier	2022-03-25 00:00:00 UTC	CISA
CVE-2017-0146	The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2;...	Microsoft	Windows SMB	2022-03-25 00:00:00 UTC	CISA
CVE-2017-12615	When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default...	Apache Software Foundation	Apache Tomcat	2022-03-25 00:00:00 UTC	CISA
CVE-2017-12617	When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via...	Apache Software Foundation	Apache Tomcat	2022-03-25 00:00:00 UTC	CISA
CVE-2017-3881	A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an...	Cisco	Cisco IOS and IOS XE Software	2022-03-25 00:00:00 UTC	CISA
CVE-2022-21999	Windows Print Spooler Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-03-25 00:00:00 UTC	CISA
CVE-2022-26143	The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain...	n/a	n/a	2022-03-25 00:00:00 UTC	CISA
CVE-2022-26318	On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS...	n/a	n/a	2022-03-25 00:00:00 UTC	CISA
CVE-2019-1322	An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of...	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-03-15 00:00:00 UTC	CISA
CVE-2019-1253	An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability,...	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-03-15 00:00:00 UTC	CISA
CVE-2019-1132	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k...	Microsoft	Windows, Windows Server	2022-03-15 00:00:00 UTC	CISA
CVE-2019-1129	An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation...	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-03-15 00:00:00 UTC	CISA
CVE-2019-1069	Task Scheduler Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1703, Windows 10 Version 1803, Windows Server, version 1803 (Server Core Installation), Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1709 for 32-bit Systems, Windows 10 Version 1709, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	2022-03-15 00:00:00 UTC	CISA

Displaying vulnerabilities 1176 - 1200 of 1857 in total