Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2020-3569	Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities	Cisco	Cisco IOS XR Software	2021-11-03 00:00:00 UTC	CISA
CVE-2020-3161	Cisco IP Phones Web Server Remote Code Execution and Denial of Service Vulnerability	Cisco	Cisco IP phone	2021-11-03 00:00:00 UTC	CISA
CVE-2019-1653	Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability	Cisco	Cisco Small Business RV Series Router Firmware	2021-11-03 00:00:00 UTC	CISA
CVE-2018-0296	A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an...	n/a	Cisco Adaptive Security Appliance unknown	2021-11-03 00:00:00 UTC	CISA
CVE-2019-13608	Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8193	Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix...	n/a	Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8195	Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix...	n/a	Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8196	Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix...	n/a	Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP	2021-11-03 00:00:00 UTC	CISA
CVE-2019-19781	An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2019-11634	Citrix Workspace App before 1904 for Windows has Incorrect Access Control.	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2020-29557	An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer overflow in the web interface allows attackers to...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2020-25506	D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2018-15811	DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2018-18325	DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2017-9822	DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."	DotNetNuke	DotNetNuke CMS Fixed in 9.1.1	2021-11-03 00:00:00 UTC	CISA
CVE-2019-15752	Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8515	DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2018-7600	Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an...	n/a	Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22205	An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were...	GitLab	GitLab	2021-11-03 00:00:00 UTC	CISA
CVE-2018-6789	An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8657	An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2020-8655	An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2020-5902	In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface...	n/a	BIG-IP	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22986	On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd...	n/a	BIG-IP; BIG-IQ	2021-11-03 00:00:00 UTC	CISA
CVE-2021-35464	ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA

Displaying vulnerabilities 1176 - 1200 of 1400 in total