Known Exploited Vulnerabilities

Focus on What Matters

There are 298,163 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2019-1064	Windows Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1703, Windows 10 Version 1803, Windows Server, version 1803 (Server Core Installation), Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1709 for 32-bit Systems, Windows 10 Version 1709, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation), Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	2022-03-15 00:00:00 UTC	CISA
CVE-2019-0841	An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation...	Microsoft	Windows, Windows Server	2022-03-15 00:00:00 UTC	CISA
CVE-2019-0543	An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of...	Microsoft	Windows	2022-03-15 00:00:00 UTC	CISA
CVE-2017-0101	The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows...	Microsoft	Windows	2022-03-15 00:00:00 UTC	CISA
CVE-2016-3309	The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold...	Microsoft	Windows	2022-03-15 00:00:00 UTC	CISA
CVE-2019-1315	An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting...	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-03-15 00:00:00 UTC	CISA
CVE-2018-8120	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k...	Microsoft	Windows Server 2008, Windows 7, Windows Server 2008 R2	2022-03-15 00:00:00 UTC	CISA
CVE-2020-5135	A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by...	SonicWall	SonicOS	2022-03-15 00:00:00 UTC	CISA
CVE-2019-1405	An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka...	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-03-15 00:00:00 UTC	CISA
CVE-2015-2546	The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server...	Microsoft	Windows	2022-03-15 00:00:00 UTC	CISA
CVE-2021-20083	Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-plugin-query-object 2.2.3 allows a malicious...	n/a	jquery-plugin-query-object	2022-03-11 08:00:34 UTC	Wordfence
CVE-2021-21973	The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server...	n/a	VMware vCenter Server, VMware Cloud Foundation	2022-03-07 00:00:00 UTC	CISA
CVE-2017-6077	ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell...	NETGEAR	DGN2200	2022-03-07 00:00:00 UTC	CISA
CVE-2016-6277	NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before...	NETGEAR	Routers	2022-03-07 00:00:00 UTC	CISA
CVE-2022-26486	An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in...	Mozilla	Firefox, Firefox ESR, Firefox for Android, Thunderbird, Focus	2022-03-07 00:00:00 UTC	CISA
CVE-2013-0631	Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in...	Adobe	ColdFusion	2022-03-07 00:00:00 UTC	CISA
CVE-2013-0629	Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified...	Adobe	ColdFusion	2022-03-07 00:00:00 UTC	CISA
CVE-2013-0625	Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute...	Adobe	ColdFusion	2022-03-07 00:00:00 UTC	CISA
CVE-2009-3960	Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0,...	Adobe	BlazeDS	2022-03-07 00:00:00 UTC	CISA
CVE-2019-11581	There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions....	Atlassian	Jira Server and Data Center	2022-03-07 00:00:00 UTC	CISA
CVE-2020-8218	A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code...	n/a	Pulse Connect Secure	2022-03-07 00:00:00 UTC	CISA
CVE-2022-26485	Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing...	Mozilla	Firefox, Firefox ESR, Firefox for Android, Thunderbird, Focus	2022-03-07 00:00:00 UTC	CISA
CVE-2013-1675	Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly...	Mozilla	Firefox, Firefox ESR, Thunderbird, Thunderbird ESR	2022-03-03 00:00:00 UTC	CISA
CVE-2002-0367	smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows...	Microsoft	Windows	2022-03-03 00:00:00 UTC	CISA
CVE-2004-0210	The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by...	Microsoft	Windows	2022-03-03 00:00:00 UTC	CISA

Displaying vulnerabilities 1201 - 1225 of 1857 in total