Keep updated with KEVIntel progress and pro features

Known Exploited Vulnerabilities Intel

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 50 public sources, including CISA, and (once we get some hits) our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2019-5591	A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by...	Fortinet	Fortinet FortiOS	2021-11-03 00:00:00 UTC	CISA
CVE-2020-12812	An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in...	n/a	Fortinet FortiOS	2021-11-03 00:00:00 UTC	CISA
CVE-2018-13379	An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to...	Fortinet	Fortinet FortiOS, FortiProxy	2021-11-03 00:00:00 UTC	CISA
CVE-2020-16010	Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2020-15999	Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-21166	Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2020-16017	Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-37976	Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2020-16009	Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30632	Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2020-16013	Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30633	Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-21148	Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-37973	Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30551	Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-37975	Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2020-6418	Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30554	Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-21206	Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-38000	Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-38003	Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-21224	Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-21193	Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-21220	Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap...	Google	Chrome	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30563	Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Google	Chrome	2021-11-03 00:00:00 UTC	CISA

Displaying vulnerabilities 1201 - 1225 of 1400 in total