KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,131 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,501

Total Known exploited

353

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2024-3272	9.8 Critical	D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials Remote Low complexity No user interaction	D-Link	DNS-320L, DNS-325, DNS-327L, DNS-340L	about 2 years ago
CVE-2024-26745	4.4 Medium	powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV Low complexity No user interaction	Linux	Linux	about 2 years ago
CVE-2024-29745	5.5 Medium	there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution... Low complexity No user interaction	Google	Android	about 2 years ago
CVE-2024-29748	7.8 High	there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution... Low complexity	Google	Android	about 2 years ago
CVE-2023-24955	7.2 High	Microsoft SharePoint Server Remote Code Execution Vulnerability Malware Remote Low complexity No user interaction	Microsoft	Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition	about 2 years ago
CVE-2023-48788	9.3 Critical	A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2,... Malware Remote Low complexity No user interaction	Fortinet	FortiClientEMS	about 2 years ago
CVE-2021-44529	9.8 Critical	A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with... Malware Remote Low complexity No user interaction	Ivanti	Ivanti EPM	about 2 years ago
CVE-2019-7256	9.8 Critical	Linear eMerge E3-Series devices allow Command Injections. Remote Low complexity No user interaction	Linear	eMerge E3-Series	about 2 years ago
CVE-2024-27198	9.8 Critical	In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible Malware Remote Low complexity No user interaction	JetBrains	TeamCity	about 2 years ago
CVE-2024-23225	7.8 High	A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4,... Low complexity No user interaction	Apple	iOS and iPadOS, macOS, tvOS, visionOS, watchOS	about 2 years ago
CVE-2024-23296	7.8 High	A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4,... Low complexity No user interaction	Apple	iOS and iPadOS, macOS, tvOS, visionOS, watchOS	about 2 years ago
CVE-2023-21237	5.5 Medium	In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or... Low complexity No user interaction	Google	Android	about 2 years ago
CVE-2021-36380	9.8 Critical	Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi. Remote Low complexity No user interaction	Sunhillo	SureLine	about 2 years ago
CVE-2024-21338	7.8 High	Windows Kernel Elevation of Privilege Vulnerability Malware Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation)	about 2 years ago
CVE-2023-52499	5.5 Medium	powerpc/47x: Fix 47x syscall return crash Low complexity No user interaction	Linux	Linux	over 2 years ago
CVE-2023-29360	8.4 High	Microsoft Streaming Service Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	over 2 years ago
CVE-2024-1709	10.0 Critical	Authentication bypass using an alternate path or channel Malware Remote Low complexity No user interaction	ConnectWise	ScreenConnect	over 2 years ago
CVE-2020-3259	7.5 High	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability Malware Remote Low complexity No user interaction	Cisco	Cisco Adaptive Security Appliance (ASA) Software	over 2 years ago
CVE-2024-21410	9.8 Critical	Microsoft Exchange Server Elevation of Privilege Vulnerability Remote Low complexity No user interaction	Microsoft	Microsoft Exchange Server 2016 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 13, Microsoft Exchange Server 2019 Cumulative Update 14	over 2 years ago
CVE-2024-21351	7.6 High	Windows SmartScreen Security Feature Bypass Vulnerability Remote Low complexity	Microsoft	Windows 11 Version 23H2, Windows 11 version 22H3, Windows 10 Version 1809, Windows Server 2019, Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016	over 2 years ago
CVE-2024-21412	8.1 High	Internet Shortcut Files Security Feature Bypass Vulnerability Malware Remote Low complexity	Microsoft	Windows 11 version 21H2, Windows 10 Version 1809, Windows 10 Version 21H2, Windows Server 2022, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2019, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2019 (Server Core installation)	over 2 years ago
CVE-2023-43770	6.1 Medium	Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of... Remote Low complexity	Roundcube	Roundcube Webmail	over 2 years ago
CVE-2024-21762	9.6 Critical	A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0... Malware Remote Low complexity No user interaction	Fortinet	FortiProxy, FortiOS	over 2 years ago
CVE-2024-23660	7.5 High	The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and... Remote Low complexity No user interaction	Binance	Trust Wallet	over 2 years ago
CVE-2023-4762	8.8 High	Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page.... Remote Low complexity	Google	Chrome	over 2 years ago

Displaying vulnerabilities 1201 - 1225 of 2501 in total