KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,131 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,501

Total Known exploited

353

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2023-41266	8.2 High	A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and... Malware Remote Low complexity No user interaction	Qlik	Qlik Sense Enterprise for Windows	over 2 years ago
CVE-2023-41265	9.6 Critical	An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7... Malware Remote Low complexity No user interaction	Qlik	Qlik Sense Enterprise for Windows	over 2 years ago
CVE-2022-22071	8.4 High	Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto,... Low complexity No user interaction	Qualcomm, Inc.	Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music	over 2 years ago
CVE-2023-33107	8.4 High	Integer Overflow or Wraparound in Graphics Linux Low complexity No user interaction	Qualcomm, Inc.	Snapdragon	over 2 years ago
CVE-2023-33106	8.4 High	Use of Out-of-range Pointer Offset in Graphics Low complexity No user interaction	Qualcomm, Inc.	Snapdragon	over 2 years ago
CVE-2023-33063	7.8 High	Use After Free in DSP Services Low complexity No user interaction	Qualcomm, Inc.	Snapdragon	over 2 years ago
CVE-2023-42917	8.8 High	A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2,... Remote Low complexity	Apple	Safari, macOS, iOS and iPadOS	over 2 years ago
CVE-2023-42916	6.5 Medium	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2,... Remote Low complexity	Apple	Safari, macOS, iOS and iPadOS	over 2 years ago
CVE-2023-6345	9.6 Critical	Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially... Remote Low complexity	Google	Chrome	over 2 years ago
CVE-2023-49103	10.0 Critical	An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party... Remote Low complexity No user interaction	ownCloud	owncloud/graphapi	over 2 years ago
CVE-2023-4911	7.8 High	Glibc: buffer overflow in ld.so leading to privilege escalation Low complexity No user interaction	, Red Hat	, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, Red Hat Virtualization 4 for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7	over 2 years ago
CVE-2020-2551	9.8 Critical	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are... Remote Low complexity No user interaction	Oracle Corporation	WebLogic Server	over 2 years ago
CVE-2023-36584	5.4 Medium	Windows Mark of the Web Security Feature Bypass Vulnerability Remote Low complexity	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	over 2 years ago
CVE-2023-1671	9.8 Critical	A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of... Remote Low complexity No user interaction	Sophos	Sophos Web Appliance	over 2 years ago
CVE-2023-47630	7.1 High	Attacker can cause Kyverno user to unintentionally consume insecure image Remote	kyverno	kyverno	over 2 years ago
CVE-2023-36025	8.8 High	Windows SmartScreen Security Feature Bypass Vulnerability Remote Low complexity	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	over 2 years ago
CVE-2023-36033	7.8 High	Windows DWM Core Library Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation)	over 2 years ago
CVE-2023-36036	7.8 High	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows 11 version 22H3, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 23H2	over 2 years ago
CVE-2023-42813	6.1 Medium	Denial of service from malicious manifest in kyverno Remote	kyverno	kyverno	over 2 years ago
CVE-2023-42814	3.1 Low	Denial of service from malicious image manifest in kyverno Remote	kyverno	kyverno	over 2 years ago
CVE-2023-42815	3.1 Low	Denial of service from malicious image manifest in kyverno Remote	kyverno	kyverno	over 2 years ago
CVE-2023-42816	6.1 Medium	Denial of service from malicious signature in kyverno Remote	kyverno	kyverno	over 2 years ago
CVE-2023-36844	5.3 Medium	Junos OS: EX Series: A PHP vulnerability in J-Web allows an unauthenticated attacker to control important environment variables Remote Low complexity No user interaction	Juniper Networks	Junos OS	over 2 years ago
CVE-2023-47246	9.8 Critical	In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot,... Malware Remote Low complexity No user interaction	SysAid Technologies	SysAid On-Premise	over 2 years ago
CVE-2023-36846	5.3 Medium	Junos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload arbitrary files Remote Low complexity No user interaction	Juniper Networks	Junos OS	over 2 years ago

Displaying vulnerabilities 1251 - 1275 of 2501 in total