Known Exploited Vulnerabilities

Focus on What Matters

There are 304,048 vulnerabilities in the CVE database.
Whilst only 0.7% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2016-10174	The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This...	NETGEAR	WNR2000v5 router	2022-03-25 00:00:00 UTC	CISA
CVE-2016-0752	Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x...	Ruby on Rails	Action View	2022-03-25 00:00:00 UTC	CISA
CVE-2019-0903	A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+...	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2022-03-25 00:00:00 UTC	CISA
CVE-2015-3035	Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with...	TP-LINK	n/a	2022-03-25 00:00:00 UTC	CISA
CVE-2015-1427	The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism...	Elastic	Elasticsearch	2022-03-25 00:00:00 UTC	CISA
CVE-2015-1187	The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.	["D-Link", "TRENDnet"]	n/a	2022-03-25 00:00:00 UTC	CISA
CVE-2015-0666	Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers...	Cisco	Prime Data Center Network Manager	2022-03-25 00:00:00 UTC	CISA
CVE-2014-6332	OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows...	Microsoft	Windows	2022-03-25 00:00:00 UTC	CISA
CVE-2014-6324	The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7...	Microsoft	Windows	2022-03-25 00:00:00 UTC	CISA
CVE-2014-6287	The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to...	Rejetto	HTTP File Server	2022-03-25 00:00:00 UTC	CISA
CVE-2014-3120	The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL...	Elastic	Elasticsearch	2022-03-25 00:00:00 UTC	CISA
CVE-2014-0130	Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before...	Ruby on Rails	Ruby on Rails	2022-03-25 00:00:00 UTC	CISA
CVE-2013-5223	Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow remote authenticated users to inject arbitrary web...	D-Link	DSL-2760U Gateway	2022-03-25 00:00:00 UTC	CISA
CVE-2013-4810	HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote...	HP	ProCurve Manager	2022-03-25 00:00:00 UTC	CISA
CVE-2013-2251	Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2)...	Apache Software Foundation	Struts	2022-03-25 00:00:00 UTC	CISA
CVE-2012-1823	sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query...	PHP	PHP	2022-03-25 00:00:00 UTC	CISA
CVE-2010-4345	Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate...	Exim	Exim	2022-03-25 00:00:00 UTC	CISA
CVE-2010-4344	Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an...	Exim	Exim	2022-03-25 00:00:00 UTC	CISA
CVE-2010-3035	Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers...	Cisco	IOS XR	2022-03-25 00:00:00 UTC	CISA
CVE-2010-2861	Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read...	Adobe	ColdFusion	2022-03-25 00:00:00 UTC	CISA
CVE-2009-2055	Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid...	Cisco	IOS XR	2022-03-25 00:00:00 UTC	CISA
CVE-2009-1151	Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject...	phpMyAdmin	phpMyAdmin	2022-03-25 00:00:00 UTC	CISA
CVE-2009-0927	Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute...	Adobe	Reader and Acrobat	2022-03-25 00:00:00 UTC	CISA
CVE-2005-2773	HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node...	HP	OpenView Network Node Manager	2022-03-25 00:00:00 UTC	CISA
CVE-2019-6340	Drupal core - Highly critical - Remote Code Execution	Drupal	Drupal Core	2022-03-25 00:00:00 UTC	CISA

Displaying vulnerabilities 1301 - 1325 of 2008 in total