KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,184 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,501

Total Known exploited

352

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2023-30853	7.6 High	Gradle Build Action data written to GitHub Actions Cache may expose secrets Remote Low complexity	gradle	gradle-build-action	about 3 years ago
CVE-2023-31290	5.9 Medium	Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits,... Remote No user interaction	Trust Wallet	Trust Wallet Core, Trust Wallet browser extension	about 3 years ago
CVE-2023-2136	9.6 Critical	Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially... Remote Low complexity	Google	Chrome	about 3 years ago
CVE-2023-27350	9.8 Critical	This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication... Malware Remote Low complexity No user interaction	PaperCut	NG	about 3 years ago
CVE-2023-28432	7.5 High	Minio Information Disclosure in Cluster Deployment Remote Low complexity No user interaction	minio	minio	about 3 years ago
CVE-2017-6742	8.8 High	A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely... Remote Low complexity No user interaction	Cisco, IntelliShield	Cisco IOS XE Software, Universal Product	about 3 years ago
CVE-2019-8526	7.8 High	A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to... Low complexity No user interaction	Apple	macOS	about 3 years ago
CVE-2023-2033	8.8 High	Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... Remote Low complexity	Google	Chrome	about 3 years ago
CVE-2023-20963	7.8 High	In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges... Low complexity No user interaction	Google	Android	about 3 years ago
CVE-2023-29492	9.8 Critical	Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not... Remote Low complexity No user interaction	Novi Survey	Novi Survey	about 3 years ago
CVE-2023-28252	7.8 High	Windows Common Log File System Driver Elevation of Privilege Vulnerability Malware Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	about 3 years ago
CVE-2023-28206	8.6 High	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS... Low complexity	Apple	iOS and iPadOS, macOS	about 3 years ago
CVE-2023-28205	8.8 High	A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS... Remote Low complexity	Apple	iOS and iPadOS, Safari, macOS	about 3 years ago
CVE-2021-27878	8.8 High	An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication,... Malware Remote Low complexity No user interaction	Veritas	Backup Exec	about 3 years ago
CVE-2019-1388	7.8 High	An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows... Malware Low complexity No user interaction	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	about 3 years ago
CVE-2023-26083	3.3 Low	Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all... Low complexity No user interaction	Arm	Mali GPU Kernel Driver	about 3 years ago
CVE-2021-27876	8.1 High	An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication,... Malware Remote Low complexity No user interaction	Veritas	Backup Exec	about 3 years ago
CVE-2021-27877	8.2 High	An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This... Malware Remote Low complexity No user interaction	Veritas	Backup Exec	about 3 years ago
CVE-2023-29389	6.8 Medium	Toyota RAV4 2021 vehicles automatically trust messages from other ECUs on a CAN bus, which allows physically proximate attackers to drive a vehicle... Low complexity No user interaction	Toyota	RAV4 2021	about 3 years ago
CVE-2023-29218	7.5 High	The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service (reduction of reputation score) by arranging for... Remote Low complexity No user interaction	Twitter	Twitter Recommendation Algorithm	about 3 years ago
CVE-2022-27926	6.1 Medium	A reflected cross-site scripting (XSS) vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration (aka ZCS) 9.0 allows... Remote Low complexity	Zimbra	Collaboration	about 3 years ago
CVE-2022-42948	9.8 Critical	Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible... Remote Low complexity No user interaction	HelpSystems	Cobalt Strike	about 3 years ago
CVE-2022-38181	8.8 High	The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost... Remote Low complexity No user interaction	Arm	Mali GPU kernel driver	about 3 years ago
CVE-2023-0266	7.9 High	Use after free in SNDRV_CTL_IOCTL_ELEM in Linux Kernel No user interaction	Linux	Linux Kernel	about 3 years ago
CVE-2022-3038	8.8 High	Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a... Remote Low complexity	Google	Chrome	about 3 years ago

Displaying vulnerabilities 1401 - 1425 of 2501 in total