Known Exploited Vulnerabilities

Focus on What Matters

There are 303,381 vulnerabilities in the CVE database.
Whilst only 0.7% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2012-0391	The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling...	Apache Software Foundation	Struts	2022-01-21 00:00:00 UTC	CISA
CVE-2018-8453	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k...	Microsoft	Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers	2022-01-21 00:00:00 UTC	CISA
CVE-2021-35247	Improper Input Validation Vulnerability in Serv-U	SolarWinds	Serv-U	2022-01-21 00:00:00 UTC	CISA
CVE-2006-1547	ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a...	Apache Software Foundation	Struts	2022-01-21 00:00:00 UTC	CISA
CVE-2021-33766	Microsoft Exchange Server Information Disclosure Vulnerability	Microsoft	Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 19, Microsoft Exchange Server 2019 Cumulative Update 8	2022-01-18 00:00:00 UTC	CISA
CVE-2021-32648	Account Takeover in Octobercms	octobercms	october	2022-01-18 00:00:00 UTC	CISA
CVE-2021-25296	Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file...	n/a	n/a	2022-01-18 00:00:00 UTC	CISA
CVE-2021-25297	Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file...	n/a	n/a	2022-01-18 00:00:00 UTC	CISA
CVE-2021-25298	Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file...	n/a	n/a	2022-01-18 00:00:00 UTC	CISA
CVE-2021-40870	An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which...	n/a	n/a	2022-01-18 00:00:00 UTC	CISA
CVE-2021-21975	Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the...	n/a	VMware vRealize Operations	2022-01-18 00:00:00 UTC	CISA
CVE-2021-21315	Command Injection Vulnerability	sebhildebrandt	systeminformation	2022-01-18 00:00:00 UTC	CISA
CVE-2021-22991	On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3,...	n/a	BIG-IP	2022-01-18 00:00:00 UTC	CISA
CVE-2020-14864	Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Supported...	Oracle Corporation	Business Intelligence Enterprise Edition	2022-01-18 00:00:00 UTC	CISA
CVE-2020-13671	Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension...	Drupal	Drupal Core	2022-01-18 00:00:00 UTC	CISA
CVE-2020-11978	An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example...	Apache Software Foundation	Apache Airflow	2022-01-18 00:00:00 UTC	CISA
CVE-2020-13927	The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to...	n/a	Apache Airflow	2022-01-18 00:00:00 UTC	CISA
CVE-2022-21894	Secure Boot Security Feature Bypass Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 8.1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2022-01-11 20:22:58 UTC	CVE
CVE-2019-9670	mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as...	Synacor	Zimbra Collaboration Suite	2022-01-10 00:00:00 UTC	CISA
CVE-2018-13382	An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to...	Fortinet	Fortinet FortiOS, FortiProxy	2022-01-10 00:00:00 UTC	CISA
CVE-2018-13383	A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy...	Fortinet	Fortinet FortiOS and FortiProxy	2022-01-10 00:00:00 UTC	CISA
CVE-2019-1579	Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or...	Palo Alto Networks	Palo Alto Networks GlobalProtect Portal/Gateway Interface	2022-01-10 00:00:00 UTC	CISA
CVE-2019-10149	A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in...	exim	exim	2022-01-10 00:00:00 UTC	CISA
CVE-2021-36260	A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the...	n/a	n/a	2022-01-10 00:00:00 UTC	CISA
CVE-2015-7450	Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow...	IBM	n/a	2022-01-10 00:00:00 UTC	CISA

Displaying vulnerabilities 1501 - 1525 of 1998 in total