Known Exploited Vulnerabilities

Focus on What Matters

There are 297,582 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2016-3718	The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery...	ImageMagick	ImageMagick	2021-11-03 00:00:00 UTC	CISA
CVE-2020-15505	A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3,...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2021-30116	Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2020-7961	Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services...	n/a	n/a	2021-11-03 00:00:00 UTC	CISA
CVE-2021-23874	McAfee Total Protection (MTP) privilege escalation vulnerability	McAfee,LLC	McAfee Total Protection (MTP)	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22506	Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0....	n/a	Access Manager.	2021-11-03 00:00:00 UTC	CISA
CVE-2021-22502	Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be...	n/a	Operation Bridge Reporter.	2021-11-03 00:00:00 UTC	CISA
CVE-2014-1812	The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and...	Microsoft	Windows	2021-11-03 00:00:00 UTC	CISA
CVE-2021-38647	Open Management Infrastructure Remote Code Execution Vulnerability	Microsoft	Open Management Infrastructure, System Center Operations Manager (SCOM), Azure Automation State Configuration, DSC Extension, Azure Automation Update Management, Log Analytics Agent, Azure Diagnostics (LAD), Container Monitoring Solution, Azure Security Center, Azure Sentinel, Azure Stack Hub	2021-11-03 00:00:00 UTC	CISA
CVE-2016-0167	The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and...	Microsoft	Windows	2021-11-03 00:00:00 UTC	CISA
CVE-2020-0878	Microsoft Browser Memory Corruption Vulnerability	Microsoft	ChakraCore, Microsoft Edge (EdgeHTML-based), Internet Explorer 9, Internet Explorer 11	2021-11-03 00:00:00 UTC	CISA
CVE-2021-31955	Windows Kernel Information Disclosure Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2	2021-11-03 00:00:00 UTC	CISA
CVE-2021-1647	Microsoft Defender Remote Code Execution Vulnerability	Microsoft	Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection, Microsoft Security Essentials, Microsoft System Center 2012 Endpoint Protection, Windows Defender	2021-11-03 00:00:00 UTC	CISA
CVE-2021-33739	Microsoft DWM Core Library Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1909, Windows 10 Version 21H1, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2	2021-11-03 00:00:00 UTC	CISA
CVE-2021-34473	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft	Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2016 Cumulative Update 19, Microsoft Exchange Server 2019 Cumulative Update 8	2021-11-03 00:00:00 UTC	CISA
CVE-2019-0708	A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker...	Microsoft	Windows, Windows Server	2021-11-03 00:00:00 UTC	CISA
CVE-2016-7255	The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold...	Microsoft	Windows	2021-11-03 00:00:00 UTC	CISA
CVE-2017-0143	The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2;...	Microsoft	Windows SMB	2021-11-03 00:00:00 UTC	CISA
CVE-2020-0688	A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka...	Microsoft	Microsoft Exchange Server 2013, Microsoft Exchange Server 2019 Cumulative Update 3, Microsoft Exchange Server 2016 Cumulative Update 14, Microsoft Exchange Server 2016 Cumulative Update 15, Microsoft Exchange Server 2019 Cumulative Update 4, Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30	2021-11-03 00:00:00 UTC	CISA
CVE-2021-38649	Open Management Infrastructure Elevation of Privilege Vulnerability	Microsoft	Open Management Infrastructure, System Center Operations Manager (SCOM), Azure Automation State Configuration, DSC Extension, Azure Automation Update Management, Log Analytics Agent, Azure Diagnostics (LAD), Container Monitoring Solution, Azure Security Center, Azure Sentinel, Azure Stack Hub	2021-11-03 00:00:00 UTC	CISA
CVE-2021-36948	Windows Update Medic Service Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2	2021-11-03 00:00:00 UTC	CISA
CVE-2017-7269	Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server...	Microsoft	Internet Information Services (IIS)	2021-11-03 00:00:00 UTC	CISA
CVE-2021-34523	Microsoft Exchange Server Elevation of Privilege Vulnerability	Microsoft	Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2016 Cumulative Update 19, Microsoft Exchange Server 2019 Cumulative Update 8	2021-11-03 00:00:00 UTC	CISA
CVE-2020-1020	A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a...	Microsoft	Windows, Windows Server, Windows 10 Version 1909 for 32-bit Systems, Windows 10 Version 1909 for x64-based Systems, Windows 10 Version 1909 for ARM64-based Systems, Windows Server, version 1909 (Server Core installation), Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2021-11-03 00:00:00 UTC	CISA
CVE-2016-0185	Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media...	Microsoft	Windows	2021-11-03 00:00:00 UTC	CISA

Displaying vulnerabilities 1576 - 1600 of 1851 in total