Known Exploited Vulnerabilities

Focus on What Matters

There are 297,495 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2014-1807	The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,...	Microsoft	Windows	2014-05-14 10:00:00 UTC	CVE
CVE-2013-7372	The engineNextBytes function in...	Apache Software Foundation	Harmony	2014-04-29 20:00:00 UTC	CVE
CVE-2014-0515	Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356...	Adobe	Flash Player	2014-04-29 10:00:00 UTC	CVE
CVE-2014-0253	Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote...	Microsoft	.NET Framework	2014-02-12 02:00:00 UTC	CVE
CVE-2014-0295	VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not implement the ASLR protection mechanism, which makes it easier for remote...	Microsoft	.NET Framework	2014-02-12 02:00:00 UTC	CVE
CVE-2013-1904	Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers...	Roundcube	Webmail	2014-02-08 00:00:00 UTC	CVE
CVE-2013-7246	Buffer overflow in the IconCreate method in an ActiveX control in the DaumGame ActiveX plugin 1.1.0.4 and 1.1.0.5 allows remote attackers to...	Daum	DaumGame ActiveX plugin	2014-01-30 18:00:00 UTC	CVE
CVE-2013-5211	The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification)...	NTP	NTP	2014-01-02 11:00:00 UTC	CVE
CVE-2013-7102	Multiple unrestricted file upload vulnerabilities in (1) media-upload.php, (2) media-upload-lncthumb.php, and (3) media-upload-sq_button.php in...	OptimizePress	OptimizePress theme for WordPress	2013-12-23 23:00:00 UTC	CVE
CVE-2013-5331	Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe...	Adobe	Flash Player	2013-12-11 15:00:00 UTC	CVE
CVE-2013-5057	hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote...	Microsoft	Office	2013-12-11 00:00:00 UTC	CVE
CVE-2013-5054	Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an...	Microsoft	Office	2013-12-11 00:00:00 UTC	CVE
CVE-2013-3918	The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista...	Microsoft	Windows	2013-11-12 01:00:00 UTC	CVE
CVE-2011-4106	TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and...	n/a	TimThumb	2013-10-26 16:00:00 UTC	CVE
CVE-2013-6129	The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid,...	vBulletin	vBulletin	2013-10-19 10:00:00 UTC	CVE
CVE-2013-6026	The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and...	D-Link, Planex, Alpha Networks	DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240, BRL-04R, BRL-04UR, BRL-04CW	2013-10-19 10:00:00 UTC	CVE
CVE-2013-5576	administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote...	Joomla!	Joomla!	2013-10-09 14:44:00 UTC	CVE
CVE-2013-4854	The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND...	ISC	BIND	2013-07-26 23:00:00 UTC	CVE
CVE-2013-1493	The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40...	Oracle	Java SE	2013-03-04 16:00:00 UTC	CVE
CVE-2013-0634	Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on...	Adobe	Flash Player	2013-02-08 11:00:00 UTC	CVE
CVE-2013-0633	Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before...	Adobe	Flash Player	2013-02-08 11:00:00 UTC	CVE
CVE-2012-6498	Unrestricted file upload vulnerability in index.php in Atomymaxsite 2.5 and earlier allows remote attackers to execute arbitrary code by uploading...	Atomymaxsite	Atomymaxsite	2013-01-08 15:00:00 UTC	CVE
CVE-2012-6081	Multiple unrestricted file upload vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in...	MoinMoin	MoinMoin	2013-01-03 01:00:00 UTC	CVE
CVE-2012-6467	Opera before 12.10 follows Internet shortcuts that are referenced by a (1) IMG element or (2) other inline element, which makes it easier for...	Opera	Opera Browser	2013-01-02 11:00:00 UTC	CVE
CVE-2011-5148	Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote...	Joomla!	Simple File Upload	2012-08-31 21:00:00 UTC	CVE

Displaying vulnerabilities 1751 - 1775 of 1850 in total