KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,184 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,501

Total Known exploited

352

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2019-1297	8.8 High	A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka... Remote Low complexity	Microsoft	Microsoft Excel, Microsoft Office, Office 365 ProPlus	over 4 years ago
CVE-2019-1652	7.2 High	Cisco Small Business RV320 and RV325 Routers Command Injection Vulnerability Remote Low complexity No user interaction	Cisco	Cisco Small Business RV Series Router Firmware	over 4 years ago
CVE-2019-16928	9.8 Critical	Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in... Remote Low complexity No user interaction	Exim	Exim	over 4 years ago
CVE-2020-11899	5.4 Medium	The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. Low complexity No user interaction	Treck	TCP/IP stack	over 4 years ago
CVE-2020-1938	9.8 Critical	When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections... Remote Low complexity No user interaction	Apache	Apache Tomcat	over 4 years ago
CVE-2021-41379	5.5 Medium	Windows Installer Elevation of Privilege Vulnerability Malware Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	over 4 years ago
CVE-2022-20699	10.0 Critical	Cisco Small Business RV Series Routers Vulnerabilities Remote Low complexity No user interaction	Cisco	Cisco Small Business RV Series Router Firmware	over 4 years ago
CVE-2022-20700	10.0 Critical	Cisco Small Business RV Series Routers Vulnerabilities Remote Low complexity No user interaction	Cisco	Cisco Small Business RV Series Router Firmware	over 4 years ago
CVE-2022-20701	10.0 Critical	Cisco Small Business RV Series Routers Vulnerabilities Remote Low complexity No user interaction	Cisco	Cisco Small Business RV Series Router Firmware	over 4 years ago
CVE-2022-20703	10.0 Critical	Cisco Small Business RV Series Routers Vulnerabilities Remote Low complexity No user interaction	Cisco	Cisco Small Business RV Series Router Firmware	over 4 years ago
CVE-2022-20708	10.0 Critical	Cisco Small Business RV Series Routers Vulnerabilities Remote Low complexity No user interaction	Cisco	Cisco Small Business RV Series Router Firmware	over 4 years ago
CVE-2014-6352	7.8 High	Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and... Low complexity	Microsoft	Windows	over 4 years ago
CVE-2017-8570	7.8 High	Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code... Low complexity	Microsoft Corporation	Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016.	over 4 years ago
CVE-2022-24682	6.1 Medium	An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild... Malware Remote Low complexity	Zimbra	Collaboration Suite	over 4 years ago
CVE-2017-0222	8.8 High	A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption... Remote Low complexity	Microsoft Corporation	Internet Explorer	over 4 years ago
CVE-2022-23134	3.7 Low	Possible view of the setup pages by unauthenticated users if config file already exists Remote No user interaction	Zabbix	Frontend	over 4 years ago
CVE-2022-23131	9.1 Critical	Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML Remote Low complexity No user interaction	Zabbix	Frontend	over 4 years ago
CVE-2022-25335	7.5 High	RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. This enables token manipulation, as exploited in the... Remote Low complexity No user interaction	RigoBlock	Dragos	over 4 years ago
CVE-2019-0752	7.5 High	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting... Malware Remote	Microsoft	Internet Explorer 11, Internet Explorer 10	over 4 years ago
CVE-2022-24086	9.8 Critical	Adobe Commerce checkout improper input validation leads to remote code execution Remote Low complexity No user interaction	Adobe	Magento Commerce	over 4 years ago
CVE-2022-0609	8.8 High	Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted... Remote Low complexity	Google	Chrome	over 4 years ago
CVE-2013-3906	7.8 High	GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync... Low complexity	Microsoft	Windows, Office, Office Compatibility Pack, Lync	over 4 years ago
CVE-2014-1761	7.8 High	Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word... Low complexity	Microsoft	Word	over 4 years ago
CVE-2017-9841	9.8 Critical	Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data... Remote Low complexity No user interaction	PHPUnit	PHPUnit	over 4 years ago
CVE-2018-15982	7.8 High	Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to... Malware Low complexity	Adobe	Flash Player	over 4 years ago

Displaying vulnerabilities 1951 - 1975 of 2501 in total