KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,184 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,501

Total Known exploited

353

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2021-38003	8.8 High	Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a... Remote Low complexity	Google	Chrome	over 4 years ago
CVE-2021-21224	8.8 High	Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML... Remote Low complexity	Google	Chrome	over 4 years ago
CVE-2021-21193	8.8 High	Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... Remote Low complexity	Google	Chrome	over 4 years ago
CVE-2021-21220	8.8 High	Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap... Remote Low complexity	Google	Chrome	over 4 years ago
CVE-2021-30563	8.8 High	Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Remote Low complexity	Google	Chrome	over 4 years ago
CVE-2020-4430	4.3 Medium	IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker... Remote Low complexity No user interaction	IBM	Data Risk Manager	over 4 years ago
CVE-2020-4427	9.0 Critical	IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured... Remote No user interaction	IBM	Data Risk Manager	over 4 years ago
CVE-2020-4428	9.1 Critical	IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM... Remote Low complexity No user interaction	IBM	Data Risk Manager	over 4 years ago
CVE-2019-4716	9.8 Critical	IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and... Remote Low complexity No user interaction	IBM	Planning Analytics	over 4 years ago
CVE-2016-3715	5.5 Medium	The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. Low complexity	ImageMagick	ImageMagick	over 4 years ago
CVE-2016-3718	5.5 Medium	The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery... Low complexity	ImageMagick	ImageMagick	over 4 years ago
CVE-2020-15505	9.8 Critical	A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3,... Remote Low complexity No user interaction	MobileIron	Core & Connector, Sentry, Monitor and Reporting Database (RDB)	over 4 years ago
CVE-2021-30116	10.0 Critical	Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6 Malware Remote Low complexity No user interaction	Kaseya	VSA	over 4 years ago
CVE-2020-7961	9.8 Critical	Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services... Remote Low complexity No user interaction	Liferay	Liferay Portal	over 4 years ago
CVE-2021-23874	8.2 High	McAfee Total Protection (MTP) privilege escalation vulnerability Low complexity	McAfee,LLC	McAfee Total Protection (MTP)	over 4 years ago
CVE-2021-22506	7.5 High	Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0.... Remote Low complexity No user interaction	Micro Focus	Access Manager.	over 4 years ago
CVE-2021-22502	9.8 Critical	Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be... Remote Low complexity No user interaction	Micro Focus	Operation Bridge Reporter.	over 4 years ago
CVE-2014-1812	8.8 High	The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and... Malware Remote Low complexity No user interaction	Microsoft	Windows	over 4 years ago
CVE-2021-38647	9.8 Critical	Open Management Infrastructure Remote Code Execution Vulnerability Malware Remote Low complexity No user interaction	Microsoft	Open Management Infrastructure, System Center Operations Manager (SCOM), Azure Automation State Configuration, DSC Extension, Azure Automation Update Management, Log Analytics Agent, Azure Diagnostics (LAD), Container Monitoring Solution, Azure Security Center, Azure Sentinel, Azure Stack Hub	over 4 years ago
CVE-2016-0167	7.8 High	The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and... Malware Low complexity	Microsoft	Windows	over 4 years ago
CVE-2020-0878	4.2 Medium	Microsoft Browser Memory Corruption Vulnerability Malware Remote	Microsoft	ChakraCore, Microsoft Edge (EdgeHTML-based), Internet Explorer 9, Internet Explorer 11	over 4 years ago
CVE-2021-31955	5.5 Medium	Windows Kernel Information Disclosure Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2	over 4 years ago
CVE-2021-1647	7.8 High	Microsoft Defender Remote Code Execution Vulnerability Low complexity No user interaction	Microsoft	Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection, Microsoft Security Essentials, Microsoft System Center 2012 Endpoint Protection, Windows Defender	over 4 years ago
CVE-2021-33739	8.4 High	Microsoft DWM Core Library Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 1909, Windows 10 Version 21H1, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2	over 4 years ago
CVE-2016-0185	7.8 High	Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media... Low complexity	Microsoft	Windows	over 4 years ago

Displaying vulnerabilities 2076 - 2100 of 2501 in total