KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,131 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,501

Total Known exploited

353

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2021-31207	6.6 Medium	Microsoft Exchange Server Security Feature Bypass Vulnerability Malware Remote No user interaction	Microsoft	Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2016 Cumulative Update 19, Microsoft Exchange Server 2019 Cumulative Update 8	over 4 years ago
CVE-2019-0803	7.8 High	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k... Low complexity No user interaction	Microsoft	Windows, Windows Server	over 4 years ago
CVE-2020-1040	9.0 Critical	A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated... Low complexity No user interaction	Microsoft	Windows Server	over 4 years ago
CVE-2021-28310	7.8 High	Win32k Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Windows 10 Version 1803, Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows Server, version 1909 (Server Core installation), Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2	over 4 years ago
CVE-2020-1350	10.0 Critical	A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS... Remote Low complexity No user interaction	Microsoft	Windows Server, Windows Server, version 1909 (Server Core installation), Windows Server, version 1903 (Server Core installation), Windows Server, version 2004 (Server Core installation)	over 4 years ago
CVE-2021-26411	8.8 High	Internet Explorer Memory Corruption Vulnerability Malware Remote Low complexity	Microsoft	Internet Explorer 9, Internet Explorer 11, Microsoft Edge (EdgeHTML-based)	over 4 years ago
CVE-2019-0859	7.8 High	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k... Low complexity No user interaction	Microsoft	Windows, Windows Server	over 4 years ago
CVE-2021-40444	8.8 High	Microsoft MSHTML Remote Code Execution Vulnerability Malware Remote Low complexity	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	over 4 years ago
CVE-2017-8759	7.8 High	Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or... Low complexity	Microsoft Corporation	Microsoft .NET Framework	over 4 years ago
CVE-2018-8653	7.5 High	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting... Remote	Microsoft	Internet Explorer 9, Internet Explorer 11, Internet Explorer 10	over 4 years ago
CVE-2019-0797	7.8 High	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k... Low complexity No user interaction	Microsoft	Windows Server, Windows	over 4 years ago
CVE-2021-36942	7.5 High	Windows LSA Spoofing Vulnerability Malware Remote Low complexity No user interaction	Microsoft	Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server version 2004, Windows Server version 20H2, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	over 4 years ago
CVE-2019-1215	7.8 High	An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege... Malware Low complexity No user interaction	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	over 4 years ago
CVE-2018-0798	8.8 High	Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution... Remote Low complexity	Microsoft Corporation	Equation Editor	over 4 years ago
CVE-2018-0802	7.8 High	Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution... Low complexity	Microsoft Corporation	Equation Editor	over 4 years ago
CVE-2012-0158	8.8 High	The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003... Remote Low complexity	Microsoft	Office	over 4 years ago
CVE-2015-1641	7.8 High	Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word... Low complexity	Microsoft	Word	over 4 years ago
CVE-2021-27085	8.8 High	Internet Explorer Remote Code Execution Vulnerability Remote Low complexity	Microsoft	Internet Explorer 11	over 4 years ago
CVE-2019-0541	8.8 High	A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution... Remote Low complexity	Microsoft	Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office	over 4 years ago
CVE-2017-11882	7.8 High	Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow... Malware Low complexity	Microsoft Corporation	Microsoft Office	over 4 years ago
CVE-2020-0674	7.5 High	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting... Remote	Microsoft	Internet Explorer 10, Internet Explorer 11, Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems, Internet Explorer 11 on Windows Server 2012, Internet Explorer 9	over 4 years ago
CVE-2021-27059	7.6 High	Microsoft Office Remote Code Execution Vulnerability Remote	Microsoft	Microsoft Office 2016, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1	over 4 years ago
CVE-2019-1367	7.5 High	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting... Malware Remote	Microsoft	Internet Explorer 9, Internet Explorer 11, Internet Explorer 11 on Windows Server 2012, Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems, Internet Explorer 10	over 4 years ago
CVE-2017-0199	7.8 High	Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server... Malware Low complexity	Microsoft Corporation	Office/WordPad	over 4 years ago
CVE-2020-1380	7.8 High	Scripting Engine Memory Corruption Vulnerability Low complexity No user interaction	Microsoft	Internet Explorer 11	over 4 years ago

Displaying vulnerabilities 2226 - 2250 of 2501 in total