Vulnerabilities exploitable today
349,130in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,293
- High4,219
- Medium3,544
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2024-38856—99.9%
KEV—80Apache OFBiz Incorrect Authorization Vulnerability—CVE-2017-12615—99.9%
KEVR80Apache Tomcat on Windows Remote Code Execution Vulnerability—CVE-2020-10199—99.9%
KEV—80Sonatype Nexus Repository Remote Code Execution Vulnerability—CVE-2021-33045—99.9%
KEV—80Dahua IP Camera Authentication Bypass Vulnerability—CVE-2022-30190—99.9%
KEVR80Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability—CVE-2024-8963—99.9%
KEV—80Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability—CVE-2024-29059—99.9%
KEV—80Microsoft .NET Framework Information Disclosure Vulnerability—CVE-2013-2465—99.9%
KEVR80Oracle Java SE Unspecified Vulnerability—CVE-2017-7494—99.9%
KEVR80Samba Remote Code Execution Vulnerability—CVE-2022-35914—99.9%
KEV—80Teclib GLPI Remote Code Execution Vulnerability—CVE-2015-5119—99.9%
KEV—80Adobe Flash Player Use-After-Free Vulnerability—CVE-2020-1938—99.9%
KEV—80Apache Tomcat Improper Privilege Management Vulnerability—CVE-2014-6287—99.9%
KEV—80Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability—CVE-2021-44529—99.9%
KEVR80Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability —CVE-2011-0611—99.9%
KEV—80Adobe Flash Player Remote Code Execution Vulnerability—CVE-2023-47246—99.9%
KEVR80SysAid Server Path Traversal Vulnerability—CVE-2017-9791—99.9%
KEV—80Apache Struts 1 Improper Input Validation Vulnerability—CVE-2021-21972—99.9%
KEVR80VMware vCenter Server Remote Code Execution Vulnerability—CVE-2019-11043—99.9%
KEVR80PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability—CVE-2022-30333—99.9%
KEVR80RARLAB UnRAR Directory Traversal Vulnerability—CVE-2022-42475—99.9%
KEVR80Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability—CVE-2022-3236—99.9%
KEV—80Sophos Firewall Code Injection Vulnerability—CVE-2023-29357—99.9%
KEVR80Microsoft SharePoint Server Privilege Escalation Vulnerability—CVE-2023-46604—99.9%
KEVR80Apache ActiveMQ Deserialization of Untrusted Data Vulnerability—CVE-2021-32030—99.9%
KEV—80ASUS Routers Improper Authentication Vulnerability—CVE-2020-16846—99.9%
KEV—80SaltStack Salt Shell Injection Vulnerability—CVE-2024-27348—99.9%
KEV—80Apache HugeGraph-Server Improper Access Control Vulnerability—CVE-2020-14750—99.9%
KEV—80Oracle WebLogic Server Remote Code Execution Vulnerability—CVE-2024-23692—99.9%
KEV—80Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability—CVE-2022-24816—99.9%
KEV—80OSGeo GeoServer JAI-EXT Code Injection Vulnerability—CVE-2017-0144—99.9%
KEVR80Microsoft SMBv1 Remote Code Execution Vulnerability—CVE-2020-0618—99.9%
KEV—80Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability—CVE-2025-48703—99.9%
KEV—80CWP Control Web Panel OS Command Injection Vulnerability—CVE-2017-9805—99.9%
KEV—80Apache Struts Deserialization of Untrusted Data Vulnerability—CVE-2017-3881—99.9%
KEV—80Cisco IOS and IOS XE Remote Code Execution Vulnerability—CVE-2024-50623—99.9%
KEVR80Cleo Multiple Products Unrestricted File Upload Vulnerability—CVE-2021-35395—99.9%
KEV—80Realtek AP-Router SDK Buffer Overflow Vulnerability—CVE-2020-6207—99.9%
KEV—80SAP Solution Manager Missing Authentication for Critical Function Vulnerability—CVE-2022-43769—99.9%
KEV—80Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability—CVE-2019-5418—99.9%
KEV—80Rails Ruby on Rails Path Traversal Vulnerability—