CISA Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    6.1

    CVSS31
    CVE-2022-27926 - Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability -

    Action Due Apr 24, 2023 Target Vendor : Zimbra

    Description : Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://wiki.zimbra.com/wiki/Security_Center

    Alert Date: Apr 03, 2023 | 599 days ago

    8.8

    CVSS31
    CVE-2013-3163 - Microsoft Internet Explorer Memory Corruption Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Microsoft

    Description : Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website.

    Action : The impacted product is end-of-life and should be disconnected if still in use.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://learn.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-055

    Alert Date: Mar 30, 2023 | 603 days ago

    9.8

    CVSS31
    CVE-2017-7494 - Samba Remote Code Execution Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Samba

    Description : Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://www.samba.org/samba/security/CVE-2017-7494.html

    Alert Date: Mar 30, 2023 | 603 days ago

    9.8

    CVSS31
    CVE-2022-42948 - Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Fortra

    Description : Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-2/

    Alert Date: Mar 30, 2023 | 603 days ago

    6.1

    CVSS31
    CVE-2022-39197 - Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Fortra

    Description : Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-1/

    Alert Date: Mar 30, 2023 | 603 days ago

    7.8

    CVSS31
    CVE-2021-30900 - Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Apple

    Description : Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/HT21286, https://support.apple.com/en-us/HT212868, https://support.apple.com/kb/HT212872

    Alert Date: Mar 30, 2023 | 603 days ago

    8.8

    CVSS31
    CVE-2022-38181 - Arm Mali GPU Kernel Driver Use-After-Free Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Arm

    Description : Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

    Alert Date: Mar 30, 2023 | 603 days ago

    7.9

    CVSS31
    CVE-2023-0266 - Linux Kernel Use-After-Free Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Linux

    Description : Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4

    Alert Date: Mar 30, 2023 | 603 days ago

    8.8

    CVSS31
    CVE-2022-3038 - Google Chromium Network Service Use-After-Free Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Google

    Description : Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html

    Alert Date: Mar 30, 2023 | 603 days ago

    7.8

    CVSS31
    CVE-2022-22706 - Arm Mali GPU Kernel Driver Unspecified Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Arm

    Description : Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

    Alert Date: Mar 30, 2023 | 603 days ago

    9.8

    CVSS31
    CVE-2023-26360 - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability -

    Action Due Apr 05, 2023 Target Vendor : Adobe

    Description : Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html

    Alert Date: Mar 15, 2023 | 618 days ago

    9.8

    CVSS31
    CVE-2023-23397 - Microsoft Office Outlook Privilege Escalation Vulnerability -

    Action Due Apr 04, 2023 Target Vendor : Microsoft

    Description : Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23397, https://msrc.microsoft.com/blog/2023/03/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability/,

    Alert Date: Mar 14, 2023 | 619 days ago

    4.4

    CVSS31
    CVE-2023-24880 - Microsoft Windows SmartScreen Security Feature Bypass Vulnerability -

    Action Due Apr 04, 2023 Target Vendor : Microsoft

    Description : Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-24880

    Alert Date: Mar 14, 2023 | 619 days ago

    7.1

    CVSS31
    CVE-2022-41328 - Fortinet FortiOS Path Traversal Vulnerability -

    Action Due Apr 04, 2023 Target Vendor : Fortinet

    Description : Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.fortiguard.com/psirt/FG-IR-22-369

    Alert Date: Mar 14, 2023 | 619 days ago

    8.5

    CVSS31
    CVE-2021-39144 - XStream Remote Code Execution Vulnerability -

    Action Due Mar 31, 2023 Target Vendor : XStream

    Description : XStream contains a remote code execution vulnerability that allows an attacker to manipulate the processed input stream and replace or inject objects that result in the execution of a local command on the server. This vulnerability can affect multiple products, including but not limited to VMware Cloud Foundation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.vmware.com/security/advisories/VMSA-2022-0027.html, https://x-stream.github.io/CVE-2021-39144.html

    Alert Date: Mar 10, 2023 | 623 days ago

    7.2

    CVSS31
    CVE-2020-5741 - Plex Media Server Remote Code Execution Vulnerability -

    Action Due Mar 31, 2023 Target Vendor : Plex

    Description : Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://forums.plex.tv/t/security-regarding-cve-2020-5741/586819

    Alert Date: Mar 10, 2023 | 623 days ago

    6.8

    CVSS31
    CVE-2022-28810 - Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability -

    Action Due Mar 28, 2023 Target Vendor : Zoho

    Description : Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-28810.html

    Alert Date: Mar 07, 2023 | 626 days ago

    8.8

    CVSS31
    CVE-2022-33891 - Apache Spark Command Injection Vulnerability -

    Action Due Mar 28, 2023 Target Vendor : Apache

    Description : Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc

    Alert Date: Mar 07, 2023 | 626 days ago

    9.8

    CVSS31
    CVE-2022-35914 - Teclib GLPI Remote Code Execution Vulnerability -

    Action Due Mar 28, 2023 Target Vendor : Teclib

    Description : Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://glpi-project.org/fr/glpi-10-0-3-disponible/, http://www.bioinformatics.org/phplabware/sourceer/sourceer.php?&Sfs=htmLawedTest.php&Sl=.%2Finternal_utilities%2FhtmLawed.

    Alert Date: Mar 07, 2023 | 626 days ago

    7.5

    CVSS31
    CVE-2022-36537 - ZK Framework AuUploader Unspecified Vulnerability -

    Action Due Mar 20, 2023 Target Vendor : ZK Framework

    Description : ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://tracker.zkoss.org/browse/ZK-5150

    Alert Date: Feb 27, 2023 | 634 days ago
Showing 20 of 1224 Results

Filters

© cvefeed.io
Latest DB Update: Nov. 22, 2024 8:24