CISA Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

7.8

CVSS31

CVE-2013-3660 - Microsoft Win32k Privilege Escalation Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Microsoft

Description : The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 28, 2022 | 907 days ago

9.8

CVSS31

CVE-2013-2729 - Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Adobe

Description : Integer overflow vulnerability in Adobe Reader and Acrobat allows attackers to execute remote code.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 28, 2022 | 907 days ago

8.8

CVSS31

CVE-2013-2551 - Microsoft Internet Explorer Use-After-Free Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Microsoft

Description : Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafted web site that triggers access to a deleted object.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Alert Date: Mar 28, 2022 | 907 days ago

10.0

CVSS2

CVE-2013-2465 - Oracle Java SE Unspecified Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Oracle

Description : Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to 2D

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Alert Date: Mar 28, 2022 | 907 days ago

8.8

CVSS31

CVE-2013-1690 - Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Mozilla

Description : Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service (DoS) or possibly execute malicious code via a crafted web site.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 28, 2022 | 907 days ago

10.0

CVSS2

CVE-2012-5076 - Oracle Java SE Sandbox Bypass Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Oracle

Description : The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 28, 2022 | 907 days ago

7.8

CVSS31

CVE-2012-2539 - Microsoft Word Remote Code Execution Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Microsoft

Description : Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 28, 2022 | 907 days ago

9.3

CVSS2

CVE-2012-2034 - Adobe Flash Player Memory Corruption Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Adobe

Description : Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS).

Action : The impacted product is end-of-life and should be disconnected if still in use.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 28, 2022 | 907 days ago

4.7

CVSS31

CVE-2012-0518 - Oracle Fusion Middleware Unspecified Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Oracle

Description : Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 28, 2022 | 907 days ago

7.8

CVSS31

CVE-2011-2005 - Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability -

Action Due Apr 18, 2022 Target Vendor : Microsoft

Description : afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 28, 2022 | 907 days ago

7.8

CVSS31

CVE-2010-4398 - Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability -

Action Due Apr 21, 2022 Target Vendor : Microsoft

Description : Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 28, 2022 | 907 days ago

9.8

CVSS31

CVE-2022-26318 - WatchGuard Firebox and XTM Appliances Arbitrary Code Execution -

Action Due Apr 15, 2022 Target Vendor : WatchGuard

Description : On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 25, 2022 | 910 days ago

9.8

CVSS31

CVE-2022-26143 - MiCollab, MiVoice Business Express Access Control Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Mitel

Description : A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 25, 2022 | 910 days ago

7.8

CVSS31

CVE-2022-21999 - Microsoft Windows Print Spooler Privilege Escalation Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Microsoft

Description : Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 25, 2022 | 910 days ago

9.8

CVSS31

CVE-2021-42237 - Sitecore XP Remote Command Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Sitecore

Description : Sitcore XP contains an insecure deserialization vulnerability which can allow for remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Alert Date: Mar 25, 2022 | 910 days ago

9.8

CVSS31

CVE-2021-22941 - Citrix ShareFile Improper Access Control Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Citrix

Description : Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Alert Date: Mar 25, 2022 | 910 days ago

8.8

CVSS31

CVE-2020-9377 - D-Link DIR-610 Devices Remote Command Execution -

Action Due Apr 15, 2022 Target Vendor : D-Link

Description : D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.

Action : The impacted product is end-of-life and should be disconnected if still in use.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 25, 2022 | 910 days ago

9.8

CVSS31

CVE-2020-9054 - Zyxel Multiple NAS Devices OS Command Injection Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Zyxel

Description : Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 25, 2022 | 910 days ago

9.8

CVSS31

CVE-2020-7247 - OpenSMTPD Remote Code Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : OpenBSD

Description : smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 25, 2022 | 910 days ago

7.5

CVSS31

CVE-2020-5410 - VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability -

Action Due Apr 15, 2022 Target Vendor : VMware Tanzu

Description : Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Mar 25, 2022 | 910 days ago

Showing 20 of 1181 Results