CISA Known Exploited Vulnerabilities Catalog
9.8
CVE-2018-10562 - Dasan GPON Routers Command Injection Vulnerability -
Action Due Apr 21, 2022 Target Vendor : Dasan
Description : Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Known
9.8
CVE-2018-10561 - Dasan GPON Routers Authentication Bypass Vulnerability -
Action Due Apr 21, 2022 Target Vendor : Dasan
Description : Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2022-1096 - Google Chromium V8 Type Confusion Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Google
Description : Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
10.0
CVE-2022-0543 - Debian-specific Redis Server Lua Sandbox Escape Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Redis
Description : Redis is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2021-38646 - Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : Microsoft Office Access Connectivity Engine contains an unspecified vulnerability which can allow for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.8
CVE-2021-34486 - Microsoft Windows Event Tracing Privilege Escalation Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
5.3
CVE-2021-26085 - Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Atlassian
Description : Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the /s/ endpoint.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
9.8
CVE-2021-20028 - SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability -
Action Due Apr 18, 2022 Target Vendor : SonicWall
Description : SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Known
7.5
CVE-2019-7483 - SonicWall SMA100 Directory Traversal Vulnerability -
Action Due Apr 18, 2022 Target Vendor : SonicWall
Description : In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2018-8440 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.8
CVE-2018-8406 - Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.8
CVE-2018-8405 - Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.3
CVE-2017-0213 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
4.3
CVE-2017-0059 - Microsoft Internet Explorer Information Disclosure Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.1
CVE-2017-0037 - Microsoft Edge and Internet Explorer Type Confusion Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2016-7201 - Microsoft Edge Memory Corruption Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2016-7200 - Microsoft Edge Memory Corruption Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2016-0189 - Microsoft Internet Explorer Memory Corruption Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2016-0151 - Microsoft Windows CSRSS Security Feature Bypass Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.8
CVE-2016-0040 - Microsoft Windows Kernel Privilege Escalation Vulnerability -
Action Due Apr 18, 2022 Target Vendor : Microsoft
Description : The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown