CISA Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    9.8

    CVSS30
    CVE-2018-11138 - Quest KACE System Management Appliance Remote Command Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Quest

    Description : The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Mar 25, 2022 | 910 days ago

    9.8

    CVSS31
    CVE-2018-0147 - Cisco Secure Access Control System Java Deserialization Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Cisco

    Description : A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    9.8

    CVSS31
    CVE-2018-0125 - Cisco VPN Routers Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Cisco

    Description : A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    8.8

    CVSS31
    CVE-2017-6334 - NETGEAR DGN2200 Devices OS Command Injection Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : NETGEAR

    Description : dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands

    Action : The impacted product is end-of-life and should be disconnected if still in use.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    9.8

    CVSS31
    CVE-2017-6316 - Citrix Multiple Products Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Citrix

    Description : A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability also affects XenMobile Server.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    9.8

    CVSS31
    CVE-2017-3881 - Cisco IOS and IOS XE Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Cisco

    Description : A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    8.1

    CVSS31
    CVE-2017-12617 - Apache Tomcat Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Apache

    Description : When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    8.1

    CVSS31
    CVE-2017-12615 - Apache Tomcat on Windows Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Apache

    Description : When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Mar 25, 2022 | 910 days ago

    8.8

    CVSS31
    CVE-2017-0146 - Microsoft Windows SMB Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Microsoft

    Description : The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Mar 25, 2022 | 910 days ago

    8.8

    CVSS31
    CVE-2016-7892 - Adobe Flash Player Use-After-Free Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Adobe

    Description : Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class.

    Action : The impacted product is end-of-life and should be disconnected if still in use.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    9.8

    CVSS31
    CVE-2016-4171 - Adobe Flash Player Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Adobe

    Description : Unspecified vulnerability in Adobe Flash Player allows for remote code execution.

    Action : The impacted product is end-of-life and should be disconnected if still in use.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    9.8

    CVSS30
    CVE-2016-1555 - NETGEAR Multiple WAP Devices Command Injection Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : NETGEAR

    Description : Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    7.2

    CVSS31
    CVE-2016-11021 - D-Link DCS-930L Devices OS Command Injection Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : D-Link

    Description : setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command.

    Action : The impacted product is end-of-life and should be disconnected if still in use.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    9.8

    CVSS31
    CVE-2016-10174 - NETGEAR WNR2000v5 Router Buffer Overflow Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : NETGEAR

    Description : The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    7.5

    CVSS31
    CVE-2016-0752 - Ruby on Rails Directory Traversal Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Rails

    Description : Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    9.1

    CVSS31
    CVE-2015-4068 - Arcserve Unified Data Protection (UDP) Directory Traversal Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Arcserve

    Description : Directory traversal vulnerability in Arcserve UDP allows remote attackers to obtain sensitive information or cause a denial of service.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    7.5

    CVSS31
    CVE-2015-3035 - TP-Link Multiple Archer Devices Directory Traversal Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : TP-Link

    Description : Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    9.8

    CVSS31
    CVE-2015-1427 - Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Elastic

    Description : The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    9.8

    CVSS31
    CVE-2015-1187 - D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : D-Link and TRENDnet

    Description : The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.

    Action : The impacted product is end-of-life and should be disconnected if still in use.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago

    7.8

    CVSS2
    CVE-2015-0666 - Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Cisco

    Description : Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Mar 25, 2022 | 910 days ago
Showing 20 of 1181 Results

Filters