CISA Known Exploited Vulnerabilities Catalog
9.3
CVE-2014-6332 - Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Microsoft
Description : OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2014-6324 - Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Microsoft
Description : The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2014-6287 - Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Rejetto
Description : The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
6.8
CVE-2014-3120 - Elasticsearch Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Elastic
Description : Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2014-0130 - Ruby on Rails Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Rails
Description : Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
5.4
CVE-2013-5223 - D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability -
Action Due Apr 15, 2022 Target Vendor : D-Link
Description : A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2013-4810 - HP Multiple Products Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)
Description : HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2013-2251 - Apache Struts Improper Input Validation Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Apache
Description : Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2012-1823 - PHP-CGI Query String Parameter Vulnerability -
Action Due Apr 15, 2022 Target Vendor : PHP
Description : sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2010-4345 - Exim Privilege Escalation Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Exim
Description : Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2010-4344 - Exim Heap-Based Buffer Overflow Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Exim
Description : Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2010-3035 - Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Cisco
Description : Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2010-2861 - Adobe ColdFusion Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Adobe
Description : A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
4.3
CVE-2009-2055 - Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Cisco
Description : Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2009-1151 - phpMyAdmin Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : phpMyAdmin
Description : Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.3
CVE-2009-0927 - Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Adobe
Description : Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2005-2773 - HP OpenView Network Node Manager Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)
Description : HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2020-5135 - SonicWall SonicOS Buffer Overflow Vulnerability -
Action Due Apr 05, 2022 Target Vendor : SonicWall
Description : A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2019-1405 - Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.8
CVE-2019-1322 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known