CISA Known Exploited Vulnerabilities Catalog
9.8
CVE-2020-9054 - Zyxel Multiple NAS Devices OS Command Injection Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Zyxel
Description : Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2020-7247 - OpenSMTPD Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : OpenBSD
Description : smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2020-5410 - VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : VMware Tanzu
Description : Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2020-25223 - Sophos SG UTM Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Sophos
Description : A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2020-2506 - QNAP Helpdesk Improper Access Control Vulnerability -
Action Due Apr 15, 2022 Target Vendor : QNAP Systems
Description : QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
10.0
CVE-2020-2021 - Palo Alto Networks PAN-OS Authentication Bypass Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Palo Alto Networks
Description : Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
8.8
CVE-2020-1956 - Apache Kylin OS Command Injection Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Apache
Description : Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2020-1631 - Juniper Junos OS Path Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Juniper
Description : A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.1
CVE-2019-6340 - Drupal Core Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Drupal
Description : In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.2
CVE-2019-2616 - Oracle BI Publisher Unauthorized Access Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Oracle
Description : Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerability to allowing for authentication bypass.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2019-16920 - D-Link Multiple Routers Command Injection Vulnerability -
Action Due Apr 15, 2022 Target Vendor : D-Link
Description : Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2019-15107 - Webmin Command Injection Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Webmin
Description : An issue was discovered in Webmin. The parameter old in password_change.cgi contains a command injection vulnerability.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2019-12991 - Citrix SD-WAN and NetScaler Command Injection Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Citrix
Description : Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2019-12989 - Citrix SD-WAN and NetScaler SQL Injection Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Citrix
Description : Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2019-11043 - PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability -
Action Due Apr 15, 2022 Target Vendor : PHP
Description : In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
9.8
CVE-2019-10068 - Kentico Xperience Deserialization of Untrusted Data Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Kentico
Description : Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.9
CVE-2019-1003030 - Jenkins Matrix Project Plugin Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Jenkins
Description : Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2019-0903 - Microsoft GDI Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Microsoft
Description : A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2018-8414 - Microsoft Windows Shell Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Microsoft
Description : A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2018-8373 - Microsoft Scripting Engine Memory Corruption Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Microsoft
Description : A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown