CISA Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    9.8

    CVSS31
    CVE-2019-5544 - VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description : VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2020-3992 - VMware ESXi OpenSLP Use-After-Free Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description : VMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network with access to port 427 to perform remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2020-3950 - VMware Multiple Products Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description : VMware Fusion, Remote Console (VMRC) for Mac, and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries that allows attackers to escalate privileges to root.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2021-22005 - VMware vCenter Server File Upload Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description : VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2020-3952 - VMware vCenter Server Information Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description : VMware vCenter Server contains an information disclosure vulnerability in the VMware Directory Service (vmdir) when the Platform Services Controller (PSC) does not correctly implement access controls. Successful exploitation allows an attacker with network access to port 389 to extract sensitive information.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2021-21972 - VMware vCenter Server Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description : VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2021-21985 - VMware vCenter Server Improper Input Validation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description : VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.1

    CVSS31
    CVE-2020-4006 - Multiple VMware Products Command Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description : VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a command injection vulnerability. An attacker with network access to the administrative configurator on port 8443 and a valid password for the configurator administrator account can execute commands with unrestricted privileges on the underlying operating system.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    10.0

    CVSS31
    CVE-2020-25213 - WordPress File Manager Plugin Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : WordPress

    Description : WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.5

    CVSS31
    CVE-2020-11738 - WordPress Snap Creek Duplicator Plugin File Download Vulnerability -

    Action Due May 03, 2022 Target Vendor : WordPress

    Description : WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their Wordpress dashboard. This vulnerability affects Duplicator and Dulplicator Pro.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    6.1

    CVSS31
    CVE-2019-9978 - WordPress Social Warfare Plugin Cross-Site Scripting (XSS) Vulnerability -

    Action Due May 03, 2022 Target Vendor : WordPress

    Description : WordPress Social Warfare plugin contains a cross-site scripting (XSS) vulnerability that allows for remote code execution. This vulnerability affects Social Warfare and Social Warfare Pro.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2021-27561 - Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Yealink

    Description : Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2021-40539 - Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Zoho

    Description : Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which allow for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2020-10189 - Zoho ManageEngine Desktop Central File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zoho

    Description : Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    6.5

    CVSS30
    CVE-2019-8394 - Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zoho

    Description : Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files via login page customization.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2020-29583 - Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zyxel

    Description : Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnerability in an undocumented account ("zyfwp") with an unchangeable password.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2016-0185 - Microsoft Windows Media Center Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2020-0683 - Microsoft Windows Installer Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2020-17087 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2021-31199 - Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago
Showing 20 of 1180 Results

Filters