CISA Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    7.8

    CVSS31
    CVE-2020-1147 - Microsoft .NET Framework, SharePoint, and Visual Studio Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when the software fails to check the source markup of XML file input. Successful exploitation allows an attacker to execute code in the context of the process responsible for deserialization of the XML content.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2019-1214 - Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Windows Common Log File System (CLFS) driver improperly handles objects in memory which can allow for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2016-3235 - Microsoft Office OLE DLL Side Loading Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. Successful exploitation allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2019-0863 - Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2021-36955 - Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.8

    CVSS31
    CVE-2021-38648 - Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    8.1

    CVSS31
    CVE-2020-6819 - Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -

    Action Due May 03, 2022 Target Vendor : Mozilla

    Description : Mozilla Firefox and Thunderbird contain a race condition vulnerability when running the nsDocShell destructor under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    8.1

    CVSS31
    CVE-2020-6820 - Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -

    Action Due May 03, 2022 Target Vendor : Mozilla

    Description : Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    8.8

    CVSS31
    CVE-2019-17026 - Mozilla Firefox And Thunderbird Type Confusion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Mozilla

    Description : Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    8.8

    CVSS31
    CVE-2019-15949 - Nagios XI Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Nagios

    Description : Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and insert malicious commands to execute as root.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2020-26919 - Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability -

    Action Due May 03, 2022 Target Vendor : NETGEAR

    Description : Netgear JGS516PE devices contain a missing function level access control vulnerability.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.5

    CVSS31
    CVE-2019-19356 - Netis WF2419 Devices Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Netis

    Description : Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as root through the router's web management page.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2020-2555 - Oracle Multiple Products Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.1

    CVSS31
    CVE-2012-3152 - Oracle Fusion Middleware Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    10.0

    CVSS31
    CVE-2020-14871 - Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2015-4852 - Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2020-14750 - Oracle WebLogic Server Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2020-14882 - Oracle WebLogic Server Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    7.2

    CVSS31
    CVE-2020-14883 - Oracle WebLogic Server Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago

    9.8

    CVSS31
    CVE-2020-8644 - PlaySMS Server-Side Template Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : PlaySMS

    Description : PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1051 days ago
Showing 20 of 1180 Results

Filters