CISA Known Exploited Vulnerabilities Catalog
8.8
CVE-2021-33742 - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2021-30663 - Apple Multiple Products Integer Overflow Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apple
Description : Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability which may allow for code execution when processing maliciously crafted web content.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2021-30761 - Apple iOS Memory Corruption Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apple
Description : Apple iOS WebKit contains a memory corruption vulnerability which may allow for code execution when processing maliciously crafted web content.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2021-30869 - Apple iOS, iPadOS, and macOS Type Confusion Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apple
Description : Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2020-9859 - Apple Multiple Products Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Apple
Description : Apple iOS, iPadOS, macOS, watchOS, and tvOS contain an unspecified vulnerability that may allow an application to execute code with kernel privileges.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2021-20090 - Arcadyan Buffalo Firmware Path Traversal Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Arcadyan
Description : Arcadyan Buffalo firmware contains a path traversal vulnerability that could allow unauthenticated, remote attackers to bypass authentication and access sensitive information. This vulnerability affects multiple routers across several different vendors.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
5.5
CVE-2021-27562 - Arm Trusted Firmware Out-of-Bounds Write Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Arm
Description : Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2021-28664 - Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Arm
Description : Arm Mali Graphics Processing Unit (GPU) kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2021-28663 - Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Arm
Description : Arm Mali Graphics Processing Unit (GPU) kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gain root privilege, and/or disclose information.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2019-3398 - Atlassian Confluence Server and Data Center Path Traversal Vulnerability -
Action Due May 03, 2022 Target Vendor : Atlassian
Description : Atlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write files. Exploitation can lead to remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2021-26084 - Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Atlassian
Description : Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
9.8
CVE-2019-11580 - Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Atlassian
Description : Atlassian Crowd and Crowd Data Center contain a remote code execution vulnerability resulting from a pdkinstall development plugin being incorrectly enabled in release builds.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2019-3396 - Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability -
Action Due May 03, 2022 Target Vendor : Atlassian
Description : Atlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
9.8
CVE-2021-42258 - BQE BillQuick Web Suite SQL Injection Vulnerability -
Action Due Nov 17, 2021 Target Vendor : BQE
Description : BQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.5
CVE-2020-3452 - Cisco ASA and FTD Read-Only Path Traversal Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description : Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
6.1
CVE-2020-3580 - Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description : Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2021-1497 - Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Cisco
Description : Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the�root�user.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2021-1498 - Cisco HyperFlex HX Data Platform Command Injection Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Cisco
Description : Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2018-0171 - Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description : Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2020-3118 - Cisco IOS XR Software Discovery Protocol Format String Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description : Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown