CISA Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    8.6

    CVSS31
    CVE-2020-3566 - Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description : Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    8.6

    CVSS31
    CVE-2020-3569 - Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description : Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    9.8

    CVSS31
    CVE-2020-3161 - Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description : Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with�root�privileges or cause a denial-of-service (DoS) condition.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    7.5

    CVSS31
    CVE-2019-1653 - Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description : Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    7.5

    CVSS31
    CVE-2018-0296 - Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description : Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    7.5

    CVSS30
    CVE-2019-13608 - Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description : Citrix StoreFront Server contains an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1048 days ago

    6.5

    CVSS31
    CVE-2020-8193 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description : Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    6.5

    CVSS31
    CVE-2020-8195 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description : Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    4.3

    CVSS31
    CVE-2020-8196 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description : Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    9.8

    CVSS31
    CVE-2019-19781 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description : Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1048 days ago

    9.8

    CVSS30
    CVE-2019-11634 - Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description : Citrix Workspace Application and Receiver for Windows contains remote code execution vulnerability resulting from local drive access preferences not being enforced into the clients' local drives.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1048 days ago

    9.8

    CVSS31
    CVE-2020-29557 - D-Link DIR-825 R1 Devices Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : D-Link

    Description : D-Link DIR-825 R1 devices contain a buffer overflow vulnerability in the web interface that may allow for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    9.8

    CVSS31
    CVE-2020-25506 - D-Link DNS-320 Device Command Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : D-Link

    Description : D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    7.5

    CVSS31
    CVE-2018-15811 - DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability -

    Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)

    Description : DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    7.5

    CVSS31
    CVE-2018-18325 - DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability -

    Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)

    Description : DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    8.8

    CVSS31
    CVE-2017-9822 - DotNetNuke (DNN) Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)

    Description : DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1048 days ago

    7.8

    CVSS31
    CVE-2019-15752 - Docker Desktop Community Edition Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Docker

    Description : Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    9.8

    CVSS31
    CVE-2020-8515 - Multiple DrayTek Vigor Routers Web Management Page Vulnerability -

    Action Due May 03, 2022 Target Vendor : DrayTek

    Description : DrayTek Vigor3900, Vigor2960, and Vigor300B routers contain an unspecified vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago

    9.8

    CVSS30
    CVE-2018-7600 - Drupal Core Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Drupal

    Description : Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Alert Date: Nov 03, 2021 | 1048 days ago

    10.0

    CVSS31
    CVE-2021-22205 - GitLab Community and Enterprise Editions Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : GitLab

    Description : GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse passes image file extensions through ExifTool, which improperly validates the image files.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Alert Date: Nov 03, 2021 | 1048 days ago
Showing 20 of 1170 Results

Filters