CISA Known Exploited Vulnerabilities Catalog
8.6
CVE-2020-3566 - Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description : Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.6
CVE-2020-3569 - Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description : Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2020-3161 - Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description : Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with�root�privileges or cause a denial-of-service (DoS) condition.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2019-1653 - Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description : Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2018-0296 - Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description : Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2019-13608 - Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability -
Action Due May 03, 2022 Target Vendor : Citrix
Description : Citrix StoreFront Server contains an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
6.5
CVE-2020-8193 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability -
Action Due May 03, 2022 Target Vendor : Citrix
Description : Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
6.5
CVE-2020-8195 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability -
Action Due May 03, 2022 Target Vendor : Citrix
Description : Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
4.3
CVE-2020-8196 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability -
Action Due May 03, 2022 Target Vendor : Citrix
Description : Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2019-19781 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Citrix
Description : Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
9.8
CVE-2019-11634 - Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Citrix
Description : Citrix Workspace Application and Receiver for Windows contains remote code execution vulnerability resulting from local drive access preferences not being enforced into the clients' local drives.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
9.8
CVE-2020-29557 - D-Link DIR-825 R1 Devices Buffer Overflow Vulnerability -
Action Due May 03, 2022 Target Vendor : D-Link
Description : D-Link DIR-825 R1 devices contain a buffer overflow vulnerability in the web interface that may allow for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2020-25506 - D-Link DNS-320 Device Command Injection Vulnerability -
Action Due May 03, 2022 Target Vendor : D-Link
Description : D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2018-15811 - DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability -
Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)
Description : DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.5
CVE-2018-18325 - DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability -
Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)
Description : DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2017-9822 - DotNetNuke (DNN) Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)
Description : DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.8
CVE-2019-15752 - Docker Desktop Community Edition Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Docker
Description : Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2020-8515 - Multiple DrayTek Vigor Routers Web Management Page Vulnerability -
Action Due May 03, 2022 Target Vendor : DrayTek
Description : DrayTek Vigor3900, Vigor2960, and Vigor300B routers contain an unspecified vulnerability that allows for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2018-7600 - Drupal Core Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Drupal
Description : Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
10.0
CVE-2021-22205 - GitLab Community and Enterprise Editions Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : GitLab
Description : GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse passes image file extensions through ExifTool, which improperly validates the image files.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown