CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
9.8
CVE-2022-1388 - F5 BIG-IP Missing Authentication Vulnerability -
Action Due May 31, 2022 Target Vendor : F5
Description :F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected May 10, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-1388
8.8
CVE-2021-1789 - Apple Multiple Products Type Confusion Vulnerability -
Action Due May 25, 2022 Target Vendor : Apple
Description :A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1789
9.3
CVE-2019-8506 - Apple Multiple Products Type Confusion Vulnerability -
Action Due May 25, 2022 Target Vendor : Apple
Description :A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-8506
7.8
CVE-2014-4113 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due May 25, 2022 Target Vendor : Microsoft
Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-4113
9.3
CVE-2014-0322 - Microsoft Internet Explorer Use-After-Free Vulnerability -
Action Due May 25, 2022 Target Vendor : Microsoft
Description :Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-0322
7.5
CVE-2014-0160 - OpenSSL Information Disclosure Vulnerability -
Action Due May 25, 2022 Target Vendor : OpenSSL
Description :The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-0160
7.8
CVE-2021-40450 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Microsoft
Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-40450
9.9
CVE-2019-1003029 - Jenkins Script Security Plugin Sandbox Bypass Vulnerability -
Action Due May 16, 2022 Target Vendor : Jenkins
Description :Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1003029
10.0
CVE-2022-29464 - WSO2 Multiple Products Unrestrictive Upload of File Vulnerability -
Action Due May 16, 2022 Target Vendor : WSO2
Description :Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Apr 25, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-29464
7.0
CVE-2022-26904 - Microsoft Windows User Profile Service Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Microsoft
Description :Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-26904
7.0
CVE-2022-21919 - Microsoft Windows User Profile Service Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Microsoft
Description :Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-21919
7.8
CVE-2022-0847 - Linux Kernel Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Linux
Description :Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of "Dirty Pipe."
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-0847
7.8
CVE-2021-41357 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Microsoft
Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-41357
6.1
CVE-2018-6882 - Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability -
Action Due May 10, 2022 Target Vendor : Synacor
Description :Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Apr 19, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-6882
9.8
CVE-2019-3568 - WhatsApp VOIP Stack Buffer Overflow Vulnerability -
Action Due May 10, 2022 Target Vendor : Meta Platforms
Description :A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-3568
7.8
CVE-2022-22718 - Microsoft Windows Print Spooler Privilege Escalation Vulnerability -
Action Due May 10, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-22718
7.8
CVE-2022-22960 - VMware Multiple Products Privilege Escalation Vulnerability -
Action Due May 06, 2022 Target Vendor : VMware
Description :VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-22960
10.0
CVE-2019-3929 - Crestron Multiple Products Command Injection Vulnerability -
Action Due May 06, 2022 Target Vendor : Crestron
Description :Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-3929
9.8
CVE-2018-7841 - Schneider Electric U.motion Builder SQL Injection Vulnerability -
Action Due May 06, 2022 Target Vendor : Schneider Electric
Description :A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-7841
7.5
CVE-2016-4523 - Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability -
Action Due May 06, 2022 Target Vendor : Trihedral
Description :The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-4523