CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
10.0
CVE-2022-30525 - Zyxel Multiple Firewalls OS Command Injection Vulnerability -
Action Due Jun 06, 2022 Target Vendor : Zyxel
Description :A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-30525
10.0
CVE-2022-22947 - VMware Spring Cloud Gateway Code Injection Vulnerability -
Action Due Jun 06, 2022 Target Vendor : VMware
Description :Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-22947
9.8
CVE-2022-1388 - F5 BIG-IP Missing Authentication Vulnerability -
Action Due May 31, 2022 Target Vendor : F5
Description :F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected May 10, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-1388
7.5
CVE-2014-0160 - OpenSSL Information Disclosure Vulnerability -
Action Due May 25, 2022 Target Vendor : OpenSSL
Description :The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-0160
9.3
CVE-2014-0322 - Microsoft Internet Explorer Use-After-Free Vulnerability -
Action Due May 25, 2022 Target Vendor : Microsoft
Description :Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-0322
9.3
CVE-2019-8506 - Apple Multiple Products Type Confusion Vulnerability -
Action Due May 25, 2022 Target Vendor : Apple
Description :A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-8506
8.8
CVE-2021-1789 - Apple Multiple Products Type Confusion Vulnerability -
Action Due May 25, 2022 Target Vendor : Apple
Description :A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1789
7.8
CVE-2014-4113 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due May 25, 2022 Target Vendor : Microsoft
Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-4113
9.9
CVE-2019-1003029 - Jenkins Script Security Plugin Sandbox Bypass Vulnerability -
Action Due May 16, 2022 Target Vendor : Jenkins
Description :Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1003029
7.8
CVE-2021-40450 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Microsoft
Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-40450
7.8
CVE-2022-0847 - Linux Kernel Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Linux
Description :Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of "Dirty Pipe."
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-0847
7.0
CVE-2022-21919 - Microsoft Windows User Profile Service Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Microsoft
Description :Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-21919
7.8
CVE-2021-41357 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Microsoft
Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-41357
7.0
CVE-2022-26904 - Microsoft Windows User Profile Service Privilege Escalation Vulnerability -
Action Due May 16, 2022 Target Vendor : Microsoft
Description :Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-26904
10.0
CVE-2022-29464 - WSO2 Multiple Products Unrestrictive Upload of File Vulnerability -
Action Due May 16, 2022 Target Vendor : WSO2
Description :Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Apr 25, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-29464
7.8
CVE-2022-22718 - Microsoft Windows Print Spooler Privilege Escalation Vulnerability -
Action Due May 10, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-22718
9.8
CVE-2019-3568 - WhatsApp VOIP Stack Buffer Overflow Vulnerability -
Action Due May 10, 2022 Target Vendor : Meta Platforms
Description :A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-3568
6.1
CVE-2018-6882 - Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability -
Action Due May 10, 2022 Target Vendor : Synacor
Description :Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Apr 19, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-6882
9.8
CVE-2018-7841 - Schneider Electric U.motion Builder SQL Injection Vulnerability -
Action Due May 06, 2022 Target Vendor : Schneider Electric
Description :A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-7841
8.8
CVE-2022-1364 - Google Chromium V8 Type Confusion Vulnerability -
Action Due May 06, 2022 Target Vendor : Google
Description :Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-1364