CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
7.8
CVE-2022-22718 - Microsoft Windows Print Spooler Privilege Escalation Vulnerability -
Action Due May 10, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-22718
9.8
CVE-2019-3568 - WhatsApp VOIP Stack Buffer Overflow Vulnerability -
Action Due May 10, 2022 Target Vendor : Meta Platforms
Description :A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-3568
6.1
CVE-2018-6882 - Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability -
Action Due May 10, 2022 Target Vendor : Synacor
Description :Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Apr 19, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-6882
9.8
CVE-2018-7841 - Schneider Electric U.motion Builder SQL Injection Vulnerability -
Action Due May 06, 2022 Target Vendor : Schneider Electric
Description :A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-7841
8.8
CVE-2022-1364 - Google Chromium V8 Type Confusion Vulnerability -
Action Due May 06, 2022 Target Vendor : Google
Description :Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-1364
10.0
CVE-2007-3010 - Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability -
Action Due May 06, 2022 Target Vendor : Alcatel
Description :masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2007-3010
9.8
CVE-2010-5330 - Ubiquiti AirOS Command Injection Vulnerability -
Action Due May 06, 2022 Target Vendor : Ubiquiti
Description :Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-5330
9.8
CVE-2014-0780 - InduSoft Web Studio NTWebServer Directory Traversal Vulnerability -
Action Due May 06, 2022 Target Vendor : InduSoft
Description :InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read administrative passwords in APP files, allowing for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-0780
7.5
CVE-2016-4523 - Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability -
Action Due May 06, 2022 Target Vendor : Trihedral
Description :The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-4523
10.0
CVE-2019-3929 - Crestron Multiple Products Command Injection Vulnerability -
Action Due May 06, 2022 Target Vendor : Crestron
Description :Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-3929
7.8
CVE-2022-22960 - VMware Multiple Products Privilege Escalation Vulnerability -
Action Due May 06, 2022 Target Vendor : VMware
Description :VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-22960
10.0
CVE-2019-16057 - D-Link DNS-320 Remote Code Execution Vulnerability -
Action Due May 06, 2022 Target Vendor : D-Link
Description :The login_mgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Known Detected Apr 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-16057
10.0
CVE-2022-22954 - VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability -
Action Due May 05, 2022 Target Vendor : VMware
Description :VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Apr 14, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-22954
10.0
CVE-2014-9163 - Adobe Flash Player Stack-Based Buffer Overflow Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description :Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-9163
10.0
CVE-2015-0311 - Adobe Flash Player Remote Code Execution Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description :Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-0311
10.0
CVE-2015-3113 - Adobe Flash Player Heap-Based Buffer Overflow Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description :Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-3113
9.8
CVE-2018-20753 - Kaseya VSA Remote Code Execution Vulnerability -
Action Due May 04, 2022 Target Vendor : Kaseya
Description :Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Apr 13, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-20753
7.8
CVE-2022-24521 - Microsoft Windows CLFS Driver Privilege Escalation Vulnerability -
Action Due May 04, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Apr 13, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-24521
10.0
CVE-2015-5122 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description :Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-5122
10.0
CVE-2015-5123 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description :Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-5123