CISA Known Exploited Vulnerabilities (KEV)

To support the cybersecurity community and help network defenders stay ahead of active threat activity, CISA publishes cisa alert today updates and maintains the authoritative catalog of known exploited vulnerabilities. This KEV database highlights vulnerabilities that have been actively used in real-world attacks, making it an essential resource for security teams aiming to strengthen their defenses.

Organizations should incorporate the KEV catalog into their vulnerability management prioritization framework to ensure they address high-risk issues efficiently and stay aligned with the latest threat intelligence. With frequent updates — including entries marked as cisa kev added today — the catalog enables teams to react quickly to emerging exploitation trends. To streamline monitoring and improve response time, CVEfeed.io provides the freshest CISA KEV additions, delivering real-time visibility into newly identified exploited vulnerabilities and helping organizations maintain accurate, up-to-date security postures.

10.0

HIGH

CVE-2018-11138 - Quest KACE System Management Appliance Remote Command Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Quest

Description : The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-11138

Alert Date: Mar 25, 2022 | 1389 days ago

8.1

HIGH

CVE-2017-12615 - Apache Tomcat on Windows Remote Code Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Apache

Description : When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-12615

Alert Date: Mar 25, 2022 | 1389 days ago

7.5

HIGH

CVE-2016-0752 - Ruby on Rails Directory Traversal Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Rails

Description : Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-0752

Alert Date: Mar 25, 2022 | 1389 days ago

7.8

HIGH

CVE-2015-0666 - Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Cisco

Description : Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-0666

Alert Date: Mar 25, 2022 | 1389 days ago

10.0

HIGH

CVE-2013-4810 - HP Multiple Products Remote Code Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)

Description : HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-4810

Alert Date: Mar 25, 2022 | 1389 days ago

9.8

CRITICAL

CVE-2005-2773 - HP OpenView Network Node Manager Remote Code Execution Vulnerability -

Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)

Description : HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2005-2773

Alert Date: Mar 25, 2022 | 1389 days ago

7.8

HIGH

CVE-2019-1405 - Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1405

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2019-1322 - Microsoft Windows Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1322

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2019-1315 - Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1315

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2019-1253 - Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1253

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2019-1132 - Microsoft Win32k Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1132

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2019-1069 - Microsoft Task Scheduler Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1069

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2019-1064 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1064

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2019-0841 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-0841

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2019-0543 - Microsoft Windows Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-0543

Alert Date: Mar 15, 2022 | 1399 days ago

7.2

HIGH

CVE-2018-8120 - Microsoft Win32k Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-8120

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2017-0101 - Microsoft Windows Transaction Manager Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-0101

Alert Date: Mar 15, 2022 | 1399 days ago

7.8

HIGH

CVE-2016-3309 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-3309

Alert Date: Mar 15, 2022 | 1399 days ago

8.2

HIGH

CVE-2015-2546 - Microsoft Win32k Memory Corruption Vulnerability -

Action Due Apr 05, 2022 Target Vendor : Microsoft

Description : The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-2546

Alert Date: Mar 15, 2022 | 1399 days ago

9.8

CRITICAL

CVE-2020-5135 - SonicWall SonicOS Buffer Overflow Vulnerability -

Action Due Apr 05, 2022 Target Vendor : SonicWall

Description : A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-5135

Alert Date: Mar 15, 2022 | 1399 days ago

Showing 20 of 1490 Results

Filters

What are you looking for ?

Date Added

Sort By

Browse by Apps

CISA Known Exploited Vulnerabilities (KEV)

10.0

8.1

7.5

7.8

10.0

9.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.2

7.8

7.8

8.2

9.8

Filters

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable