CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
9.8
CVE-2019-12989 - Citrix SD-WAN and NetScaler SQL Injection Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Citrix
Description : Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-12989
9.8
CVE-2019-10068 - Kentico Xperience Deserialization of Untrusted Data Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Kentico
Description : Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-10068
9.9
CVE-2019-1003030 - Jenkins Matrix Project Plugin Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Jenkins
Description : Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1003030
10.0
CVE-2020-9054 - Zyxel Multiple NAS Devices OS Command Injection Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Zyxel
Description : Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-9054
9.8
CVE-2020-1631 - Juniper Junos OS Path Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Juniper
Description : A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-1631
7.2
CVE-2019-2616 - Oracle BI Publisher Unauthorized Access Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Oracle
Description : Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerability to allowing for authentication bypass.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-2616
7.5
CVE-2016-0752 - Ruby on Rails Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Rails
Description : Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-0752
7.8
CVE-2015-0666 - Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Cisco
Description : Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-0666
10.0
CVE-2013-4810 - HP Multiple Products Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)
Description : HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-4810
9.8
CVE-2010-4344 - Exim Heap-Based Buffer Overflow Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Exim
Description : Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2010-4344
7.8
CVE-2015-3035 - TP-Link Multiple Archer Devices Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : TP-Link
Description : Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-3035
9.4
CVE-2015-4068 - Arcserve Unified Data Protection (UDP) Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Arcserve
Description : Directory traversal vulnerability in Arcserve UDP allows remote attackers to obtain sensitive information or cause a denial of service.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-4068
10.0
CVE-2018-0125 - Cisco VPN Routers Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Cisco
Description : A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-0125
10.0
CVE-2018-0147 - Cisco Secure Access Control System Java Deserialization Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Cisco
Description : A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-0147
10.0
CVE-2020-2021 - Palo Alto Networks PAN-OS Authentication Bypass Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Palo Alto Networks
Description : Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 25, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-2021
10.0
CVE-2017-6316 - Citrix Multiple Products Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Citrix
Description : A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability also affects XenMobile Server.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-6316
7.8
CVE-2019-1322 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1322
7.8
CVE-2019-1405 - Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1405
7.8
CVE-2019-1132 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1132
7.8
CVE-2017-0101 - Microsoft Windows Transaction Manager Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-0101