CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
7.2
CVE-2018-8120 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-8120
7.8
CVE-2019-0543 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-0543
7.8
CVE-2019-0841 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-0841
7.8
CVE-2019-1064 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1064
7.8
CVE-2019-1069 - Microsoft Task Scheduler Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1069
9.8
CVE-2020-5135 - SonicWall SonicOS Buffer Overflow Vulnerability -
Action Due Apr 05, 2022 Target Vendor : SonicWall
Description : A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-5135
8.2
CVE-2015-2546 - Microsoft Win32k Memory Corruption Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-2546
7.8
CVE-2019-1129 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1129
7.8
CVE-2019-1253 - Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1253
7.8
CVE-2019-1315 - Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1315
7.8
CVE-2016-3309 - Microsoft Windows Kernel Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-3309
10.0
CVE-2017-6077 - NETGEAR DGN2200 Remote Code Execution Vulnerability -
Action Due Sep 07, 2022 Target Vendor : NETGEAR
Description : NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-6077
7.2
CVE-2020-8218 - Pulse Connect Secure Code Injection Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Pulse Secure
Description : A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-8218
5.3
CVE-2021-21973 - VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability -
Action Due Mar 21, 2022 Target Vendor : VMware
Description : VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-21973
8.8
CVE-2022-26485 - Mozilla Firefox Use-After-Free Vulnerability -
Action Due Mar 21, 2022 Target Vendor : Mozilla
Description : Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-26485
9.6
CVE-2022-26486 - Mozilla Firefox Use-After-Free Vulnerability -
Action Due Mar 21, 2022 Target Vendor : Mozilla
Description : Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-26486
6.5
CVE-2009-3960 - Adobe BlazeDS Information Disclosure Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Adobe
Description : Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 07, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2009-3960
9.8
CVE-2013-0625 - Adobe ColdFusion Authentication Bypass Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Adobe
Description : Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-0625
7.5
CVE-2013-0631 - Adobe ColdFusion Information Disclosure Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Adobe
Description : Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-0631
9.8
CVE-2019-11581 - Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Atlassian
Description : Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-11581