CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
5.9
CVE-2009-2055 - Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Cisco
Description :Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2009-2055
9.8
CVE-2009-1151 - phpMyAdmin Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : phpMyAdmin
Description :Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2009-1151
9.3
CVE-2009-0927 - Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Adobe
Description :Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2009-0927
10.0
CVE-2018-11138 - Quest KACE System Management Appliance Remote Command Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Quest
Description :The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 25, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-11138
10.0
CVE-2018-0147 - Cisco Secure Access Control System Java Deserialization Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Cisco
Description :A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0147
10.0
CVE-2018-0125 - Cisco VPN Routers Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Cisco
Description :A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0125
10.0
CVE-2015-1187 - D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : D-Link and TRENDnet
Description :The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1187
7.8
CVE-2015-0666 - Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Cisco
Description :Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-0666
7.5
CVE-2014-0130 - Ruby on Rails Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Rails
Description :Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-0130
5.4
CVE-2013-5223 - D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability -
Action Due Apr 15, 2022 Target Vendor : D-Link
Description :A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-5223
10.0
CVE-2013-4810 - HP Multiple Products Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)
Description :HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-4810
9.8
CVE-2013-2251 - Apache Struts Improper Input Validation Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Apache
Description :Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-2251
9.8
CVE-2012-1823 - PHP-CGI Query String Parameter Vulnerability -
Action Due Apr 15, 2022 Target Vendor : PHP
Description :sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-1823
9.8
CVE-2005-2773 - HP OpenView Network Node Manager Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)
Description :HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2005-2773
8.1
CVE-2018-6961 - VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability -
Action Due Apr 15, 2022 Target Vendor : VMware
Description :VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-6961
10.0
CVE-2020-25223 - Sophos SG UTM Remote Code Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Sophos
Description :A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-25223
7.5
CVE-2020-5410 - VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability -
Action Due Apr 15, 2022 Target Vendor : VMware Tanzu
Description :Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-5410
7.8
CVE-2019-1253 - Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1253
7.8
CVE-2019-1405 - Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1405
7.8
CVE-2019-1315 - Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1315