CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    10.0

    HIGH
    CVE-2013-4810 - HP Multiple Products Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Hewlett Packard (HP)

    Description :HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-4810

    Alert Date: Mar 25, 2022 | 1492 days ago

    7.5

    HIGH
    CVE-2020-5410 - VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : VMware Tanzu

    Description :Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-5410

    Alert Date: Mar 25, 2022 | 1492 days ago

    9.8

    CRITICAL
    CVE-2015-1427 - Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability -

    Action Due Apr 15, 2022 Target Vendor : Elastic

    Description :The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1427

    Alert Date: Mar 25, 2022 | 1492 days ago

    9.8

    CRITICAL
    CVE-2020-5135 - SonicWall SonicOS Buffer Overflow Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : SonicWall

    Description :A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-5135

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-1322 - Microsoft Windows Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1322

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2017-0101 - Microsoft Windows Transaction Manager Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-0101

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-0543 - Microsoft Windows Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0543

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.2

    HIGH
    CVE-2018-8120 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-8120

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2016-3309 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3309

    Alert Date: Mar 15, 2022 | 1502 days ago

    8.2

    HIGH
    CVE-2015-2546 - Microsoft Win32k Memory Corruption Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-2546

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-1253 - Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1253

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-1405 - Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1405

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-1315 - Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1315

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-1132 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1132

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-1129 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1129

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-1069 - Microsoft Task Scheduler Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1069

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-1064 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1064

    Alert Date: Mar 15, 2022 | 1502 days ago

    7.8

    HIGH
    CVE-2019-0841 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0841

    Alert Date: Mar 15, 2022 | 1502 days ago

    9.6

    CRITICAL
    CVE-2022-26486 - Mozilla Firefox Use-After-Free Vulnerability -

    Action Due Mar 21, 2022 Target Vendor : Mozilla

    Description :Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-26486

    Alert Date: Mar 07, 2022 | 1510 days ago

    9.3

    HIGH
    CVE-2016-6277 - NETGEAR Multiple Routers Remote Code Execution Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : NETGEAR

    Description :NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-6277

    Alert Date: Mar 07, 2022 | 1510 days ago
Showing 20 of 1587 Results

Filters