CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
7.8
CVE-2010-4345 - Exim Privilege Escalation Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Exim
Description :Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-4345
9.8
CVE-2010-4344 - Exim Heap-Based Buffer Overflow Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Exim
Description :Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-4344
10.0
CVE-2018-11138 - Quest KACE System Management Appliance Remote Command Execution Vulnerability -
Action Due Apr 15, 2022 Target Vendor : Quest
Description :The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 25, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-11138
7.8
CVE-2019-0841 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0841
7.8
CVE-2019-1064 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1064
7.8
CVE-2019-1069 - Microsoft Task Scheduler Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1069
7.8
CVE-2019-1129 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1129
7.8
CVE-2019-1132 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1132
7.8
CVE-2019-1315 - Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1315
7.8
CVE-2019-1405 - Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1405
7.8
CVE-2019-1253 - Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1253
8.2
CVE-2015-2546 - Microsoft Win32k Memory Corruption Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-2546
7.8
CVE-2016-3309 - Microsoft Windows Kernel Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3309
7.8
CVE-2017-0101 - Microsoft Windows Transaction Manager Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-0101
9.8
CVE-2020-5135 - SonicWall SonicOS Buffer Overflow Vulnerability -
Action Due Apr 05, 2022 Target Vendor : SonicWall
Description :A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-5135
7.8
CVE-2019-1322 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1322
7.8
CVE-2019-0543 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0543
7.2
CVE-2018-8120 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Apr 05, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-8120
9.8
CVE-2019-11581 - Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Atlassian
Description :Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-11581
7.2
CVE-2020-8218 - Pulse Connect Secure Code Injection Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Pulse Secure
Description :A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8218