CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
5.3
CVE-2021-21973 - VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability -
Action Due Mar 21, 2022 Target Vendor : VMware
Description :VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21973
7.2
CVE-2020-8218 - Pulse Connect Secure Code Injection Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Pulse Secure
Description :A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8218
9.8
CVE-2019-11581 - Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Atlassian
Description :Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-11581
9.3
CVE-2013-0641 - Adobe Reader Buffer Overflow Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :A buffer overflow vulnerability exists in Adobe Reader which allows an attacker to perform remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-0641
10.0
CVE-2022-20699 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-20699
5.4
CVE-2020-11899 - Treck TCP/IP stack Out-of-Bounds Read Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Treck TCP/IP stack
Description :The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-11899
9.0
CVE-2019-1652 - Cisco Small Business Routers Improper Input Validation Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1652
7.1
CVE-2018-0179 - Cisco IOS Software Denial-of-Service Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0179
6.3
CVE-2018-0161 - Cisco IOS Software Resource Management Errors Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0161
7.8
CVE-2018-0159 - Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0159
9.3
CVE-2017-8540 - Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability".
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-8540
9.0
CVE-2017-6744 - Cisco IOS Software SNMP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6744
7.8
CVE-2017-12237 - Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12237
7.8
CVE-2017-12235 - Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12235
9.3
CVE-2016-7855 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-7855
10.0
CVE-2015-3043 - Adobe Flash Player Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-3043
10.0
CVE-2015-2590 - Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Oracle
Description :An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-2590
7.8
CVE-2015-1701 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1701
10.0
CVE-2014-0496 - Adobe Reader and Acrobat Use-After-Free Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-0496
9.3
CVE-2013-0640 - Adobe Reader and Acrobat Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-0640