CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
7.8
CVE-2017-12234 - Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12234
7.5
CVE-2016-8562 - Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Siemens
Description :An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-8562
9.3
CVE-2016-7855 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-7855
10.0
CVE-2015-3043 - Adobe Flash Player Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-3043
9.3
CVE-2013-1347 - Microsoft Internet Explorer Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-1347
10.0
CVE-2013-0632 - Adobe ColdFusion Authentication Bypass Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :An authentication bypass vulnerability exists in Adobe ColdFusion which could result in an unauthorized user gaining administrative access.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-0632
5.4
CVE-2020-11899 - Treck TCP/IP stack Out-of-Bounds Read Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Treck TCP/IP stack
Description :The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-11899
10.0
CVE-2012-4681 - Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Oracle
Description :The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026
Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-4681
8.0
CVE-2018-0175 - Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0175
7.8
CVE-2015-1701 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1701
9.3
CVE-2013-3897 - Microsoft Internet Explorer Use-After-Free Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A use-after-free vulnerability exists within CDisplayPointer in Microsoft Internet Explorer that allows an attacker to remotely execute arbitrary code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-3897
10.0
CVE-2013-3346 - Adobe Reader and Acrobat Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Adobe Reader and Acrobat contain a memory corruption vulnerability which can allow attackers to execute arbitrary code or cause a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-3346
9.0
CVE-2017-6737 - Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6737
10.0
CVE-2018-0151 - Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0151
9.0
CVE-2017-6736 - Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6736
6.5
CVE-2017-6663 - Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6663
10.0
CVE-2012-1723 - Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Oracle
Description :Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-1723
10.0
CVE-2012-0507 - Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Oracle
Description :An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-0507
10.0
CVE-2011-3544 - Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Oracle
Description :An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2011-3544
10.0
CVE-2011-1889 - Microsoft Forefront TMG Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2011-1889