CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
5.3
CVE-2021-21973 - VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability -
Action Due Mar 21, 2022 Target Vendor : VMware
Description :VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21973
9.3
CVE-2016-6277 - NETGEAR Multiple Routers Remote Code Execution Vulnerability -
Action Due Sep 07, 2022 Target Vendor : NETGEAR
Description :NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-6277
7.5
CVE-2013-0631 - Adobe ColdFusion Information Disclosure Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Adobe
Description :Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-0631
9.8
CVE-2013-0625 - Adobe ColdFusion Authentication Bypass Vulnerability -
Action Due Sep 07, 2022 Target Vendor : Adobe
Description :Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-0625
8.6
CVE-2018-0173 - Cisco IOS and IOS XE Software Improper Input Validation Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0173
9.8
CVE-2020-1938 - Apache Tomcat Improper Privilege Management Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Apache
Description :Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1938
8.6
CVE-2018-0155 - Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0155
10.0
CVE-2018-0151 - Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0151
10.0
CVE-2022-20701 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-20701
10.0
CVE-2017-12240 - Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12240
6.5
CVE-2017-12238 - Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12238
7.8
CVE-2017-12234 - Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12234
7.8
CVE-2016-7262 - Microsoft Office Security Feature Bypass Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-7262
10.0
CVE-2016-4117 - Adobe Flash Player Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-4117
7.8
CVE-2015-2387 - Microsoft ATM Font Driver Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-2387
7.8
CVE-2015-1701 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1701
9.3
CVE-2015-1642 - Microsoft Office Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1642
9.8
CVE-2019-16928 - Exim Out-of-bounds Write Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Exim
Description :Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-16928
10.0
CVE-2014-0496 - Adobe Reader and Acrobat Use-After-Free Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-0496
10.0
CVE-2012-1723 - Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Oracle
Description :Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-1723