CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
5.4
CVE-2020-11899 - Treck TCP/IP stack Out-of-Bounds Read Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Treck TCP/IP stack
Description :The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-11899
6.3
CVE-2018-0161 - Cisco IOS Software Resource Management Errors Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0161
7.8
CVE-2018-0159 - Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0159
7.8
CVE-2018-0154 - Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0154
10.0
CVE-2017-12240 - Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12240
9.3
CVE-2016-7855 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-7855
9.3
CVE-2016-7193 - Microsoft Office Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-7193
10.0
CVE-2016-1019 - Adobe Flash Player Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Adobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-1019
10.0
CVE-2015-3043 - Adobe Flash Player Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-3043
10.0
CVE-2015-2590 - Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Oracle
Description :An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-2590
7.8
CVE-2015-1701 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1701
9.3
CVE-2015-1642 - Microsoft Office Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1642
9.3
CVE-2014-4114 - Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-4114
10.0
CVE-2011-1889 - Microsoft Forefront TMG Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2011-1889
9.3
CVE-2010-3333 - Microsoft Office Stack-based Buffer Overflow Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-3333
7.8
CVE-2010-0232 - Microsoft Windows Kernel Exception Handler Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-0232
9.3
CVE-2010-0188 - Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-0188
9.3
CVE-2014-6352 - Microsoft Windows Code Injection Vulnerability -
Action Due Aug 25, 2022 Target Vendor : Microsoft
Description :Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-6352
6.1
CVE-2022-24682 - Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability -
Action Due Mar 11, 2022 Target Vendor : Synacor
Description :Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability in the Calendar feature that allows an attacker to execute arbitrary code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 25, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-24682
9.3
CVE-2017-8570 - Microsoft Office Remote Code Execution Vulnerability -
Action Due Aug 25, 2022 Target Vendor : Microsoft
Description :A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-8570