CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    7.8

    HIGH
    CVE-2010-0232 - Microsoft Windows Kernel Exception Handler Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-0232

    Alert Date: Mar 03, 2022 | 1573 days ago

    9.3

    HIGH
    CVE-2010-3333 - Microsoft Office Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-3333

    Alert Date: Mar 03, 2022 | 1573 days ago

    9.3

    HIGH
    CVE-2011-0611 - Adobe Flash Player Remote Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Adobe

    Description :Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.

    Action :The impacted product is end-of-life and should be disconnected if still in use.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2011-0611

    Alert Date: Mar 03, 2022 | 1573 days ago

    10.0

    HIGH
    CVE-2011-1889 - Microsoft Forefront TMG Remote Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2011-1889

    Alert Date: Mar 03, 2022 | 1573 days ago

    10.0

    HIGH
    CVE-2011-3544 - Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Oracle

    Description :An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2011-3544

    Alert Date: Mar 03, 2022 | 1573 days ago

    10.0

    HIGH
    CVE-2012-0507 - Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Oracle

    Description :An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-0507

    Alert Date: Mar 03, 2022 | 1573 days ago

    9.3

    HIGH
    CVE-2012-1856 - Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-1856

    Alert Date: Mar 03, 2022 | 1573 days ago

    10.0

    HIGH
    CVE-2012-4681 - Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Oracle

    Description :The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-4681

    Alert Date: Mar 03, 2022 | 1573 days ago

    9.3

    HIGH
    CVE-2013-1347 - Microsoft Internet Explorer Remote Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-1347

    Alert Date: Mar 03, 2022 | 1573 days ago

    6.5

    MEDIUM
    CVE-2013-1675 - Mozilla Firefox Information Disclosure Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Mozilla

    Description :Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-1675

    Alert Date: Mar 03, 2022 | 1573 days ago

    10.0

    HIGH
    CVE-2013-3346 - Adobe Reader and Acrobat Memory Corruption Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Adobe

    Description :Adobe Reader and Acrobat contain a memory corruption vulnerability which can allow attackers to execute arbitrary code or cause a denial of service.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-3346

    Alert Date: Mar 03, 2022 | 1573 days ago

    9.3

    HIGH
    CVE-2013-3897 - Microsoft Internet Explorer Use-After-Free Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :A use-after-free vulnerability exists within CDisplayPointer in Microsoft Internet Explorer that allows an attacker to remotely execute arbitrary code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-3897

    Alert Date: Mar 03, 2022 | 1573 days ago

    7.8

    HIGH
    CVE-2013-5065 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-5065

    Alert Date: Mar 03, 2022 | 1573 days ago

    10.0

    CRITICAL
    CVE-2022-20703 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-20703

    Alert Date: Mar 03, 2022 | 1573 days ago

    10.0

    CRITICAL
    CVE-2022-20701 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-20701

    Alert Date: Mar 03, 2022 | 1573 days ago

    10.0

    CRITICAL
    CVE-2022-20699 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-20699

    Alert Date: Mar 03, 2022 | 1573 days ago

    9.8

    CRITICAL
    CVE-2020-1938 - Apache Tomcat Improper Privilege Management Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Apache

    Description :Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1938

    Alert Date: Mar 03, 2022 | 1573 days ago

    5.4

    MEDIUM
    CVE-2020-11899 - Treck TCP/IP stack Out-of-Bounds Read Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Treck TCP/IP stack

    Description :The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-11899

    Alert Date: Mar 03, 2022 | 1573 days ago

    9.0

    HIGH
    CVE-2019-1652 - Cisco Small Business Routers Improper Input Validation Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1652

    Alert Date: Mar 03, 2022 | 1573 days ago

    7.1

    HIGH
    CVE-2018-0179 - Cisco IOS Software Denial-of-Service Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0179

    Alert Date: Mar 03, 2022 | 1573 days ago
Showing 20 of 1627 Results

Filters