CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    8.5

    HIGH
    CVE-2019-19356 - Netis WF2419 Devices Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Netis

    Description : Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as root through the router's web management page.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-19356

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.8

    CRITICAL
    CVE-2020-2555 - Oracle Multiple Products Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-2555

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.1

    CRITICAL
    CVE-2012-3152 - Oracle Fusion Middleware Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2012-3152

    Alert Date: Nov 03, 2021 | 1401 days ago

    10.0

    CRITICAL
    CVE-2020-14871 - Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-14871

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.8

    CRITICAL
    CVE-2015-4852 - Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-4852

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.8

    CRITICAL
    CVE-2020-14750 - Oracle WebLogic Server Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-14750

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.0

    HIGH
    CVE-2020-14883 - Oracle WebLogic Server Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description : Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-14883

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.8

    CRITICAL
    CVE-2020-8644 - PlaySMS Server-Side Template Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : PlaySMS

    Description : PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-8644

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.8

    CRITICAL
    CVE-2019-18935 - Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Progress

    Description : Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-18935

    Alert Date: Nov 03, 2021 | 1401 days ago

    7.2

    HIGH
    CVE-2020-8243 - Ivanti Pulse Connect Secure Code Execution Vulnerability -

    Action Due Apr 23, 2021 Target Vendor : Ivanti

    Description : Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2020-8243

    Alert Date: Nov 03, 2021 | 1401 days ago

    7.2

    HIGH
    CVE-2021-22900 - Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability -

    Action Due Apr 23, 2021 Target Vendor : Ivanti

    Description : Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22900

    Alert Date: Nov 03, 2021 | 1401 days ago

    7.2

    HIGH
    CVE-2020-8260 - Ivanti Pulse Connect Secure Code Execution Vulnerability -

    Action Due Apr 23, 2021 Target Vendor : Ivanti

    Description : Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2020-8260

    Alert Date: Nov 03, 2021 | 1401 days ago

    8.8

    HIGH
    CVE-2021-22899 - Ivanti Pulse Connect Secure Command Injection Vulnerability -

    Action Due Apr 23, 2021 Target Vendor : Ivanti

    Description : Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22899

    Alert Date: Nov 03, 2021 | 1401 days ago

    8.0

    HIGH
    CVE-2019-11539 - Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : Ivanti

    Description : Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-11539

    Alert Date: Nov 03, 2021 | 1401 days ago

    6.2

    MEDIUM
    CVE-2021-1906 - Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Qualcomm

    Description : Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-1906

    Alert Date: Nov 03, 2021 | 1401 days ago

    8.4

    HIGH
    CVE-2021-1905 - Qualcomm Multiple Chipsets Use-After-Free Vulnerability -

    Action Due May 03, 2022 Target Vendor : Qualcomm

    Description : Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-1905

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.0

    HIGH
    CVE-2020-10221 - rConfig OS Command Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : rConfig

    Description : rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-10221

    Alert Date: Nov 03, 2021 | 1401 days ago

    10.0

    HIGH
    CVE-2021-35395 - Realtek AP-Router SDK Buffer Overflow Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Realtek

    Description : Realtek AP-Router SDK HTTP web server boa contains a buffer overflow vulnerability due to unsafe copies of some overly long parameters submitted in the form that lead to denial-of-service (DoS).

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-35395

    Alert Date: Nov 03, 2021 | 1401 days ago

    7.8

    HIGH
    CVE-2017-16651 - Roundcube Webmail File Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : Roundcube

    Description : Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-16651

    Alert Date: Nov 03, 2021 | 1401 days ago

    6.5

    MEDIUM
    CVE-2020-11652 - SaltStack Salt Path Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : SaltStack

    Description : SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-11652

    Alert Date: Nov 03, 2021 | 1401 days ago
Showing 20 of 1413 Results

Filters