CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
9.3
CVE-2009-3129 - Microsoft Excel Featheader Record Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2009-3129
9.3
CVE-2008-2992 - Adobe Reader and Acrobat Input Validation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026
Notes :https://nvd.nist.gov/vuln/detail/CVE-2008-2992
7.8
CVE-2004-0210 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2004-0210
7.8
CVE-2002-0367 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2002-0367
7.8
CVE-2018-0156 - Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service (DoS) condition.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0156
7.8
CVE-2018-0154 - Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description :A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0154
9.3
CVE-2014-6352 - Microsoft Windows Code Injection Vulnerability -
Action Due Aug 25, 2022 Target Vendor : Microsoft
Description :Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-6352
8.8
CVE-2017-0222 - Microsoft Internet Explorer Remote Code Execution Vulnerability -
Action Due Aug 25, 2022 Target Vendor : Microsoft
Description :A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-0222
9.3
CVE-2017-8570 - Microsoft Office Remote Code Execution Vulnerability -
Action Due Aug 25, 2022 Target Vendor : Microsoft
Description :A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-8570
6.1
CVE-2022-24682 - Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability -
Action Due Mar 11, 2022 Target Vendor : Synacor
Description :Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability in the Calendar feature that allows an attacker to execute arbitrary code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 25, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-24682
9.8
CVE-2022-23131 - Zabbix Frontend Authentication Bypass Vulnerability -
Action Due Mar 08, 2022 Target Vendor : Zabbix
Description :Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-23131
5.3
CVE-2022-23134 - Zabbix Frontend Improper Access Control Vulnerability -
Action Due Mar 08, 2022 Target Vendor : Zabbix
Description :Malicious actors can pass step checks and potentially change the configuration of Zabbix Frontend.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-23134
10.0
CVE-2022-24086 - Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability -
Action Due Mar 01, 2022 Target Vendor : Adobe
Description :Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-24086
8.8
CVE-2022-0609 - Google Chromium Animation Use-After-Free Vulnerability -
Action Due Mar 01, 2022 Target Vendor : Google
Description :Google Chromium Animation contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-0609
7.6
CVE-2019-0752 - Microsoft Internet Explorer Type Confusion Vulnerability -
Action Due Aug 15, 2022 Target Vendor : Microsoft
Description :A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0752
7.6
CVE-2018-8174 - Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability -
Action Due Aug 15, 2022 Target Vendor : Microsoft
Description :A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-8174
7.8
CVE-2018-20250 - WinRAR Absolute Path Traversal Vulnerability -
Action Due Aug 15, 2022 Target Vendor : RARLAB
Description :WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-20250
10.0
CVE-2018-15982 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due Aug 15, 2022 Target Vendor : Adobe
Description :Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 15, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-15982
9.8
CVE-2017-9841 - PHPUnit Command Injection Vulnerability -
Action Due Aug 15, 2022 Target Vendor : PHPUnit
Description :PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-9841
9.3
CVE-2014-1761 - Microsoft Word Memory Corruption Vulnerability -
Action Due Aug 15, 2022 Target Vendor : Microsoft
Description :Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-1761