CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
9.8
CVE-2021-36260 - Hikvision Improper Input Validation -
Action Due Jan 24, 2022 Target Vendor : Hikvision
Description : A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-36260
9.3
CVE-2020-6572 - Google Chrome Media Use-After-Free Vulnerability -
Action Due Jul 10, 2022 Target Vendor : Google
Description : Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-6572
8.8
CVE-2013-3900 - Microsoft WinVerifyTrust function Remote Code Execution -
Action Due Jul 10, 2022 Target Vendor : Microsoft
Description : A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-3900
7.8
CVE-2019-1458 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Jul 10, 2022 Target Vendor : Microsoft
Description : A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Jan 10, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1458
8.1
CVE-2019-1579 - Palo Alto Networks PAN-OS Remote Code Execution Vulnerability -
Action Due Jul 10, 2022 Target Vendor : Palo Alto Networks
Description : Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Jan 10, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1579
6.5
CVE-2018-13383 - Fortinet FortiOS and FortiProxy Out-of-bounds Write -
Action Due Jul 10, 2022 Target Vendor : Fortinet
Description : A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Jan 10, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-13383
9.1
CVE-2018-13382 - Fortinet FortiOS and FortiProxy Improper Authorization -
Action Due Jul 10, 2022 Target Vendor : Fortinet
Description : An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Jan 10, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-13382
10.0
CVE-2015-7450 - IBM WebSphere Application Server and Server Hypervisor Edition Code Injection. -
Action Due Jul 10, 2022 Target Vendor : IBM
Description : Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-7450
10.0
CVE-2019-10149 - Exim Mail Transfer Agent (MTA) Improper Input Validation -
Action Due Jul 10, 2022 Target Vendor : Exim
Description : Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-10149
7.1
CVE-2021-43890 - Microsoft Windows AppX Installer Spoofing Vulnerability -
Action Due Dec 29, 2021 Target Vendor : Microsoft
Description : Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-43890
8.8
CVE-2021-4102 - Google Chromium V8 Use-After-Free Vulnerability -
Action Due Dec 29, 2021 Target Vendor : Google
Description : Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-4102
9.8
CVE-2017-12149 - Red Hat JBoss Application Server Remote Code Execution Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Red Hat
Description : The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Dec 10, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-12149
8.1
CVE-2017-17562 - Embedthis GoAhead Remote Code Execution Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Embedthis
Description : Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-17562
7.8
CVE-2021-44168 - Fortinet FortiOS Arbitrary File Download -
Action Due Dec 24, 2021 Target Vendor : Fortinet
Description : Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-44168
9.0
CVE-2019-0193 - Apache Solr DataImportHandler Code Injection Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Apache
Description : The optional Apache Solr module DataImportHandler contains a code injection vulnerability.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-0193
10.0
CVE-2021-35394 - Realtek Jungle SDK Remote Code Execution Vulnerability -
Action Due Dec 24, 2021 Target Vendor : Realtek
Description : RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-35394
7.8
CVE-2019-13272 - Linux Kernel Improper Privilege Management Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Linux
Description : Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local users to obtain root access.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-13272
9.8
CVE-2020-17463 - Fuel CMS SQL Injection Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Fuel CMS
Description : FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-17463
10.0
CVE-2021-44515 - Zoho Desktop Central Authentication Bypass Vulnerability -
Action Due Dec 24, 2021 Target Vendor : Zoho
Description : Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-44515
10.0
CVE-2021-44228 - Apache Log4j2 Remote Code Execution Vulnerability -
Action Due Dec 24, 2021 Target Vendor : Apache
Description : Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.
Action : For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.
Known To Be Used in Ransomware Campaigns? : Known Detected Dec 10, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-44228