CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
9.8
CVE-2017-1000486 - Primetek Primefaces Remote Code Execution Vulnerability -
Action Due Jul 10, 2022 Target Vendor : Primetek
Description :Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-1000486
9.8
CVE-2021-27860 - FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit -
Action Due Jan 24, 2022 Target Vendor : FatPipe
Description :A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27860
5.3
CVE-2021-22017 - VMware vCenter Server Improper Access Control -
Action Due Jan 24, 2022 Target Vendor : VMware
Description :Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22017
9.8
CVE-2021-36260 - Hikvision Improper Input Validation -
Action Due Jan 24, 2022 Target Vendor : Hikvision
Description :A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-36260
9.3
CVE-2020-6572 - Google Chrome Media Use-After-Free Vulnerability -
Action Due Jul 10, 2022 Target Vendor : Google
Description :Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6572
7.8
CVE-2019-1458 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Jul 10, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Jan 10, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1458
8.8
CVE-2013-3900 - Microsoft WinVerifyTrust function Remote Code Execution -
Action Due Jul 10, 2022 Target Vendor : Microsoft
Description :A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2013-3900
9.8
CVE-2019-2725 - Oracle WebLogic Server, Injection -
Action Due Jul 10, 2022 Target Vendor : Oracle
Description :Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Jan 10, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-2725
9.8
CVE-2019-9670 - Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference -
Action Due Jul 10, 2022 Target Vendor : Synacor
Description :Synacor Zimbra Collaboration Suite (ZCS) contains an improper restriction of XML external entity (XXE) vulnerability in the mailboxd component.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-9670
7.1
CVE-2021-43890 - Microsoft Windows AppX Installer Spoofing Vulnerability -
Action Due Dec 29, 2021 Target Vendor : Microsoft
Description :Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-43890
8.8
CVE-2021-4102 - Google Chromium V8 Use-After-Free Vulnerability -
Action Due Dec 29, 2021 Target Vendor : Google
Description :Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-4102
9.8
CVE-2019-7238 - Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Sonatype
Description :Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-7238
9.0
CVE-2019-0193 - Apache Solr DataImportHandler Code Injection Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Apache
Description :The optional Apache Solr module DataImportHandler contains a code injection vulnerability.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0193
7.8
CVE-2021-44168 - Fortinet FortiOS Arbitrary File Download -
Action Due Dec 24, 2021 Target Vendor : Fortinet
Description :Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-44168
10.0
CVE-2021-44515 - Zoho Desktop Central Authentication Bypass Vulnerability -
Action Due Dec 24, 2021 Target Vendor : Zoho
Description :Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-44515
8.1
CVE-2017-17562 - Embedthis GoAhead Remote Code Execution Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Embedthis
Description :Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-17562
7.8
CVE-2019-13272 - Linux Kernel Improper Privilege Management Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Linux
Description :Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local users to obtain root access.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-13272
10.0
CVE-2021-35394 - Realtek Jungle SDK Remote Code Execution Vulnerability -
Action Due Dec 24, 2021 Target Vendor : Realtek
Description :RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-35394
9.8
CVE-2020-17463 - Fuel CMS SQL Injection Vulnerability -
Action Due Jun 10, 2022 Target Vendor : Fuel CMS
Description :FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17463
9.9
CVE-2019-10758 - MongoDB mongo-express Remote Code Execution Vulnerability -
Action Due Jun 10, 2022 Target Vendor : MongoDB
Description :mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-10758