CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    10.0

    CRITICAL
    CVE-2020-25213 - WordPress File Manager Plugin Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : WordPress

    Description : WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-25213

    Alert Date: Nov 03, 2021 | 1401 days ago

    7.5

    HIGH
    CVE-2020-11738 - WordPress Snap Creek Duplicator Plugin File Download Vulnerability -

    Action Due May 03, 2022 Target Vendor : WordPress

    Description : WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their Wordpress dashboard. This vulnerability affects Duplicator and Dulplicator Pro.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-11738

    Alert Date: Nov 03, 2021 | 1401 days ago

    6.1

    MEDIUM
    CVE-2019-9978 - WordPress Social Warfare Plugin Cross-Site Scripting (XSS) Vulnerability -

    Action Due May 03, 2022 Target Vendor : WordPress

    Description : WordPress Social Warfare plugin contains a cross-site scripting (XSS) vulnerability that allows for remote code execution. This vulnerability affects Social Warfare and Social Warfare Pro.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-9978

    Alert Date: Nov 03, 2021 | 1401 days ago

    10.0

    HIGH
    CVE-2021-27561 - Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Yealink

    Description : Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-27561

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.8

    CRITICAL
    CVE-2021-40539 - Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Zoho

    Description : Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which allow for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-40539

    Alert Date: Nov 03, 2021 | 1401 days ago

    10.0

    HIGH
    CVE-2020-10189 - Zoho ManageEngine Desktop Central File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zoho

    Description : Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-10189

    Alert Date: Nov 03, 2021 | 1401 days ago

    10.0

    HIGH
    CVE-2020-29583 - Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zyxel

    Description : Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnerability in an undocumented account ("zyfwp") with an unchangeable password.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-29583

    Alert Date: Nov 03, 2021 | 1401 days ago

    10.0

    HIGH
    CVE-2021-27104 - Accellion FTA OS Command Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Accellion

    Description : Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-27104

    Alert Date: Nov 03, 2021 | 1401 days ago

    7.8

    HIGH
    CVE-2021-27102 - Accellion FTA OS Command Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Accellion

    Description : Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-27102

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.8

    CRITICAL
    CVE-2018-4878 - Adobe Flash Player Use-After-Free Vulnerability -

    Action Due May 03, 2022 Target Vendor : Adobe

    Description : Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.

    Action : The impacted product is end-of-life and should be disconnected if still in use.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-4878

    Alert Date: Nov 03, 2021 | 1401 days ago

    7.8

    HIGH
    CVE-2020-0041 - Android Kernel Out-of-Bounds Write Vulnerability -

    Action Due May 03, 2022 Target Vendor : Android

    Description : Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0069 under exploit chain "AbstractEmu."

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-0041

    Alert Date: Nov 03, 2021 | 1401 days ago

    10.0

    HIGH
    CVE-2017-5638 - Apache Struts Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apache

    Description : Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-5638

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.3

    HIGH
    CVE-2018-11776 - Apache Struts Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apache

    Description : Apache Struts contains a vulnerability that allows for remote code execution under two circumstances. One, where the alwaysSelectFullNamespace option is true and the value isn't set for a result defined in underlying configurations and in same time, its upper package configuration have no or wildcard namespace. Or, using URL tag which doesn't have value and action set and in same time, its upper package configuration have no or wildcard namespace.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-11776

    Alert Date: Nov 03, 2021 | 1401 days ago

    8.8

    HIGH
    CVE-2021-30762 - Apple iOS WebKit Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description : Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30762

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.8

    CRITICAL
    CVE-2021-1871 - Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description : Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-1871

    Alert Date: Nov 03, 2021 | 1401 days ago

    8.8

    HIGH
    CVE-2021-30661 - Apple Multiple Products WebKit Storage Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description : Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30661

    Alert Date: Nov 03, 2021 | 1401 days ago

    8.8

    HIGH
    CVE-2021-30665 - Apple Multiple Products WebKit Memory Corruption Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description : Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30665

    Alert Date: Nov 03, 2021 | 1401 days ago

    8.8

    HIGH
    CVE-2021-30663 - Apple Multiple Products WebKit Integer Overflow Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description : Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30663

    Alert Date: Nov 03, 2021 | 1401 days ago

    8.8

    HIGH
    CVE-2021-30761 - Apple iOS WebKit Memory Corruption Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description : Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30761

    Alert Date: Nov 03, 2021 | 1401 days ago

    9.0

    HIGH
    CVE-2019-3398 - Atlassian Confluence Server and Data Center Path Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : Atlassian

    Description : Atlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write files. Exploitation can lead to remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-3398

    Alert Date: Nov 03, 2021 | 1401 days ago
Showing 20 of 1413 Results

Filters