CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
10.0
CVE-2017-5689 - Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability -
Action Due Jul 28, 2022 Target Vendor : Intel
Description :Intel products contain a vulnerability which can allow attackers to perform privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-5689
10.0
CVE-2014-1776 - Microsoft Internet Explorer Memory Corruption Vulnerability -
Action Due Jul 28, 2022 Target Vendor : Microsoft
Description :Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-021?redirectedfrom=MSDN; https://nvd.nist.gov/vuln/detail/CVE-2014-1776
10.0
CVE-2014-6271 - GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability -
Action Due Jul 28, 2022 Target Vendor : GNU
Description :GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-6271
9.8
CVE-2021-20038 - SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability -
Action Due Feb 11, 2022 Target Vendor : SonicWall
Description :SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Jan 28, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20038
7.8
CVE-2018-8453 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Jul 21, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Win32k contains a vulnerability that allows an attacker to escalate privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Jan 21, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-8453
5.3
CVE-2021-35247 - SolarWinds Serv-U Improper Input Validation Vulnerability -
Action Due Feb 04, 2022 Target Vendor : SolarWinds
Description :SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-35247
7.8
CVE-2006-1547 - Apache Struts 1 ActionForm Denial-of-Service Vulnerability -
Action Due Jul 21, 2022 Target Vendor : Apache
Description :ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2006-1547
9.8
CVE-2012-0391 - Apache Struts 2 Improper Input Validation Vulnerability -
Action Due Jul 21, 2022 Target Vendor : Apache
Description :The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-0391
7.8
CVE-2021-21315 - System Information Library for Node.JS Command Injection -
Action Due Feb 01, 2022 Target Vendor : Npm package
Description :In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21315
9.1
CVE-2021-32648 - October CMS Improper Authentication -
Action Due Feb 01, 2022 Target Vendor : October CMS
Description :In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-32648
9.0
CVE-2021-25296 - Nagios XI OS Command Injection -
Action Due Feb 01, 2022 Target Vendor : Nagios
Description :Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-25296
9.0
CVE-2021-25297 - Nagios XI OS Command Injection -
Action Due Feb 01, 2022 Target Vendor : Nagios
Description :Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-25297
9.0
CVE-2021-25298 - Nagios XI OS Command Injection -
Action Due Feb 01, 2022 Target Vendor : Nagios
Description :Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-25298
9.8
CVE-2021-40870 - Aviatrix Controller Unrestricted Upload of File -
Action Due Feb 01, 2022 Target Vendor : Aviatrix
Description :Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-40870
7.5
CVE-2021-33766 - Microsoft Exchange Server Information Disclosure -
Action Due Feb 01, 2022 Target Vendor : Microsoft
Description :Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33766
7.5
CVE-2021-21975 - VMware Server Side Request Forgery in vRealize Operations Manager API -
Action Due Feb 01, 2022 Target Vendor : VMware
Description :Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Jan 18, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21975
9.8
CVE-2021-22991 - F5 BIG-IP Traffic Management Microkernel Buffer Overflow -
Action Due Feb 01, 2022 Target Vendor : F5
Description :The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22991
7.8
CVE-2020-14864 - Oracle Business Intelligence Enterprise Edition Path Transversal -
Action Due Jul 18, 2022 Target Vendor : Oracle
Description :Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14864
8.8
CVE-2020-13671 - Drupal core Un-restricted Upload of File -
Action Due Jul 18, 2022 Target Vendor : Drupal
Description :Improper sanitization in the extension file names is present in Drupal core.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-13671
8.8
CVE-2020-11978 - Apache Airflow Command Injection -
Action Due Jul 18, 2022 Target Vendor : Apache
Description :A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-11978