CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
9.8
CVE-2018-4878 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due May 03, 2022 Target Vendor : Adobe
Description : Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-4878
7.8
CVE-2021-27102 - Accellion FTA OS Command Injection Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Accellion
Description : Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-27102
10.0
CVE-2021-35211 - SolarWinds Serv-U Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : SolarWinds
Description : SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-35211
6.6
CVE-2018-2380 - SAP Customer Relationship Management (CRM) Path Traversal Vulnerability -
Action Due May 03, 2022 Target Vendor : SAP
Description : SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-2380
8.0
CVE-2019-11539 - Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability -
Action Due May 03, 2022 Target Vendor : Ivanti
Description : Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-11539
10.0
CVE-2021-34473 - Microsoft Exchange Server Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-34473
9.3
CVE-2017-0143 - Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description : Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-0143
9.0
CVE-2020-0688 - Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description : Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-0688
9.8
CVE-2021-34523 - Microsoft Exchange Server Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-34523
9.8
CVE-2021-38647 - Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-38647
10.0
CVE-2019-3396 - Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability -
Action Due May 03, 2022 Target Vendor : Atlassian
Description : Atlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-3396
9.8
CVE-2021-26084 - Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Atlassian
Description : Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-26084
7.8
CVE-2021-1732 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-1732
8.8
CVE-2020-16009 - Google Chromium V8 Type Confusion Vulnerability -
Action Due May 03, 2022 Target Vendor : Google
Description : Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-16009
8.8
CVE-2021-30632 - Google Chromium V8 Out-of-Bounds Write Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Google
Description : Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30632
7.8
CVE-2019-0863 - Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description : Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-0863
7.8
CVE-2021-36955 - Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-36955
9.3
CVE-2021-31956 - Microsoft Windows NTFS Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-31956
7.8
CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-31201
8.8
CVE-2020-17144 - Microsoft Exchange Server Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description : Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-17144