CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    9.3

    HIGH
    CVE-2016-3235 - Microsoft Office OLE DLL Side Loading Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. Successful exploitation allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3235

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2021-38648 - Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38648

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.5

    HIGH
    CVE-2019-19356 - Netis WF2419 Devices Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Netis

    Description :Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as root through the router's web management page.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-19356

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2021-30713 - Apple macOS Unspecified Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30713

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2016-0167 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0167

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.5

    HIGH
    CVE-2020-0878 - Microsoft Edge and Internet Explorer Memory Corruption Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0878

    Alert Date: Nov 03, 2021 | 1585 days ago

    6.5

    MEDIUM
    CVE-2016-9563 - SAP NetWeaver XML External Entity (XXE) Vulnerability -

    Action Due May 03, 2022 Target Vendor : SAP

    Description :SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows remote, authenticated users to conduct XML External Entity (XXE) attacks.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-9563

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    HIGH
    CVE-2021-21985 - VMware vCenter Server Improper Input Validation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description :VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21985

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.1

    CRITICAL
    CVE-2020-4006 - Multiple VMware Products Command Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description :VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a command injection vulnerability. An attacker with network access to the administrative configurator on port 8443 and a valid password for the configurator administrator account can execute commands with unrestricted privileges on the underlying operating system.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4006

    Alert Date: Nov 03, 2021 | 1585 days ago

    5.5

    MEDIUM
    CVE-2021-31955 - Microsoft Windows Kernel Information Disclosure Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31955

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2020-0938 - Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0938

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2020-1020 - Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1020

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.5

    HIGH
    CVE-2021-20022 - SonicWall Email Security Unrestricted Upload of File Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SonicWall

    Description :SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20023 to achieve privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20022

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31201

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2020-17144 - Microsoft Exchange Server Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17144

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2019-17026 - Mozilla Firefox And Thunderbird Type Confusion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Mozilla

    Description :Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-17026

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2020-27930 - Apple Multiple Products Memory Corruption Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-27930

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.3

    HIGH
    CVE-2021-31956 - Microsoft Windows NTFS Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31956

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2020-26919 - Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability -

    Action Due May 03, 2022 Target Vendor : NETGEAR

    Description :Netgear JGS516PE devices contain a missing function level access control vulnerability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-26919

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2020-8644 - PlaySMS Server-Side Template Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : PlaySMS

    Description :PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8644

    Alert Date: Nov 03, 2021 | 1585 days ago
Showing 20 of 1540 Results

Filters