CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    7.5

    HIGH
    CVE-2021-20022 - SonicWall Email Security Unrestricted Upload of File Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SonicWall

    Description :SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20023 to achieve privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20022

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31201

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2020-17144 - Microsoft Exchange Server Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17144

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2019-17026 - Mozilla Firefox And Thunderbird Type Confusion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Mozilla

    Description :Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-17026

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2020-27930 - Apple Multiple Products Memory Corruption Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-27930

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.3

    HIGH
    CVE-2021-31956 - Microsoft Windows NTFS Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31956

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2020-26919 - Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability -

    Action Due May 03, 2022 Target Vendor : NETGEAR

    Description :Netgear JGS516PE devices contain a missing function level access control vulnerability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-26919

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2020-8644 - PlaySMS Server-Side Template Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : PlaySMS

    Description :PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8644

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.1

    CRITICAL
    CVE-2012-3152 - Oracle Fusion Middleware Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description :Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-3152

    Alert Date: Nov 03, 2021 | 1585 days ago

    6.1

    MEDIUM
    CVE-2021-1879 - Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1879

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2021-1870 - Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1870

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2017-11774 - Microsoft Office Outlook Security Feature Bypass Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Office Outlook contains a security feature bypass vulnerability due to improperly handling objects in memory. Successful exploitation allows an attacker to execute commands.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-11774

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    CRITICAL
    CVE-2021-22893 - Ivanti Pulse Connect Secure Use-After-Free Vulnerability -

    Action Due May 03, 2022 Target Vendor : Ivanti

    Description :Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22893

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.0

    HIGH
    CVE-2019-15949 - Nagios XI Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Nagios

    Description :Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and insert malicious commands to execute as root.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-15949

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.3

    HIGH
    CVE-2021-30869 - Apple iOS, iPadOS, and macOS Type Confusion Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30869

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.3

    HIGH
    CVE-2019-9082 - ThinkPHP Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : ThinkPHP

    Description :ThinkPHP contains an unspecified vulnerability that allows for remote code execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-9082

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2019-16256 - SIMalliance Toolbox Browser Command Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : SIMalliance

    Description :SIMalliance Toolbox Browser contains an command injection vulnerability that could allow remote attackers to retrieve location and IMEI information or execute a range of other attacks by modifying the attack message.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-16256

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2019-18187 - Trend Micro OfficeScan Directory Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : Trend Micro

    Description :Trend Micro OfficeScan contains a directory traversal vulnerability by extracting files from a zip file to a specific folder on the OfficeScan server, leading to remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-18187

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2020-8467 - Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Trend Micro

    Description :Trend Micro Apex One and OfficeScan contain an unspecified vulnerability within a migration tool component that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8467

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2021-30661 - Apple Multiple Products WebKit Storage Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30661

    Alert Date: Nov 03, 2021 | 1585 days ago
Showing 20 of 1540 Results

Filters