CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    9.3

    HIGH
    CVE-2019-15752 - Docker Desktop Community Edition Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Docker

    Description : Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-15752

    Alert Date: Nov 03, 2021 | 1397 days ago

    10.0

    HIGH
    CVE-2020-8515 - Multiple DrayTek Vigor Routers Web Management Page Vulnerability -

    Action Due May 03, 2022 Target Vendor : DrayTek

    Description : DrayTek Vigor3900, Vigor2960, and Vigor300B routers contain an unspecified vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-8515

    Alert Date: Nov 03, 2021 | 1397 days ago

    10.0

    CRITICAL
    CVE-2021-22205 - GitLab Community and Enterprise Editions Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : GitLab

    Description : GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse passes image file extensions through ExifTool, which improperly validates the image files.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-22205

    Alert Date: Nov 03, 2021 | 1397 days ago

    9.8

    CRITICAL
    CVE-2018-6789 - Exim Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : Exim

    Description : Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-6789

    Alert Date: Nov 03, 2021 | 1397 days ago

    9.3

    HIGH
    CVE-2020-8655 - EyesOfNetwork Improper Privilege Management Vulnerability -

    Action Due May 03, 2022 Target Vendor : EyesOfNetwork

    Description : EyesOfNetwork contains an improper privilege management vulnerability that may allow a user to run commands as root via a crafted Nmap Scripting Engine (NSE) script to nmap7.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-8655

    Alert Date: Nov 03, 2021 | 1397 days ago

    10.0

    HIGH
    CVE-2020-5902 - F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : F5

    Description : F5 BIG-IP Traffic Management User Interface (TMUI) contains a remote code execution vulnerability in undisclosed pages.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-5902

    Alert Date: Nov 03, 2021 | 1397 days ago

    10.0

    HIGH
    CVE-2021-22986 - F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : F5

    Description : F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access to execute system commands, create or delete files, and disable services.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-22986

    Alert Date: Nov 03, 2021 | 1397 days ago

    10.0

    HIGH
    CVE-2021-35464 - ForgeRock Access Management (AM) Core Server Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : ForgeRock

    Description : ForgeRock Access Management (AM) Core Server allows an attacker who sends a specially crafted HTTP request to one of three endpoints (/ccversion/Version, /ccversion/Masthead, or /ccversion/ButtonFrame) to execute code in the context of the current user (unless ForgeRock AM is running as root user, which the vendor does not recommend).

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-35464

    Alert Date: Nov 03, 2021 | 1397 days ago

    6.5

    MEDIUM
    CVE-2019-5591 - Fortinet FortiOS Default Configuration Vulnerability -

    Action Due May 03, 2022 Target Vendor : Fortinet

    Description : Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP) server.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-5591

    Alert Date: Nov 03, 2021 | 1397 days ago

    9.8

    CRITICAL
    CVE-2020-12812 - Fortinet FortiOS SSL VPN Improper Authentication Vulnerability -

    Action Due May 03, 2022 Target Vendor : Fortinet

    Description : Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-12812

    Alert Date: Nov 03, 2021 | 1397 days ago

    9.8

    CRITICAL
    CVE-2018-13379 - Fortinet FortiOS SSL VPN Path Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : Fortinet

    Description : Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-13379

    Alert Date: Nov 03, 2021 | 1397 days ago

    9.6

    CRITICAL
    CVE-2020-15999 - Google Chrome FreeType Heap Buffer Overflow Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description : Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function Load_SBit_Png when processing PNG images embedded into fonts. This vulnerability is part of an exploit chain with CVE-2020-17087 on Windows and CVE-2020-16010 on Android.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-15999

    Alert Date: Nov 03, 2021 | 1397 days ago

    8.8

    HIGH
    CVE-2021-21166 - Google Chromium Race Condition Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description : Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-21166

    Alert Date: Nov 03, 2021 | 1397 days ago

    9.6

    CRITICAL
    CVE-2020-16017 - Google Chrome Use-After-Free Vulnerability -

    Action Due May 03, 2022 Target Vendor : Google

    Description : Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-16017

    Alert Date: Nov 03, 2021 | 1397 days ago

    6.5

    MEDIUM
    CVE-2021-37976 - Google Chromium Information Disclosure Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description : Google Chromium contains an information disclosure vulnerability within the core memory component that allows a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-37976

    Alert Date: Nov 03, 2021 | 1397 days ago

    8.8

    HIGH
    CVE-2020-16009 - Google Chromium V8 Type Confusion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Google

    Description : Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-16009

    Alert Date: Nov 03, 2021 | 1397 days ago

    8.8

    HIGH
    CVE-2021-30632 - Google Chromium V8 Out-of-Bounds Write Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description : Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30632

    Alert Date: Nov 03, 2021 | 1397 days ago

    9.6

    CRITICAL
    CVE-2021-30633 - Google Chromium Indexed DB API Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description : Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30633

    Alert Date: Nov 03, 2021 | 1397 days ago

    8.8

    HIGH
    CVE-2021-21148 - Google Chromium V8 Heap Buffer Overflow Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description : Google Chromium V8 Engine contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-21148

    Alert Date: Nov 03, 2021 | 1397 days ago

    8.8

    HIGH
    CVE-2021-30551 - Google Chromium V8 Type Confusion Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description : Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30551

    Alert Date: Nov 03, 2021 | 1397 days ago
Showing 20 of 1409 Results

Filters