CISA Known Exploited Vulnerabilities (KEV)

Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

8.8

HIGH

CVE-2021-37975 - Google Chromium V8 Use-After-Free Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Google

Description :Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-37975

Alert Date: Nov 03, 2021 | 1637 days ago

6.1

MEDIUM

CVE-2021-1879 - Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Apple

Description :Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1879

Alert Date: Nov 03, 2021 | 1637 days ago

7.5

HIGH

CVE-2019-1653 - Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability -

Action Due May 03, 2022 Target Vendor : Cisco

Description :Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1653

Alert Date: Nov 03, 2021 | 1637 days ago

6.1

MEDIUM

CVE-2021-38000 - Google Chromium Intents Improper Input Validation Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Google

Description :Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38000

Alert Date: Nov 03, 2021 | 1637 days ago

8.2

HIGH

CVE-2021-23874 - McAfee Total Protection (MTP) Improper Privilege Management Vulnerability -

Action Due Nov 17, 2021 Target Vendor : McAfee

Description :McAfee Total Protection (MTP) contains an improper privilege management vulnerability that allows a local user to gain elevated privileges and execute code, bypassing MTP self-defense.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-23874

Alert Date: Nov 03, 2021 | 1637 days ago

7.8

HIGH

CVE-2021-28310 - Microsoft Win32k Privilege Escalation Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Microsoft

Description :Microsoft Windows Win32k contains an unspecified vulnerability that allows for privilege escalation.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-28310

Alert Date: Nov 03, 2021 | 1637 days ago

7.6

HIGH

CVE-2020-0674 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability -

Action Due May 03, 2022 Target Vendor : Microsoft

Description :Microsoft Internet Explorer contains a memory corruption vulnerability due to the way the Scripting Engine handles objects in memory. Successful exploitation could allow remote code execution in the context of the current user.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0674

Alert Date: Nov 03, 2021 | 1637 days ago

8.1

HIGH

CVE-2020-6819 - Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Mozilla

Description :Mozilla Firefox and Thunderbird contain a race condition vulnerability when running the nsDocShell destructor under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6819

Alert Date: Nov 03, 2021 | 1637 days ago

8.1

HIGH

CVE-2020-6820 - Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Mozilla

Description :Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6820

Alert Date: Nov 03, 2021 | 1637 days ago

9.8

CRITICAL

CVE-2020-2555 - Oracle Multiple Products Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-2555

Alert Date: Nov 03, 2021 | 1637 days ago

9.1

CRITICAL

CVE-2012-3152 - Oracle Fusion Middleware Unspecified Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-3152

Alert Date: Nov 03, 2021 | 1637 days ago

9.6

CRITICAL

CVE-2021-30633 - Google Chromium Indexed DB API Use-After-Free Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Google

Description :Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30633

Alert Date: Nov 03, 2021 | 1637 days ago

9.8

CRITICAL

CVE-2020-8644 - PlaySMS Server-Side Template Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : PlaySMS

Description :PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8644

Alert Date: Nov 03, 2021 | 1637 days ago

7.5

HIGH

CVE-2020-0878 - Microsoft Edge and Internet Explorer Memory Corruption Vulnerability -

Action Due May 03, 2022 Target Vendor : Microsoft

Description :Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0878

Alert Date: Nov 03, 2021 | 1637 days ago

10.0

CRITICAL

CVE-2020-14871 - Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14871

Alert Date: Nov 03, 2021 | 1637 days ago

10.0

HIGH

CVE-2021-27561 - Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Yealink

Description :Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27561

Alert Date: Nov 03, 2021 | 1637 days ago

9.8

CRITICAL

CVE-2015-4852 - Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-4852

Alert Date: Nov 03, 2021 | 1637 days ago

9.8

CRITICAL

CVE-2020-14750 - Oracle WebLogic Server Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14750

Alert Date: Nov 03, 2021 | 1637 days ago

10.0

HIGH

CVE-2020-14882 - Oracle WebLogic Server Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14882

Alert Date: Nov 03, 2021 | 1637 days ago

9.8

CRITICAL

CVE-2019-18935 - Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability -

Action Due May 03, 2022 Target Vendor : Progress

Description :Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-18935

Alert Date: Nov 03, 2021 | 1637 days ago

Showing 20 of 1587 Results

Filters

What are you looking for ?

Date Added

Ransomware

Sort By

Browse by Apps

CISA Known Exploited Vulnerabilities (KEV)

8.8

6.1

7.5

6.1

8.2

7.8

7.6

8.1

8.1

9.8

9.1

9.6

9.8

7.5

10.0

10.0

9.8

9.8

10.0

9.8

Filters

Cookie Preferences