CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
9.8
CVE-2019-19781 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Citrix
Description :Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-19781
9.8
CVE-2019-11634 - Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Citrix
Description :Citrix Workspace Application and Receiver for Windows contains remote code execution vulnerability resulting from local drive access preferences not being enforced into the clients' local drives.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-11634
7.5
CVE-2018-18325 - DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability -
Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)
Description :DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-18325
8.8
CVE-2021-21166 - Google Chromium Race Condition Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Google
Description :Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21166
8.8
CVE-2021-21220 - Google Chromium V8 Improper Input Validation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Google
Description :Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21220
4.3
CVE-2020-4430 - IBM Data Risk Manager Directory Traversal Vulnerability -
Action Due May 03, 2022 Target Vendor : IBM
Description :IBM Data Risk Manager contains a directory traversal vulnerability that could allow a remote authenticated attacker to traverse directories and send a specially crafted URL request to download arbitrary files from the system.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4430
9.8
CVE-2018-13379 - Fortinet FortiOS SSL VPN Path Traversal Vulnerability -
Action Due May 03, 2022 Target Vendor : Fortinet
Description :Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-13379
9.8
CVE-2020-4427 - IBM Data Risk Manager Security Bypass Vulnerability -
Action Due May 03, 2022 Target Vendor : IBM
Description :IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4427
9.1
CVE-2020-4428 - IBM Data Risk Manager Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : IBM
Description :IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.�
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4428
10.0
CVE-2019-4716 - IBM Planning Analytics Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : IBM
Description :IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-4716
5.5
CVE-2016-3718 - ImageMagick Server-Side Request Forgery (SSRF) Vulnerability -
Action Due May 03, 2022 Target Vendor : ImageMagick
Description :ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) via a crafted image.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3718
10.0
CVE-2021-22502 - Micro Focus Operation Bridge Report (OBR) Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Micro Focus
Description :Micro Focus Operation Bridge Report (OBR) contains an unspecified vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22502
7.8
CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1647
7.8
CVE-2020-0041 - Android Kernel Out-of-Bounds Write Vulnerability -
Action Due May 03, 2022 Target Vendor : Android
Description :Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0069 under exploit chain "AbstractEmu."
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0041
9.8
CVE-2021-1871 - Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apple
Description :Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1871
8.8
CVE-2021-30761 - Apple iOS WebKit Memory Corruption Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apple
Description :Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30761
8.8
CVE-2020-16013 - Google Chromium V8 Incorrect Implementation Vulnerabililty -
Action Due May 03, 2022 Target Vendor : Google
Description :Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-16013
9.6
CVE-2021-37973 - Google Chromium Portals Use-After-Free Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Google
Description :Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-37973
9.3
CVE-2021-34448 - Microsoft Windows Scripting Engine Memory Corruption Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Windows Scripting Engine contains an unspecified vulnerability that allows for memory corruption.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-34448
10.0
CVE-2020-0646 - Microsoft .NET Framework Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft .NET Framework contains an improper input validation vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0646