CISA Known Exploited Vulnerabilities (KEV)

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

7.8

HIGH

CVE-2021-27102 - Accellion FTA OS Command Injection Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Accellion

Description :Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27102

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2018-4878 - Adobe Flash Player Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Adobe

Description :Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.

Action :The impacted product is end-of-life and should be disconnected if still in use.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-4878

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

HIGH

CVE-2021-27104 - Accellion FTA OS Command Injection Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Accellion

Description :Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27104

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

HIGH

CVE-2017-5638 - Apache Struts Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Apache

Description :Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-5638

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2018-7600 - Drupal Core Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Drupal

Description :Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-7600

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

CRITICAL

CVE-2019-11510 - Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2019-11510

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2019-5544 - VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability -

Action Due May 03, 2022 Target Vendor : VMware

Description :VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-5544

Alert Date: Nov 03, 2021 | 1585 days ago

9.0

HIGH

CVE-2021-22894 - Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Nov 03, 2021 | 1585 days ago

8.8

HIGH

CVE-2021-22899 - Ivanti Pulse Connect Secure Command Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Nov 03, 2021 | 1585 days ago

6.2

MEDIUM

CVE-2021-1906 - Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Qualcomm

Description :Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1906

Alert Date: Nov 03, 2021 | 1585 days ago

8.4

HIGH

CVE-2021-1905 - Qualcomm Multiple Chipsets Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Qualcomm

Description :Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1905

Alert Date: Nov 03, 2021 | 1585 days ago

7.8

HIGH

CVE-2017-16651 - Roundcube Webmail File Disclosure Vulnerability -

Action Due May 03, 2022 Target Vendor : Roundcube

Description :Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-16651

Alert Date: Nov 03, 2021 | 1585 days ago

6.5

MEDIUM

CVE-2020-11652 - SaltStack Salt Path Traversal Vulnerability -

Action Due May 03, 2022 Target Vendor : SaltStack

Description :SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-11652

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

CRITICAL

CVE-2010-5326 - SAP NetWeaver Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : SAP

Description :SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-5326

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

CRITICAL

CVE-2020-6207 - SAP Solution Manager Missing Authentication for Critical Function Vulnerability -

Action Due May 03, 2022 Target Vendor : SAP

Description :SAP Solution Manager User Experience Monitoring contains a missing authentication for critical function vulnerability which results in complete compromise of all SMDAgents connected to the Solution Manager.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6207

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2020-10148 - SolarWinds Orion Authentication Bypass Vulnerability -

Action Due May 03, 2022 Target Vendor : SolarWinds

Description :SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-10148

Alert Date: Nov 03, 2021 | 1585 days ago

4.9

MEDIUM

CVE-2021-20023 - SonicWall Email Security Path Traversal Vulnerability -

Action Due Nov 17, 2021 Target Vendor : SonicWall

Description :SonicWall Email Security contains a path traversal vulnerability that allows a post-authenticated attacker to read files on the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20022 to achieve privilege escalation.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20023

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2021-20016 - SonicWall SSLVPN SMA100 SQL Injection Vulnerability -

Action Due Nov 17, 2021 Target Vendor : SonicWall

Description :SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20016

Alert Date: Nov 03, 2021 | 1585 days ago

7.0

HIGH

CVE-2019-18988 - TeamViewer Desktop Bypass Remote Login Vulnerability -

Action Due May 03, 2022 Target Vendor : TeamViewer

Description :TeamViewer Desktop allows for bypass of remote-login access control because the same AES key is used for different customers' installations. If an attacker were to know this key, they could decrypt protected information stored in registry or configuration files or decryption of the Unattended Access password to the system (which allows for remote login to the system).

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-18988

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

HIGH

CVE-2020-10987 - Tenda AC1900 Router AC15 Model Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Tenda

Description :Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-10987

Alert Date: Nov 03, 2021 | 1585 days ago

Showing 20 of 1540 Results

Filters

What are you looking for ?

Date Added

Ransomware

Sort By

Browse by Apps

CISA Known Exploited Vulnerabilities (KEV)

7.8

9.8

10.0

10.0

9.8

10.0

9.8

9.0

8.8

6.2

8.4

7.8

6.5

10.0

10.0

9.8

4.9

9.8

7.0

10.0

Filters

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable

Cookie Preferences