CISA Known Exploited Vulnerabilities (KEV)

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

8.1

HIGH

CVE-2020-6819 - Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Mozilla

Description :Mozilla Firefox and Thunderbird contain a race condition vulnerability when running the nsDocShell destructor under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6819

Alert Date: Nov 03, 2021 | 1585 days ago

8.0

HIGH

CVE-2019-11539 - Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-11539

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2021-38647 - Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Microsoft

Description :Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38647

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2021-34523 - Microsoft Exchange Server Privilege Escalation Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Microsoft

Description :Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-34523

Alert Date: Nov 03, 2021 | 1585 days ago

6.6

MEDIUM

CVE-2018-2380 - SAP Customer Relationship Management (CRM) Path Traversal Vulnerability -

Action Due May 03, 2022 Target Vendor : SAP

Description :SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-2380

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

CRITICAL

CVE-2021-35211 - SolarWinds Serv-U Remote Code Execution Vulnerability -

Action Due Nov 17, 2021 Target Vendor : SolarWinds

Description :SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-35211

Alert Date: Nov 03, 2021 | 1585 days ago

7.8

HIGH

CVE-2021-27102 - Accellion FTA OS Command Injection Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Accellion

Description :Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27102

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2018-4878 - Adobe Flash Player Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Adobe

Description :Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.

Action :The impacted product is end-of-life and should be disconnected if still in use.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-4878

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

HIGH

CVE-2021-27104 - Accellion FTA OS Command Injection Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Accellion

Description :Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27104

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

HIGH

CVE-2017-5638 - Apache Struts Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Apache

Description :Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-5638

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2018-7600 - Drupal Core Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Drupal

Description :Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-7600

Alert Date: Nov 03, 2021 | 1585 days ago

10.0

CRITICAL

CVE-2019-11510 - Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2019-11510

Alert Date: Nov 03, 2021 | 1585 days ago

8.8

HIGH

CVE-2021-22899 - Ivanti Pulse Connect Secure Command Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Nov 03, 2021 | 1585 days ago

9.0

HIGH

CVE-2021-22894 - Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Nov 03, 2021 | 1585 days ago

8.4

HIGH

CVE-2021-1905 - Qualcomm Multiple Chipsets Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Qualcomm

Description :Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1905

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2019-5544 - VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability -

Action Due May 03, 2022 Target Vendor : VMware

Description :VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-5544

Alert Date: Nov 03, 2021 | 1585 days ago

6.2

MEDIUM

CVE-2021-1906 - Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Qualcomm

Description :Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1906

Alert Date: Nov 03, 2021 | 1585 days ago

7.8

HIGH

CVE-2017-16651 - Roundcube Webmail File Disclosure Vulnerability -

Action Due May 03, 2022 Target Vendor : Roundcube

Description :Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-16651

Alert Date: Nov 03, 2021 | 1585 days ago

9.8

CRITICAL

CVE-2020-10148 - SolarWinds Orion Authentication Bypass Vulnerability -

Action Due May 03, 2022 Target Vendor : SolarWinds

Description :SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-10148

Alert Date: Nov 03, 2021 | 1585 days ago

6.5

MEDIUM

CVE-2020-11652 - SaltStack Salt Path Traversal Vulnerability -

Action Due May 03, 2022 Target Vendor : SaltStack

Description :SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-11652

Alert Date: Nov 03, 2021 | 1585 days ago

Showing 20 of 1540 Results

Filters

What are you looking for ?

Date Added

Ransomware

Sort By

Browse by Apps

CISA Known Exploited Vulnerabilities (KEV)

8.1

8.0

9.8

9.8

6.6

10.0

7.8

9.8

10.0

10.0

9.8

10.0

8.8

9.0

8.4

9.8

6.2

7.8

9.8

6.5

Filters

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable

Cookie Preferences