CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    9.8

    CRITICAL
    CVE-2018-20062 - ThinkPHP "noneCms" Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : ThinkPHP

    Description :ThinkPHP "noneCms" contains an unspecified vulnerability that allows for remote code execution through crafted use of the filter parameter.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-20062

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.3

    HIGH
    CVE-2019-9082 - ThinkPHP Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : ThinkPHP

    Description :ThinkPHP contains an unspecified vulnerability that allows for remote code execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-9082

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.5

    HIGH
    CVE-2019-20085 - TVT NVMS-1000 Directory Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : TVT

    Description :TVT devices utilizing NVMS-1000 software contain a directory traversal vulnerability via GET /.. requests.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-20085

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.5

    HIGH
    CVE-2020-5849 - Unraid Authentication Bypass Vulnerability -

    Action Due May 03, 2022 Target Vendor : Unraid

    Description :Unraid contains an authentication bypass vulnerability that allows attackers to gain access to the administrative interface. This CVE is chainable with CVE-2020-5847 for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-5849

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    HIGH
    CVE-2020-10189 - Zoho ManageEngine Desktop Central File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zoho

    Description :Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-10189

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.5

    HIGH
    CVE-2019-8394 - Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zoho

    Description :Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files via login page customization.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-8394

    Alert Date: Nov 03, 2021 | 1585 days ago

    4.3

    MEDIUM
    CVE-2020-8196 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description :Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8196

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2021-27101 - Accellion FTA SQL Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Accellion

    Description :Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27101

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2021-27103 - Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Accellion

    Description :Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27103

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2020-17530 - Apache Struts Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apache

    Description :Forced Object-Graph Navigation Language (OGNL) evaluation in Apache Struts, when evaluated on raw user input in tag attributes, can lead to remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17530

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2021-30858 - Apple iOS, iPadOS, macOS Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30858

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.3

    HIGH
    CVE-2020-27932 - Apple Multiple Products Type Confusion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, and watchOS contain a type confusion vulnerability that may allow a malicious application to execute code with kernel privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-27932

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2021-1870 - Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1870

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.0

    HIGH
    CVE-2021-28663 - Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Arm

    Description :Arm Mali Graphics Processing Unit (GPU) kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gain root privilege, and/or disclose information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-28663

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.5

    HIGH
    CVE-2020-3452 - Cisco ASA and FTD Read-Only Path Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3452

    Alert Date: Nov 03, 2021 | 1585 days ago

    6.1

    MEDIUM
    CVE-2020-3580 - Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3580

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2021-1498 - Cisco HyperFlex HX Data Platform Command Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Cisco

    Description :Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1498

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.6

    HIGH
    CVE-2020-3569 - Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3569

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    HIGH
    CVE-2020-3161 - Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3161

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.5

    HIGH
    CVE-2019-1653 - Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1653

    Alert Date: Nov 03, 2021 | 1585 days ago
Showing 20 of 1540 Results

Filters