CISA Known Exploited Vulnerabilities (KEV)

Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

9.3

HIGH

CVE-2016-0185 - Microsoft Windows Media Center Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Microsoft

Description :Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0185

Alert Date: Nov 03, 2021 | 1635 days ago

8.4

HIGH

CVE-2021-33739 - Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Microsoft

Description :Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33739

Alert Date: Nov 03, 2021 | 1635 days ago

7.8

HIGH

CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Microsoft

Description :Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1647

Alert Date: Nov 03, 2021 | 1635 days ago

9.8

CRITICAL

CVE-2018-6789 - Exim Buffer Overflow Vulnerability -

Action Due May 03, 2022 Target Vendor : Exim

Description :Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-6789

Alert Date: Nov 03, 2021 | 1635 days ago

7.8

HIGH

CVE-2019-0803 - Microsoft Win32k Privilege Escalation Vulnerability -

Action Due May 03, 2022 Target Vendor : Microsoft

Description :Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0803

Alert Date: Nov 03, 2021 | 1635 days ago

4.3

MEDIUM

CVE-2020-8196 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability -

Action Due May 03, 2022 Target Vendor : Citrix

Description :Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8196

Alert Date: Nov 03, 2021 | 1635 days ago

7.5

HIGH

CVE-2020-3452 - Cisco ASA and FTD Read-Only Path Traversal Vulnerability -

Action Due May 03, 2022 Target Vendor : Cisco

Description :Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3452

Alert Date: Nov 03, 2021 | 1635 days ago

9.6

CRITICAL

CVE-2020-15999 - Google Chrome FreeType Heap Buffer Overflow Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Google

Description :Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function Load_SBit_Png when processing PNG images embedded into fonts. This vulnerability is part of an exploit chain with CVE-2020-17087 on Windows and CVE-2020-16010 on Android.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-15999

Alert Date: Nov 03, 2021 | 1635 days ago

8.8

HIGH

CVE-2021-21166 - Google Chromium Race Condition Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Google

Description :Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21166

Alert Date: Nov 03, 2021 | 1635 days ago

6.5

MEDIUM

CVE-2021-37976 - Google Chromium Information Disclosure Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Google

Description :Google Chromium contains an information disclosure vulnerability within the core memory component that allows a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-37976

Alert Date: Nov 03, 2021 | 1635 days ago

8.8

HIGH

CVE-2020-6418 - Google Chromium V8 Type Confusion Vulnerability -

Action Due May 03, 2022 Target Vendor : Google

Description :Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6418

Alert Date: Nov 03, 2021 | 1635 days ago

9.3

HIGH

CVE-2019-15752 - Docker Desktop Community Edition Privilege Escalation Vulnerability -

Action Due May 03, 2022 Target Vendor : Docker

Description :Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-15752

Alert Date: Nov 03, 2021 | 1635 days ago

10.0

HIGH

CVE-2021-1497 - Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Cisco

Description :Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the root user.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1497

Alert Date: Nov 03, 2021 | 1635 days ago

10.0

HIGH

CVE-2020-3161 - Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability -

Action Due May 03, 2022 Target Vendor : Cisco

Description :Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3161

Alert Date: Nov 03, 2021 | 1635 days ago

7.5

HIGH

CVE-2019-1653 - Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability -

Action Due May 03, 2022 Target Vendor : Cisco

Description :Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1653

Alert Date: Nov 03, 2021 | 1635 days ago

7.5

HIGH

CVE-2020-0878 - Microsoft Edge and Internet Explorer Memory Corruption Vulnerability -

Action Due May 03, 2022 Target Vendor : Microsoft

Description :Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0878

Alert Date: Nov 03, 2021 | 1635 days ago

7.8

HIGH

CVE-2020-17087 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

Action Due May 03, 2022 Target Vendor : Microsoft

Description :Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17087

Alert Date: Nov 03, 2021 | 1635 days ago

8.8

HIGH

CVE-2021-33742 - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Microsoft

Description :Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33742

Alert Date: Nov 03, 2021 | 1635 days ago

7.8

HIGH

CVE-2020-1464 - Microsoft Windows Spoofing Vulnerability -

Action Due May 03, 2022 Target Vendor : Microsoft

Description :Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1464

Alert Date: Nov 03, 2021 | 1635 days ago

9.0

CRITICAL

CVE-2020-1040 - Microsoft Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Microsoft

Description :Microsoft Hyper-V RemoteFX vGPU contains an improper input validation vulnerability due to the host server failing to properly validate input from an authenticated user on a guest operating system. Successful exploitation allows for remote code execution on the host operating system.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1040

Alert Date: Nov 03, 2021 | 1635 days ago

Showing 20 of 1587 Results

Filters

What are you looking for ?

Date Added

Ransomware

Sort By

Browse by Apps

CISA Known Exploited Vulnerabilities (KEV)

9.3

8.4

7.8

9.8

7.8

4.3

7.5

9.6

8.8

6.5

8.8

9.3

10.0

10.0

7.5

7.5

7.8

8.8

7.8

9.0

Filters

Cookie Preferences