CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    10.0

    HIGH
    CVE-2020-0646 - Microsoft .NET Framework Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft .NET Framework contains an improper input validation vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0646

    Alert Date: Nov 03, 2021 | 1631 days ago

    10.0

    HIGH
    CVE-2021-21985 - VMware vCenter Server Improper Input Validation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description :VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21985

    Alert Date: Nov 03, 2021 | 1631 days ago

    9.1

    CRITICAL
    CVE-2020-4006 - Multiple VMware Products Command Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description :VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a command injection vulnerability. An attacker with network access to the administrative configurator on port 8443 and a valid password for the configurator administrator account can execute commands with unrestricted privileges on the underlying operating system.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4006

    Alert Date: Nov 03, 2021 | 1631 days ago

    10.0

    CRITICAL
    CVE-2020-25213 - WordPress File Manager Plugin Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : WordPress

    Description :WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-25213

    Alert Date: Nov 03, 2021 | 1631 days ago

    10.0

    CRITICAL
    CVE-2021-35211 - SolarWinds Serv-U Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SolarWinds

    Description :SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-35211

    Alert Date: Nov 03, 2021 | 1631 days ago

    10.0

    HIGH
    CVE-2017-7269 - Microsoft Windows Server Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in Internet Information Services (IIS) 6.0 which allows remote attackers to execute code via a long header beginning with "If: <http://" in a PROPFIND request.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-7269

    Alert Date: Nov 03, 2021 | 1631 days ago

    7.8

    HIGH
    CVE-2021-36948 - Microsoft Windows Update Medic Service Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows Update Medic Service contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-36948

    Alert Date: Nov 03, 2021 | 1631 days ago

    8.8

    HIGH
    CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-40444

    Alert Date: Nov 03, 2021 | 1631 days ago

    9.1

    CRITICAL
    CVE-2012-3152 - Oracle Fusion Middleware Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description :Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-3152

    Alert Date: Nov 03, 2021 | 1631 days ago

    9.8

    CRITICAL
    CVE-2016-4437 - Apache Shiro Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apache

    Description :Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher key has not been configured for the "remember me" feature.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-4437

    Alert Date: Nov 03, 2021 | 1631 days ago

    9.8

    CRITICAL
    CVE-2021-1871 - Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1871

    Alert Date: Nov 03, 2021 | 1631 days ago

    9.0

    HIGH
    CVE-2021-28663 - Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Arm

    Description :Arm Mali Graphics Processing Unit (GPU) kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gain root privilege, and/or disclose information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-28663

    Alert Date: Nov 03, 2021 | 1631 days ago

    10.0

    HIGH
    CVE-2021-1497 - Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Cisco

    Description :Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the root user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1497

    Alert Date: Nov 03, 2021 | 1631 days ago

    10.0

    HIGH
    CVE-2020-3161 - Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3161

    Alert Date: Nov 03, 2021 | 1631 days ago

    7.5

    HIGH
    CVE-2019-1653 - Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1653

    Alert Date: Nov 03, 2021 | 1631 days ago

    7.5

    HIGH
    CVE-2018-0296 - Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0296

    Alert Date: Nov 03, 2021 | 1631 days ago

    7.5

    HIGH
    CVE-2019-13608 - Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description :Citrix StoreFront Server contains an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-13608

    Alert Date: Nov 03, 2021 | 1631 days ago

    6.5

    MEDIUM
    CVE-2020-8193 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description :Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8193

    Alert Date: Nov 03, 2021 | 1631 days ago

    9.8

    CRITICAL
    CVE-2018-7600 - Drupal Core Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Drupal

    Description :Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-7600

    Alert Date: Nov 03, 2021 | 1631 days ago

    10.0

    CRITICAL
    CVE-2021-22205 - GitLab Community and Enterprise Editions Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : GitLab

    Description :GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse passes image file extensions through ExifTool, which improperly validates the image files.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22205

    Alert Date: Nov 03, 2021 | 1631 days ago
Showing 20 of 1581 Results

Filters