CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    8.1

    HIGH
    CVE-2020-6820 - Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -

    Action Due May 03, 2022 Target Vendor : Mozilla

    Description :Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6820

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2020-5735 - Amcrest Cameras and NVR Stack-based Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : Amcrest

    Description :Amcrest cameras and NVR contain a stack-based buffer overflow vulnerability through port 37777 that allows an unauthenticated, remote attacker to crash the device and possibly execute code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-5735

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    HIGH
    CVE-2018-15961 - Adobe ColdFusion Unrestricted File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Adobe

    Description :Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-15961

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    HIGH
    CVE-2018-4939 - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Adobe

    Description :Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-4939

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    HIGH
    CVE-2021-21972 - VMware vCenter Server Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description :VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21972

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2021-22005 - VMware vCenter Server File Upload Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description :VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22005

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2020-1464 - Microsoft Windows Spoofing Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1464

    Alert Date: Nov 03, 2021 | 1585 days ago

    8.8

    HIGH
    CVE-2021-37975 - Google Chromium V8 Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-37975

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    HIGH
    CVE-2020-5902 - F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : F5

    Description :F5 BIG-IP Traffic Management User Interface (TMUI) contains a remote code execution vulnerability in undisclosed pages.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-5902

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.3

    HIGH
    CVE-2020-8655 - EyesOfNetwork Improper Privilege Management Vulnerability -

    Action Due May 03, 2022 Target Vendor : EyesOfNetwork

    Description :EyesOfNetwork contains an improper privilege management vulnerability that may allow a user to run commands as root via a crafted Nmap Scripting Engine (NSE) script to nmap7.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8655

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.8

    CRITICAL
    CVE-2020-8657 - EyesOfNetwork Use of Hard-Coded Credentials Vulnerability -

    Action Due May 03, 2022 Target Vendor : EyesOfNetwork

    Description :EyesOfNetwork contains a use of hard-coded credentials vulnerability, as it uses the same API key by default. Exploitation allows an attacker to calculate or guess the admin access token.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8657

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    HIGH
    CVE-2021-1497 - Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Cisco

    Description :Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the root user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1497

    Alert Date: Nov 03, 2021 | 1585 days ago

    6.1

    MEDIUM
    CVE-2020-3580 - Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3580

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.6

    CRITICAL
    CVE-2020-16017 - Google Chrome Use-After-Free Vulnerability -

    Action Due May 03, 2022 Target Vendor : Google

    Description :Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-16017

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.3

    HIGH
    CVE-2015-1641 - Microsoft Office Memory Corruption Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1641

    Alert Date: Nov 03, 2021 | 1585 days ago

    9.3

    HIGH
    CVE-2019-0541 - Microsoft MSHTML Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft MSHTML engine contains an improper input validation vulnerability that allows for remote code execution vulnerability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0541

    Alert Date: Nov 03, 2021 | 1585 days ago

    10.0

    CRITICAL
    CVE-2020-25213 - WordPress File Manager Plugin Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : WordPress

    Description :WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-25213

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2019-1215 - Microsoft Windows Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows contains an unspecified vulnerability due to the way ws2ifsl.sys (Winsock) handles objects in memory, allowing for privilege escalation. Successful exploitation allows an attacker to execute code with elevated privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1215

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2019-0211 - Apache HTTP Server Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apache

    Description :Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute code with the privileges of the parent process (usually root) by manipulating the scoreboard.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0211

    Alert Date: Nov 03, 2021 | 1585 days ago

    7.8

    HIGH
    CVE-2020-0069 - Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability -

    Action Due May 03, 2022 Target Vendor : MediaTek

    Description :Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0041 under exploit chain "AbstractEmu."

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0069

    Alert Date: Nov 03, 2021 | 1585 days ago
Showing 20 of 1540 Results

Filters