CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
9.1
CVE-2020-4428 - IBM Data Risk Manager Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : IBM
Description :IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.�
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4428
10.0
CVE-2019-4716 - IBM Planning Analytics Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : IBM
Description :IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-4716
5.8
CVE-2016-3715 - ImageMagick Arbitrary File Deletion Vulnerability -
Action Due May 03, 2022 Target Vendor : ImageMagick
Description :ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3715
5.5
CVE-2016-3718 - ImageMagick Server-Side Request Forgery (SSRF) Vulnerability -
Action Due May 03, 2022 Target Vendor : ImageMagick
Description :ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) via a crafted image.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3718
9.8
CVE-2020-7961 - Liferay Portal Deserialization of Untrusted Data Vulnerability -
Action Due May 03, 2022 Target Vendor : Liferay
Description :Liferay Portal contains a deserialization of untrusted data vulnerability that allows remote attackers to execute code via JSON web services.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-7961
8.2
CVE-2021-23874 - McAfee Total Protection (MTP) Improper Privilege Management Vulnerability -
Action Due Nov 17, 2021 Target Vendor : McAfee
Description :McAfee Total Protection (MTP) contains an improper privilege management vulnerability that allows a local user to gain elevated privileges and execute code, bypassing MTP self-defense.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-23874
7.5
CVE-2021-22506 - Micro Focus Access Manager Information Leakage Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Micro Focus
Description :Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22506
10.0
CVE-2021-22502 - Micro Focus Operation Bridge Report (OBR) Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Micro Focus
Description :Micro Focus Operation Bridge Report (OBR) contains an unspecified vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22502
9.0
CVE-2014-1812 - Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026
Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-1812
9.8
CVE-2021-38647 - Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38647
7.8
CVE-2016-0167 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0167
7.5
CVE-2020-0878 - Microsoft Edge and Internet Explorer Memory Corruption Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0878
5.5
CVE-2021-31955 - Microsoft Windows Kernel Information Disclosure Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31955
7.8
CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1647
9.0
CVE-2020-0688 - Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0688
8.4
CVE-2021-33739 - Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33739
9.3
CVE-2016-0185 - Microsoft Windows Media Center Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0185
7.8
CVE-2020-0683 - Microsoft Windows Installer Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0683
7.8
CVE-2020-17087 - Microsoft Windows Kernel Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17087
8.8
CVE-2021-33742 - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33742