CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
5.8
CVE-2016-3715 - ImageMagick Arbitrary File Deletion Vulnerability -
Action Due May 03, 2022 Target Vendor : ImageMagick
Description :ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3715
10.0
CVE-2019-4716 - IBM Planning Analytics Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : IBM
Description :IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-4716
9.8
CVE-2020-4427 - IBM Data Risk Manager Security Bypass Vulnerability -
Action Due May 03, 2022 Target Vendor : IBM
Description :IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4427
8.8
CVE-2020-6418 - Google Chromium V8 Type Confusion Vulnerability -
Action Due May 03, 2022 Target Vendor : Google
Description :Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6418
8.8
CVE-2021-21148 - Google Chromium V8 Heap Buffer Overflow Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Google
Description :Google Chromium V8 Engine contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21148
9.6
CVE-2021-30633 - Google Chromium Indexed DB API Use-After-Free Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Google
Description :Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30633
10.0
CVE-2021-22986 - F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : F5
Description :F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access to execute system commands, create or delete files, and disable services.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22986
10.0
CVE-2020-5902 - F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : F5
Description :F5 BIG-IP Traffic Management User Interface (TMUI) contains a remote code execution vulnerability in undisclosed pages.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-5902
9.3
CVE-2020-8655 - EyesOfNetwork Improper Privilege Management Vulnerability -
Action Due May 03, 2022 Target Vendor : EyesOfNetwork
Description :EyesOfNetwork contains an improper privilege management vulnerability that may allow a user to run commands as root via a crafted Nmap Scripting Engine (NSE) script to nmap7.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8655
9.8
CVE-2020-8657 - EyesOfNetwork Use of Hard-Coded Credentials Vulnerability -
Action Due May 03, 2022 Target Vendor : EyesOfNetwork
Description :EyesOfNetwork contains a use of hard-coded credentials vulnerability, as it uses the same API key by default. Exploitation allows an attacker to calculate or guess the admin access token.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8657
8.8
CVE-2017-9822 - DotNetNuke (DNN) Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)
Description :DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-9822
7.5
CVE-2018-18325 - DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability -
Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)
Description :DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-18325
7.5
CVE-2018-15811 - DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability -
Action Due May 03, 2022 Target Vendor : DotNetNuke (DNN)
Description :DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-15811
8.8
CVE-2021-21017 - Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Adobe
Description :Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21017
8.8
CVE-2020-3118 - Cisco IOS XR Software Discovery Protocol Format String Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description :Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3118
10.0
CVE-2018-0171 - Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Cisco
Description :Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0171
7.8
CVE-2021-30713 - Apple macOS Unspecified Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apple
Description :Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30713
10.0
CVE-2020-29583 - Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability -
Action Due May 03, 2022 Target Vendor : Zyxel
Description :Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnerability in an undocumented account ("zyfwp") with an unchangeable password.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-29583
8.8
CVE-2021-30666 - Apple iOS WebKit Buffer Overflow Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apple
Description :Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30666
6.1
CVE-2019-9978 - WordPress Social Warfare Plugin Cross-Site Scripting (XSS) Vulnerability -
Action Due May 03, 2022 Target Vendor : WordPress
Description :WordPress Social Warfare plugin contains a cross-site scripting (XSS) vulnerability that allows for remote code execution. This vulnerability affects Social Warfare and Social Warfare Pro.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-9978