CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    7.8

    HIGH
    CVE-2016-7255 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-7255

    Alert Date: Nov 03, 2021 | 1638 days ago

    7.8

    HIGH
    CVE-2021-38649 - Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38649

    Alert Date: Nov 03, 2021 | 1638 days ago

    8.8

    HIGH
    CVE-2020-17144 - Microsoft Exchange Server Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17144

    Alert Date: Nov 03, 2021 | 1638 days ago

    7.8

    HIGH
    CVE-2021-31199 - Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31199

    Alert Date: Nov 03, 2021 | 1638 days ago

    8.8

    HIGH
    CVE-2021-33742 - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33742

    Alert Date: Nov 03, 2021 | 1638 days ago

    7.8

    HIGH
    CVE-2020-17087 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17087

    Alert Date: Nov 03, 2021 | 1638 days ago

    7.8

    HIGH
    CVE-2016-0167 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0167

    Alert Date: Nov 03, 2021 | 1638 days ago

    9.8

    CRITICAL
    CVE-2021-38647 - Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38647

    Alert Date: Nov 03, 2021 | 1638 days ago

    9.8

    CRITICAL
    CVE-2021-20016 - SonicWall SSLVPN SMA100 SQL Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SonicWall

    Description :SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20016

    Alert Date: Nov 03, 2021 | 1638 days ago

    9.0

    HIGH
    CVE-2014-1812 - Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2014-1812

    Alert Date: Nov 03, 2021 | 1638 days ago

    4.9

    MEDIUM
    CVE-2021-20023 - SonicWall Email Security Path Traversal Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SonicWall

    Description :SonicWall Email Security contains a path traversal vulnerability that allows a post-authenticated attacker to read files on the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20022 to achieve privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20023

    Alert Date: Nov 03, 2021 | 1638 days ago

    7.5

    HIGH
    CVE-2021-22506 - Micro Focus Access Manager Information Leakage Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Micro Focus

    Description :Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22506

    Alert Date: Nov 03, 2021 | 1638 days ago

    10.0

    HIGH
    CVE-2020-5902 - F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : F5

    Description :F5 BIG-IP Traffic Management User Interface (TMUI) contains a remote code execution vulnerability in undisclosed pages.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-5902

    Alert Date: Nov 03, 2021 | 1638 days ago

    7.5

    HIGH
    CVE-2018-0296 - Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0296

    Alert Date: Nov 03, 2021 | 1638 days ago

    8.2

    HIGH
    CVE-2021-23874 - McAfee Total Protection (MTP) Improper Privilege Management Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : McAfee

    Description :McAfee Total Protection (MTP) contains an improper privilege management vulnerability that allows a local user to gain elevated privileges and execute code, bypassing MTP self-defense.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-23874

    Alert Date: Nov 03, 2021 | 1638 days ago

    6.1

    MEDIUM
    CVE-2021-38000 - Google Chromium Intents Improper Input Validation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38000

    Alert Date: Nov 03, 2021 | 1638 days ago

    10.0

    HIGH
    CVE-2020-0646 - Microsoft .NET Framework Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft .NET Framework contains an improper input validation vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0646

    Alert Date: Nov 03, 2021 | 1638 days ago

    8.8

    HIGH
    CVE-2021-30554 - Google Chromium WebGL Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30554

    Alert Date: Nov 03, 2021 | 1638 days ago

    8.8

    HIGH
    CVE-2020-6418 - Google Chromium V8 Type Confusion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Google

    Description :Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6418

    Alert Date: Nov 03, 2021 | 1638 days ago

    8.8

    HIGH
    CVE-2021-37975 - Google Chromium V8 Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-37975

    Alert Date: Nov 03, 2021 | 1638 days ago
Showing 20 of 1589 Results

Filters