CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    9.8

    CRITICAL
    CVE-2021-20016 - SonicWall SSLVPN SMA100 SQL Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SonicWall

    Description :SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20016

    Alert Date: Nov 03, 2021 | 1641 days ago

    4.9

    MEDIUM
    CVE-2021-20023 - SonicWall Email Security Path Traversal Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SonicWall

    Description :SonicWall Email Security contains a path traversal vulnerability that allows a post-authenticated attacker to read files on the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20022 to achieve privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20023

    Alert Date: Nov 03, 2021 | 1641 days ago

    10.0

    CRITICAL
    CVE-2021-35211 - SolarWinds Serv-U Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SolarWinds

    Description :SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-35211

    Alert Date: Nov 03, 2021 | 1641 days ago

    10.0

    HIGH
    CVE-2020-10189 - Zoho ManageEngine Desktop Central File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zoho

    Description :Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-10189

    Alert Date: Nov 03, 2021 | 1641 days ago

    6.5

    MEDIUM
    CVE-2019-5591 - Fortinet FortiOS Default Configuration Vulnerability -

    Action Due May 03, 2022 Target Vendor : Fortinet

    Description :Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP) server.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-5591

    Alert Date: Nov 03, 2021 | 1641 days ago

    10.0

    HIGH
    CVE-2021-35464 - ForgeRock Access Management (AM) Core Server Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : ForgeRock

    Description :ForgeRock Access Management (AM) Core Server allows an attacker who sends a specially crafted HTTP request to one of three endpoints (/ccversion/Version, /ccversion/Masthead, or /ccversion/ButtonFrame) to execute code in the context of the current user (unless ForgeRock AM is running as root user, which the vendor does not recommend).

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-35464

    Alert Date: Nov 03, 2021 | 1641 days ago

    10.0

    HIGH
    CVE-2021-22986 - F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : F5

    Description :F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access to execute system commands, create or delete files, and disable services.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22986

    Alert Date: Nov 03, 2021 | 1641 days ago

    10.0

    CRITICAL
    CVE-2021-22205 - GitLab Community and Enterprise Editions Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : GitLab

    Description :GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse passes image file extensions through ExifTool, which improperly validates the image files.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22205

    Alert Date: Nov 03, 2021 | 1641 days ago

    9.8

    CRITICAL
    CVE-2018-7600 - Drupal Core Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Drupal

    Description :Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-7600

    Alert Date: Nov 03, 2021 | 1641 days ago

    10.0

    HIGH
    CVE-2020-8515 - Multiple DrayTek Vigor Routers Web Management Page Vulnerability -

    Action Due May 03, 2022 Target Vendor : DrayTek

    Description :DrayTek Vigor3900, Vigor2960, and Vigor300B routers contain an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8515

    Alert Date: Nov 03, 2021 | 1641 days ago

    10.0

    HIGH
    CVE-2020-29557 - D-Link DIR-825 R1 Devices Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : D-Link

    Description :D-Link DIR-825 R1 devices contain a buffer overflow vulnerability in the web interface that may allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-29557

    Alert Date: Nov 03, 2021 | 1641 days ago

    7.5

    HIGH
    CVE-2018-0296 - Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0296

    Alert Date: Nov 03, 2021 | 1641 days ago

    6.5

    MEDIUM
    CVE-2020-8195 - Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : Citrix

    Description :Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8195

    Alert Date: Nov 03, 2021 | 1641 days ago

    6.5

    MEDIUM
    CVE-2016-9563 - SAP NetWeaver XML External Entity (XXE) Vulnerability -

    Action Due May 03, 2022 Target Vendor : SAP

    Description :SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows remote, authenticated users to conduct XML External Entity (XXE) attacks.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-9563

    Alert Date: Nov 03, 2021 | 1641 days ago

    9.3

    HIGH
    CVE-2020-8655 - EyesOfNetwork Improper Privilege Management Vulnerability -

    Action Due May 03, 2022 Target Vendor : EyesOfNetwork

    Description :EyesOfNetwork contains an improper privilege management vulnerability that may allow a user to run commands as root via a crafted Nmap Scripting Engine (NSE) script to nmap7.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8655

    Alert Date: Nov 03, 2021 | 1641 days ago

    7.5

    HIGH
    CVE-2021-22506 - Micro Focus Access Manager Information Leakage Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Micro Focus

    Description :Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22506

    Alert Date: Nov 03, 2021 | 1641 days ago

    10.0

    CRITICAL
    CVE-2020-6287 - SAP NetWeaver Missing Authentication for Critical Function Vulnerability -

    Action Due May 03, 2022 Target Vendor : SAP

    Description :SAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability allowing unauthenticated access to execute configuration tasks and create administrative users.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-6287

    Alert Date: Nov 03, 2021 | 1641 days ago

    8.5

    HIGH
    CVE-2021-27059 - Microsoft Office Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Office contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27059

    Alert Date: Nov 03, 2021 | 1641 days ago

    10.0

    HIGH
    CVE-2018-4939 - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Adobe

    Description :Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-4939

    Alert Date: Nov 03, 2021 | 1641 days ago

    9.8

    CRITICAL
    CVE-2020-26919 - Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability -

    Action Due May 03, 2022 Target Vendor : NETGEAR

    Description :Netgear JGS516PE devices contain a missing function level access control vulnerability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-26919

    Alert Date: Nov 03, 2021 | 1641 days ago
Showing 20 of 1591 Results

Filters