CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    9.8

    CRITICAL
    CVE-2018-6789 - Exim Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : Exim

    Description :Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-6789

    Alert Date: Nov 03, 2021 | 1588 days ago

    9.8

    CRITICAL
    CVE-2020-8657 - EyesOfNetwork Use of Hard-Coded Credentials Vulnerability -

    Action Due May 03, 2022 Target Vendor : EyesOfNetwork

    Description :EyesOfNetwork contains a use of hard-coded credentials vulnerability, as it uses the same API key by default. Exploitation allows an attacker to calculate or guess the admin access token.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8657

    Alert Date: Nov 03, 2021 | 1588 days ago

    9.3

    HIGH
    CVE-2020-8655 - EyesOfNetwork Improper Privilege Management Vulnerability -

    Action Due May 03, 2022 Target Vendor : EyesOfNetwork

    Description :EyesOfNetwork contains an improper privilege management vulnerability that may allow a user to run commands as root via a crafted Nmap Scripting Engine (NSE) script to nmap7.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8655

    Alert Date: Nov 03, 2021 | 1588 days ago
Showing 20 of 1543 Results

Filters