CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    10.0

    CRITICAL
    CVE-2019-4716 - IBM Planning Analytics Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : IBM

    Description :IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-4716

    Alert Date: Nov 03, 2021 | 1626 days ago

    8.8

    HIGH
    CVE-2021-33742 - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33742

    Alert Date: Nov 03, 2021 | 1626 days ago

    10.0

    HIGH
    CVE-2021-22502 - Micro Focus Operation Bridge Report (OBR) Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Micro Focus

    Description :Micro Focus Operation Bridge Report (OBR) contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22502

    Alert Date: Nov 03, 2021 | 1626 days ago

    8.8

    HIGH
    CVE-2021-21148 - Google Chromium V8 Heap Buffer Overflow Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium V8 Engine contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21148

    Alert Date: Nov 03, 2021 | 1626 days ago

    7.8

    HIGH
    CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1647

    Alert Date: Nov 03, 2021 | 1626 days ago

    9.0

    HIGH
    CVE-2020-14883 - Oracle WebLogic Server Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description :Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14883

    Alert Date: Nov 03, 2021 | 1626 days ago

    10.0

    HIGH
    CVE-2020-14882 - Oracle WebLogic Server Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description :Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14882

    Alert Date: Nov 03, 2021 | 1626 days ago

    9.8

    CRITICAL
    CVE-2019-18935 - Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Progress

    Description :Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-18935

    Alert Date: Nov 03, 2021 | 1626 days ago

    9.8

    CRITICAL
    CVE-2020-14750 - Oracle WebLogic Server Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description :Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14750

    Alert Date: Nov 03, 2021 | 1626 days ago

    10.0

    HIGH
    CVE-2021-21985 - VMware vCenter Server Improper Input Validation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description :VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21985

    Alert Date: Nov 03, 2021 | 1626 days ago

    10.0

    HIGH
    CVE-2021-21972 - VMware vCenter Server Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description :VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21972

    Alert Date: Nov 03, 2021 | 1626 days ago

    9.1

    CRITICAL
    CVE-2020-4006 - Multiple VMware Products Command Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description :VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a command injection vulnerability. An attacker with network access to the administrative configurator on port 8443 and a valid password for the configurator administrator account can execute commands with unrestricted privileges on the underlying operating system.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4006

    Alert Date: Nov 03, 2021 | 1626 days ago

    9.8

    CRITICAL
    CVE-2020-3952 - VMware vCenter Server Information Disclosure Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description :VMware vCenter Server contains an information disclosure vulnerability in the VMware Directory Service (vmdir) when the Platform Services Controller (PSC) does not correctly implement access controls. Successful exploitation allows an attacker with network access to port 389 to extract sensitive information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3952

    Alert Date: Nov 03, 2021 | 1626 days ago
Showing 20 of 1573 Results

Filters