CISA Known Exploited Vulnerabilities (KEV)

Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

9.8

CRITICAL

CVE-2015-4852 - Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-4852

Alert Date: Nov 03, 2021 | 1631 days ago

9.8

CRITICAL

CVE-2020-14750 - Oracle WebLogic Server Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14750

Alert Date: Nov 03, 2021 | 1631 days ago

10.0

HIGH

CVE-2020-14882 - Oracle WebLogic Server Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14882

Alert Date: Nov 03, 2021 | 1631 days ago

9.0

HIGH

CVE-2020-14883 - Oracle WebLogic Server Unspecified Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14883

Alert Date: Nov 03, 2021 | 1631 days ago

9.8

CRITICAL

CVE-2020-8644 - PlaySMS Server-Side Template Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : PlaySMS

Description :PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8644

Alert Date: Nov 03, 2021 | 1631 days ago

9.8

CRITICAL

CVE-2019-18935 - Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability -

Action Due May 03, 2022 Target Vendor : Progress

Description :Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-18935

Alert Date: Nov 03, 2021 | 1631 days ago

7.8

HIGH

CVE-2021-36948 - Microsoft Windows Update Medic Service Privilege Escalation Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Microsoft

Description :Microsoft Windows Update Medic Service contains an unspecified vulnerability that allows for privilege escalation.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-36948

Alert Date: Nov 03, 2021 | 1631 days ago

10.0

CRITICAL

CVE-2021-22893 - Ivanti Pulse Connect Secure Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22893

Alert Date: Nov 03, 2021 | 1631 days ago

7.2

HIGH

CVE-2020-8243 - Ivanti Pulse Connect Secure Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Nov 03, 2021 | 1631 days ago

7.2

HIGH

CVE-2021-22900 - Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Nov 03, 2021 | 1631 days ago

9.0

HIGH

CVE-2021-22894 - Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Nov 03, 2021 | 1631 days ago

7.1

HIGH

CVE-2020-27950 - Apple Multiple Products Memory Initialization Vulnerability -

Action Due May 03, 2022 Target Vendor : Apple

Description :Apple iOS, iPadOS, macOS, and watchOS contain a memory initialization vulnerability that may allow a malicious application to disclose kernel memory.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-27950

Alert Date: Nov 03, 2021 | 1631 days ago

7.2

HIGH

CVE-2020-8260 - Ivanti Pulse Connect Secure Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Nov 03, 2021 | 1631 days ago

8.8

HIGH

CVE-2021-22899 - Ivanti Pulse Connect Secure Command Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Alert Date: Nov 03, 2021 | 1631 days ago

10.0

CRITICAL

CVE-2019-11510 - Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Alert Date: Nov 03, 2021 | 1631 days ago

9.3

HIGH

CVE-2017-0143 - Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Microsoft

Description :Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-0143

Alert Date: Nov 03, 2021 | 1631 days ago

8.0

HIGH

CVE-2019-11539 - Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : Ivanti

Description :Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-11539

Alert Date: Nov 03, 2021 | 1631 days ago

6.2

MEDIUM

CVE-2021-1906 - Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Qualcomm

Description :Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1906

Alert Date: Nov 03, 2021 | 1631 days ago

8.4

HIGH

CVE-2021-1905 - Qualcomm Multiple Chipsets Use-After-Free Vulnerability -

Action Due May 03, 2022 Target Vendor : Qualcomm

Description :Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1905

Alert Date: Nov 03, 2021 | 1631 days ago

9.0

HIGH

CVE-2020-10221 - rConfig OS Command Injection Vulnerability -

Action Due May 03, 2022 Target Vendor : rConfig

Description :rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-10221

Alert Date: Nov 03, 2021 | 1631 days ago

Showing 20 of 1581 Results

Filters

What are you looking for ?

Date Added

Ransomware

Sort By

Browse by Apps

CISA Known Exploited Vulnerabilities (KEV)

9.8

9.8

10.0

9.0

9.8

9.8

7.8

10.0

7.2

7.2

9.0

7.1

7.2

8.8

10.0

9.3

8.0

6.2

8.4

9.0

Filters

Cookie Preferences