CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    5.5

    MEDIUM
    CVE-2021-30657 - Apple macOS Unspecified Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30657

    Alert Date: Nov 03, 2021 | 1632 days ago

    8.8

    HIGH
    CVE-2021-30663 - Apple Multiple Products WebKit Integer Overflow Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30663

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.3

    HIGH
    CVE-2021-30869 - Apple iOS, iPadOS, and macOS Type Confusion Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30869

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.8

    HIGH
    CVE-2020-3950 - VMware Multiple Products Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description :VMware Fusion, Remote Console (VMRC) for Mac, and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries that allows attackers to escalate privileges to root.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3950

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.8

    CRITICAL
    CVE-2021-22005 - VMware vCenter Server File Upload Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : VMware

    Description :VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22005

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.0

    HIGH
    CVE-2021-28664 - Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Arm

    Description :Arm Mali Graphics Processing Unit (GPU) kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-28664

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.0

    HIGH
    CVE-2021-28663 - Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Arm

    Description :Arm Mali Graphics Processing Unit (GPU) kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gain root privilege, and/or disclose information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-28663

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.0

    HIGH
    CVE-2019-3398 - Atlassian Confluence Server and Data Center Path Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : Atlassian

    Description :Atlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write files. Exploitation can lead to remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-3398

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.8

    CRITICAL
    CVE-2021-26084 - Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Atlassian

    Description :Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-26084

    Alert Date: Nov 03, 2021 | 1632 days ago

    6.1

    MEDIUM
    CVE-2020-3580 - Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3580

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.8

    CRITICAL
    CVE-2021-1498 - Cisco HyperFlex HX Data Platform Command Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Cisco

    Description :Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1498

    Alert Date: Nov 03, 2021 | 1632 days ago

    10.0

    HIGH
    CVE-2018-0171 - Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0171

    Alert Date: Nov 03, 2021 | 1632 days ago

    8.8

    HIGH
    CVE-2020-3118 - Cisco IOS XR Software Discovery Protocol Format String Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3118

    Alert Date: Nov 03, 2021 | 1632 days ago

    10.0

    HIGH
    CVE-2021-34473 - Microsoft Exchange Server Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-34473

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.8

    CRITICAL
    CVE-2018-6789 - Exim Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : Exim

    Description :Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-6789

    Alert Date: Nov 03, 2021 | 1632 days ago

    8.8

    HIGH
    CVE-2021-21220 - Google Chromium V8 Improper Input Validation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21220

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.1

    CRITICAL
    CVE-2020-4428 - IBM Data Risk Manager Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : IBM

    Description :IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.�

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4428

    Alert Date: Nov 03, 2021 | 1632 days ago

    10.0

    CRITICAL
    CVE-2019-4716 - IBM Planning Analytics Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : IBM

    Description :IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-4716

    Alert Date: Nov 03, 2021 | 1632 days ago

    5.8

    MEDIUM
    CVE-2016-3715 - ImageMagick Arbitrary File Deletion Vulnerability -

    Action Due May 03, 2022 Target Vendor : ImageMagick

    Description :ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3715

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.8

    HIGH
    CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1647

    Alert Date: Nov 03, 2021 | 1632 days ago
Showing 20 of 1582 Results

Filters