CISA Known Exploited Vulnerabilities (KEV)

Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

9.0

HIGH

CVE-2019-15949 - Nagios XI Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Nagios

Description :Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and insert malicious commands to execute as root.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-15949

Alert Date: Nov 03, 2021 | 1690 days ago

8.8

HIGH

CVE-2021-30663 - Apple Multiple Products WebKit Integer Overflow Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Apple

Description :Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30663

Alert Date: Nov 03, 2021 | 1690 days ago

6.1

MEDIUM

CVE-2020-3580 - Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability -

Action Due May 03, 2022 Target Vendor : Cisco

Description :Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3580

Alert Date: Nov 03, 2021 | 1690 days ago

8.5

HIGH

CVE-2019-19356 - Netis WF2419 Devices Remote Code Execution Vulnerability -

Action Due May 03, 2022 Target Vendor : Netis

Description :Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as root through the router's web management page.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-19356

Alert Date: Nov 03, 2021 | 1690 days ago

10.0

CRITICAL

CVE-2020-14871 - Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability -

Action Due May 03, 2022 Target Vendor : Oracle

Description :Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14871

Alert Date: Nov 03, 2021 | 1690 days ago

5.5

MEDIUM

CVE-2021-30657 - Apple macOS Unspecified Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Apple

Description :Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30657

Alert Date: Nov 03, 2021 | 1690 days ago

7.8

HIGH

CVE-2021-30713 - Apple macOS Unspecified Vulnerability -

Action Due Nov 17, 2021 Target Vendor : Apple

Description :Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.

Action :Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30713

Alert Date: Nov 03, 2021 | 1690 days ago

Showing 20 of 1627 Results

Filters

What are you looking for ?

Date Added

Ransomware

Sort By

Browse by Apps

CISA Known Exploited Vulnerabilities (KEV)

9.0

CVE-2019-15949 - Nagios XI Remote Code Execution Vulnerability -

8.8

CVE-2021-30663 - Apple Multiple Products WebKit Integer Overflow Vulnerability -

6.1

CVE-2020-3580 - Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability -

8.5

CVE-2019-19356 - Netis WF2419 Devices Remote Code Execution Vulnerability -

10.0

CVE-2020-14871 - Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability -

5.5

CVE-2021-30657 - Apple macOS Unspecified Vulnerability -

7.8

CVE-2021-30713 - Apple macOS Unspecified Vulnerability -

Filters

Cookie Preferences