Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 721 - 740 of 1345
Adobe | Flash Player

CVE-2014-9163

Adobe Flash Player Stack-Based Buffer Overflow Vulnerability: Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.
  • Date Added: 2022-04-13
  • Due Date: 2022-05-04
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-9163
WatchGuard | Firebox and XTM

CVE-2022-23176

WatchGuard Firebox and XTM Privilege Escalation Vulnerability: WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-23176
Microsoft | Active Directory

CVE-2021-42287

Microsoft Active Directory Domain Services Privilege Escalation Vulnerability: Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-269

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-42287
Microsoft | Active Directory

CVE-2021-42278

Microsoft Active Directory Domain Services Privilege Escalation Vulnerability: Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-42278
Google | Pixel

CVE-2021-39793

Google Pixel Out-of-Bounds Write Vulnerability: Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-39793
Checkbox | Checkbox Survey

CVE-2021-27852

Checkbox Survey Deserialization of Untrusted Data Vulnerability: Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Unknown

Action: Versions 6 and earlier for this product are end-of-life and must be removed from agency networks. Versions 7 and later are not considered vulnerable.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-27852
Linux | Kernel

CVE-2021-22600

Linux Kernel Privilege Escalation Vulnerability: Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.

Related CWE: CWE-415

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-22600
QNAP | QNAP Network-Attached Storage (NAS)

CVE-2020-2509

QNAP Network-Attached Storage (NAS) Command Injection Vulnerability: QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.

Related CWEs: CWE-77| CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-2509
Telerik | User Interface (UI) for ASP.NET AJAX

CVE-2017-11317

Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability: Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.

Related CWE: CWE-326

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-11317
Sudo | Sudo

CVE-2021-3156

Sudo Heap-Based Buffer Overflow Vulnerability: Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.

Related CWEs: CWE-122| CWE-193

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-06
  • Due Date: 2022-04-27
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-3156
Microsoft | HTTP Protocol Stack

CVE-2021-31166

Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability: Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-06
  • Due Date: 2022-04-27
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-31166
Microsoft | SMBv1 server

CVE-2017-0148

Microsoft SMBv1 Server Remote Code Execution Vulnerability: The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-06
  • Due Date: 2022-04-27
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-0148
VMware | Spring Framework

CVE-2022-22965

Spring Framework JDK 9+ Remote Code Execution Vulnerability: Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-04
  • Due Date: 2022-04-25
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
Apple | macOS

CVE-2022-22675

Apple macOS Out-of-Bounds Write Vulnerability: macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges.

Related CWEs: CWE-20| CWE-125

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-04
  • Due Date: 2022-04-25
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-22675
Apple | macOS

CVE-2022-22674

Apple macOS Out-of-Bounds Read Vulnerability: macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory.

Related CWEs: CWE-20| CWE-125

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-04
  • Due Date: 2022-04-25
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-22674
D-Link | Multiple Routers

CVE-2021-45382

D-Link Multiple Routers Remote Code Execution Vulnerability: A remote code execution vulnerability exists in all series H/W revisions routers via the DDNS function in ncc2 binary file.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.
  • Date Added: 2022-04-04
  • Due Date: 2022-04-25
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-45382
Trend Micro | Apex Central

CVE-2022-26871

Trend Micro Apex Central Arbitrary File Upload Vulnerability: An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.

Related CWE: CWE-184

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-31
  • Due Date: 2022-04-21
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-26871
Sophos | Firewall

CVE-2022-1040

Sophos Firewall Authentication Bypass Vulnerability: An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.

Related CWE: CWE-158

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-31
  • Due Date: 2022-04-21
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-1040
Microsoft | Windows

CVE-2021-34484

Microsoft Windows User Profile Service Privilege Escalation Vulnerability: Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-269

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-31
  • Due Date: 2022-04-21
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-34484
QNAP | Network Attached Storage (NAS)

CVE-2021-28799

QNAP NAS Improper Authorization Vulnerability: QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.

Related CWE: CWE-285

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-31
  • Due Date: 2022-04-21
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-28799

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now