Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1021 - 1040 of 1360
SolarWinds | Serv-U

CVE-2021-35247

SolarWinds Serv-U Improper Input Validation Vulnerability: SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-21
  • Due Date: 2022-02-04
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-35247
October CMS | October CMS

CVE-2021-32648

October CMS Improper Authentication: In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.

Related CWE: CWE-287

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-02-01
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-32648
Nagios | Nagios XI

CVE-2021-25296

Nagios XI OS Command Injection: Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.

Related CWEs: CWE-78| CWE-138

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-02-01
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-25296
Nagios | Nagios XI

CVE-2021-25297

Nagios XI OS Command Injection: Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.

Related CWEs: CWE-78| CWE-138

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-02-01
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-25297
Nagios | Nagios XI

CVE-2021-25298

Nagios XI OS Command Injection: Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.

Related CWEs: CWE-78| CWE-138

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-02-01
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-25298
Aviatrix | Aviatrix Controller

CVE-2021-40870

Aviatrix Controller Unrestricted Upload of File: Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Related CWEs: CWE-25| CWE-96

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-02-01
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-40870
Microsoft | Exchange Server

CVE-2021-33766

Microsoft Exchange Server Information Disclosure: Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.

Related CWE: CWE-287

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-02-01
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-33766
VMware | vRealize Operations Manager API

CVE-2021-21975

VMware Server Side Request Forgery in vRealize Operations Manager API: Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.

Related CWE: CWE-918

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-02-01
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-21975
Npm package | System Information Library for Node.JS

CVE-2021-21315

System Information Library for Node.JS Command Injection: In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-02-01
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-21315
F5 | BIG-IP Traffic Management Microkernel

CVE-2021-22991

F5 BIG-IP Traffic Management Microkernel Buffer Overflow: The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-02-01
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-22991
Oracle | Intelligence Enterprise Edition

CVE-2020-14864

Oracle Business Intelligence Enterprise Edition Path Transversal: Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-07-18
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-14864
Drupal | Drupal core

CVE-2020-13671

Drupal core Un-restricted Upload of File: Improper sanitization in the extension file names is present in Drupal core.

Related CWE: CWE-434

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-07-18
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-13671
Apache | Airflow

CVE-2020-11978

Apache Airflow Command Injection: A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-07-18
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-11978
Apache | Airflow's Experimental API

CVE-2020-13927

Apache Airflow's Experimental API Authentication Bypass: The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.

Related CWEs: CWE-1188| CWE-306

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-07-18
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-13927
VMware | vCenter Server

CVE-2021-22017

VMware vCenter Server Improper Access Control: Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.

Related CWE: CWE-23

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-01-24
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-22017
Hikvision | Security cameras web server

CVE-2021-36260

Hikvision Improper Input Validation: A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-01-24
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-36260
Google | Chrome Media

CVE-2020-6572

Google Chrome Media Use-After-Free Vulnerability: Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-07-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-6572
Microsoft | Win32k

CVE-2019-1458

Microsoft Win32k Privilege Escalation Vulnerability: A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-07-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-1458
Microsoft | WinVerifyTrust function

CVE-2013-3900

Microsoft WinVerifyTrust function Remote Code Execution: A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-07-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2013-3900
Oracle | WebLogic Server

CVE-2019-2725

Oracle WebLogic Server, Injection: Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).

Related CWE: CWE-74

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-07-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-2725

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now