Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 481 - 500 of 1351
Telerik | User Interface (UI) for ASP.NET AJAX

CVE-2017-11357

Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability: Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-01-26
  • Due Date: 2023-02-16
Additional Notes
https://docs.telerik.com/devtools/aspnet-ajax/knowledge-base/asyncupload-insecure-direct-object-reference; https://nvd.nist.gov/vuln/detail/CVE-2017-11357
Zoho | ManageEngine

CVE-2022-47966

Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability: Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-01-23
  • Due Date: 2023-02-13
Additional Notes
https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html; https://nvd.nist.gov/vuln/detail/CVE-2022-47966
CWP | Control Web Panel

CVE-2022-44877

CWP Control Web Panel OS Command Injection Vulnerability: CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-01-17
  • Due Date: 2023-02-07
Additional Notes
https://control-webpanel.com/changelog#1669855527714-450fb335-6194; https://nvd.nist.gov/vuln/detail/CVE-2022-44877
Microsoft | Exchange Server

CVE-2022-41080

Microsoft Exchange Server Privilege Escalation Vulnerability: Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-01-10
  • Due Date: 2023-01-31
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41080; https://nvd.nist.gov/vuln/detail/CVE-2022-41080
Microsoft | Windows

CVE-2023-21674

Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability: Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-01-10
  • Due Date: 2023-01-31
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21674; https://nvd.nist.gov/vuln/detail/CVE-2023-21674
TIBCO | JasperReports

CVE-2018-18809

TIBCO JasperReports Library Directory Traversal Vulnerability: TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-29
  • Due Date: 2023-01-19
Additional Notes
https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809; https://nvd.nist.gov/vuln/detail/CVE-2018-18809
TIBCO | JasperReports

CVE-2018-5430

TIBCO JasperReports Server Information Disclosure Vulnerability: TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-29
  • Due Date: 2023-01-19
Additional Notes
https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5430;https://nvd.nist.gov/vuln/detail/CVE-2018-5430
Microsoft | Defender

CVE-2022-44698

Microsoft Defender SmartScreen Security Feature Bypass Vulnerability: Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.

Related CWE: CWE-755

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-13
  • Due Date: 2023-01-03
Additional Notes
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44698; https://nvd.nist.gov/vuln/detail/CVE-2022-44698
Fortinet | FortiOS

CVE-2022-42475

Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability: Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.

Related CWE: CWE-197

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-13
  • Due Date: 2023-01-03
Additional Notes
https://www.fortiguard.com/psirt/FG-IR-22-398; https://nvd.nist.gov/vuln/detail/CVE-2022-42475
Citrix | Application Delivery Controller (ADC) and Gateway

CVE-2022-27518

Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability: Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.

Related CWE: CWE-664

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-13
  • Due Date: 2023-01-03
Additional Notes
https://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/; https://nvd.nist.gov/vuln/detail/CVE-2022-27518
Veeam | Backup & Replication

CVE-2022-26500

Veeam Backup & Replication Remote Code Execution Vulnerability: The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-13
  • Due Date: 2023-01-03
Additional Notes
https://www.veeam.com/kb4288; https://nvd.nist.gov/vuln/detail/CVE-2022-26500
Veeam | Backup & Replication

CVE-2022-26501

Veeam Backup & Replication Remote Code Execution Vulnerability: The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.

Related CWE: CWE-306

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-13
  • Due Date: 2023-01-03
Additional Notes
https://www.veeam.com/kb4288; https://nvd.nist.gov/vuln/detail/CVE-2022-26501
Google | Chromium V8

CVE-2022-4262

Google Chromium V8 Type Confusion Vulnerability: Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Related CWEs: CWE-122| CWE-843

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-05
  • Due Date: 2022-12-26
Additional Notes
https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2022-4262
Google | Chromium GPU

CVE-2022-4135

Google Chromium GPU Heap Buffer Overflow Vulnerability: Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-28
  • Due Date: 2022-12-19
Additional Notes
https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_24.html; https://nvd.nist.gov/vuln/detail/CVE-2022-4135
Oracle | Fusion Middleware

CVE-2021-35587

Oracle Fusion Middleware Unspecified Vulnerability: Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the Access Manager product.

Related CWEs: CWE-502| CWE-790

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-28
  • Due Date: 2022-12-19
Additional Notes
https://www.oracle.com/security-alerts/cpujan2022.html; https://nvd.nist.gov/vuln/detail/CVE-2021-35587
Microsoft | Windows

CVE-2022-41049

Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability: Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.

Related CWE: CWE-274

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-14
  • Due Date: 2022-12-09
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41049; https://nvd.nist.gov/vuln/detail/CVE-2022-41049
Microsoft | Windows

CVE-2022-41128

Microsoft Windows Scripting Languages Remote Code Execution Vulnerability: Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-08
  • Due Date: 2022-12-09
Additional Notes
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41128; https://nvd.nist.gov/vuln/detail/CVE-2022-41128
Microsoft | Windows

CVE-2022-41125

Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability: Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-08
  • Due Date: 2022-12-09
Additional Notes
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41125; https://nvd.nist.gov/vuln/detail/CVE-2022-41125
Microsoft | Windows

CVE-2022-41073

Microsoft Windows Print Spooler Privilege Escalation Vulnerability: Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-11-08
  • Due Date: 2022-12-09
Additional Notes
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41073; https://nvd.nist.gov/vuln/detail/CVE-2022-41073

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now