Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1 - 20 of 24
Filters:
Atlassian | Jira Server and Data Center

CVE-2021-26086

Atlassian Jira Server and Data Center Path Traversal Vulnerability: Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the /WEB-INF/web.xml endpoint.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-11-12
  • Due Date: 2024-12-03
Additional Notes
https://jira.atlassian.com/browse/JRASERVER-72695 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26086
Atlassian | Confluence Data Center and Server

CVE-2023-22527

Atlassian Confluence Data Center and Server Template Injection Vulnerability: Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.

Related CWE: CWE-74

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-01-24
  • Due Date: 2024-02-14
Additional Notes
https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22527
Atlassian | Confluence Data Center and Server

CVE-2023-22518

Atlassian Confluence Data Center and Server Improper Authorization Vulnerability: Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-11-07
  • Due Date: 2023-11-28
Additional Notes
https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22518
Atlassian | Confluence Data Center and Server

CVE-2023-22515

Atlassian Confluence Data Center and Server Broken Access Control Vulnerability: Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Check all affected Confluence instances for evidence of compromise per vendor instructions and report any positive findings to CISA.
  • Date Added: 2023-10-05
  • Due Date: 2023-10-13
Additional Notes
https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22515
Trend Micro | Apex One and Worry-Free Business Security

CVE-2023-41179

Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability: Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-09-21
  • Due Date: 2023-10-12
Additional Notes
https://success.trendmicro.com/dcx/s/solution/000294994?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2023-41179
Atlassian | Bitbucket Server and Data Center

CVE-2022-36804

Atlassian Bitbucket Server and Data Center Command Injection Vulnerability: Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions to a private one, can execute code by sending a malicious HTTP request.

Related CWEs: CWE-78| CWE-88| CWE-158

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-09-30
  • Due Date: 2022-10-21
Additional Notes
https://jira.atlassian.com/browse/BSERV-13438; https://nvd.nist.gov/vuln/detail/CVE-2022-36804
Trend Micro | Apex One and Apex One as a Service

CVE-2022-40139

Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability: Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.

Related CWEs: CWE-353| CWE-641

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-09-15
  • Due Date: 2022-10-06
Additional Notes
https://success.trendmicro.com/dcx/s/solution/000291528?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2022-40139
Atlassian | Confluence

CVE-2022-26138

Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability: Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.

Related CWE: CWE-798

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-07-29
  • Due Date: 2022-08-19
Additional Notes
https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html; https://nvd.nist.gov/vuln/detail/CVE-2022-26138
Atlassian | Confluence Server/Data Center

CVE-2022-26134

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability: Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.

Related CWE: CWE-917

Known To Be Used in Ransomware Campaigns? Known

Action: Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.
  • Date Added: 2022-06-02
  • Due Date: 2022-06-06
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-26134
Trend Micro | Apex Central

CVE-2022-26871

Trend Micro Apex Central Arbitrary File Upload Vulnerability: An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.

Related CWE: CWE-184

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-31
  • Due Date: 2022-04-21
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-26871
Redis | Debian-specific Redis Servers

CVE-2022-0543

Debian-specific Redis Server Lua Sandbox Escape Vulnerability: Redis is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

Related CWE: CWE-862

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-28
  • Due Date: 2022-04-18
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-0543
Atlassian | Confluence Server

CVE-2021-26085

Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability: Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the /s/ endpoint.

Related CWE: CWE-425

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-28
  • Due Date: 2022-04-18
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-26085
Atlassian | Jira Server and Data Center

CVE-2019-11581

Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability: Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.

Related CWE: CWE-74

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-07
  • Due Date: 2022-09-07
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-11581
Trend Micro | OfficeScan

CVE-2019-18187

Trend Micro OfficeScan Directory Traversal Vulnerability: Trend Micro OfficeScan contains a directory traversal vulnerability by extracting files from a zip file to a specific folder on the OfficeScan server, leading to remote code execution.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-18187
Trend Micro | Apex One and OfficeScan

CVE-2020-8467

Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability: Trend Micro Apex One and OfficeScan contain an unspecified vulnerability within a migration tool component that allows for remote code execution.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-8467
Trend Micro | Apex One, OfficeScan and Worry-Free Business Security Agents

CVE-2020-8468

Trend Micro Multiple Products Content Validation Escape Vulnerability: Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components.

Related CWE: CWE-74

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-8468
Trend Micro | Apex One, OfficeScan, and Worry-Free Business Security

CVE-2020-24557

Trend Micro Multiple Products Improper Access Control Vulnerability: Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-24557
Trend Micro | Apex One and OfficeScan

CVE-2020-8599

Trend Micro Apex One and OfficeScan Authentication Bypass Vulnerability: Trend Micro Apex One and OfficeScan server contain a vulnerable EXE file that could allow a remote attacker to write data to a path on affected installations and bypass root login.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-8599
Trend Micro | Apex One, Apex One as a Service, and Worry-Free Business Security

CVE-2021-36742

Trend Micro Multiple Products Improper Input Validation Vulnerability: Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows for privilege escalation.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2021-11-17
Additional Notes
https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2021-36742
Trend Micro | Apex One, Apex One as a Service, and Worry-Free Business Security

CVE-2021-36741

Trend Micro Multiple Products Improper Input Validation Vulnerability: Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows a remote attacker to upload files.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2021-11-17
Additional Notes
https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2021-36741

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now