Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Cisco | Catalyst 6800 Series Switches

CVE-2017-12238

Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability: A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.

Related CWE: CWE-399

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Cisco | IOS and IOS XE Software

CVE-2017-12237

Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability: A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.

Related CWE: CWE-399

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Cisco | IOS software

CVE-2017-12235

Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability: A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Cisco | IOS software

CVE-2017-12234

Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability: There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Cisco | IOS software

CVE-2017-12233

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Cisco | IOS software

CVE-2017-12232

Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability: A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service.

Related CWE: CWE-399

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Cisco | IOS software

CVE-2017-12231

Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability: A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.

Related CWE: CWE-399

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | Java SE

CVE-2015-4902

Oracle Java SE Integrity Check Vulnerability: Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | Java SE

CVE-2015-2590

Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability: An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | Java SE

CVE-2012-4681

Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability: The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | Java SE

CVE-2012-1723

Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | Java SE

CVE-2012-0507

Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability: An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | Java SE JDK and JRE

CVE-2011-3544

Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability: An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | VirtualBox

CVE-2008-3431

Oracle VirtualBox Insufficient Input Validation Vulnerability: An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-03
Due Date: 2022-03-24

Additional Notes

Oracle | WebLogic Server

CVE-2017-10271

Oracle Corporation WebLogic Server Remote Code Execution Vulnerability: Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-02-10
Due Date: 2022-08-10

Additional Notes

Oracle | Intelligence Enterprise Edition

CVE-2020-14864

Oracle Business Intelligence Enterprise Edition Path Transversal: Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-01-18
Due Date: 2022-07-18

Additional Notes

Oracle | WebLogic Server

CVE-2019-2725

Oracle WebLogic Server, Injection: Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).

Related CWE: CWE-74

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-01-10
Due Date: 2022-07-10

Additional Notes

Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVE-2020-3452

Cisco ASA and FTD Read-Only Path Traversal Vulnerability: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2021-11-03
Due Date: 2022-05-03

Additional Notes

Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVE-2020-3580

Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.

Related CWE: CWE-79

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2021-11-03
Due Date: 2022-05-03

Additional Notes

Cisco | HyperFlex HX

CVE-2021-1497

Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability: Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the root user.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2021-11-03
Due Date: 2021-11-17

Additional Notes

Known Exploited Vulnerabilities Catalog

Subscribe to the KEV Catalog Updates