Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1 - 13 of 13
Filters:
IBM | Aspera Faspex

CVE-2022-47986

IBM Aspera Faspex Code Execution Vulnerability: IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-02-21
  • Due Date: 2023-03-14
Additional Notes
https://exchange.xforce.ibmcloud.com/vulnerabilities/243512?_ga=2.189195179.1800390251.1676559338-700333034.1676325890; https://nvd.nist.gov/vuln/detail/CVE-2022-47986
PEAR | Archive_Tar

CVE-2020-36193

PEAR Archive_Tar Improper Link Resolution Vulnerability: PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.

Related CWEs: CWE-22| CWE-59

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-08-25
  • Due Date: 2022-09-15
Additional Notes
https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916, https://www.drupal.org/sa-core-2021-001, https://access.redhat.com/security/cve/cve-2020-36193; https://nvd.nist.gov/vuln/detail/CVE-2020-36193
PEAR | Archive_Tar

CVE-2020-28949

PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability: PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.

Related CWE: CWE-74

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-08-25
  • Due Date: 2022-09-15
Additional Notes
https://pear.php.net/bugs/bug.php?id=27002, https://www.drupal.org/sa-core-2020-013, https://access.redhat.com/security/cve/cve-2020-28949; https://nvd.nist.gov/vuln/detail/CVE-2020-28949
IBM | InfoSphere BigInsights

CVE-2013-3993

IBM InfoSphere BigInsights Invalid Input Vulnerability: Certain APIs within BigInsights can take invalid input that might allow attackers unauthorized access to read, write, modify, or delete data.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Known

Action: The impacted product is end-of-life and should be disconnected if still in use.
  • Date Added: 2022-05-25
  • Due Date: 2022-06-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2013-3993
Drupal | Core

CVE-2018-7602

Drupal Core Remote Code Execution Vulnerability: A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-13
  • Due Date: 2022-05-04
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-7602
Drupal | Core

CVE-2019-6340

Drupal Core Remote Code Execution Vulnerability: In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-25
  • Due Date: 2022-04-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-6340
Drupal | Drupal core

CVE-2020-13671

Drupal core Un-restricted Upload of File: Improper sanitization in the extension file names is present in Drupal core.

Related CWE: CWE-434

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-18
  • Due Date: 2022-07-18
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-13671
IBM | WebSphere Application Server and Server Hypervisor Edition

CVE-2015-7450

IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.: Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-07-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2015-7450
Drupal | Drupal Core

CVE-2018-7600

Drupal Core Remote Code Execution Vulnerability: Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-7600
IBM | Data Risk Manager

CVE-2020-4430

IBM Data Risk Manager Directory Traversal Vulnerability: IBM Data Risk Manager contains a directory traversal vulnerability that could allow a remote authenticated attacker to traverse directories and send a specially crafted URL request to download arbitrary files from the system.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-4430
IBM | Data Risk Manager

CVE-2020-4427

IBM Data Risk Manager Security Bypass Vulnerability: IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-4427
IBM | Data Risk Manager

CVE-2020-4428

IBM Data Risk Manager Remote Code Execution Vulnerability: IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.�

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-4428
IBM | Planning Analytics

CVE-2019-4716

IBM Planning Analytics Remote Code Execution Vulnerability: IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-4716

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now