Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1 - 18 of 18
Filters:
Qlik | Sense

CVE-2023-48365

Qlik Sense HTTP Tunneling Vulnerability: Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.

Related CWE: CWE-444

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-01-13
  • Due Date: 2025-02-03
Additional Notes
https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows/tac-p/2120510 ; https://nvd.nist.gov/vuln/detail/CVE-2023-48365
NUUO | NVRmini Devices

CVE-2018-14933

NUUO NVRmini Devices OS Command Injection Vulnerability : NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.
  • Date Added: 2024-12-18
  • Due Date: 2025-01-08
Additional Notes
https://nuuo.com/wp-content/uploads/2023/03/NUUO-EOL-letter%EF%BC%BFNVRmini-2-and-NVRsolo-series.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2018-14933
NUUO | NVRmini2 Devices

CVE-2022-23227

NUUO NVRmini2 Devices Missing Authentication Vulnerability : NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users.

Related CWE: CWE-306

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.
  • Date Added: 2024-12-18
  • Due Date: 2025-01-08
Additional Notes
https://nuuo.com/wp-content/uploads/2023/03/NUUO-EOL-letter_NVRmini-2-and-NVRsolo-series.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2022-23227
Qlik | Sense

CVE-2023-41265

Qlik Sense HTTP Tunneling Vulnerability: Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.

Related CWE: CWE-444

Known To Be Used in Ransomware Campaigns? Known

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
  • Date Added: 2023-12-07
  • Due Date: 2023-12-28
Additional Notes
https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows/ta-p/2110801; https://nvd.nist.gov/vuln/detail/CVE-2023-41265
Qlik | Sense

CVE-2023-41266

Qlik Sense Path Traversal Vulnerability: Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
  • Date Added: 2023-12-07
  • Due Date: 2023-12-28
Additional Notes
https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows/ta-p/2110801 ; https://nvd.nist.gov/vuln/detail/CVE-2023-41266
Samba | Samba

CVE-2017-7494

Samba Remote Code Execution Vulnerability: Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2023-03-30
  • Due Date: 2023-04-20
Additional Notes
https://www.samba.org/samba/security/CVE-2017-7494.html; https://nvd.nist.gov/vuln/detail/CVE-2017-7494
Sudo | Sudo

CVE-2021-3156

Sudo Heap-Based Buffer Overflow Vulnerability: Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.

Related CWEs: CWE-122| CWE-193

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-06
  • Due Date: 2022-04-27
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-3156
Exim | Exim

CVE-2010-4345

Exim Privilege Escalation Vulnerability: Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-25
  • Due Date: 2022-04-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2010-4345
Exim | Exim

CVE-2010-4344

Exim Heap-Based Buffer Overflow Vulnerability: Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-25
  • Due Date: 2022-04-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2010-4344
Exim | Exim Internet Mailer

CVE-2019-16928

Exim Out-of-bounds Write Vulnerability: Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-03
  • Due Date: 2022-03-17
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-16928
Exim | Mail Transfer Agent (MTA)

CVE-2019-10149

Exim Mail Transfer Agent (MTA) Improper Input Validation: Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-07-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-10149
Tenda | AC7, AC9, and AC10 Routers

CVE-2018-14558

Tenda AC7, AC9, and AC10 Routers Command Injection Vulnerability: Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-14558
Tenda | AC1900 Router AC15 Model

CVE-2020-10987

Tenda AC1900 Router AC15 Model Remote Code Execution Vulnerability: Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-10987
Tenda | AC11 Router

CVE-2021-31755

Tenda AC11 Router Stack Buffer Overflow Vulnerability: Tenda AC11 devices contain a stack buffer overflow vulnerability in /goform/setmac which allows attackers to execute code via a crafted post request.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2021-11-17
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-31755
PlaySMS | PlaySMS

CVE-2020-8644

PlaySMS Server-Side Template Injection Vulnerability: PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-8644
EyesOfNetwork | EyesOfNetwork

CVE-2020-8655

EyesOfNetwork Improper Privilege Management Vulnerability: EyesOfNetwork contains an improper privilege management vulnerability that may allow a user to run commands as root via a crafted Nmap Scripting Engine (NSE) script to nmap7.

Related CWE: CWE-269

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-8655
EyesOfNetwork | EyesOfNetwork

CVE-2020-8657

EyesOfNetwork Use of Hard-Coded Credentials Vulnerability: EyesOfNetwork contains a use of hard-coded credentials vulnerability, as it uses the same API key by default. Exploitation allows an attacker to calculate or guess the admin access token.

Related CWE: CWE-798

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-8657
Exim | Exim

CVE-2018-6789

Exim Buffer Overflow Vulnerability: Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-6789

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now