Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1 - 19 of 19
Filters:
QNAP | VioStor NVR

CVE-2023-47565

QNAP VioStor NVR OS Command Injection Vulnerability: QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via a network.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-12-21
  • Due Date: 2024-01-11
Additional Notes
https://www.qnap.com/en/security-advisory/qsa-23-48 ; https://nvd.nist.gov/vuln/detail/CVE-2023-47565
QNAP | Photo Station

CVE-2022-27593

QNAP Photo Station Externally Controlled Reference Vulnerability: Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.

Related CWE: CWE-610

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-09-08
  • Due Date: 2022-09-29
Additional Notes
https://www.qnap.com/en/security-advisory/qsa-22-24; https://nvd.nist.gov/vuln/detail/CVE-2022-27593
QNAP | Photo Station

CVE-2019-7192

QNAP Photo Station Improper Access Control Vulnerability: QNAP NAS devices running Photo Station contain an improper access control vulnerability allowing remote attackers to gain unauthorized access to the system.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-06-08
  • Due Date: 2022-06-22
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-7192
QNAP | QTS

CVE-2019-7193

QNAP QTS Improper Input Validation Vulnerability: QNAP QTS contains an improper input validation vulnerability allowing remote attackers to inject code on the system.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-06-08
  • Due Date: 2022-06-22
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-7193
QNAP | Photo Station

CVE-2019-7194

QNAP Photo Station Path Traversal Vulnerability: QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-06-08
  • Due Date: 2022-06-22
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-7194
QNAP | Photo Station

CVE-2019-7195

QNAP Photo Station Path Traversal Vulnerability: QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-06-08
  • Due Date: 2022-06-22
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-7195
QNAP | Network Attached Storage (NAS)

CVE-2018-19943

QNAP NAS File Station Cross-Site Scripting Vulnerability: A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.

Related CWEs: CWE-79| CWE-80

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-24
  • Due Date: 2022-06-14
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-19943
QNAP | Network Attached Storage (NAS)

CVE-2018-19949

QNAP NAS File Station Command Injection Vulnerability: A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.

Related CWEs: CWE-20| CWE-77| CWE-78

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-24
  • Due Date: 2022-06-14
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-19949
QNAP | Network Attached Storage (NAS)

CVE-2018-19953

QNAP NAS File Station Cross-Site Scripting Vulnerability: A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.

Related CWEs: CWE-79| CWE-80

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-24
  • Due Date: 2022-06-14
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-19953
QNAP | QNAP Network-Attached Storage (NAS)

CVE-2020-2509

QNAP Network-Attached Storage (NAS) Command Injection Vulnerability: QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.

Related CWEs: CWE-77| CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-2509
QNAP | Network Attached Storage (NAS)

CVE-2021-28799

QNAP NAS Improper Authorization Vulnerability: QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.

Related CWE: CWE-285

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-31
  • Due Date: 2022-04-21
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-28799
Elastic | Elasticsearch

CVE-2014-3120

Elasticsearch Remote Code Execution Vulnerability: Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.

Related CWE: CWE-284

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-25
  • Due Date: 2022-04-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-3120
Elastic | Elasticsearch

CVE-2015-1427

Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability: The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.

Related CWE: CWE-284

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-25
  • Due Date: 2022-04-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2015-1427
Exim | Exim

CVE-2010-4344

Exim Heap-Based Buffer Overflow Vulnerability: Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-25
  • Due Date: 2022-04-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2010-4344
Exim | Exim

CVE-2010-4345

Exim Privilege Escalation Vulnerability: Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-25
  • Due Date: 2022-04-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2010-4345
Exim | Exim Internet Mailer

CVE-2019-16928

Exim Out-of-bounds Write Vulnerability: Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-03
  • Due Date: 2022-03-17
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-16928
Elastic | Kibana

CVE-2019-7609

Kibana Arbitrary Code Execution: Kibana contain an arbitrary code execution flaw in the Timelion visualizer.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-07-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-7609
Exim | Mail Transfer Agent (MTA)

CVE-2019-10149

Exim Mail Transfer Agent (MTA) Improper Input Validation: Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-01-10
  • Due Date: 2022-07-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-10149
Exim | Exim

CVE-2018-6789

Exim Buffer Overflow Vulnerability: Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-6789

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now