Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 141 - 160 of 334
Filters:
Microsoft | Update Notification Manager

CVE-2020-0638

Microsoft Update Notification Manager Privilege Escalation Vulnerability: Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-23
  • Due Date: 2022-06-13
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-0638
Microsoft | Internet Explorer

CVE-2019-0676

Microsoft Internet Explorer Information Disclosure Vulnerability: An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could test for the presence of files on disk.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-23
  • Due Date: 2022-06-13
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-0676
Microsoft | Windows

CVE-2019-1385

Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability: A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.

Related CWE: CWE-59

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-23
  • Due Date: 2022-06-13
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-1385
Microsoft | Windows

CVE-2019-1130

Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability: A privilege escalation vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links.

Related CWE: CWE-59

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-23
  • Due Date: 2022-06-13
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-1130
Microsoft | Win32k

CVE-2018-8589

Microsoft Win32k Privilege Escalation Vulnerability: A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-23
  • Due Date: 2022-06-13
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-8589
Microsoft | Windows

CVE-2019-0880

Microsoft Windows Privilege Escalation Vulnerability: A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-23
  • Due Date: 2022-06-13
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-0880
Microsoft | Internet Explorer

CVE-2014-0322

Microsoft Internet Explorer Use-After-Free Vulnerability: Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-04
  • Due Date: 2022-05-25
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-0322
Microsoft | Win32k

CVE-2014-4113

Microsoft Win32k Privilege Escalation Vulnerability: Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-04
  • Due Date: 2022-05-25
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-4113
Microsoft | Win32k

CVE-2021-40450

Microsoft Win32k Privilege Escalation Vulnerability: Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-25
  • Due Date: 2022-05-16
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-40450
Microsoft | Win32k

CVE-2021-41357

Microsoft Win32k Privilege Escalation Vulnerability: Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-25
  • Due Date: 2022-05-16
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-41357
Microsoft | Windows

CVE-2022-21919

Microsoft Windows User Profile Service Privilege Escalation Vulnerability: Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-1386

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-25
  • Due Date: 2022-05-16
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-21919
Microsoft | Windows

CVE-2022-26904

Microsoft Windows User Profile Service Privilege Escalation Vulnerability: Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-362

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-25
  • Due Date: 2022-05-16
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-26904
Microsoft | Windows

CVE-2022-22718

Microsoft Windows Print Spooler Privilege Escalation Vulnerability: Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-19
  • Due Date: 2022-05-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-22718
Microsoft | Internet Explorer

CVE-2015-2502

Microsoft Internet Explorer Memory Corruption Vulnerability: Microsoft Internet Explorer contains a memory corruption vulnerability that allows an attacker to execute code or cause a denial-of-service (DoS).

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-13
  • Due Date: 2022-05-04
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2015-2502
Microsoft | Windows

CVE-2022-24521

Microsoft Windows CLFS Driver Privilege Escalation Vulnerability: Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.

Related CWEs: CWE-787| CWE-1285

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-13
  • Due Date: 2022-05-04
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-24521
Microsoft | Active Directory

CVE-2021-42278

Microsoft Active Directory Domain Services Privilege Escalation Vulnerability: Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-42278
Microsoft | Active Directory

CVE-2021-42287

Microsoft Active Directory Domain Services Privilege Escalation Vulnerability: Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-269

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-11
  • Due Date: 2022-05-02
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-42287
Microsoft | HTTP Protocol Stack

CVE-2021-31166

Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability: Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-06
  • Due Date: 2022-04-27
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-31166
Microsoft | SMBv1 server

CVE-2017-0148

Microsoft SMBv1 Server Remote Code Execution Vulnerability: The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-04-06
  • Due Date: 2022-04-27
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-0148
Microsoft | Windows

CVE-2021-34484

Microsoft Windows User Profile Service Privilege Escalation Vulnerability: Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-269

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-31
  • Due Date: 2022-04-21
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-34484

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now