Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1 - 12 of 12
Filters:
Red Hat | JBoss RichFaces Framework

CVE-2018-14667

Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability: Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource. A remote, unauthenticated attacker could exploit this vulnerability to execute malicious code using a chain of Java serialized objects via org.ajax4jsf.resource.UserResource$UriData.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-09-28
  • Due Date: 2023-10-19
Additional Notes
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667; https://nvd.nist.gov/vuln/detail/CVE-2018-14667
Red Hat | Polkit

CVE-2021-3560

Red Hat Polkit Incorrect Authorization Vulnerability: Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2023-05-12
  • Due Date: 2023-06-02
Additional Notes
https://bugzilla.redhat.com/show_bug.cgi?id=1961710; https://nvd.nist.gov/vuln/detail/CVE-2021-3560
Red Hat | Polkit

CVE-2021-4034

Red Hat Polkit Out-of-Bounds Read and Write Vulnerability: The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-06-27
  • Due Date: 2022-07-18
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-4034
Red Hat | JBoss

CVE-2010-1428

Red Hat JBoss Information Disclosure Vulnerability: Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-25
  • Due Date: 2022-06-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2010-1428
Red Hat | JBoss

CVE-2010-0738

Red Hat JBoss Authentication Bypass Vulnerability: The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-05-25
  • Due Date: 2022-06-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2010-0738
TP-Link | Multiple Archer Devices

CVE-2015-3035

TP-Link Multiple Archer Devices Directory Traversal Vulnerability: Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2022-03-25
  • Due Date: 2022-04-15
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2015-3035
Red Hat | JBoss Application Server

CVE-2017-12149

Red Hat JBoss Application Server Remote Code Execution Vulnerability: The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2021-12-10
  • Due Date: 2022-06-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-12149
Red Hat | JBoss Seam 2

CVE-2010-1871

Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability: JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-12-10
  • Due Date: 2022-06-10
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2010-1871
Tenda | AC11 Router

CVE-2021-31755

Tenda AC11 Router Stack Buffer Overflow Vulnerability: Tenda AC11 devices contain a stack buffer overflow vulnerability in /goform/setmac which allows attackers to execute code via a crafted post request.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2021-11-17
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-31755
Tenda | AC1900 Router AC15 Model

CVE-2020-10987

Tenda AC1900 Router AC15 Model Remote Code Execution Vulnerability: Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-10987
Tenda | AC7, AC9, and AC10 Routers

CVE-2018-14558

Tenda AC7, AC9, and AC10 Routers Command Injection Vulnerability: Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.
  • Date Added: 2021-11-03
  • Due Date: 2022-05-03
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-14558

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now