CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV

To support the cybersecurity community and help network defenders stay ahead of active threat activity, CISA publishes cisa alert today updates and maintains the authoritative catalog of known exploited vulnerabilities. This KEV database highlights vulnerabilities that have been actively used in real-world attacks, making it an essential resource for security teams aiming to strengthen their defenses.

Organizations should incorporate the KEV catalog into their vulnerability management prioritization framework to ensure they address high-risk issues efficiently and stay aligned with the latest threat intelligence. With frequent updates — including entries marked as cisa kev added today — the catalog enables teams to react quickly to emerging exploitation trends. To streamline monitoring and improve response time, CVEfeed.io provides the freshest CISA KEV additions, delivering real-time visibility into newly identified exploited vulnerabilities and helping organizations maintain accurate, up-to-date security postures.

    7.8

    HIGH
    CVE-2019-1322 - Microsoft Windows Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1322

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2019-1315 - Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1315

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2019-1253 - Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1253

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2019-1132 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1132

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2019-1069 - Microsoft Task Scheduler Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1069

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2019-1064 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1064

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2019-0841 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-0841

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2019-0543 - Microsoft Windows Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-0543

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.2

    HIGH
    CVE-2018-8120 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-8120

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2017-0101 - Microsoft Windows Transaction Manager Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-0101

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2016-3309 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-3309

    Alert Date: Mar 15, 2022 | 1414 days ago

    8.2

    HIGH
    CVE-2015-2546 - Microsoft Win32k Memory Corruption Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-2546

    Alert Date: Mar 15, 2022 | 1414 days ago

    9.8

    CRITICAL
    CVE-2020-5135 - SonicWall SonicOS Buffer Overflow Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : SonicWall

    Description : A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-5135

    Alert Date: Mar 15, 2022 | 1414 days ago

    7.8

    HIGH
    CVE-2019-1129 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1129

    Alert Date: Mar 15, 2022 | 1414 days ago

    9.6

    CRITICAL
    CVE-2022-26486 - Mozilla Firefox Use-After-Free Vulnerability -

    Action Due Mar 21, 2022 Target Vendor : Mozilla

    Description : Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-26486

    Alert Date: Mar 07, 2022 | 1422 days ago

    8.8

    HIGH
    CVE-2022-26485 - Mozilla Firefox Use-After-Free Vulnerability -

    Action Due Mar 21, 2022 Target Vendor : Mozilla

    Description : Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-26485

    Alert Date: Mar 07, 2022 | 1422 days ago

    5.3

    MEDIUM
    CVE-2021-21973 - VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability -

    Action Due Mar 21, 2022 Target Vendor : VMware

    Description : VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-21973

    Alert Date: Mar 07, 2022 | 1422 days ago

    7.2

    HIGH
    CVE-2020-8218 - Pulse Connect Secure Code Injection Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : Pulse Secure

    Description : A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-8218

    Alert Date: Mar 07, 2022 | 1422 days ago

    9.8

    CRITICAL
    CVE-2019-11581 - Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : Atlassian

    Description : Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-11581

    Alert Date: Mar 07, 2022 | 1422 days ago

    10.0

    HIGH
    CVE-2017-6077 - NETGEAR DGN2200 Remote Code Execution Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : NETGEAR

    Description : NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-6077

    Alert Date: Mar 07, 2022 | 1422 days ago
Showing 20 of 1503 Results

Filters