Known Exploited Vulnerabilities (KEV)

CISA Catalog

Known Exploited Vulnerabilities

· Live CISA DataCISA KEV catalog — vulnerabilities with active exploitation requiring federal remediation

Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.

KEV Entries

1,619

Ransomware Use

327

Overdue

1,615

Vendors

266

Products

655

377 results · Page 9/16

CVE-2021-31166Overdue

Due: 2022-04-27
Added: 2022-04-06

Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability

Microsoft · HTTP Protocol Stack

Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.

Required Action

Apply updates per vendor instructions.

CVE-2017-0148RansomwareOverdue

Due: 2022-04-27
Added: 2022-04-06

Microsoft SMBv1 Server Remote Code Execution Vulnerability

Microsoft · SMBv1 server

The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets.

Required Action

Apply updates per vendor instructions.

9 / 16

CVE-2021-38646RansomwareOverdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability

Microsoft · Office

Microsoft Office Access Connectivity Engine contains an unspecified vulnerability which can allow for remote code execution.

Required Action

Apply updates per vendor instructions.

CVE-2018-8440RansomwareOverdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Windows Privilege Escalation Vulnerability

Microsoft · Windows

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).

Required Action

Apply updates per vendor instructions.

CVE-2018-8406RansomwareOverdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability

Microsoft · DirectX Graphics Kernel (DXGKRNL)

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.

Required Action

Apply updates per vendor instructions.

CVE-2018-8405RansomwareOverdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability

Microsoft · DirectX Graphics Kernel (DXGKRNL)

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.

Required Action

Apply updates per vendor instructions.

CVE-2017-0213RansomwareOverdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Windows Privilege Escalation Vulnerability

Microsoft · Windows

Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.

Required Action

Apply updates per vendor instructions.

CVE-2017-0059Overdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Internet Explorer Information Disclosure Vulnerability

Microsoft · Internet Explorer

Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site.

Required Action

Apply updates per vendor instructions.

CVE-2017-0037Overdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Edge and Internet Explorer Type Confusion Vulnerability

Microsoft · Edge and Internet Explorer

Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execution.

Required Action

Apply updates per vendor instructions.

CVE-2016-7201Overdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Edge Memory Corruption Vulnerability

Microsoft · Edge

The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.

Required Action

Apply updates per vendor instructions.

CVE-2016-7200Overdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Edge Memory Corruption Vulnerability

Microsoft · Edge

The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.

Required Action

Apply updates per vendor instructions.

CVE-2016-0189Overdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Internet Explorer Memory Corruption Vulnerability

Microsoft · Internet Explorer

The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.

Required Action

Apply updates per vendor instructions.

CVE-2016-0151RansomwareOverdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Windows CSRSS Security Feature Bypass Vulnerability

Microsoft · Client-Server Run-time Subsystem (CSRSS)

The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application.

Required Action

Apply updates per vendor instructions.

CVE-2015-2426Overdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability

Microsoft · Windows

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts.

Required Action

Apply updates per vendor instructions.

CVE-2015-2419Overdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Internet Explorer Memory Corruption Vulnerability

Microsoft · Internet Explorer

JScript in Microsoft Internet Explorer allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.

Required Action

Apply updates per vendor instructions.

CVE-2013-3660Overdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Win32k Privilege Escalation Vulnerability

Microsoft · Win32k

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.

Required Action

Apply updates per vendor instructions.

CVE-2013-2551RansomwareOverdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Internet Explorer Use-After-Free Vulnerability

Microsoft · Internet Explorer

Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafted web site that triggers access to a deleted object.

Required Action

Apply updates per vendor instructions.

CVE-2011-2005Overdue

Due: 2022-04-18
Added: 2022-03-28

Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability

Microsoft · Ancillary Function Driver (afd.sys)

afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.

Required Action

Apply updates per vendor instructions.

CVE-2010-4398Overdue

Due: 2022-04-21
Added: 2022-03-28

Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability

Microsoft · Windows

Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.

Required Action

Apply updates per vendor instructions.

CVE-2022-21999RansomwareOverdue

Due: 2022-04-15
Added: 2022-03-25

Microsoft Windows Print Spooler Privilege Escalation Vulnerability

Microsoft · Windows

Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.

Required Action

Apply updates per vendor instructions.