CISA Known Exploited Vulnerabilities

This dashboard displays the latest vulnerabilities published by the Cybersecurity & Infrastructure Security Agency (CISA).

CVE-2019-1579

Ransomware

Palo Alto Networks PAN-OS Remote Code Execution Vulnerability

Vendor: Palo Alto Networks

Product: PAN-OS

Added: 2022-01-10

Due Date: 2022-07-10

Description:

Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-134

CVE-2019-10149

Exim Mail Transfer Agent (MTA) Improper Input Validation

Vendor: Exim

Product: Mail Transfer Agent (MTA)

Added: 2022-01-10

Due Date: 2022-07-10

Description:

Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-78

CVE-2015-7450

IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.

Vendor: IBM

Product: WebSphere Application Server and Server Hypervisor Edition

Added: 2022-01-10

Due Date: 2022-07-10

Description:

Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-94

CVE-2017-1000486

Primetek Primefaces Remote Code Execution Vulnerability

Vendor: Primetek

Product: Primefaces Application

Added: 2022-01-10

Due Date: 2022-07-10

Description:

Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-326

CVE-2019-7609

Kibana Arbitrary Code Execution

Vendor: Elastic

Product: Kibana

Added: 2022-01-10

Due Date: 2022-07-10

Description:

Kibana contain an arbitrary code execution flaw in the Timelion visualizer.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-94

CVE-2021-27860

FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit

Vendor: FatPipe

Product: WARP, IPVPN, and MPVPN software

Added: 2022-01-10

Due Date: 2022-01-24

Description:

A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-434

CVE-2021-43890

Ransomware

Microsoft Windows AppX Installer Spoofing Vulnerability

Vendor: Microsoft

Product: Windows

Added: 2021-12-15

Due Date: 2021-12-29

Description:

Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.

Required Action:

Apply updates per vendor instructions.

CVE-2021-4102

Google Chromium V8 Use-After-Free Vulnerability

Vendor: Google

Product: Chromium V8

Added: 2021-12-15

Due Date: 2021-12-29

Description:

Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-416

CVE-2021-44515

Zoho Desktop Central Authentication Bypass Vulnerability

Vendor: Zoho

Product: Desktop Central

Added: 2021-12-10

Due Date: 2021-12-24

Description:

Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.

Required Action:

Apply updates per vendor instructions.

CVE-2019-13272

Linux Kernel Improper Privilege Management Vulnerability

Vendor: Linux

Product: Kernel

Added: 2021-12-10

Due Date: 2022-06-10

Description:

Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local users to obtain root access.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-269

CVE-2021-35394

Realtek Jungle SDK Remote Code Execution Vulnerability

Vendor: Realtek

Product: Jungle Software Development Kit (SDK)

Added: 2021-12-10

Due Date: 2021-12-24

Description:

RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-78 CWE-138

CVE-2019-7238

Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability

Vendor: Sonatype

Product: Nexus Repository Manager

Added: 2021-12-10

Due Date: 2022-06-10

Description:

Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.

Required Action:

Apply updates per vendor instructions.

CVE-2019-0193

Apache Solr DataImportHandler Code Injection Vulnerability

Vendor: Apache

Product: Solr

Added: 2021-12-10

Due Date: 2022-06-10

Description:

The optional Apache Solr module DataImportHandler contains a code injection vulnerability.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-94

CVE-2021-44168

Fortinet FortiOS Arbitrary File Download

Vendor: Fortinet

Product: FortiOS

Added: 2021-12-10

Due Date: 2021-12-24

Description:

Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-494

CVE-2017-17562

Embedthis GoAhead Remote Code Execution Vulnerability

Vendor: Embedthis

Product: GoAhead

Added: 2021-12-10

Due Date: 2022-06-10

Description:

Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-20