Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Dec 15, 2021 |
CVE-2021-43890
Ransomware |
Microsoft Windows |
Microsoft Windows AppX Installer Spoofing Vulnerability
Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.
|
— | 25.2% |
| Nov 17, 2021 |
CVE-2021-40449
Ransomware |
Microsoft Windows |
Microsoft Windows Win32k Privilege Escalation Vulnerability
Unspecified vulnerability allows for an authenticated user to escalate privileges.
|
— | 91.5% |
| Nov 17, 2021 | CVE-2021-42292 | Microsoft Office |
Microsoft Excel Security Feature Bypass
A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.
|
— | 35.5% |
| Nov 17, 2021 |
CVE-2021-42321
Ransomware |
Microsoft Exchange |
Microsoft Exchange Server Remote Code Execution Vulnerability
An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.
|
— | 93.6% |
| Nov 3, 2021 | CVE-2012-0158 | Microsoft MSCOMCTL.OCX |
Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability
Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the c…
|
— | 94.3% |
| Nov 3, 2021 |
CVE-2014-1812
Ransomware |
Microsoft Windows |
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability
Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An aut…
|
— | 74.6% |
| Nov 3, 2021 | CVE-2015-1641 | Microsoft Office |
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code exec…
|
— | 93.7% |
| Nov 3, 2021 |
CVE-2016-0167
Ransomware |
Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application
|
— | 10.0% |
| Nov 3, 2021 | CVE-2016-0185 | Microsoft Windows |
Microsoft Windows Media Center Remote Code Execution Vulnerability
Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references mal…
|
— | 80.2% |
| Nov 3, 2021 | CVE-2016-3235 | Microsoft Office |
Microsoft Office OLE DLL Side Loading Vulnerability
Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. …
|
— | 81.2% |
| Nov 3, 2021 | CVE-2016-7255 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in ker…
|
— | 89.4% |
| Nov 3, 2021 |
CVE-2017-0143
Ransomware |
Microsoft Windows |
Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability
Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.
|
— | 94.0% |
| Nov 3, 2021 |
CVE-2017-0199
Ransomware |
Microsoft Office and WordPad |
Microsoft Office and WordPad Remote Code Execution Vulnerability
Microsoft Office and WordPad contain an unspecified vulnerability due to the way the applications parse specially crafted files. Successful exploitation allows for remote code exe…
|
— | 94.3% |
| Nov 3, 2021 | CVE-2017-11774 | Microsoft Office |
Microsoft Office Outlook Security Feature Bypass Vulnerability
Microsoft Office Outlook contains a security feature bypass vulnerability due to improperly handling objects in memory. Successful exploitation allows an attacker to execute comma…
|
— | 85.6% |
| Nov 3, 2021 |
CVE-2017-11882
Ransomware |
Microsoft Office |
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user.
|
— | 94.4% |
| Nov 3, 2021 | CVE-2017-7269 | Microsoft Internet Information Services (IIS) |
Microsoft Windows Server Buffer Overflow Vulnerability
Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in Internet Information Services (IIS) 6.0 which allows remote attackers to execute code via a long heade…
|
— | 94.4% |
| Nov 3, 2021 | CVE-2017-8759 | Microsoft .NET Framework |
Microsoft .NET Framework Remote Code Execution Vulnerability
Microsoft .NET Framework contains a remote code execution vulnerability when processing untrusted input that could allow an attacker to take control of an affected system.
|
— | 94.0% |
| Nov 3, 2021 | CVE-2018-0798 | Microsoft Office |
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context o…
|
— | 94.1% |
| Nov 3, 2021 | CVE-2018-0802 | Microsoft Office |
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context o…
|
— | 94.1% |
| Nov 3, 2021 | CVE-2018-8653 | Microsoft Internet Explorer |
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution.
|
— | 35.6% |
| Nov 3, 2021 | CVE-2019-0541 | Microsoft MSHTML |
Microsoft MSHTML Remote Code Execution Vulnerability
Microsoft MSHTML engine contains an improper input validation vulnerability that allows for remote code execution vulnerability.
|
— | 87.2% |
| Nov 3, 2021 |
CVE-2019-0604
Ransomware |
Microsoft SharePoint |
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft SharePoint fails to check the source markup of an application package. An attacker who successfully exploits the vulnerability could run remote code in the context of th…
|
— | 94.4% |
| Nov 3, 2021 |
CVE-2019-0708
Ransomware |
Microsoft Remote Desktop Services |
Microsoft Remote Desktop Services Remote Code Execution Vulnerability
Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target syste…
|
— | 94.5% |
| Nov 3, 2021 | CVE-2019-0797 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains a privilege escalation vulnerability when the Win32k component fails to properly handle objects in memory. Successful exploitation allows an attacker to …
|
— | 4.5% |
| Nov 3, 2021 | CVE-2019-0803 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attac…
|
— | 88.8% |
| Nov 3, 2021 | CVE-2019-0808 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains a privilege escalation vulnerability due to the component failing to properly handle objects in memory. Successful exploitation allows an attacker to run…
|
— | 74.0% |
| Nov 3, 2021 | CVE-2019-0859 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
|
— | 10.6% |
| Nov 3, 2021 | CVE-2019-0863 | Microsoft Windows |
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability
Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.
|
— | 6.2% |
| Nov 3, 2021 | CVE-2019-1214 | Microsoft Windows |
Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) driver improperly handles objects in memory which can allow for privilege escalation.
|
— | 3.7% |
| Nov 3, 2021 |
CVE-2019-1215
Ransomware |
Microsoft Windows |
Microsoft Windows Privilege Escalation Vulnerability
Microsoft Windows contains an unspecified vulnerability due to the way ws2ifsl.sys (Winsock) handles objects in memory, allowing for privilege escalation. Successful exploitation …
|
— | 5.2% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.