Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Feb 10, 2022 |
CVE-2017-0144
Ransomware |
Microsoft SMBv1 |
Microsoft SMBv1 Remote Code Execution Vulnerability
The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.
|
— | 94.3% |
| Feb 10, 2022 |
CVE-2017-0145
Ransomware |
Microsoft SMBv1 |
Microsoft SMBv1 Remote Code Execution Vulnerability
The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.
|
— | 93.3% |
| Feb 10, 2022 | CVE-2017-0262 | Microsoft Office |
Microsoft Office Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Office.
|
— | 65.0% |
| Feb 10, 2022 | CVE-2017-0263 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.
|
— | 20.8% |
| Feb 10, 2022 | CVE-2017-8464 | Microsoft Windows |
Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability
Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file
|
— | 93.9% |
| Feb 10, 2022 |
CVE-2020-0796
Ransomware |
Microsoft SMBv3 |
Microsoft SMBv3 Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully explo…
|
— | 94.4% |
| Feb 10, 2022 | CVE-2021-36934 | Microsoft Windows |
Microsoft Windows SAM Local Privilege Escalation Vulnerability
If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.
|
— | 90.4% |
| Feb 4, 2022 | CVE-2022-21882 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
|
— | 89.1% |
| Jan 28, 2022 | CVE-2014-1776 | Microsoft Internet Explorer |
Microsoft Internet Explorer Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.
|
— | 84.0% |
| Jan 28, 2022 |
CVE-2020-0787
Ransomware |
Microsoft Windows |
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrar…
|
— | 59.3% |
| Jan 28, 2022 | CVE-2022-22587 | Apple iOS and macOS |
Apple Memory Corruption Vulnerability
Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.
|
— | 0.4% |
| Jan 21, 2022 |
CVE-2018-8453
Ransomware |
Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Windows Win32k contains a vulnerability that allows an attacker to escalate privileges.
|
— | 81.3% |
| Jan 18, 2022 | CVE-2021-33766 | Microsoft Exchange Server |
Microsoft Exchange Server Information Disclosure
Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.
|
— | 93.8% |
| Jan 10, 2022 | CVE-2013-3900 | Microsoft WinVerifyTrust function |
Microsoft WinVerifyTrust function Remote Code Execution
A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.
|
— | 75.8% |
| Jan 10, 2022 |
CVE-2019-1458
Ransomware |
Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.
|
— | 92.2% |
| Dec 15, 2021 |
CVE-2021-43890
Ransomware |
Microsoft Windows |
Microsoft Windows AppX Installer Spoofing Vulnerability
Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.
|
— | 25.2% |
| Nov 17, 2021 |
CVE-2021-40449
Ransomware |
Microsoft Windows |
Microsoft Windows Win32k Privilege Escalation Vulnerability
Unspecified vulnerability allows for an authenticated user to escalate privileges.
|
— | 91.5% |
| Nov 17, 2021 | CVE-2021-42292 | Microsoft Office |
Microsoft Excel Security Feature Bypass
A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.
|
— | 35.5% |
| Nov 17, 2021 |
CVE-2021-42321
Ransomware |
Microsoft Exchange |
Microsoft Exchange Server Remote Code Execution Vulnerability
An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.
|
— | 93.6% |
| Nov 3, 2021 | CVE-2012-0158 | Microsoft MSCOMCTL.OCX |
Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability
Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the c…
|
— | 94.3% |
| Nov 3, 2021 |
CVE-2014-1812
Ransomware |
Microsoft Windows |
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability
Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An aut…
|
— | 74.6% |
| Nov 3, 2021 | CVE-2015-1641 | Microsoft Office |
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code exec…
|
— | 93.7% |
| Nov 3, 2021 |
CVE-2016-0167
Ransomware |
Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application
|
— | 10.0% |
| Nov 3, 2021 | CVE-2016-0185 | Microsoft Windows |
Microsoft Windows Media Center Remote Code Execution Vulnerability
Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references mal…
|
— | 80.2% |
| Nov 3, 2021 | CVE-2016-3235 | Microsoft Office |
Microsoft Office OLE DLL Side Loading Vulnerability
Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. …
|
— | 81.2% |
| Nov 3, 2021 | CVE-2016-7255 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in ker…
|
— | 89.4% |
| Nov 3, 2021 |
CVE-2017-0143
Ransomware |
Microsoft Windows |
Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability
Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.
|
— | 94.0% |
| Nov 3, 2021 |
CVE-2017-0199
Ransomware |
Microsoft Office and WordPad |
Microsoft Office and WordPad Remote Code Execution Vulnerability
Microsoft Office and WordPad contain an unspecified vulnerability due to the way the applications parse specially crafted files. Successful exploitation allows for remote code exe…
|
— | 94.3% |
| Nov 3, 2021 | CVE-2017-11774 | Microsoft Office |
Microsoft Office Outlook Security Feature Bypass Vulnerability
Microsoft Office Outlook contains a security feature bypass vulnerability due to improperly handling objects in memory. Successful exploitation allows an attacker to execute comma…
|
— | 85.6% |
| Nov 3, 2021 |
CVE-2017-11882
Ransomware |
Microsoft Office |
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user.
|
— | 94.4% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.