Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 511–531 of 531 CVEs · Page 18 of 18 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Nov 3, 2021 CVE-2021-31207
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Security Feature Bypass Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for security feature bypass.
93.8%
Nov 3, 2021 CVE-2021-31955 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Kernel Information Disclosure Vulnerability
Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memo…
3.6%
Nov 3, 2021 CVE-2021-31956 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows NTFS Privilege Escalation Vulnerability
Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.
90.7%
Nov 3, 2021 CVE-2021-31979 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
6.2%
Nov 3, 2021 CVE-2021-33739 Microsoft Windows
endpoint m365 smb essential
Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.
16.9%
Nov 3, 2021 CVE-2021-33742 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.
72.1%
Nov 3, 2021 CVE-2021-33771 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
6.4%
Nov 3, 2021 CVE-2021-34448 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Microsoft Windows Scripting Engine contains an unspecified vulnerability that allows for memory corruption.
3.1%
Nov 3, 2021 CVE-2021-34473
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution.
94.2%
Nov 3, 2021 CVE-2021-34523
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Privilege Escalation Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.
94.0%
Nov 3, 2021 CVE-2021-34527
Ransomware
Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploit…
94.2%
Nov 3, 2021 CVE-2021-36741 Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security
endpoint
Trend Micro Multiple Products Improper Input Validation Vulnerability
Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows a remote attacker to upload files.
0.7%
Nov 3, 2021 CVE-2021-36742 Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security
endpoint
Trend Micro Multiple Products Improper Input Validation Vulnerability
Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows for privilege escalation.
1.4%
Nov 3, 2021 CVE-2021-36942
Ransomware
Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the dom…
93.6%
Nov 3, 2021 CVE-2021-36948 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Update Medic Service Privilege Escalation Vulnerability
Microsoft Windows Update Medic Service contains an unspecified vulnerability that allows for privilege escalation.
1.0%
Nov 3, 2021 CVE-2021-36955
Ransomware
Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
20.7%
Nov 3, 2021 CVE-2021-38645 Microsoft Open Management Infrastructure (OMI)
endpoint m365 smb essential
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability that allows for privilege escalation.
11.6%
Nov 3, 2021 CVE-2021-38647
Ransomware
Microsoft Open Management Infrastructure (OMI)
endpoint m365 smb essential
Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.
94.4%
Nov 3, 2021 CVE-2021-38648 Microsoft Open Management Infrastructure (OMI)
endpoint m365 smb essential
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.
38.2%
Nov 3, 2021 CVE-2021-38649 Microsoft Open Management Infrastructure (OMI)
endpoint m365 smb essential
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.
6.7%
Nov 3, 2021 CVE-2021-40444
Ransomware
Microsoft MSHTML
endpoint m365 smb essential
Microsoft MSHTML Remote Code Execution Vulnerability
Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.
94.3%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.