Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 601–630 of 667 CVEs · Page 21 of 23 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Nov 3, 2021 CVE-2021-1732
Ransomware
Microsoft Win32k
endpoint m365 smb essential
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
88.3%
Nov 3, 2021 CVE-2021-1782 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Race Condition Vulnerability
Apple iOS, iPadOs, macOS, watchOS, and tvOS contain a race condition vulnerability that may allow a malicious application to elevate privileges.
5.9%
Nov 3, 2021 CVE-2021-1870 Apple iOS, iPadOS, and macOS
browser endpoint mobile smb essential
Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use…
1.2%
Nov 3, 2021 CVE-2021-1871 Apple iOS, iPadOS, and macOS
browser endpoint mobile smb essential
Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use…
0.5%
Nov 3, 2021 CVE-2021-1879 Apple iOS, iPadOS, and watchOS
browser endpoint mobile smb essential
Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability
Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. Th…
0.8%
Nov 3, 2021 CVE-2021-21017 Adobe Acrobat and Reader
smb essential
Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability
Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current …
90.2%
Nov 3, 2021 CVE-2021-21148 Google Chromium V8
browser smb essential
Google Chromium V8 Heap Buffer Overflow Vulnerability
Google Chromium V8 Engine contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerab…
22.3%
Nov 3, 2021 CVE-2021-21166 Google Chromium
browser smb essential
Google Chromium Race Condition Vulnerability
Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affe…
38.0%
Nov 3, 2021 CVE-2021-21193 Google Chromium Blink
browser smb essential
Google Chromium Blink Use-After-Free Vulnerability
Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability coul…
13.8%
Nov 3, 2021 CVE-2021-21206 Google Chromium Blink
browser smb essential
Google Chromium Blink Use-After-Free Vulnerability
Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability coul…
17.5%
Nov 3, 2021 CVE-2021-21220 Google Chromium V8
browser smb essential
Google Chromium V8 Improper Input Validation Vulnerability
Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vu…
91.2%
Nov 3, 2021 CVE-2021-21224 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could …
42.5%
Nov 3, 2021 CVE-2021-22205
Ransomware
GitLab Community and Enterprise Editions
enterprise smb essential
GitLab Community and Enterprise Editions Remote Code Execution Vulnerability
GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse passes image file ex…
94.5%
Nov 3, 2021 CVE-2021-26084
Ransomware
Atlassian Confluence Server and Data Center
enterprise smb essential
Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability
Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.
94.4%
Nov 3, 2021 CVE-2021-26411
Ransomware
Microsoft Internet Explorer
endpoint m365 smb essential
Microsoft Internet Explorer Memory Corruption Vulnerability
Microsoft Internet Explorer contains an unspecified vulnerability that allows for memory corruption.
92.5%
Nov 3, 2021 CVE-2021-26855
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.
94.3%
Nov 3, 2021 CVE-2021-26857
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.
40.5%
Nov 3, 2021 CVE-2021-26858
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.
73.2%
Nov 3, 2021 CVE-2021-27059 Microsoft Office
endpoint m365 smb essential
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office contains an unspecified vulnerability that allows for remote code execution.
2.8%
Nov 3, 2021 CVE-2021-27065
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.
94.2%
Nov 3, 2021 CVE-2021-27085 Microsoft Internet Explorer
endpoint m365 smb essential
Microsoft Internet Explorer Remote Code Execution Vulnerability
Microsoft Internet Explorer contains an unspecified vulnerability that allows for remote code execution.
1.8%
Nov 3, 2021 CVE-2021-28310 Microsoft Win32k
endpoint m365 smb essential
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Windows Win32k contains an unspecified vulnerability that allows for privilege escalation.
54.0%
Nov 3, 2021 CVE-2021-28550 Adobe Acrobat and Reader
smb essential
Adobe Acrobat and Reader Use-After-Free Vulnerability
Adobe Acrobat and Reader contains a use-after-free vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.
30.7%
Nov 3, 2021 CVE-2021-30116
Ransomware
Kaseya Virtual System/Server Administrator (VSA)
enterprise smb essential
Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability
Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further …
54.1%
Nov 3, 2021 CVE-2021-30551 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
82.2%
Nov 3, 2021 CVE-2021-30554 Google Chromium WebGL
browser smb essential
Google Chromium WebGL Use-After-Free Vulnerability
Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability coul…
5.8%
Nov 3, 2021 CVE-2021-30563 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
2.6%
Nov 3, 2021 CVE-2021-30632 Google Chromium V8
browser smb essential
Google Chromium V8 Out-of-Bounds Write Vulnerability
Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerab…
83.8%
Nov 3, 2021 CVE-2021-30633 Google Chromium Indexed DB API
browser smb essential
Google Chromium Indexed DB API Use-After-Free Vulnerability
Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox es…
30.1%
Nov 3, 2021 CVE-2021-30657 Apple macOS
endpoint mobile smb essential
Apple macOS Unspecified Vulnerability
Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks.
83.1%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.