Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 631–660 of 667 CVEs · Page 22 of 23 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Nov 3, 2021 CVE-2021-30661 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Storage Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web cont…
0.1%
Nov 3, 2021 CVE-2021-30663 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Integer Overflow Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vuln…
1.0%
Nov 3, 2021 CVE-2021-30665 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vul…
0.2%
Nov 3, 2021 CVE-2021-30666 Apple iOS
browser endpoint mobile smb essential
Apple iOS WebKit Buffer Overflow Vulnerability
Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parser…
1.2%
Nov 3, 2021 CVE-2021-30713 Apple macOS
endpoint mobile smb essential
Apple macOS Unspecified Vulnerability
Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.
0.1%
Nov 3, 2021 CVE-2021-30761 Apple iOS
browser endpoint mobile smb essential
Apple iOS WebKit Memory Corruption Vulnerability
Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML pars…
0.5%
Nov 3, 2021 CVE-2021-30762 Apple iOS
browser endpoint mobile smb essential
Apple iOS WebKit Use-After-Free Vulnerability
Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers…
0.0%
Nov 3, 2021 CVE-2021-30807 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and watchOS IOMobileFrameBuffer contain a memory corruption vulnerability which may allow an application to execute code with kernel privileges.
21.0%
Nov 3, 2021 CVE-2021-30858 Apple iOS, iPadOS, and macOS
endpoint mobile smb essential
Apple iOS, iPadOS, macOS Use-After-Free Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could i…
0.8%
Nov 3, 2021 CVE-2021-30860 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Integer Overflow Vulnerability
Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously crafted PDF. The vulnerab…
72.0%
Nov 3, 2021 CVE-2021-30869 Apple iOS, iPadOS, and macOS
endpoint mobile smb essential
Apple iOS, iPadOS, and macOS Type Confusion Vulnerability
Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges.
1.7%
Nov 3, 2021 CVE-2021-31199 Microsoft Enhanced Cryptographic Provider
endpoint m365 smb essential
Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability
Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.
0.9%
Nov 3, 2021 CVE-2021-31201 Microsoft Enhanced Cryptographic Provider
endpoint m365 smb essential
Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability
Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.
0.7%
Nov 3, 2021 CVE-2021-31207
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Security Feature Bypass Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for security feature bypass.
93.8%
Nov 3, 2021 CVE-2021-31955 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Kernel Information Disclosure Vulnerability
Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memo…
3.6%
Nov 3, 2021 CVE-2021-31956 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows NTFS Privilege Escalation Vulnerability
Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.
90.7%
Nov 3, 2021 CVE-2021-31979 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
6.2%
Nov 3, 2021 CVE-2021-33739 Microsoft Windows
endpoint m365 smb essential
Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.
16.9%
Nov 3, 2021 CVE-2021-33742 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.
72.1%
Nov 3, 2021 CVE-2021-33771 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
6.4%
Nov 3, 2021 CVE-2021-34448 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Microsoft Windows Scripting Engine contains an unspecified vulnerability that allows for memory corruption.
3.1%
Nov 3, 2021 CVE-2021-34473
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution.
94.2%
Nov 3, 2021 CVE-2021-34523
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Privilege Escalation Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.
94.0%
Nov 3, 2021 CVE-2021-34527
Ransomware
Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploit…
94.2%
Nov 3, 2021 CVE-2021-36942
Ransomware
Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the dom…
93.6%
Nov 3, 2021 CVE-2021-36948 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Update Medic Service Privilege Escalation Vulnerability
Microsoft Windows Update Medic Service contains an unspecified vulnerability that allows for privilege escalation.
1.0%
Nov 3, 2021 CVE-2021-36955
Ransomware
Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
20.7%
Nov 3, 2021 CVE-2021-37973 Google Chromium Portals
browser smb essential
Google Chromium Portals Use-After-Free Vulnerability
Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape vi…
14.8%
Nov 3, 2021 CVE-2021-37975 Google Chromium V8
browser smb essential
Google Chromium V8 Use-After-Free Vulnerability
Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
63.0%
Nov 3, 2021 CVE-2021-37976 Google Chromium
browser smb essential
Google Chromium Information Disclosure Vulnerability
Google Chromium contains an information disclosure vulnerability within the core memory component that allows a remote attacker to obtain potentially sensitive information from pr…
20.1%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.