Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Nov 3, 2021 | CVE-2021-38000 | Google Chromium Intents |
Google Chromium Intents Improper Input Validation Vulnerability
Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This v…
|
— | 4.2% |
| Nov 3, 2021 | CVE-2021-38003 | Google Chromium V8 |
Google Chromium V8 Memory Corruption Vulnerability
Google Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causing memory corruption. This vulnerability could affect multipl…
|
— | 64.2% |
| Nov 3, 2021 | CVE-2021-38645 | Microsoft Open Management Infrastructure (OMI) |
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability that allows for privilege escalation.
|
— | 11.6% |
| Nov 3, 2021 |
CVE-2021-38647
Ransomware |
Microsoft Open Management Infrastructure (OMI) |
Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.
|
— | 94.4% |
| Nov 3, 2021 | CVE-2021-38648 | Microsoft Open Management Infrastructure (OMI) |
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.
|
— | 38.2% |
| Nov 3, 2021 | CVE-2021-38649 | Microsoft Open Management Infrastructure (OMI) |
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.
|
— | 6.7% |
| Nov 3, 2021 |
CVE-2021-40444
Ransomware |
Microsoft MSHTML |
Microsoft MSHTML Remote Code Execution Vulnerability
Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.
|
— | 94.3% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.