Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 661–667 of 667 CVEs · Page 23 of 23 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Nov 3, 2021 CVE-2021-38000 Google Chromium Intents
browser smb essential
Google Chromium Intents Improper Input Validation Vulnerability
Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This v…
4.2%
Nov 3, 2021 CVE-2021-38003 Google Chromium V8
browser smb essential
Google Chromium V8 Memory Corruption Vulnerability
Google Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causing memory corruption. This vulnerability could affect multipl…
64.2%
Nov 3, 2021 CVE-2021-38645 Microsoft Open Management Infrastructure (OMI)
endpoint m365 smb essential
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability that allows for privilege escalation.
11.6%
Nov 3, 2021 CVE-2021-38647
Ransomware
Microsoft Open Management Infrastructure (OMI)
endpoint m365 smb essential
Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.
94.4%
Nov 3, 2021 CVE-2021-38648 Microsoft Open Management Infrastructure (OMI)
endpoint m365 smb essential
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.
38.2%
Nov 3, 2021 CVE-2021-38649 Microsoft Open Management Infrastructure (OMI)
endpoint m365 smb essential
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.
6.7%
Nov 3, 2021 CVE-2021-40444
Ransomware
Microsoft MSHTML
endpoint m365 smb essential
Microsoft MSHTML Remote Code Execution Vulnerability
Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.
94.3%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.