Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Feb 11, 2025 | CVE-2025-21391 | Microsoft Windows |
Microsoft Windows Storage Link Following Vulnerability
Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including da…
|
— | 4.7% |
| Feb 11, 2025 | CVE-2025-21418 | Microsoft Windows |
Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain…
|
— | 10.3% |
| Feb 6, 2025 | CVE-2024-21413 | Microsoft Office Outlook |
Microsoft Outlook Improper Input Validation Vulnerability
Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker …
|
— | 93.0% |
| Feb 4, 2025 | CVE-2024-29059 | Microsoft .NET Framework |
Microsoft .NET Framework Information Disclosure Vulnerability
Microsoft .NET Framework contains an information disclosure vulnerability that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution.
|
— | 93.6% |
| Jan 14, 2025 | CVE-2025-21333 | Microsoft Windows |
Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges.
|
— | 79.2% |
| Jan 14, 2025 | CVE-2025-21334 | Microsoft Windows |
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.
|
— | 5.8% |
| Jan 14, 2025 | CVE-2025-21335 | Microsoft Windows |
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.
|
— | 7.7% |
| Dec 16, 2024 | CVE-2024-35250 | Microsoft Windows |
Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability
Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attacker to escalate privileges.
|
— | 54.9% |
| Dec 10, 2024 | CVE-2024-49138 | Microsoft Windows |
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges.
|
— | 87.0% |
| Nov 12, 2024 | CVE-2024-43451 | Microsoft Windows |
Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability
Microsoft Windows contains an NTLMv2 hash spoofing vulnerability that could result in disclosing a user's NTLMv2 hash to an attacker via a file open operation. The attacker could …
|
— | 90.3% |
| Nov 12, 2024 |
CVE-2024-49039
Ransomware |
Microsoft Windows |
Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppCont…
|
— | 65.0% |
| Oct 22, 2024 |
CVE-2024-38094
Ransomware |
Microsoft SharePoint |
Microsoft SharePoint Deserialization Vulnerability
Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.
|
— | 70.3% |
| Oct 15, 2024 |
CVE-2024-30088
Ransomware |
Microsoft Windows |
Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
Microsoft Windows Kernel contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that could allow for privilege escalation.
|
— | 88.1% |
| Oct 8, 2024 | CVE-2024-43572 | Microsoft Windows |
Microsoft Windows Management Console Remote Code Execution Vulnerability
Microsoft Windows Management Console contains unspecified vulnerability that allows for remote code execution.
|
— | 52.2% |
| Oct 8, 2024 | CVE-2024-43573 | Microsoft Windows |
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Microsoft Windows MSHTML Platform contains an unspecified spoofing vulnerability which can lead to a loss of confidentiality.
|
— | 17.7% |
| Sep 18, 2024 | CVE-2020-0618 | Microsoft SQL Server |
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
Microsoft SQL Server Reporting Services contains a deserialization vulnerability when handling page requests incorrectly. An authenticated attacker can exploit this vulnerability …
|
— | 94.2% |
| Sep 16, 2024 | CVE-2024-43461 | Microsoft Windows |
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Microsoft Windows MSHTML Platform contains a user interface (UI) misrepresentation of critical information vulnerability that allows an attacker to spoof a web page. This vulnerab…
|
— | 9.9% |
| Sep 10, 2024 | CVE-2024-38014 | Microsoft Windows |
Microsoft Windows Installer Improper Privilege Management Vulnerability
Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.
|
— | 12.8% |
| Sep 10, 2024 | CVE-2024-38217 | Microsoft Windows |
Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability
Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited …
|
— | 13.8% |
| Sep 10, 2024 | CVE-2024-38226 | Microsoft Publisher |
Microsoft Publisher Protection Mechanism Failure Vulnerability
Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.
|
— | 1.4% |
| Aug 21, 2024 | CVE-2021-31196 | Microsoft Exchange Server |
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.
|
— | 3.3% |
| Aug 13, 2024 | CVE-2024-38106 | Microsoft Windows |
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Successful exploitation o…
|
— | 0.8% |
| Aug 13, 2024 | CVE-2024-38107 | Microsoft Windows |
Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability
Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to obtain SYSTEM privileges.
|
— | 3.4% |
| Aug 13, 2024 | CVE-2024-38178 | Microsoft Windows |
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.
|
— | 30.2% |
| Aug 13, 2024 | CVE-2024-38189 | Microsoft Project |
Microsoft Project Remote Code Execution Vulnerability
Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.
|
— | 43.7% |
| Aug 13, 2024 | CVE-2024-38193 | Microsoft Windows |
Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privil…
|
— | 73.2% |
| Aug 13, 2024 | CVE-2024-38213 | Microsoft Windows |
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience via a malicious file.
|
— | 59.3% |
| Aug 5, 2024 | CVE-2018-0824 | Microsoft Windows |
Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability
Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution via a specially crafted file or…
|
— | 91.5% |
| Jul 23, 2024 | CVE-2012-4792 | Microsoft Internet Explorer |
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary code via a crafted web site that triggers access to an objec…
|
— | 91.2% |
| Jul 9, 2024 | CVE-2024-38080 | Microsoft Windows |
Microsoft Windows Hyper-V Privilege Escalation Vulnerability
Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
|
— | 14.2% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.