Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 91–117 of 117 CVEs · Page 4 of 4 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Nov 3, 2021 CVE-2020-6819 Mozilla Firefox and Thunderbird
browser smb essential
Mozilla Firefox And Thunderbird Use-After-Free Vulnerability
Mozilla Firefox and Thunderbird contain a race condition vulnerability when running the nsDocShell destructor under certain conditions. The race condition creates a use-after-free…
0.4%
Nov 3, 2021 CVE-2020-6820 Mozilla Firefox and Thunderbird
browser smb essential
Mozilla Firefox And Thunderbird Use-After-Free Vulnerability
Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain conditions. The race condition creates a use-after-free vulnera…
3.1%
Nov 3, 2021 CVE-2021-1870 Apple iOS, iPadOS, and macOS
browser endpoint mobile smb essential
Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use…
1.2%
Nov 3, 2021 CVE-2021-1871 Apple iOS, iPadOS, and macOS
browser endpoint mobile smb essential
Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use…
0.5%
Nov 3, 2021 CVE-2021-1879 Apple iOS, iPadOS, and watchOS
browser endpoint mobile smb essential
Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability
Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. Th…
0.8%
Nov 3, 2021 CVE-2021-21148 Google Chromium V8
browser smb essential
Google Chromium V8 Heap Buffer Overflow Vulnerability
Google Chromium V8 Engine contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerab…
22.3%
Nov 3, 2021 CVE-2021-21166 Google Chromium
browser smb essential
Google Chromium Race Condition Vulnerability
Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affe…
38.0%
Nov 3, 2021 CVE-2021-21193 Google Chromium Blink
browser smb essential
Google Chromium Blink Use-After-Free Vulnerability
Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability coul…
13.8%
Nov 3, 2021 CVE-2021-21206 Google Chromium Blink
browser smb essential
Google Chromium Blink Use-After-Free Vulnerability
Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability coul…
17.5%
Nov 3, 2021 CVE-2021-21220 Google Chromium V8
browser smb essential
Google Chromium V8 Improper Input Validation Vulnerability
Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vu…
91.2%
Nov 3, 2021 CVE-2021-21224 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could …
42.5%
Nov 3, 2021 CVE-2021-30551 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
82.2%
Nov 3, 2021 CVE-2021-30554 Google Chromium WebGL
browser smb essential
Google Chromium WebGL Use-After-Free Vulnerability
Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability coul…
5.8%
Nov 3, 2021 CVE-2021-30563 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
2.6%
Nov 3, 2021 CVE-2021-30632 Google Chromium V8
browser smb essential
Google Chromium V8 Out-of-Bounds Write Vulnerability
Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerab…
83.8%
Nov 3, 2021 CVE-2021-30633 Google Chromium Indexed DB API
browser smb essential
Google Chromium Indexed DB API Use-After-Free Vulnerability
Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox es…
30.1%
Nov 3, 2021 CVE-2021-30661 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Storage Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web cont…
0.1%
Nov 3, 2021 CVE-2021-30663 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Integer Overflow Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vuln…
1.0%
Nov 3, 2021 CVE-2021-30665 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vul…
0.2%
Nov 3, 2021 CVE-2021-30666 Apple iOS
browser endpoint mobile smb essential
Apple iOS WebKit Buffer Overflow Vulnerability
Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parser…
1.2%
Nov 3, 2021 CVE-2021-30761 Apple iOS
browser endpoint mobile smb essential
Apple iOS WebKit Memory Corruption Vulnerability
Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML pars…
0.5%
Nov 3, 2021 CVE-2021-30762 Apple iOS
browser endpoint mobile smb essential
Apple iOS WebKit Use-After-Free Vulnerability
Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers…
0.0%
Nov 3, 2021 CVE-2021-37973 Google Chromium Portals
browser smb essential
Google Chromium Portals Use-After-Free Vulnerability
Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape vi…
14.8%
Nov 3, 2021 CVE-2021-37975 Google Chromium V8
browser smb essential
Google Chromium V8 Use-After-Free Vulnerability
Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
63.0%
Nov 3, 2021 CVE-2021-37976 Google Chromium
browser smb essential
Google Chromium Information Disclosure Vulnerability
Google Chromium contains an information disclosure vulnerability within the core memory component that allows a remote attacker to obtain potentially sensitive information from pr…
20.1%
Nov 3, 2021 CVE-2021-38000 Google Chromium Intents
browser smb essential
Google Chromium Intents Improper Input Validation Vulnerability
Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This v…
4.2%
Nov 3, 2021 CVE-2021-38003 Google Chromium V8
browser smb essential
Google Chromium V8 Memory Corruption Vulnerability
Google Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causing memory corruption. This vulnerability could affect multipl…
64.2%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.