Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Nov 3, 2021 |
CVE-2019-0708
Ransomware |
Microsoft Remote Desktop Services |
Microsoft Remote Desktop Services Remote Code Execution Vulnerability
Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target syste…
|
— | 94.5% |
| Nov 3, 2021 | CVE-2019-0797 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains a privilege escalation vulnerability when the Win32k component fails to properly handle objects in memory. Successful exploitation allows an attacker to …
|
— | 4.5% |
| Nov 3, 2021 | CVE-2019-0803 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attac…
|
— | 88.8% |
| Nov 3, 2021 | CVE-2019-0808 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains a privilege escalation vulnerability due to the component failing to properly handle objects in memory. Successful exploitation allows an attacker to run…
|
— | 74.0% |
| Nov 3, 2021 | CVE-2019-0859 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
|
— | 10.6% |
| Nov 3, 2021 | CVE-2019-0863 | Microsoft Windows |
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability
Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.
|
— | 6.2% |
| Nov 3, 2021 |
CVE-2019-11510
Ransomware |
Ivanti Pulse Connect Secure |
Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability
Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted …
|
— | 94.5% |
| Nov 3, 2021 |
CVE-2019-11539
Ransomware |
Ivanti Pulse Connect Secure and Pulse Policy Secure |
Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability
Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.
|
— | 93.9% |
| Nov 3, 2021 |
CVE-2019-11580
Ransomware |
Atlassian Crowd and Crowd Data Center |
Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability
Atlassian Crowd and Crowd Data Center contain a remote code execution vulnerability resulting from a pdkinstall development plugin being incorrectly enabled in release builds.
|
— | 94.4% |
| Nov 3, 2021 |
CVE-2019-11634
Ransomware |
Citrix Workspace Application and Receiver for Windows |
Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability
Citrix Workspace Application and Receiver for Windows contains remote code execution vulnerability resulting from local drive access preferences not being enforced into the client…
|
— | 52.4% |
| Nov 3, 2021 | CVE-2019-1214 | Microsoft Windows |
Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) driver improperly handles objects in memory which can allow for privilege escalation.
|
— | 3.7% |
| Nov 3, 2021 |
CVE-2019-1215
Ransomware |
Microsoft Windows |
Microsoft Windows Privilege Escalation Vulnerability
Microsoft Windows contains an unspecified vulnerability due to the way ws2ifsl.sys (Winsock) handles objects in memory, allowing for privilege escalation. Successful exploitation …
|
— | 5.2% |
| Nov 3, 2021 |
CVE-2019-13608
Ransomware |
Citrix StoreFront Server |
Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability
Citrix StoreFront Server contains an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.
|
— | 71.7% |
| Nov 3, 2021 |
CVE-2019-1367
Ransomware |
Microsoft Internet Explorer |
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability in how the scripting engine handles objects in memory. Successful exploitation allows for remote code execut…
|
— | 90.7% |
| Nov 3, 2021 | CVE-2019-1429 | Microsoft Internet Explorer |
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user.
|
— | 83.0% |
| Nov 3, 2021 | CVE-2019-15752 | Docker Desktop Community Edition |
Docker Desktop Community Edition Privilege Escalation Vulnerability
Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRA…
|
— | 45.6% |
| Nov 3, 2021 | CVE-2019-15949 | Nagios Nagios XI |
Nagios XI Remote Code Execution Vulnerability
Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and insert malicious commands to execute as root.
|
— | 86.9% |
| Nov 3, 2021 | CVE-2019-16256 | SIMalliance Toolbox Browser |
SIMalliance Toolbox Browser Command Injection Vulnerability
SIMalliance Toolbox Browser contains an command injection vulnerability that could allow remote attackers to retrieve location and IMEI information or execute a range of other att…
|
— | 61.2% |
| Nov 3, 2021 | CVE-2019-1653 | Cisco Small Business RV320 and RV325 Routers |
Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability
Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configurat…
|
— | 94.4% |
| Nov 3, 2021 | CVE-2019-16759 | vBulletin vBulletin |
vBulletin PHP Module Remote Code Execution Vulnerability
The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via the widgetConfig[code] parameter in an ajax/render/widget_php route…
|
— | 94.4% |
| Nov 3, 2021 | CVE-2019-17026 | Mozilla Firefox and Thunderbird |
Mozilla Firefox And Thunderbird Type Confusion Vulnerability
Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements.
|
— | 56.2% |
| Nov 3, 2021 | CVE-2019-17558 | Apache Solr |
Apache Solr VelocityResponseWriter Plug-In Remote Code Execution Vulnerability
The Apache Solr VelocityResponseWriter plug-in contains an unspecified vulnerability which can allow for remote code execution.
|
— | 94.5% |
| Nov 3, 2021 | CVE-2019-18187 | Trend Micro OfficeScan |
Trend Micro OfficeScan Directory Traversal Vulnerability
Trend Micro OfficeScan contains a directory traversal vulnerability by extracting files from a zip file to a specific folder on the OfficeScan server, leading to remote code execu…
|
— | 80.6% |
| Nov 3, 2021 |
CVE-2019-18935
Ransomware |
Progress Telerik UI for ASP.NET AJAX |
Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability
Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context o…
|
— | 93.7% |
| Nov 3, 2021 | CVE-2019-18988 | TeamViewer Desktop |
TeamViewer Desktop Bypass Remote Login Vulnerability
TeamViewer Desktop allows for bypass of remote-login access control because the same AES key is used for different customers' installations. If an attacker were to know this key, …
|
— | 7.6% |
| Nov 3, 2021 | CVE-2019-19356 | Netis WF2419 Devices |
Netis WF2419 Devices Remote Code Execution Vulnerability
Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as root through the router's web management page.
|
— | 91.0% |
| Nov 3, 2021 |
CVE-2019-19781
Ransomware |
Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance |
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability
Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code exe…
|
— | 94.4% |
| Nov 3, 2021 | CVE-2019-20085 | TVT NVMS-1000 |
TVT NVMS-1000 Directory Traversal Vulnerability
TVT devices utilizing NVMS-1000 software contain a directory traversal vulnerability via GET /.. requests.
|
— | 94.3% |
| Nov 3, 2021 | CVE-2019-2215 | Android Android Kernel |
Android Kernel Use-After-Free Vulnerability
Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed ch…
|
— | 53.1% |
| Nov 3, 2021 |
CVE-2019-3396
Ransomware |
Atlassian Confluence Server and Data Server |
Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability
Atlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.
|
— | 94.5% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.