Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Nov 3, 2021 | CVE-2021-21166 | Google Chromium |
Google Chromium Race Condition Vulnerability
Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affe…
|
— | 38.0% |
| Nov 3, 2021 | CVE-2021-21193 | Google Chromium Blink |
Google Chromium Blink Use-After-Free Vulnerability
Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability coul…
|
— | 13.8% |
| Nov 3, 2021 | CVE-2021-21206 | Google Chromium Blink |
Google Chromium Blink Use-After-Free Vulnerability
Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability coul…
|
— | 17.5% |
| Nov 3, 2021 | CVE-2021-21220 | Google Chromium V8 |
Google Chromium V8 Improper Input Validation Vulnerability
Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vu…
|
— | 91.2% |
| Nov 3, 2021 | CVE-2021-21224 | Google Chromium V8 |
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could …
|
— | 42.5% |
| Nov 3, 2021 |
CVE-2021-21972
Ransomware |
VMware vCenter Server |
VMware vCenter Server Remote Code Execution Vulnerability
VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute …
|
— | 93.8% |
| Nov 3, 2021 |
CVE-2021-21985
Ransomware |
VMware vCenter Server |
VMware vCenter Server Improper Input Validation Vulnerability
VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for …
|
— | 94.4% |
| Nov 3, 2021 |
CVE-2021-22005
Ransomware |
VMware vCenter Server |
VMware vCenter Server File Upload Vulnerability
VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code.
|
— | 94.4% |
| Nov 3, 2021 |
CVE-2021-22205
Ransomware |
GitLab Community and Enterprise Editions |
GitLab Community and Enterprise Editions Remote Code Execution Vulnerability
GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse passes image file ex…
|
— | 94.5% |
| Nov 3, 2021 | CVE-2021-22502 | Micro Focus Operation Bridge Reporter (OBR) |
Micro Focus Operation Bridge Report (OBR) Remote Code Execution Vulnerability
Micro Focus Operation Bridge Report (OBR) contains an unspecified vulnerability that allows for remote code execution.
|
— | 94.0% |
| Nov 3, 2021 | CVE-2021-22506 | Micro Focus Micro Focus Access Manager |
Micro Focus Access Manager Information Leakage Vulnerability
Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used.
|
— | 10.5% |
| Nov 3, 2021 |
CVE-2021-22893
Ransomware |
Ivanti Pulse Connect Secure |
Ivanti Pulse Connect Secure Use-After-Free Vulnerability
Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.
|
— | 93.6% |
| Nov 3, 2021 | CVE-2021-22894 | Ivanti Pulse Connect Secure |
Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability
Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciousl…
|
— | 42.0% |
| Nov 3, 2021 | CVE-2021-22899 | Ivanti Pulse Connect Secure |
Ivanti Pulse Connect Secure Command Injection Vulnerability
Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.
|
— | 19.5% |
| Nov 3, 2021 | CVE-2021-22900 | Ivanti Pulse Connect Secure |
Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability
Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive…
|
— | 2.6% |
| Nov 3, 2021 |
CVE-2021-22986
Ransomware |
F5 BIG-IP and BIG-IQ Centralized Management |
F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability
F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access …
|
— | 94.5% |
| Nov 3, 2021 | CVE-2021-23874 | McAfee McAfee Total Protection (MTP) |
McAfee Total Protection (MTP) Improper Privilege Management Vulnerability
McAfee Total Protection (MTP) contains an improper privilege management vulnerability that allows a local user to gain elevated privileges and execute code, bypassing MTP self-def…
|
— | 0.7% |
| Nov 3, 2021 |
CVE-2021-26084
Ransomware |
Atlassian Confluence Server and Data Center |
Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability
Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.
|
— | 94.4% |
| Nov 3, 2021 |
CVE-2021-26411
Ransomware |
Microsoft Internet Explorer |
Microsoft Internet Explorer Memory Corruption Vulnerability
Microsoft Internet Explorer contains an unspecified vulnerability that allows for memory corruption.
|
— | 92.5% |
| Nov 3, 2021 |
CVE-2021-26855
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.
|
— | 94.3% |
| Nov 3, 2021 |
CVE-2021-26857
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.
|
— | 40.5% |
| Nov 3, 2021 |
CVE-2021-26858
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.
|
— | 73.2% |
| Nov 3, 2021 | CVE-2021-27059 | Microsoft Office |
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office contains an unspecified vulnerability that allows for remote code execution.
|
— | 2.8% |
| Nov 3, 2021 |
CVE-2021-27065
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.
|
— | 94.2% |
| Nov 3, 2021 | CVE-2021-27085 | Microsoft Internet Explorer |
Microsoft Internet Explorer Remote Code Execution Vulnerability
Microsoft Internet Explorer contains an unspecified vulnerability that allows for remote code execution.
|
— | 1.8% |
| Nov 3, 2021 |
CVE-2021-27101
Ransomware |
Accellion FTA |
Accellion FTA SQL Injection Vulnerability
Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.
|
— | 0.7% |
| Nov 3, 2021 |
CVE-2021-27102
Ransomware |
Accellion FTA |
Accellion FTA OS Command Injection Vulnerability
Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.
|
— | 0.2% |
| Nov 3, 2021 |
CVE-2021-27103
Ransomware |
Accellion FTA |
Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability
Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html.
|
— | 1.1% |
| Nov 3, 2021 |
CVE-2021-27104
Ransomware |
Accellion FTA |
Accellion FTA OS Command Injection Vulnerability
Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.
|
— | 6.4% |
| Nov 3, 2021 | CVE-2021-27561 | Yealink Device Management |
Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability
Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.
|
— | 94.1% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.