Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 1,561–1,590 of 1,619 CVEs · Page 53 of 54 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Nov 3, 2021 CVE-2021-27562 Arm Trusted Firmware
Arm Trusted Firmware Out-of-Bounds Write Vulnerability
Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data whe…
10.9%
Nov 3, 2021 CVE-2021-28310 Microsoft Win32k
endpoint m365 smb essential
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Windows Win32k contains an unspecified vulnerability that allows for privilege escalation.
54.0%
Nov 3, 2021 CVE-2021-28550 Adobe Acrobat and Reader
smb essential
Adobe Acrobat and Reader Use-After-Free Vulnerability
Adobe Acrobat and Reader contains a use-after-free vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.
30.7%
Nov 3, 2021 CVE-2021-28663 Arm Mali Graphics Processing Unit (GPU)
Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability
Arm Mali Graphics Processing Unit (GPU) kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gai…
3.6%
Nov 3, 2021 CVE-2021-28664 Arm Mali Graphics Processing Unit (GPU)
Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability
Arm Mali Graphics Processing Unit (GPU) kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain roo…
0.3%
Nov 3, 2021 CVE-2021-30116
Ransomware
Kaseya Virtual System/Server Administrator (VSA)
enterprise smb essential
Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability
Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further …
54.1%
Nov 3, 2021 CVE-2021-30551 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
82.2%
Nov 3, 2021 CVE-2021-30554 Google Chromium WebGL
browser smb essential
Google Chromium WebGL Use-After-Free Vulnerability
Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability coul…
5.8%
Nov 3, 2021 CVE-2021-30563 Google Chromium V8
browser smb essential
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
2.6%
Nov 3, 2021 CVE-2021-30632 Google Chromium V8
browser smb essential
Google Chromium V8 Out-of-Bounds Write Vulnerability
Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerab…
83.8%
Nov 3, 2021 CVE-2021-30633 Google Chromium Indexed DB API
browser smb essential
Google Chromium Indexed DB API Use-After-Free Vulnerability
Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox es…
30.1%
Nov 3, 2021 CVE-2021-30657 Apple macOS
endpoint mobile smb essential
Apple macOS Unspecified Vulnerability
Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks.
83.1%
Nov 3, 2021 CVE-2021-30661 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Storage Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web cont…
0.1%
Nov 3, 2021 CVE-2021-30663 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Integer Overflow Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vuln…
1.0%
Nov 3, 2021 CVE-2021-30665 Apple Multiple Products
browser endpoint mobile smb essential
Apple Multiple Products WebKit Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vul…
0.2%
Nov 3, 2021 CVE-2021-30666 Apple iOS
browser endpoint mobile smb essential
Apple iOS WebKit Buffer Overflow Vulnerability
Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parser…
1.2%
Nov 3, 2021 CVE-2021-30713 Apple macOS
endpoint mobile smb essential
Apple macOS Unspecified Vulnerability
Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.
0.1%
Nov 3, 2021 CVE-2021-30761 Apple iOS
browser endpoint mobile smb essential
Apple iOS WebKit Memory Corruption Vulnerability
Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML pars…
0.5%
Nov 3, 2021 CVE-2021-30762 Apple iOS
browser endpoint mobile smb essential
Apple iOS WebKit Use-After-Free Vulnerability
Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers…
0.0%
Nov 3, 2021 CVE-2021-30807 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and watchOS IOMobileFrameBuffer contain a memory corruption vulnerability which may allow an application to execute code with kernel privileges.
21.0%
Nov 3, 2021 CVE-2021-30858 Apple iOS, iPadOS, and macOS
endpoint mobile smb essential
Apple iOS, iPadOS, macOS Use-After-Free Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could i…
0.8%
Nov 3, 2021 CVE-2021-30860 Apple Multiple Products
endpoint mobile smb essential
Apple Multiple Products Integer Overflow Vulnerability
Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously crafted PDF. The vulnerab…
72.0%
Nov 3, 2021 CVE-2021-30869 Apple iOS, iPadOS, and macOS
endpoint mobile smb essential
Apple iOS, iPadOS, and macOS Type Confusion Vulnerability
Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges.
1.7%
Nov 3, 2021 CVE-2021-31199 Microsoft Enhanced Cryptographic Provider
endpoint m365 smb essential
Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability
Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.
0.9%
Nov 3, 2021 CVE-2021-31201 Microsoft Enhanced Cryptographic Provider
endpoint m365 smb essential
Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability
Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.
0.7%
Nov 3, 2021 CVE-2021-31207
Ransomware
Microsoft Exchange Server
endpoint m365 smb essential
Microsoft Exchange Server Security Feature Bypass Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for security feature bypass.
93.8%
Nov 3, 2021 CVE-2021-31755 Tenda AC11 Router
network
Tenda AC11 Router Stack Buffer Overflow Vulnerability
Tenda AC11 devices contain a stack buffer overflow vulnerability in /goform/setmac which allows attackers to execute code via a crafted post request.
94.0%
Nov 3, 2021 CVE-2021-31955 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Kernel Information Disclosure Vulnerability
Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memo…
3.6%
Nov 3, 2021 CVE-2021-31956 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows NTFS Privilege Escalation Vulnerability
Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.
90.7%
Nov 3, 2021 CVE-2021-31979 Microsoft Windows
endpoint m365 smb essential
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
6.2%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.