Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Nov 3, 2021 | CVE-2020-3566 | Cisco IOS XR |
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated,…
|
— | 2.1% |
| Nov 3, 2021 | CVE-2020-3569 | Cisco IOS XR |
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated,…
|
— | 4.7% |
| Nov 3, 2021 | CVE-2020-9818 | Apple iOS, iPadOS, and watchOS |
Apple iOS, iPadOS, and watchOS Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and watchOS Mail contains an out-of-bounds write vulnerability which may allow memory modification or application termination when processing a maliciously craf…
|
— | 0.9% |
| Nov 3, 2021 | CVE-2020-9819 | Apple iOS, iPadOS, and watchOS |
Apple iOS, iPadOS, and watchOS Memory Corruption Vulnerability
Apple iOS, iPadOS, and watchOS Mail contains a memory corruption vulnerability that may allow heap corruption when processing a maliciously crafted mail message.
|
— | 0.6% |
| Nov 3, 2021 | CVE-2020-9859 | Apple Multiple Products |
Apple Multiple Products Code Execution Vulnerability
Apple iOS, iPadOS, macOS, watchOS, and tvOS contain an unspecified vulnerability that may allow an application to execute code with kernel privileges.
|
— | 0.1% |
| Nov 3, 2021 | CVE-2021-1782 | Apple Multiple Products |
Apple Multiple Products Race Condition Vulnerability
Apple iOS, iPadOs, macOS, watchOS, and tvOS contain a race condition vulnerability that may allow a malicious application to elevate privileges.
|
— | 5.9% |
| Nov 3, 2021 | CVE-2021-1870 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use…
|
— | 1.2% |
| Nov 3, 2021 | CVE-2021-1871 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use…
|
— | 0.5% |
| Nov 3, 2021 | CVE-2021-1879 | Apple iOS, iPadOS, and watchOS |
Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability
Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. Th…
|
— | 0.8% |
| Nov 3, 2021 | CVE-2021-30657 | Apple macOS |
Apple macOS Unspecified Vulnerability
Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks.
|
— | 83.1% |
| Nov 3, 2021 | CVE-2021-30661 | Apple Multiple Products |
Apple Multiple Products WebKit Storage Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web cont…
|
— | 0.1% |
| Nov 3, 2021 | CVE-2021-30663 | Apple Multiple Products |
Apple Multiple Products WebKit Integer Overflow Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vuln…
|
— | 1.0% |
| Nov 3, 2021 | CVE-2021-30665 | Apple Multiple Products |
Apple Multiple Products WebKit Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vul…
|
— | 0.2% |
| Nov 3, 2021 | CVE-2021-30666 | Apple iOS |
Apple iOS WebKit Buffer Overflow Vulnerability
Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parser…
|
— | 1.2% |
| Nov 3, 2021 | CVE-2021-30713 | Apple macOS |
Apple macOS Unspecified Vulnerability
Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.
|
— | 0.1% |
| Nov 3, 2021 | CVE-2021-30761 | Apple iOS |
Apple iOS WebKit Memory Corruption Vulnerability
Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML pars…
|
— | 0.5% |
| Nov 3, 2021 | CVE-2021-30762 | Apple iOS |
Apple iOS WebKit Use-After-Free Vulnerability
Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers…
|
— | 0.0% |
| Nov 3, 2021 | CVE-2021-30807 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and watchOS IOMobileFrameBuffer contain a memory corruption vulnerability which may allow an application to execute code with kernel privileges.
|
— | 21.0% |
| Nov 3, 2021 | CVE-2021-30858 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, macOS Use-After-Free Vulnerability
Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could i…
|
— | 0.8% |
| Nov 3, 2021 | CVE-2021-30860 | Apple Multiple Products |
Apple Multiple Products Integer Overflow Vulnerability
Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously crafted PDF. The vulnerab…
|
— | 72.0% |
| Nov 3, 2021 | CVE-2021-30869 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Type Confusion Vulnerability
Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges.
|
— | 1.7% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.