CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    7.8

    HIGH
    CVE-2021-1732 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1732

    Alert Date: Nov 03, 2021 | 1588 days ago

    7.1

    HIGH
    CVE-2020-27950 - Apple Multiple Products Memory Initialization Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, and watchOS contain a memory initialization vulnerability that may allow a malicious application to disclose kernel memory.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-27950

    Alert Date: Nov 03, 2021 | 1588 days ago

    7.8

    HIGH
    CVE-2016-7255 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-7255

    Alert Date: Nov 03, 2021 | 1588 days ago
Showing 20 of 1543 Results

Filters