CVE Tracker
Track known exploited vulnerabilities, CISA KEV alerts, and linked threat intelligence.
1,542
Total CVEs
1,542
CISA KEV
1542
Critical & High
Mar 13, 2026
Last KEV Update
| CVE ID | Severity | Vendor | Description | Published | KEV |
|---|---|---|---|---|---|
| CVE-2021-30551 | High | GoogleChromium V8 | Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2020-6418 | High | GoogleChromium V8 | Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-30554 | High | GoogleChromium WebGL | Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-21206 | High | GoogleChromium Blink | Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-38000 | High | GoogleChromium Intents | Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-38003 | High | GoogleChromium V8 | Google Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causing memory corruption. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-30632 | High | GoogleChromium V8 | Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-37975 | High | GoogleChromium V8 | Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-21224 | High | GoogleChromium V8 | Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-21193 | High | GoogleChromium Blink | Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-21220 | High | GoogleChromium V8 | Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2021-30563 | High | GoogleChromium V8 | Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Nov 3, 2021 | KEV |
| CVE-2020-4428 | High | IBMData Risk Manager | IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.� | Nov 3, 2021 | KEV |
| CVE-2020-15505 | High | IvantiMobileIron Multiple Products | Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution. | Nov 3, 2021 | KEV |
| CVE-2014-1812 | High | MicrosoftWindows | Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain. | Nov 3, 2021 | KEV |
| CVE-2016-0167 | High | MicrosoftWin32k | Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application | Nov 3, 2021 | KEV |
| CVE-2021-31955 | High | MicrosoftWindows | Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process. | Nov 3, 2021 | KEV |
| CVE-2021-1647 | High | MicrosoftDefender | Microsoft Defender contains an unspecified vulnerability that allows for remote code execution. | Nov 3, 2021 | KEV |
| CVE-2021-33739 | High | MicrosoftWindows | Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation. | Nov 3, 2021 | KEV |
| CVE-2016-0185 | High | MicrosoftWindows | Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. | Nov 3, 2021 | KEV |