0.7%
actively
exploited
exploited
Focus on what’s exploited
Out of 350,187 known CVEs, only 0.7% show real-world exploitation signals.
Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.
2,503
Total Known exploited
426
Added this week
Search
Results update as you type.
⌘K
Added
Exploitability
Type to search. Filters apply instantly.
| CVE | Severity | Title |
|---|---|---|
| CVE-2017-6862 | 9.8 Critical |
NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and...
Remote
Low complexity
No user interaction
|
| CVE-2017-5070 | 8.8 High |
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to...
Remote
Low complexity
|
| CVE-2017-5030 | 8.8 High |
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android...
Remote
Low complexity
|
| CVE-2016-5198 | 8.8 High |
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect...
Remote
Low complexity
|
| CVE-2016-1646 | 8.8 High |
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider...
Remote
Low complexity
|
| CVE-2013-1331 | 7.8 High |
Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an...
Low complexity
|
| CVE-2022-26134 | 9.8 Critical |
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to...
Malware
Remote
Low complexity
No user interaction
|
| CVE-2010-0840 | 9.8 Critical |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and...
Remote
Low complexity
No user interaction
|
| CVE-2019-3010 | 8.8 High |
Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily...
Low complexity
No user interaction
|
| CVE-2016-3393 | 7.8 High |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows...
Low complexity
|
| CVE-2016-7256 | 8.8 High |
atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows...
Remote
Low complexity
|
| CVE-2016-1010 | 8.8 High |
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on...
Remote
Low complexity
|
| CVE-2016-0984 | 8.8 High |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before...
Remote
Low complexity
|
| CVE-2016-0034 | 8.8 High |
Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or...
Malware
Remote
Low complexity
|
| CVE-2015-0310 | 7.8 High |
Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly...
Low complexity
|
| CVE-2015-0016 | 7.8 High |
Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2...
Low complexity
|
| CVE-2015-0071 | 6.5 Medium |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet...
Remote
Low complexity
|
| CVE-2015-2360 | 8.8 High |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,...
Remote
Low complexity
No user interaction
|
| CVE-2015-2425 | 8.8 High |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web...
Remote
Low complexity
|
| CVE-2015-1769 | 6.6 Medium |
Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold...
Low complexity
No user interaction
|
| CVE-2015-4495 | 8.8 High |
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the...
Remote
Low complexity
|
| CVE-2015-8651 | 8.8 High |
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux,...
Remote
Low complexity
|
| CVE-2015-6175 | 7.8 High |
The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of...
Low complexity
|
| CVE-2015-1671 | 7.8 High |
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2;...
Low complexity
|
| CVE-2014-4148 | 8.8 High |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,...
Remote
Low complexity
|
Displaying vulnerabilities 1601 - 1625 of 2503 in total