0.7%
actively
exploited
exploited
Focus on what’s exploited
Out of 350,187 known CVEs, only 0.7% show real-world exploitation signals.
Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.
2,501
Total Known exploited
352
Added this week
Search
Results update as you type.
⌘K
Added
Exploitability
Type to search. Filters apply instantly.
| CVE | Severity | Title |
|---|---|---|
| CVE-2010-3333 | 7.8 High |
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac...
Low complexity
|
| CVE-2011-0611 | 8.8 High |
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140;...
Remote
Low complexity
|
| CVE-2011-1889 | 9.8 Critical |
The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute...
Remote
Low complexity
No user interaction
|
| CVE-2011-3544 | 9.8 Critical |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote...
Remote
Low complexity
No user interaction
|
| CVE-2012-0507 | 9.8 Critical |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and...
Malware
Remote
Low complexity
No user interaction
|
| CVE-2012-1535 | 7.8 High |
Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote...
Low complexity
|
| CVE-2012-1723 | 9.8 Critical |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5...
Malware
Remote
Low complexity
No user interaction
|
| CVE-2012-1856 | 8.8 High |
The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2...
Remote
Low complexity
|
| CVE-2012-4681 | 9.8 Critical |
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute...
Malware
Remote
Low complexity
No user interaction
|
| CVE-2013-0632 | 9.8 Critical |
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary...
Remote
Low complexity
No user interaction
|
| CVE-2013-0640 | 7.8 High |
Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a...
Low complexity
|
| CVE-2013-0641 | 7.8 High |
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute...
Low complexity
|
| CVE-2013-1347 | 8.8 High |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an...
Remote
Low complexity
|
| CVE-2013-1675 | 6.5 Medium |
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly...
Remote
Low complexity
|
| CVE-2013-3346 | 9.8 Critical |
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial...
Remote
Low complexity
No user interaction
|
| CVE-2013-3897 | 8.8 High |
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to...
Remote
Low complexity
|
| CVE-2013-5065 | 7.8 High |
NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application,...
Low complexity
|
| CVE-2014-4114 | 7.8 High |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and...
Low complexity
|
| CVE-2015-1642 | 7.8 High |
Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office...
Low complexity
|
| CVE-2015-1701 | 7.8 High |
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges...
Malware
Low complexity
No user interaction
|
| CVE-2015-2387 | 7.8 High |
ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,...
Low complexity
No user interaction
|
| CVE-2015-2424 | 8.8 High |
Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1...
Remote
Low complexity
|
| CVE-2015-2545 | 7.8 High |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka...
Low complexity
|
| CVE-2015-2590 | 9.8 Critical |
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect...
Remote
Low complexity
No user interaction
|
| CVE-2015-3043 | 9.8 Critical |
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers...
Remote
Low complexity
No user interaction
|
Displaying vulnerabilities 1876 - 1900 of 2501 in total