0.7%
actively
exploited
exploited
Focus on what’s exploited
Out of 350,184 known CVEs, only 0.7% show real-world exploitation signals.
Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.
2,501
Total Known exploited
352
Added this week
Search
Results update as you type.
⌘K
Added
Exploitability
Type to search. Filters apply instantly.
| CVE | Severity | Title |
|---|---|---|
| CVE-2015-4902 | 5.3 Medium |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to...
Remote
Low complexity
No user interaction
|
| CVE-2015-5119 | 9.8 Critical |
Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and...
Remote
Low complexity
No user interaction
|
| CVE-2015-7645 | 7.8 High |
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote...
Malware
Low complexity
|
| CVE-2016-0099 | 7.8 High |
The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012...
Malware
Low complexity
No user interaction
|
| CVE-2016-1019 | 9.8 Critical |
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary...
Malware
Remote
Low complexity
No user interaction
|
| CVE-2016-4117 | 9.8 Critical |
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in...
Remote
Low complexity
No user interaction
|
| CVE-2016-5195 | 7.0 High |
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling...
No user interaction
|
| CVE-2016-7193 | 7.8 High |
Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility...
Low complexity
|
| CVE-2016-7262 | 7.8 High |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow...
Low complexity
|
| CVE-2016-7855 | 8.8 High |
Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers...
Remote
Low complexity
|
| CVE-2016-8562 | 7.5 High |
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under...
Remote
No user interaction
|
| CVE-2017-0001 | 7.8 High |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server...
Low complexity
No user interaction
|
| CVE-2017-0261 | 7.8 High |
Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle...
Low complexity
|
| CVE-2017-11292 | 8.8 High |
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in...
Remote
Low complexity
|
| CVE-2017-11826 | 7.8 High |
Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word...
Low complexity
|
| CVE-2017-12231 | 7.5 High |
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an...
Remote
Low complexity
No user interaction
|
| CVE-2017-12232 | 6.5 Medium |
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0...
Low complexity
No user interaction
|
| CVE-2017-12233 | 7.5 High |
Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an...
Remote
Low complexity
No user interaction
|
| CVE-2017-12234 | 7.5 High |
Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an...
Remote
Low complexity
No user interaction
|
| CVE-2017-12235 | 7.5 High |
A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an...
Remote
Low complexity
No user interaction
|
| CVE-2017-12237 | 7.5 High |
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow...
Remote
Low complexity
No user interaction
|
| CVE-2017-12238 | 6.5 Medium |
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow...
Low complexity
No user interaction
|
| CVE-2017-12240 | 9.8 Critical |
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated,...
Remote
Low complexity
No user interaction
|
| CVE-2017-12319 | 5.9 Medium |
A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an...
Remote
No user interaction
|
| CVE-2017-6627 | 7.5 High |
A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote...
Remote
Low complexity
No user interaction
|
Displaying vulnerabilities 1901 - 1925 of 2501 in total