0.7%
actively
exploited
exploited
Focus on what’s exploited
Out of 350,131 known CVEs, only 0.7% show real-world exploitation signals.
Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.
2,501
Total Known exploited
353
Added this week
Search
Results update as you type.
⌘K
Added
Exploitability
Type to search. Filters apply instantly.
| CVE | Severity | Title |
|---|---|---|
| CVE-2021-27562 | 5.5 Medium |
In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when...
Low complexity
No user interaction
|
| CVE-2021-28664 | 8.8 High |
The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve...
Remote
Low complexity
No user interaction
|
| CVE-2021-28663 | 8.8 High |
The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a...
Remote
Low complexity
No user interaction
|
| CVE-2019-3398 | 8.8 High |
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission...
Remote
Low complexity
No user interaction
|
| CVE-2021-26084 | 9.8 Critical |
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to...
Malware
Remote
Low complexity
No user interaction
|
| CVE-2019-11580 | 9.8 Critical |
Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send...
Malware
Remote
Low complexity
No user interaction
|
| CVE-2019-3396 | 9.8 Critical |
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3...
Malware
Remote
Low complexity
No user interaction
|
| CVE-2021-42258 | 9.8 Critical |
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild...
Malware
Remote
Low complexity
No user interaction
|
| CVE-2020-3452 | 7.5 High |
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability
Remote
Low complexity
No user interaction
|
| CVE-2020-3580 | 6.1 Medium |
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities
Malware
Remote
Low complexity
|
| CVE-2021-1497 | 9.8 Critical |
Cisco HyperFlex HX Command Injection Vulnerabilities
Remote
Low complexity
No user interaction
|
| CVE-2021-1498 | 9.8 Critical |
Cisco HyperFlex HX Command Injection Vulnerabilities
Remote
Low complexity
No user interaction
|
| CVE-2018-0171 | 9.8 Critical |
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to...
Remote
Low complexity
No user interaction
|
| CVE-2020-3118 | 8.8 High |
Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability
Low complexity
No user interaction
|
| CVE-2020-3566 | 8.6 High |
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Remote
Low complexity
No user interaction
|
| CVE-2020-3569 | 8.6 High |
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities
Remote
Low complexity
No user interaction
|
| CVE-2020-3161 | 9.8 Critical |
Cisco IP Phones Web Server Remote Code Execution and Denial of Service Vulnerability
Remote
Low complexity
No user interaction
|
| CVE-2019-1653 | 7.5 High |
Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability
Remote
Low complexity
No user interaction
|
| CVE-2018-0296 | 7.5 High |
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an...
Remote
Low complexity
No user interaction
|
| CVE-2019-13608 | 7.5 High |
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.
Malware
Remote
Low complexity
No user interaction
|
| CVE-2020-8193 | 6.5 Medium |
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix...
Remote
Low complexity
No user interaction
|
| CVE-2020-8195 | 6.5 Medium |
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix...
Remote
Low complexity
No user interaction
|
| CVE-2020-8196 | 4.3 Medium |
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix...
Remote
Low complexity
No user interaction
|
| CVE-2019-19781 | 9.8 Critical |
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Malware
Remote
Low complexity
No user interaction
|
| CVE-2019-11634 | 9.8 Critical |
Citrix Workspace App before 1904 for Windows has Incorrect Access Control.
Malware
Remote
Low complexity
No user interaction
|
Displaying vulnerabilities 2176 - 2200 of 2501 in total