0.7%
actively
exploited
exploited
Focus on what’s exploited
Out of 350,016 known CVEs, only 0.7% show real-world exploitation signals.
Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.
2,499
Total Known exploited
351
Added this week
Search
Results update as you type.
⌘K
Added
Exploitability
Type to search. Filters apply instantly.
| CVE | Severity | Title |
|---|---|---|
| CVE-2013-7372 | 5.0 Medium |
The engineNextBytes function in...
Remote
Low complexity
|
| CVE-2014-0515 | 10.0 Critical |
Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356...
Remote
Low complexity
|
| CVE-2014-0295 | 4.3 Medium |
VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not implement the ASLR protection mechanism, which makes it easier for remote...
Remote
|
| CVE-2014-0253 | 5.0 Medium |
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote...
Remote
Low complexity
|
| CVE-2013-1904 | 5.0 Medium |
Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers...
Remote
Low complexity
|
| CVE-2013-7246 | 9.3 Critical |
Buffer overflow in the IconCreate method in an ActiveX control in the DaumGame ActiveX plugin 1.1.0.4 and 1.1.0.5 allows remote attackers to...
Remote
|
| CVE-2013-5211 | 5.0 Medium |
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification)...
Remote
Low complexity
|
| CVE-2013-7102 | 6.8 Medium |
Multiple unrestricted file upload vulnerabilities in (1) media-upload.php, (2) media-upload-lncthumb.php, and (3) media-upload-sq_button.php in...
Remote
|
| CVE-2013-5331 | 9.3 Critical |
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe...
Remote
|
| CVE-2013-5054 | 4.3 Medium |
Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an...
Remote
|
| CVE-2013-5057 | 4.3 Medium |
hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote...
Remote
|
| CVE-2013-3918 | 8.8 High |
The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista...
Remote
Low complexity
|
| CVE-2011-4106 | 6.8 Medium |
TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and...
Remote
|
| CVE-2013-6129 | 7.5 High |
The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid,...
Remote
Low complexity
|
| CVE-2013-6026 | 10.0 Critical |
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and...
Remote
Low complexity
|
| CVE-2013-5576 | 6.8 Medium |
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote...
Remote
|
| CVE-2013-4854 | 7.8 High |
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND...
Remote
Low complexity
|
| CVE-2013-1493 | 10.0 Critical |
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40...
Remote
Low complexity
|
| CVE-2013-0634 | 9.3 Critical |
Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on...
Remote
|
| CVE-2013-0633 | 9.3 Critical |
Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before...
Remote
|
| CVE-2012-6498 | 6.8 Medium |
Unrestricted file upload vulnerability in index.php in Atomymaxsite 2.5 and earlier allows remote attackers to execute arbitrary code by uploading...
Remote
|
| CVE-2012-6081 | 6.0 Medium |
Multiple unrestricted file upload vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in...
Remote
|
| CVE-2012-6467 | 4.3 Medium |
Opera before 12.10 follows Internet shortcuts that are referenced by a (1) IMG element or (2) other inline element, which makes it easier for...
Remote
|
| CVE-2011-5148 | 6.8 Medium |
Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote...
Remote
|
| CVE-2012-1854 | 7.8 High |
Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for...
Low complexity
|
Displaying vulnerabilities 2401 - 2425 of 2499 in total