0.7%
actively
exploited
exploited
Focus on what’s exploited
Out of 350,016 known CVEs, only 0.7% show real-world exploitation signals.
Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.
2,499
Total Known exploited
351
Added this week
Search
Results update as you type.
⌘K
Added
Exploitability
Type to search. Filters apply instantly.
| CVE | Severity | Title |
|---|---|---|
| CVE-2012-2376 | 10.0 Critical |
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via...
Remote
Low complexity
|
| CVE-2012-0779 | 9.3 Critical |
Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and...
Remote
|
| CVE-2012-1795 | 7.5 High |
webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter,...
Remote
Low complexity
|
| CVE-2012-1557 | 7.5 High |
SQL injection vulnerability in admin/plib/api-rpc/Agent.php in Parallels Plesk Panel 7.x and 8.x before 8.6 MU#2, 9.x before 9.5 MU#11, 10.0.x...
Remote
Low complexity
|
| CVE-2012-1071 | 7.5 High |
SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL...
Remote
Low complexity
|
| CVE-2011-4862 | 10.0 Critical |
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and...
Remote
Low complexity
|
| CVE-2011-4369 | 10.0 Critical |
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6...
Remote
Low complexity
|
| CVE-2011-3402 | 8.8 High |
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows...
Remote
Low complexity
|
| CVE-2011-4075 | 7.5 High |
The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby...
Remote
Low complexity
|
| CVE-2011-2444 | 4.3 Medium |
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7...
Remote
|
| CVE-2011-3192 | 7.8 High |
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of...
Remote
Low complexity
|
| CVE-2011-1968 | 7.1 High |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets...
Remote
|
| CVE-2011-2900 | 7.5 High |
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web...
Remote
Low complexity
|
| CVE-2011-0226 | 9.3 Critical |
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and...
Remote
|
| CVE-2011-1331 | 9.3 Critical |
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro...
Remote
|
| CVE-2011-2110 | 10.0 Critical |
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to...
Remote
Low complexity
|
| CVE-2009-5076 | 7.5 High |
CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, allows remote attackers to bypass authentication and gain administrator...
Remote
Low complexity
|
| CVE-2011-1950 | 5.5 Medium |
plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as...
Remote
Low complexity
|
| CVE-2011-1752 | 5.0 Medium |
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of...
Remote
Low complexity
|
| CVE-2011-0627 | 9.3 Critical |
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute...
Remote
|
| CVE-2011-1722 | 7.5 High |
Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to...
Remote
Low complexity
|
| CVE-2010-4270 | 5.0 Medium |
Directory traversal vulnerability in the nBill (com_netinvoice) component before 2.0.9 standard edition, 2.0.10 lite edition, and 1.2_10 for...
Remote
Low complexity
|
| CVE-2010-3962 | 8.1 High |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to...
Remote
No user interaction
|
| CVE-2010-3654 | 9.3 Critical |
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll...
Remote
|
| CVE-2010-3765 | 9.8 Critical |
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before...
Remote
Low complexity
No user interaction
|
Displaying vulnerabilities 2426 - 2450 of 2499 in total