0.7%
actively
exploited
exploited
Focus on what’s exploited
Out of 350,016 known CVEs, only 0.7% show real-world exploitation signals.
Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.
2,499
Total Known exploited
351
Added this week
Search
Results update as you type.
⌘K
Added
Exploitability
Type to search. Filters apply instantly.
| CVE | Severity | Title |
|---|---|---|
| CVE-2010-3653 | 9.3 Critical |
The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of...
Remote
|
| CVE-2010-3889 | 7.2 High |
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the...
Low complexity
|
| CVE-2010-3888 | 7.2 High |
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the...
Low complexity
|
| CVE-2010-3081 | 7.8 High |
The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly...
Low complexity
No user interaction
|
| CVE-2010-2729 | 9.3 Critical |
The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2,...
Remote
|
| CVE-2010-2884 | 9.3 Critical |
Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and...
Remote
|
| CVE-2010-1165 | 9.0 Critical |
Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the (1) attachment (aka...
Remote
Low complexity
|
| CVE-2010-1164 | 4.3 Medium |
Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA 3.12 through 4.1 allow remote attackers to inject arbitrary web script or...
Remote
|
| CVE-2010-0806 | 8.8 High |
Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers...
Remote
Low complexity
|
| CVE-2010-0249 | 8.8 High |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003...
Remote
Low complexity
|
| CVE-2009-3459 | 8.8 High |
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute...
Remote
Low complexity
|
| CVE-2008-7168 | 9.3 Critical |
Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and...
Remote
|
| CVE-2009-3041 | 7.5 High |
SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for (1) ecrire/exec/install.php and (2) ecrire/index.php, which...
Remote
Low complexity
|
| CVE-2009-0696 | 4.3 Medium |
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as...
Remote
|
| CVE-2009-1136 | 9.3 Critical |
The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office...
Remote
|
| CVE-2008-0015 | 8.8 High |
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest...
Remote
Low complexity
|
| CVE-2009-2265 | 7.5 High |
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories...
Remote
Low complexity
|
| CVE-2009-1391 | 6.8 Medium |
Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly...
Remote
|
| CVE-2009-1537 | 8.8 High |
Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000...
Remote
Low complexity
|
| CVE-2009-1807 | 9.3 Critical |
Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote attackers to execute arbitrary code by calling the...
Remote
|
| CVE-2009-1800 | 7.5 High |
Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote...
Remote
Low complexity
|
| CVE-2009-1612 | 9.3 Critical |
Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute...
Remote
|
| CVE-2009-1481 | 7.5 High |
SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the...
Remote
Low complexity
|
| CVE-2009-1438 | 7.5 High |
Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins, TTPlayer, and...
Remote
Low complexity
|
| CVE-2009-1308 | 4.3 Medium |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary...
Remote
|
Displaying vulnerabilities 2451 - 2475 of 2499 in total