Home/Threat filter

Threat filter

Build a query across the whole graph by combining signals on the left. Each one narrows the list, and the count on the right updates as you tick. Hover any option to learn what it means and why it matters - the goal is that you leave understanding the difference between severity, likelihood, and real-world exploitation.

Build a filter

Threat signals
Score thresholds
Severity
All CRITICAL HIGH MEDIUM LOW
Entity filters
Actor origin
All CN RU IR KP IN PK
Sort
Your query
· CVEs in scope
Why it matters · hover any option on the left
316 CVEs matched  ·  page 1 of 13
↓ Export JSON (up to 1000)
CVE-2024-46909 CRITICAL schedule
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability t
CVSS 9.8
EPSS 0.408
CVE-2017-6639 CRITICAL schedule
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM)
CVSS 9.8
EPSS 0.407
CVE-2004-2687 schedule
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote at
EPSS 0.905
CVE-2012-5613 schedule
MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the
EPSS 0.888
CVE-2007-3898 schedule
The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when
EPSS 0.864
CVE-2009-2335 schedule
WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the u
EPSS 0.853
CVE-2011-4404 monitor
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 bef
EPSS 0.833
CVE-2006-0848 monitor
The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to ex
EPSS 0.788
CVE-2007-2216 monitor
The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an incorrect IObjectsa
EPSS 0.766
CVE-2019-3939 CRITICAL monitor
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator
CVSS 9.8
EPSS 0.036
CVE-2006-3677 monitor
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by chang
EPSS 0.673
CVE-2021-20032 CRITICAL monitor
SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vul
CVSS 9.8
EPSS 0.010
CVE-2019-3949 CRITICAL monitor
Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to
CVSS 9.8
EPSS 0.005
CVE-2018-15386 CRITICAL monitor
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to by
CVSS 9.8
EPSS 0.002
CVE-2015-9197 CRITICAL monitor
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206,
CVSS 9.8
EPSS 0.002
CVE-2018-11922 CRITICAL monitor
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
CVSS 9.8
EPSS 0.002
CVE-2016-10388 CRITICAL monitor
In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists whe
CVSS 9.8
EPSS 0.001
CVE-2017-12249 CRITICAL monitor
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an a
CVSS 9.1
EPSS 0.012
CVE-2023-39385 CRITICAL monitor
Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnera
CVSS 9.1
EPSS 0.001
CVE-2021-22957 HIGH monitor
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allow
CVSS 8.8
EPSS 0.004
CVE-2025-12221 HIGH monitor
Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVSS 8.8
EPSS 0.000
CVE-2018-0262 HIGH monitor
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to c
CVSS 8.1
EPSS 0.042
CVE-2022-29095 HIGH monitor
Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1
CVSS 8.3
EPSS 0.007
CVE-2022-37397 HIGH monitor
An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Dir
CVSS 8.3
EPSS 0.005
CVE-2010-0386 HIGH monitor
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which make
CVSS 8.1
EPSS 0.007
1 / 13 Next
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh