Home/Threat filter

Threat filter

Build a query across the whole graph by combining signals on the left. Each one narrows the list, and the count on the right updates as you tick. Hover any option to learn what it means and why it matters - the goal is that you leave understanding the difference between severity, likelihood, and real-world exploitation.

Build a filter

Threat signals
Score thresholds
Severity
All CRITICAL HIGH MEDIUM LOW
Entity filters
Actor origin
All CN RU IR KP IN PK
Sort
Your query
· CVEs in scope
Why it matters · hover any option on the left
166 CVEs matched  ·  page 1 of 7
↓ Export JSON (up to 1000)
CVE-2015-0240 schedule
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1
EPSS 0.907
CVE-2014-9222 schedule
AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows re
EPSS 0.864
CVE-2016-10481 CRITICAL monitor
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206,
CVSS 9.8
EPSS 0.002
CVE-2014-9707 monitor
EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting with a . (dot), which allows remot
EPSS 0.606
CVE-2016-10142 HIGH monitor
An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (The scope of
CVSS 8.6
EPSS 0.011
CVE-2015-8547 HIGH monitor
The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to
CVSS 7.5
EPSS 0.024
CVE-2016-10075 HIGH monitor
The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo
CVSS 7.8
EPSS 0.001
CVE-2015-8027 HIGH monitor
Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for ea
CVSS 7.5
EPSS 0.014
CVE-2015-5229 HIGH monitor
The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize mem
CVSS 7.5
EPSS 0.010
CVE-2015-9213 HIGH monitor
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206,
CVSS 7.5
EPSS 0.002
CVE-2015-7410 HIGH monitor
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS session
CVSS 7.4
EPSS 0.002
CVE-2014-9426 HIGH monitor
The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform
CVSS 7.3
EPSS 0.008
CVE-2015-7441 MEDIUM monitor
Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2
CVSS 6.8
EPSS 0.002
CVE-2016-1571 MEDIUM monitor
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nest
CVSS 6.3
EPSS 0.003
CVE-2015-7793 MEDIUM monitor
Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers to trigger outbound network traf
CVSS 5.8
EPSS 0.005
CVE-2015-4943 MEDIUM monitor
IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service (MQXR service crash) via a
CVSS 5.3
EPSS 0.006
CVE-2015-4941 MEDIUM monitor
IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS handshakes, which allows remote attackers to cause a
CVSS 5.3
EPSS 0.006
CVE-2016-1940 MEDIUM monitor
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandl
CVSS 5.3
EPSS 0.003
CVE-2016-2169 MEDIUM monitor
Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a bu
CVSS 5.3
EPSS 0.002
CVE-2015-2682 monitor
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via
EPSS 0.347
CVE-2016-2314 MEDIUM monitor
GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to
CVSS 4.9
EPSS 0.002
CVE-2016-1943 MEDIUM monitor
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.
CVSS 4.7
EPSS 0.006
CVE-2015-0290 monitor
The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platfo
EPSS 0.305
CVE-2016-1640 MEDIUM monitor
The Web Store inline-installer implementation in the Extensions UI in Google Chrome before 49.0.2623.75 does not block i
CVSS 4.3
EPSS 0.008
CVE-2016-3721 MEDIUM monitor
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters in
CVSS 4.3
EPSS 0.004
1 / 7 Next
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh