Home/Threat filter

Threat filter

Build a query across the whole graph by combining signals on the left. Each one narrows the list, and the count on the right updates as you tick. Hover any option to learn what it means and why it matters - the goal is that you leave understanding the difference between severity, likelihood, and real-world exploitation.

Build a filter

Threat signals
Score thresholds
Severity
All CRITICAL HIGH MEDIUM LOW
Entity filters
Actor origin
All CN RU IR KP IN PK
Sort
Your query
· CVEs in scope
Why it matters · hover any option on the left
1243 CVEs matched  ·  page 1 of 50
↓ Export JSON (up to 1000)
CVE-2013-2094 KEV HIGH act-now
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data t
CVSS 8.4
EPSS 0.659
CVE-2016-3645 CRITICAL schedule
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); S
CVSS 9.8
EPSS 0.756
CVE-2013-0006 HIGH schedule
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attac
CVSS 8.8
EPSS 0.683
CVE-2010-1883 HIGH schedule
Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2
CVSS 7.8
EPSS 0.656
CVE-2016-2106 HIGH schedule
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0
CVSS 7.5
EPSS 0.673
CVE-2011-2013 CRITICAL schedule
Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, a
CVSS 9.8
EPSS 0.428
CVE-2015-5259 HIGH schedule
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows r
CVSS 8.6
EPSS 0.343
CVE-2015-3864 schedule
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in A
EPSS 0.903
CVE-2006-3747 schedule
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and o
EPSS 0.900
CVE-2015-1538 schedule
Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android bef
EPSS 0.892
CVE-2013-3138 schedule
Integer overflow in the TCP/IP kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Wi
EPSS 0.883
CVE-2009-2990 schedule
Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might all
EPSS 0.880
CVE-2010-2156 schedule
ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit)
EPSS 0.868
CVE-2011-0663 HIGH schedule
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engin
CVSS 8.8
EPSS 0.279
CVE-2011-2371 schedule
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird bef
EPSS 0.864
CVE-2015-8396 CRITICAL schedule
Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cx
CVSS 10.0
EPSS 0.187
CVE-2007-0071 schedule
Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execu
EPSS 0.847
CVE-2013-4124 schedule
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.
EPSS 0.835
CVE-2011-0257 monitor
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a deni
EPSS 0.830
CVE-2009-1831 monitor
The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552 allows remote attackers to execute
EPSS 0.812
CVE-2007-5348 monitor
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Go
EPSS 0.789
CVE-2012-1182 monitor
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement valida
EPSS 0.785
CVE-2007-3034 monitor
Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2,
EPSS 0.781
CVE-2014-9766 CRITICAL monitor
Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to c
CVSS 9.8
EPSS 0.107
CVE-2008-5159 monitor
Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earl
EPSS 0.750
1 / 50 Next
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh