Home/Threat filter

Threat filter

Build a query across the whole graph by combining signals on the left. Each one narrows the list, and the count on the right updates as you tick. Hover any option to learn what it means and why it matters - the goal is that you leave understanding the difference between severity, likelihood, and real-world exploitation.

Build a filter

Threat signals
Score thresholds
Severity
All CRITICAL HIGH MEDIUM LOW
Entity filters
Actor origin
All CN RU IR KP IN PK
Sort
Your query
· CVEs in scope
Why it matters · hover any option on the left
414 CVEs matched  ·  page 1 of 17
↓ Export JSON (up to 1000)
CVE-2016-2296 CRITICAL schedule
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pag
CVSS 9.4
EPSS 0.644
CVE-2016-0161 MEDIUM schedule
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Ele
CVSS 6.5
EPSS 0.688
CVE-2015-1793 MEDIUM schedule
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly
CVSS 6.5
EPSS 0.618
CVE-2016-3238 HIGH schedule
The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1
CVSS 8.1
EPSS 0.354
CVE-2016-2118 HIGH schedule
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x befor
CVSS 7.5
EPSS 0.370
CVE-2016-3198 MEDIUM monitor
Microsoft Edge allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted do
CVSS 6.5
EPSS 0.325
CVE-2016-10178 CRITICAL monitor
An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/s
CVSS 9.8
EPSS 0.073
CVE-2016-6957 CRITICAL monitor
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acro
CVSS 9.8
EPSS 0.058
CVE-2016-4215 CRITICAL monitor
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acro
CVSS 9.8
EPSS 0.057
CVE-2014-5334 CRITICAL monitor
FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a
CVSS 9.8
EPSS 0.052
CVE-2015-8286 CRITICAL monitor
Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via
CVSS 9.8
EPSS 0.046
CVE-2015-7554 CRITICAL monitor
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory
CVSS 9.8
EPSS 0.042
CVE-2015-8803 CRITICAL monitor
The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces inco
CVSS 9.8
EPSS 0.041
CVE-2017-8227 CRITICAL monitor
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect pass
CVSS 9.8
EPSS 0.041
CVE-2015-8804 CRITICAL monitor
x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in
CVSS 9.8
EPSS 0.039
CVE-2016-5788 CRITICAL monitor
General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open po
CVSS 10.0
EPSS 0.023
CVE-2015-8857 CRITICAL monitor
The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean
CVSS 9.8
EPSS 0.036
CVE-2015-6473 CRITICAL monitor
WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation.
CVSS 9.8
EPSS 0.035
CVE-2016-1896 CRITICAL monitor
Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.04
CVSS 9.8
EPSS 0.033
CVE-2016-6629 CRITICAL monitor
An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. An attacker c
CVSS 9.8
EPSS 0.031
CVE-2011-4889 CRITICAL monitor
The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Serv
CVSS 9.8
EPSS 0.027
CVE-2016-10321 CRITICAL monitor
web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker
CVSS 9.8
EPSS 0.026
CVE-2016-0332 CRITICAL monitor
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not proper
CVSS 9.8
EPSS 0.023
CVE-2016-9865 CRITICAL monitor
An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protecti
CVSS 9.8
EPSS 0.023
CVE-2016-8964 CRITICAL monitor
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force
CVSS 9.8
EPSS 0.022
1 / 17 Next
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Ransomware groups
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Privacy policy Terms of service
threatengine.sh