Home/Threat filter

Threat filter

Build a query across the whole graph by combining signals on the left. Each one narrows the list, and the count on the right updates as you tick. Hover any option to learn what it means and why it matters - the goal is that you leave understanding the difference between severity, likelihood, and real-world exploitation.

Build a filter

Threat signals
Score thresholds
Severity
All CRITICAL HIGH MEDIUM LOW
Entity filters
Actor origin
All CN RU IR KP IN PK
Sort
Your query
· CVEs in scope
Why it matters · hover any option on the left
5487 CVEs matched  ·  page 1 of 220
↓ Export JSON (up to 1000)
CVE-2016-3643 KEV HIGH act-now
SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguratio
CVSS 7.8
EPSS 0.037
CVE-2015-1769 KEV MEDIUM act-now
Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,
CVSS 6.6
EPSS 0.043
CVE-2019-1620 CRITICAL schedule
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthe
CVSS 9.8
EPSS 0.838
CVE-2016-10372 CRITICAL schedule
The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary c
CVSS 9.8
EPSS 0.819
CVE-2014-7862 CRITICAL schedule
The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote at
CVSS 9.8
EPSS 0.810
CVE-2015-2794 CRITICAL schedule
The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain S
CVSS 9.8
EPSS 0.746
CVE-2016-1909 CRITICAL schedule
Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0
CVSS 9.8
EPSS 0.713
CVE-2016-6662 CRITICAL schedule
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.2
CVSS 9.8
EPSS 0.677
CVE-2016-3213 HIGH schedule
The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and
CVSS 8.8
EPSS 0.703
CVE-2017-6622 CRITICAL schedule
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote a
CVSS 9.8
EPSS 0.622
CVE-2013-3632 HIGH schedule
The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users
CVSS 8.8
EPSS 0.568
CVE-2016-0100 HIGH schedule
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges v
CVSS 8.4
EPSS 0.580
CVE-2015-8279 HIGH schedule
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an un
CVSS 8.6
EPSS 0.514
CVE-2009-2493 HIGH schedule
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1
CVSS 8.8
EPSS 0.434
CVE-2012-1456 schedule
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft
EPSS 0.999
CVE-2012-1459 schedule
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7,
EPSS 0.998
CVE-2012-1446 schedule
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20
EPSS 0.997
CVE-2020-12028 HIGH schedule
In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to int
CVSS 7.3
EPSS 0.510
CVE-2012-1443 schedule
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVir
EPSS 0.996
CVE-2012-1442 schedule
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gate
EPSS 0.990
CVE-2012-1457 schedule
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0,
EPSS 0.983
CVE-2014-0112 schedule
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which all
EPSS 0.979
CVE-2012-1462 schedule
The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickH
EPSS 0.979
CVE-2012-1453 schedule
The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos An
EPSS 0.977
CVE-2012-1420 schedule
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, For
EPSS 0.971
1 / 220 Next
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Detection coverage workspace
Saved stacks
SIEM query builder
Detection rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Ransomware groups
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Detection coverage Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Privacy policy Terms of service
threatengine.sh