Home/Threat filter

Threat filter

Build a query across the whole graph by combining signals on the left. Each one narrows the list, and the count on the right updates as you tick. Hover any option to learn what it means and why it matters - the goal is that you leave understanding the difference between severity, likelihood, and real-world exploitation.

Build a filter

Threat signals
Score thresholds
Severity
All CRITICAL HIGH MEDIUM LOW
Entity filters
Actor origin
All CN RU IR KP IN PK
Sort
Your query
· CVEs in scope
Why it matters · hover any option on the left
109 CVEs matched  ·  page 1 of 5
↓ Export JSON (up to 1000)
CVE-2018-15379 CRITICAL schedule
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions
CVSS 9.8
EPSS 0.895
CVE-2014-1631 HIGH monitor
Eventum before 2.3.5 allows remote attackers to reinstall the application via direct request to /setup/index.php.
CVSS 7.5
EPSS 0.276
CVE-2017-17876 HIGH monitor
Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a u
CVSS 7.5
EPSS 0.240
CVE-2014-1632 HIGH monitor
htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the
CVSS 8.1
EPSS 0.169
CVE-2017-16887 CRITICAL monitor
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact
CVSS 9.8
EPSS 0.040
CVE-2017-6513 CRITICAL monitor
The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which a
CVSS 9.9
EPSS 0.008
CVE-2017-17060 CRITICAL monitor
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions.
CVSS 9.8
EPSS 0.005
CVE-2021-22566 CRITICAL monitor
An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable pages being mapped as exe
CVSS 9.8
EPSS 0.000
CVE-2022-0742 CRITICAL monitor
Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-
CVSS 9.1
EPSS 0.022
CVE-2023-39399 CRITICAL monitor
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause san
CVSS 9.1
EPSS 0.001
CVE-2023-39398 CRITICAL monitor
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause san
CVSS 9.1
EPSS 0.001
CVE-2017-11463 HIGH monitor
In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Ob
CVSS 8.8
EPSS 0.012
CVE-2016-8520 HIGH monitor
HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects
CVSS 8.8
EPSS 0.005
CVE-2015-5153 HIGH monitor
Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privilege
CVSS 8.8
EPSS 0.004
CVE-2013-3703 HIGH monitor
The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an aut
CVSS 8.8
EPSS 0.003
CVE-2019-2177 HIGH monitor
In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due
CVSS 8.8
EPSS 0.002
CVE-2015-7781 HIGH monitor
ManageEngine Firewall Analyzer before 8.0 does not restrict access permissions.
CVSS 7.5
EPSS 0.067
CVE-2016-4288 HIGH monitor
A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates
CVSS 8.4
EPSS 0.001
CVE-2016-4924 HIGH monitor
An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host
CVSS 8.4
EPSS 0.001
CVE-2020-14496 HIGH monitor
Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software P
CVSS 8.3
EPSS 0.001
CVE-2016-10846 HIGH monitor
cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC
CVSS 8.1
EPSS 0.004
CVE-2017-2590 HIGH monitor
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the
CVSS 8.1
EPSS 0.002
CVE-2019-1618 HIGH monitor
A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could all
CVSS 7.8
EPSS 0.002
CVE-2022-25153 HIGH monitor
The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL
CVSS 7.8
EPSS 0.002
CVE-2022-22251 HIGH monitor
On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing pas
CVSS 7.8
EPSS 0.001
1 / 5 Next
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh