Home/Threat filter

Threat filter

Build a query across the whole graph by combining signals on the left. Each one narrows the list, and the count on the right updates as you tick. Hover any option to learn what it means and why it matters - the goal is that you leave understanding the difference between severity, likelihood, and real-world exploitation.

Build a filter

Threat signals
Score thresholds
Severity
All CRITICAL HIGH MEDIUM LOW
Entity filters
Actor origin
All CN RU IR KP IN PK
Sort
Your query
· CVEs in scope
Why it matters · hover any option on the left
91 CVEs matched  ·  page 1 of 4
↓ Export JSON (up to 1000)
CVE-2015-0936 CRITICAL schedule
Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu user, which allows remot
CVSS 9.8
EPSS 0.863
CVE-2018-0732 HIGH schedule
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime v
CVSS 7.5
EPSS 0.784
CVE-2018-0124 CRITICAL monitor
A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass
CVSS 9.8
EPSS 0.058
CVE-2015-4166 CRITICAL monitor
Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecif
CVSS 9.8
EPSS 0.003
CVE-2016-10467 CRITICAL monitor
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD
CVSS 9.8
EPSS 0.002
CVE-2016-10421 CRITICAL monitor
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206,
CVSS 9.8
EPSS 0.002
CVE-2019-5672 CRITICAL monitor
NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior t
CVSS 9.1
EPSS 0.003
CVE-2024-36391 CRITICAL monitor
MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic
CVSS 9.1
EPSS 0.001
CVE-2015-8542 HIGH monitor
An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The "getprivkeybyid" API call is used to download a PGP
CVSS 8.8
EPSS 0.002
CVE-2015-0839 HIGH monitor
The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execut
CVSS 8.1
EPSS 0.003
CVE-2016-2880 HIGH monitor
IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local u
CVSS 7.8
EPSS 0.000
CVE-2023-21652 HIGH monitor
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
CVSS 7.7
EPSS 0.001
CVE-2016-6886 HIGH monitor
The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory
CVSS 7.5
EPSS 0.008
CVE-2019-9894 HIGH monitor
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
CVSS 7.5
EPSS 0.007
CVE-2015-0153 HIGH monitor
D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveragin
CVSS 7.5
EPSS 0.004
CVE-2021-26322 HIGH monitor
Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”.
CVSS 7.5
EPSS 0.004
CVE-2015-7503 HIGH monitor
Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attacker
CVSS 7.5
EPSS 0.002
CVE-2017-13887 HIGH monitor
In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addre
CVSS 7.5
EPSS 0.002
CVE-2016-6879 HIGH monitor
The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified im
CVSS 7.5
EPSS 0.002
CVE-2018-9234 HIGH monitor
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key
CVSS 7.5
EPSS 0.002
CVE-2013-2233 HIGH monitor
Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by leveraging failure to
CVSS 7.4
EPSS 0.004
CVE-2019-12621 HIGH monitor
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-midd
CVSS 7.4
EPSS 0.001
CVE-2026-6580 HIGH monitor
A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of
CVSS 7.3
EPSS 0.001
CVE-2023-21626 HIGH monitor
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
CVSS 7.1
EPSS 0.001
CVE-2018-15397 MEDIUM monitor
A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive S
CVSS 6.8
EPSS 0.002
1 / 4 Next
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh