Home/Threat filter

Threat filter

Build a query across the whole graph by combining signals on the left. Each one narrows the list, and the count on the right updates as you tick. Hover any option to learn what it means and why it matters - the goal is that you leave understanding the difference between severity, likelihood, and real-world exploitation.

Build a filter

Threat signals
Score thresholds
Severity
All CRITICAL HIGH MEDIUM LOW
Entity filters
Actor origin
All CN RU IR KP IN PK
Sort
Your query
· CVEs in scope
Why it matters · hover any option on the left
2695 CVEs matched  ·  page 1 of 108
↓ Export JSON (up to 1000)
CVE-2010-0806 KEV HIGH act-now
Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, an
CVSS 8.8
EPSS 0.873
CVE-2018-0156 KEV HIGH act-now
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthentica
CVSS 7.5
EPSS 0.155
CVE-2018-0154 KEV HIGH act-now
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Softwar
CVSS 7.5
EPSS 0.117
CVE-2017-6627 KEV HIGH act-now
A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an
CVSS 7.5
EPSS 0.102
CVE-2017-12231 KEV HIGH act-now
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6
CVSS 7.5
EPSS 0.093
CVE-2017-12237 KEV HIGH act-now
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.
CVSS 7.5
EPSS 0.093
CVE-2017-12232 KEV MEDIUM act-now
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers r
CVSS 6.5
EPSS 0.014
CVE-2017-12238 KEV MEDIUM act-now
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Se
CVSS 6.5
EPSS 0.010
CVE-2018-0161 KEV MEDIUM act-now
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain mode
CVSS 6.3
EPSS 0.009
CVE-2018-0179 KEV MEDIUM act-now
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenti
CVSS 5.9
EPSS 0.020
CVE-2018-0180 KEV MEDIUM act-now
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenti
CVSS 5.9
EPSS 0.017
CVE-2016-5427 HIGH schedule
PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows re
CVSS 7.5
EPSS 0.855
CVE-2016-8740 HIGH schedule
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2
CVSS 7.5
EPSS 0.677
CVE-2009-0554 HIGH schedule
Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and S
CVSS 8.8
EPSS 0.567
CVE-2011-0346 HIGH schedule
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 a
CVSS 8.1
EPSS 0.607
CVE-2009-1529 HIGH schedule
Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 f
CVSS 8.1
EPSS 0.599
CVE-2016-2208 CRITICAL schedule
The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 before 20151.1.1.4 allows remote attackers to execute a
CVSS 9.1
EPSS 0.527
CVE-2009-3671 HIGH schedule
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbit
CVSS 8.1
EPSS 0.541
CVE-2016-2109 HIGH schedule
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.
CVSS 7.5
EPSS 0.579
CVE-2009-0551 HIGH schedule
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on W
CVSS 8.1
EPSS 0.523
CVE-2013-0029 HIGH schedule
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary cod
CVSS 7.5
EPSS 0.541
CVE-2012-4787 CRITICAL schedule
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code v
CVSS 9.0
EPSS 0.380
CVE-2009-3103 schedule
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Window
EPSS 0.931
CVE-2016-1546 MEDIUM schedule
The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream wo
CVSS 5.9
EPSS 0.524
CVE-2009-1544 HIGH schedule
Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain priv
CVSS 8.8
EPSS 0.324
1 / 108 Next
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Privacy policy Terms of service
threatengine.sh