Daily Cyber Threat Intelligence Report Publication Timestamp: 2026-02-06 22:21:30 UTC Prepared By: CyberDudeBivash Threat Intelligence Team Executive Intelligence Summary This report provides a high-confidence assessment of the current cyber threat landscape based on newly disclosed vulnerabilities, confirmed exploitation activity, and observed adversary tradecraft. The intelligence reflects sustained attacker focus on exploiting operational weaknesses, delayed patch cycles, and internet-facing services. Security leaders should treat the findings in this advisory as immediately relevant to enterprise risk management and defensive prioritization. Known Exploited Vulnerabilities (CISA KEV) CVE-2025-11953 Vendor: React Native Community | Product: CLI Status: Actively Exploited in the Wild This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise. CVE-2026-24423 Vendor: SmarterTools | Pro...
Daily Cyber Threat Intelligence Report
Publication Timestamp: 2026-02-06 20:32:21 UTC
Prepared By: CyberDudeBivash Threat Intelligence Team
Executive Intelligence Summary
This report provides a high-confidence assessment of the current cyber threat landscape based on newly disclosed vulnerabilities, confirmed exploitation activity, and observed adversary tradecraft. The intelligence reflects sustained attacker focus on exploiting operational weaknesses, delayed patch cycles, and internet-facing services.
Security leaders should treat the findings in this advisory as immediately relevant to enterprise risk management and defensive prioritization.
Known Exploited Vulnerabilities (CISA KEV)
CVE-2025-11953
Vendor: React Native Community |
Product: CLI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2026-24423
Vendor: SmarterTools |
Product: SmarterMail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-39935
Vendor: GitLab |
Product: Community and Enterprise Editions
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-64328
Vendor: Sangoma |
Product: FreePBX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-19006
Vendor: Sangoma |
Product: FreePBX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-40551
Vendor: SolarWinds |
Product: Web Help Desk
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2026-1281
Vendor: Ivanti |
Product: Endpoint Manager Mobile (EPMM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2026-24858
Vendor: Fortinet |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-14634
Vendor: Linux |
Product: Kernal
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-52691
Vendor: SmarterTools |
Product: SmarterMail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2026-23760
Vendor: SmarterTools |
Product: SmarterMail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2026-24061
Vendor: GNU |
Product: InetUtils
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2026-21509
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-37079
Vendor: Broadcom |
Product: VMware vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-68645
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-34026
Vendor: Versa |
Product: Concerto
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-31125
Vendor: Vite |
Product: Vitejs
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-54313
Vendor: Prettier |
Product: eslint-config-prettier
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2026-20045
Vendor: Cisco |
Product: Unified Communications Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2026-20805
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-8110
Vendor: Gogs |
Product: Gogs
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-0556
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-37164
Vendor: Hewlett Packard Enterprise (HPE) |
Product: OneView
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-14847
Vendor: MongoDB |
Product: MongoDB and MongoDB Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-52163
Vendor: Digiever |
Product: DS-2105 Pro
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-14733
Vendor: WatchGuard |
Product: Firebox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-59374
Vendor: ASUS |
Product: Live Update
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-40602
Vendor: SonicWall |
Product: SMA1000 appliance
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-20393
Vendor: Cisco |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-59718
Vendor: Fortinet |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-14611
Vendor: Gladinet |
Product: CentreStack and Triofox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-43529
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-4063
Vendor: Sierra Wireless |
Product: AirLink ALEOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-14174
Vendor: Google |
Product: Chromium
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-58360
Vendor: OSGeo |
Product: GeoServer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-6218
Vendor: RARLAB |
Product: WinRAR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-62221
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-37055
Vendor: D-Link |
Product: Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-66644
Vendor: Array Networks |
Product: ArrayOS AG
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-55182
Vendor: Meta |
Product: React Server Components
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-26828
Vendor: OpenPLC |
Product: ScadaBR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-48633
Vendor: Android |
Product: Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-48572
Vendor: Android |
Product: Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-26829
Vendor: OpenPLC |
Product: ScadaBR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-61757
Vendor: Oracle |
Product: Fusion Middleware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-13223
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-58034
Vendor: Fortinet |
Product: FortiWeb
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-64446
Vendor: Fortinet |
Product: FortiWeb
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-12480
Vendor: Gladinet |
Product: Triofox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-62215
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-9242
Vendor: WatchGuard |
Product: Firebox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21042
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-48703
Vendor: CWP |
Product: Control Web Panel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-11371
Vendor: Gladinet |
Product: CentreStack and Triofox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-41244
Vendor: Broadcom |
Product: VMware Aria Operations and VMware Tools
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24893
Vendor: XWiki |
Product: Platform
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-6204
Vendor: Dassault Systèmes |
Product: DELMIA Apriso
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-6205
Vendor: Dassault Systèmes |
Product: DELMIA Apriso
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-54236
Vendor: Adobe |
Product: Commerce and Magento
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-59287
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-61932
Vendor: Motex |
Product: LANSCOPE Endpoint Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-48503
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-2746
Vendor: Kentico |
Product: Xperience CMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-2747
Vendor: Kentico |
Product: Xperience CMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-33073
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-61884
Vendor: Oracle |
Product: E-Business Suite
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-54253
Vendor: Adobe |
Product: Experience Manager (AEM) Forms
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-47827
Vendor: IGEL |
Product: IGEL OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24990
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-59230
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-7836
Vendor: SKYSEA |
Product: Client View
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-43798
Vendor: Grafana Labs |
Product: Grafana
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-27915
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22555
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-3962
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-43226
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3918
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2011-3402
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-3765
Vendor: Mozilla |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-61882
Vendor: Oracle |
Product: E-Business Suite
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-6278
Vendor: GNU |
Product: GNU Bash
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-1000353
Vendor: Jenkins |
Product: Jenkins
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-7755
Vendor: Juniper |
Product: ScreenOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21043
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-4008
Vendor: Smartbedded |
Product: Meteobridge
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-32463
Vendor: Sudo |
Product: Sudo
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-59689
Vendor: Libraesva |
Product: Email Security Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-10035
Vendor: Fortra |
Product: GoAnywhere MFT
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-20352
Vendor: Cisco |
Product: IOS and IOS XE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21311
Vendor: Adminer |
Product: Adminer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-20362
Vendor: Cisco |
Product: Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-20333
Vendor: Cisco |
Product: Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-10585
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-5086
Vendor: Dassault Systèmes |
Product: DELMIA Apriso
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-38352
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-48543
Vendor: Android |
Product: Runtime
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-53690
Vendor: Sitecore |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-50224
Vendor: TP-Link |
Product: TL-WR841N
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-9377
Vendor: TP-Link |
Product: Multiple Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-24363
Vendor: TP-Link |
Product: TL-WA855RE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-55177
Vendor: Meta Platforms |
Product: WhatsApp
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-57819
Vendor: Sangoma |
Product: FreePBX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-7775
Vendor: Citrix |
Product: NetScaler
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-48384
Vendor: Git |
Product: Git
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-8068
Vendor: Citrix |
Product: Session Recording
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-8069
Vendor: Citrix |
Product: Session Recording
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-43300
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-54948
Vendor: Trend Micro |
Product: Apex One
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-8876
Vendor: N-able |
Product: N-Central
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-8875
Vendor: N-able |
Product: N-Central
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-8088
Vendor: RARLAB |
Product: WinRAR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2007-0671
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3893
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-25078
Vendor: D-Link |
Product: DCS-2530L and DCS-2670L Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-25079
Vendor: D-Link |
Product: DCS-2530L and DCS-2670L Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-40799
Vendor: D-Link |
Product: DNR-322L
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-2533
Vendor: PaperCut |
Product: NG/MF
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-20337
Vendor: Cisco |
Product: Identity Services Engine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-20281
Vendor: Cisco |
Product: Identity Services Engine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-2775
Vendor: SysAid |
Product: SysAid On-Prem
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-2776
Vendor: SysAid |
Product: SysAid On-Prem
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-6558
Vendor: Google |
Product: Chromium
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-54309
Vendor: CrushFTP |
Product: CrushFTP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-49704
Vendor: Microsoft |
Product: SharePoint
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-49706
Vendor: Microsoft |
Product: SharePoint
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-53770
Vendor: Microsoft |
Product: SharePoint
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-25257
Vendor: Fortinet |
Product: FortiWeb
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-47812
Vendor: Wing FTP Server |
Product: Wing FTP Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-5777
Vendor: Citrix |
Product: NetScaler ADC and Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-9621
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-5418
Vendor: Rails |
Product: Ruby on Rails
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-10033
Vendor: PHP |
Product: PHPMailer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-3931
Vendor: Looking Glass |
Product: Multi-Router Looking Glass (MRLG)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-6554
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-48928
Vendor: TeleMessage |
Product: TM SGNL
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-48927
Vendor: TeleMessage |
Product: TM SGNL
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-6543
Vendor: Citrix |
Product: NetScaler ADC and Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-6693
Vendor: Fortinet |
Product: FortiOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-0769
Vendor: D-Link |
Product: DIR-859 Router
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-54085
Vendor: AMI |
Product: MegaRAC SPx
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-0386
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-33538
Vendor: TP-Link |
Product: Multiple Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-43200
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-33053
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24016
Vendor: Wazuh |
Product: Wazuh Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-42009
Vendor: Roundcube |
Product: Webmail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-32433
Vendor: Erlang |
Product: Erlang/OTP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-5419
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21479
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21480
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-27038
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-32030
Vendor: ASUS |
Product: Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-3935
Vendor: ConnectWise |
Product: ScreenConnect
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-35939
Vendor: Craft CMS |
Product: Craft CMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-56145
Vendor: Craft CMS |
Product: Craft CMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-39780
Vendor: ASUS |
Product: RT-AX55 Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-4632
Vendor: Samsung |
Product: MagicINFO 9 Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-38950
Vendor: ZKTeco |
Product: BioTime
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-27443
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-27920
Vendor: Srimax |
Product: Output Messenger
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-11182
Vendor: MDaemon |
Product: Email Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-4428
Vendor: Ivanti |
Product: Endpoint Manager Mobile (EPMM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-4427
Vendor: Ivanti |
Product: Endpoint Manager Mobile (EPMM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-42999
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-12987
Vendor: DrayTek |
Product: Vigor Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-32756
Vendor: Fortinet |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-32709
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-30397
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-32706
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-32701
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-30400
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-47729
Vendor: TeleMessage |
Product: TM SGNL
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-11120
Vendor: GeoVision |
Product: Multiple Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-6047
Vendor: GeoVision |
Product: Multiple Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-27363
Vendor: FreeType |
Product: FreeType
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-3248
Vendor: Langflow |
Product: Langflow
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-34028
Vendor: Commvault |
Product: Command Center
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-58136
Vendor: Yiiframework |
Product: Yii
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38475
Vendor: Apache |
Product: HTTP Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-44221
Vendor: SonicWall |
Product: SMA100 Appliances
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-31324
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-1976
Vendor: Broadcom |
Product: Brocade Fabric OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-42599
Vendor: Qualitia |
Product: Active! Mail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-3928
Vendor: Commvault |
Product: Web Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24054
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-31201
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-31200
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20035
Vendor: SonicWall |
Product: SMA100 Appliances
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-53150
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-53197
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-29824
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-30406
Vendor: Gladinet |
Product: CentreStack
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-31161
Vendor: CrushFTP |
Product: CrushFTP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-22457
Vendor: Ivanti |
Product: Connect Secure, Policy Secure, and ZTA Gateways
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24813
Vendor: Apache |
Product: Tomcat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-20439
Vendor: Cisco |
Product: Smart Licensing Utility
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-2783
Vendor: Google |
Product: Chromium Mojo
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-9875
Vendor: Sitecore |
Product: CMS and Experience Platform (XP)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-9874
Vendor: Sitecore |
Product: CMS and Experience Platform (XP)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-30154
Vendor: reviewdog |
Product: action-setup GitHub Action
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12637
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-48248
Vendor: NAKIVO |
Product: Backup and Replication
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-1316
Vendor: Edimax |
Product: IC-7100 IP Camera
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-30066
Vendor: tj-actions |
Product: changed-files GitHub Action
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24472
Vendor: Fortinet |
Product: FortiOS and FortiProxy
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21590
Vendor: Juniper |
Product: Junos OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24201
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24993
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24991
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24985
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24984
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24983
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-26633
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-13161
Vendor: Ivanti |
Product: Endpoint Manager (EPM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-13160
Vendor: Ivanti |
Product: Endpoint Manager (EPM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-13159
Vendor: Ivanti |
Product: Endpoint Manager (EPM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-57968
Vendor: Advantive |
Product: VeraCore
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-25181
Vendor: Advantive |
Product: VeraCore
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-22226
Vendor: VMware |
Product: ESXi, Workstation, and Fusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-22225
Vendor: VMware |
Product: ESXi
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-22224
Vendor: VMware |
Product: ESXi and Workstation
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-50302
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4885
Vendor: Progress |
Product: WhatsUp Gold
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8639
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-43769
Vendor: Hitachi Vantara |
Product: Pentaho Business Analytics (BA) Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-43939
Vendor: Hitachi Vantara |
Product: Pentaho Business Analytics (BA) Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-20118
Vendor: Cisco |
Product: Small Business RV Series Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-34192
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-49035
Vendor: Microsoft |
Product: Partner Center
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-20953
Vendor: Oracle |
Product: Agile Product Lifecycle Management (PLM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-3066
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24989
Vendor: Microsoft |
Product: Power Pages
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-0111
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-23209
Vendor: Craft CMS |
Product: Craft CMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-0108
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-53704
Vendor: SonicWall |
Product: SonicOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-57727
Vendor: SimpleHelp |
Product: SimpleHelp
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24200
Vendor: Apple |
Product: iOS and iPadOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-41710
Vendor: Mitel |
Product: SIP Phones
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-40891
Vendor: Zyxel |
Product: DSL CPE Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-40890
Vendor: Zyxel |
Product: DSL CPE Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21418
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21391
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-0994
Vendor: Trimble |
Product: Cityworks
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-15069
Vendor: Sophos |
Product: XG Firewall
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-29574
Vendor: Sophos |
Product: CyberoamOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-21413
Vendor: Microsoft |
Product: Office Outlook
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-23748
Vendor: Audinate |
Product: Dante Discovery
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-0411
Vendor: 7-Zip |
Product: 7-Zip
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-53104
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-19410
Vendor: Paessler |
Product: PRTG Network Monitor
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-9276
Vendor: Paessler |
Product: PRTG Network Monitor
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-29059
Vendor: Microsoft |
Product: .NET Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-45195
Vendor: Apache |
Product: OFBiz
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-24085
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-23006
Vendor: SonicWall |
Product: SMA1000 Appliances
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-11023
Vendor: JQuery |
Product: JQuery
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-50603
Vendor: Aviatrix |
Product: Controllers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21335
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21334
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-21333
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-55591
Vendor: Fortinet |
Product: FortiOS and FortiProxy
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-48365
Vendor: Qlik |
Product: Sense
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-12686
Vendor: BeyondTrust |
Product: Privileged Remote Access (PRA) and Remote Support (RS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2025-0282
Vendor: Ivanti |
Product: Connect Secure, Policy Secure, and ZTA Gateways
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-2883
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-55550
Vendor: Mitel |
Product: MiCollab
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-41713
Vendor: Mitel |
Product: MiCollab
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-3393
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-44207
Vendor: Acclaim Systems |
Product: USAHERDS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-12356
Vendor: BeyondTrust |
Product: Privileged Remote Access (PRA) and Remote Support (RS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-40407
Vendor: Reolink |
Product: RLC-410W IP Camera
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-11001
Vendor: Reolink |
Product: Multiple IP Cameras
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-23227
Vendor: NUUO |
Product: NVRmini2 Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-14933
Vendor: NUUO |
Product: NVRmini Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-55956
Vendor: Cleo |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-35250
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-20767
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-50623
Vendor: Cleo |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-49138
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-51378
Vendor: CyberPersons |
Product: CyberPanel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-11667
Vendor: Zyxel |
Product: Multiple Firewalls
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-11680
Vendor: ProjectSend |
Product: ProjectSend
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-45727
Vendor: North Grid |
Product: Proself
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-28461
Vendor: Array Networks |
Product: AG/vxAG ArrayOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-21287
Vendor: Oracle |
Product: Agile Product Lifecycle Management (PLM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-44309
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-44308
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38813
Vendor: VMware |
Product: vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38812
Vendor: VMware |
Product: vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-9474
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-0012
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-1212
Vendor: Progress |
Product: Kemp LoadMaster
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-9465
Vendor: Palo Alto Networks |
Product: Expedition
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-9463
Vendor: Palo Alto Networks |
Product: Expedition
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-26086
Vendor: Atlassian |
Product: Jira Server and Data Center
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-2120
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-41277
Vendor: Metabase |
Product: Metabase
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-43451
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-49039
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-16278
Vendor: Nostromo |
Product: nhttpd
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-51567
Vendor: CyberPersons |
Product: CyberPanel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-43093
Vendor: Android |
Product: Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-5910
Vendor: Palo Alto Networks |
Product: Expedition
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-8956
Vendor: PTZOptics |
Product: PT30X-SDI/NDI Cameras
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-8957
Vendor: PTZOptics |
Product: PT30X-SDI/NDI Cameras
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-37383
Vendor: Roundcube |
Product: Webmail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-20481
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-47575
Vendor: Fortinet |
Product: FortiManager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38094
Vendor: Microsoft |
Product: SharePoint
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-9537
Vendor: ScienceLogic |
Product: SL1
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-40711
Vendor: Veeam |
Product: Backup & Replication
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-28987
Vendor: SolarWinds |
Product: Web Help Desk
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-9680
Vendor: Mozilla |
Product: Firefox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-30088
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-9380
Vendor: Ivanti |
Product: Cloud Services Appliance (CSA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-9379
Vendor: Ivanti |
Product: Cloud Services Appliance (CSA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-23113
Vendor: Fortinet |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-43573
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-43572
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-43047
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-45519
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-29824
Vendor: Ivanti |
Product: Endpoint Manager (EPM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0344
Vendor: SAP |
Product: Commerce Cloud
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-15415
Vendor: DrayTek |
Product: Multiple Vigor Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-25280
Vendor: D-Link |
Product: DIR-820 Router
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-7593
Vendor: Ivanti |
Product: Virtual Traffic Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-8963
Vendor: Ivanti |
Product: Cloud Services Appliance (CSA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-14644
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-21445
Vendor: Oracle |
Product: ADF Faces
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0618
Vendor: Microsoft |
Product: SQL Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-27348
Vendor: Apache |
Product: HugeGraph-Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-0502
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0648
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0643
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-0497
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-6670
Vendor: Progress |
Product: WhatsUp Gold
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-43461
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-8190
Vendor: Ivanti |
Product: Cloud Services Appliance
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38217
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38014
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38226
Vendor: Microsoft |
Product: Publisher
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-40766
Vendor: SonicWall |
Product: SonicOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-1000253
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3714
Vendor: ImageMagick |
Product: ImageMagick
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-7262
Vendor: Kingsoft |
Product: WPS Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20124
Vendor: DrayTek |
Product: VigorConnect
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20123
Vendor: DrayTek |
Product: VigorConnect
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-7965
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38856
Vendor: Apache |
Product: OFBiz
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-7971
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-39717
Vendor: Versa |
Product: Director
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31196
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-0185
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-33045
Vendor: Dahua |
Product: IP Camera Firmware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-33044
Vendor: Dahua |
Product: IP Camera Firmware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-23897
Vendor: Jenkins |
Product: Jenkins Command Line Interface (CLI)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-28986
Vendor: SolarWinds |
Product: Web Help Desk
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38107
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38106
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38193
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38213
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38178
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38189
Vendor: Microsoft |
Product: Project
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-32113
Vendor: Apache |
Product: OFBiz
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-36971
Vendor: Android |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0824
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-37085
Vendor: VMware |
Product: ESXi
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-45249
Vendor: Acronis |
Product: Cyber Infrastructure (ACI)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-5217
Vendor: ServiceNow |
Product: Utah, Vancouver, and Washington DC Now Platform
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4879
Vendor: ServiceNow |
Product: Utah, Vancouver, and Washington DC Now Platform
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-39891
Vendor: Twilio |
Product: Authy
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-4792
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22948
Vendor: VMware |
Product: vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-28995
Vendor: SolarWinds |
Product: Serv-U
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-34102
Vendor: Adobe |
Product: Commerce and Magento Open Source
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-36401
Vendor: OSGeo |
Product: GeoServer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-23692
Vendor: Rejetto |
Product: HTTP File Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38080
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-38112
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-20399
Vendor: Cisco |
Product: NX-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-13965
Vendor: Roundcube |
Product: Webmail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-2586
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-24816
Vendor: OSGeo |
Product: JAI-EXT
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4358
Vendor: Progress |
Product: Telerik Report Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-26169
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-32896
Vendor: Android |
Product: Pixel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4577
Vendor: PHP Group |
Product: PHP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4610
Vendor: Arm |
Product: Mali GPU Kernel Driver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-3506
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-1086
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-24919
Vendor: Check Point |
Product: Quantum Security Gateways
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4978
Vendor: Justice AV Solutions |
Product: Viewer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-5274
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-17519
Vendor: Apache |
Product: Flink
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4947
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-43208
Vendor: NextGen Healthcare |
Product: Mirth Connect
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4761
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-40655
Vendor: D-Link |
Product: DIR-605 Router
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-100005
Vendor: D-Link |
Product: DIR-600 Router
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-30040
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-30051
Vendor: Microsoft |
Product: DWM Core Library
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4671
Vendor: Google |
Product: Chromium
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-7028
Vendor: GitLab |
Product: GitLab CE/EE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-29988
Vendor: Microsoft |
Product: SmartScreen Prompt
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-4040
Vendor: CrushFTP |
Product: CrushFTP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-20359
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-20353
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-38028
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-3400
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-3273
Vendor: D-Link |
Product: Multiple NAS Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-3272
Vendor: D-Link |
Product: Multiple NAS Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-29748
Vendor: Android |
Product: Pixel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-29745
Vendor: Android |
Product: Pixel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-24955
Vendor: Microsoft |
Product: SharePoint Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7256
Vendor: Nice |
Product: Linear eMerge E3-Series
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-44529
Vendor: Ivanti |
Product: Endpoint Manager Cloud Service Appliance (EPM CSA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-48788
Vendor: Fortinet |
Product: FortiClient EMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-27198
Vendor: JetBrains |
Product: TeamCity
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-23225
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-23296
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-21237
Vendor: Android |
Product: Pixel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-36380
Vendor: Sunhillo |
Product: SureLine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-21338
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-29360
Vendor: Microsoft |
Product: Streaming Service
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-1709
Vendor: ConnectWise |
Product: ScreenConnect
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3259
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-21410
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-21412
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-21351
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-43770
Vendor: Roundcube |
Product: Webmail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-21762
Vendor: Fortinet |
Product: FortiOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-4762
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-48618
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-21893
Vendor: Ivanti |
Product: Connect Secure, Policy Secure, and Neurons
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-22527
Vendor: Atlassian |
Product: Confluence Data Center and Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-23222
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-34048
Vendor: VMware |
Product: vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-35082
Vendor: Ivanti |
Product: Endpoint Manager Mobile (EPMM) and MobileIron Core
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-0519
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-6549
Vendor: Citrix |
Product: NetScaler ADC and NetScaler Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-6548
Vendor: Citrix |
Product: NetScaler ADC and NetScaler Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-15133
Vendor: Laravel |
Product: Laravel Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-29357
Vendor: Microsoft |
Product: SharePoint Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-46805
Vendor: Ivanti |
Product: Connect Secure and Policy Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2024-21887
Vendor: Ivanti |
Product: Connect Secure and Policy Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-23752
Vendor: Joomla! |
Product: Joomla!
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-20017
Vendor: D-Link |
Product: DSL-2750B Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41990
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-27524
Vendor: Apache |
Product: Superset
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-29300
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-38203
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-7101
Vendor: Spreadsheet::ParseExcel |
Product: Spreadsheet::ParseExcel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-7024
Vendor: Google |
Product: Chromium WebRTC
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-49897
Vendor: FXC |
Product: AE1021, AE1021PE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-47565
Vendor: QNAP |
Product: VioStor NVR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-6448
Vendor: Unitronics |
Product: Vision PLC and HMI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41266
Vendor: Qlik |
Product: Sense
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41265
Vendor: Qlik |
Product: Sense
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-33107
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-33106
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-33063
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22071
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-42917
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-42916
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-6345
Vendor: Google |
Product: Chromium Skia
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-49103
Vendor: ownCloud |
Product: ownCloud graphapi
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-4911
Vendor: GNU |
Product: GNU C Library
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36584
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-1671
Vendor: Sophos |
Product: Web Appliance
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-2551
Vendor: Oracle |
Product: Fusion Middleware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36033
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36025
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36036
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-47246
Vendor: SysAid |
Product: SysAid Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36844
Vendor: Juniper |
Product: Junos OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36845
Vendor: Juniper |
Product: Junos OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36846
Vendor: Juniper |
Product: Junos OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36847
Vendor: Juniper |
Product: Junos OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36851
Vendor: Juniper |
Product: Junos OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-29552
Vendor: IETF |
Product: Service Location Protocol (SLP)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-22518
Vendor: Atlassian |
Product: Confluence Data Center and Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-46604
Vendor: Apache |
Product: ActiveMQ
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-46748
Vendor: F5 |
Product: BIG-IP Configuration Utility
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-46747
Vendor: F5 |
Product: BIG-IP Configuration Utility
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-5631
Vendor: Roundcube |
Product: Webmail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-20273
Vendor: Cisco |
Product: Cisco IOS XE Web UI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-4966
Vendor: Citrix |
Product: NetScaler ADC and NetScaler Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-20198
Vendor: Cisco |
Product: IOS XE Web UI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-21608
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-20109
Vendor: Cisco |
Product: IOS and IOS XE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41763
Vendor: Microsoft |
Product: Skype for Business
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36563
Vendor: Microsoft |
Product: WordPad
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-44487
Vendor: IETF |
Product: HTTP/2
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-22515
Vendor: Atlassian |
Product: Confluence Data Center and Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-40044
Vendor: Progress |
Product: WS_FTP Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-42824
Vendor: Apple |
Product: iOS and iPadOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-42793
Vendor: JetBrains |
Product: TeamCity
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-28229
Vendor: Microsoft |
Product: Windows CNG Key Isolation Service
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-4211
Vendor: Arm |
Product: Mali GPU Kernel Driver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-5217
Vendor: Google |
Product: Chromium libvpx
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-14667
Vendor: Red Hat |
Product: JBoss RichFaces Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41991
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41992
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41993
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41179
Vendor: Trend Micro |
Product: Apex One and Worry-Free Business Security
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-28434
Vendor: MinIO |
Product: MinIO
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22265
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-8361
Vendor: Realtek |
Product: SDK
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6884
Vendor: Zyxel |
Product: EMG2926 Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-3129
Vendor: Laravel |
Product: Ignition
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-26369
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-35674
Vendor: Android |
Product: Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-20269
Vendor: Cisco |
Product: Adaptive Security Appliance and Firepower Threat Defense
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-4863
Vendor: Google |
Product: Chromium WebP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36761
Vendor: Microsoft |
Product: Word
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36802
Vendor: Microsoft |
Product: Streaming Service Proxy
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41064
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-41061
Vendor: Apple |
Product: iOS, iPadOS, and watchOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-33246
Vendor: Apache |
Product: RocketMQ
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-38831
Vendor: RARLAB |
Product: WinRAR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-32315
Vendor: Ignite Realtime |
Product: Openfire
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-38035
Vendor: Ivanti |
Product: Sentry
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-27532
Vendor: Veeam |
Product: Backup & Replication
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-26359
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-24489
Vendor: Citrix |
Product: Content Collaboration
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-38180
Vendor: Microsoft |
Product: .NET Core and Visual Studio
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-18368
Vendor: Zyxel |
Product: P660HN-T1A Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-35081
Vendor: Ivanti |
Product: Endpoint Manager Mobile (EPMM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-37580
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-38606
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-35078
Vendor: Ivanti |
Product: Endpoint Manager Mobile (EPMM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-29298
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-38205
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-3519
Vendor: Citrix |
Product: NetScaler ADC and NetScaler Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36884
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-29303
Vendor: SolarView |
Product: Compact
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-37450
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-32046
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-32049
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-35311
Vendor: Microsoft |
Product: Outlook
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-36874
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-31199
Vendor: Netwrix |
Product: Auditor
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-29256
Vendor: Arm |
Product: Mali Graphics Processing Unit (GPU)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-17621
Vendor: D-Link |
Product: DIR-859 Router
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-20500
Vendor: D-Link |
Product: DWL-2600AP Access Point
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25487
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25489
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25394
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25395
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25371
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25372
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-32434
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-32435
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-32439
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-20867
Vendor: VMware |
Product: Tools
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-27992
Vendor: Zyxel |
Product: Multiple Network-Attached Storage (NAS) Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-20887
Vendor: VMware |
Product: Aria Operations for Networks
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-35730
Vendor: Roundcube |
Product: Roundcube Webmail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-12641
Vendor: Roundcube |
Product: Roundcube Webmail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-44026
Vendor: Roundcube |
Product: Roundcube Webmail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-9079
Vendor: Mozilla |
Product: Firefox, Firefox ESR, and Thunderbird
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0165
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-27997
Vendor: Fortinet |
Product: FortiOS and FortiProxy SSL-VPN
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-3079
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-33009
Vendor: Zyxel |
Product: Multiple Firewalls
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-33010
Vendor: Zyxel |
Product: Multiple Firewalls
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-34362
Vendor: Progress |
Product: MOVEit Transfer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-28771
Vendor: Zyxel |
Product: Multiple Firewalls
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-2868
Vendor: Barracuda Networks |
Product: Email Security Gateway (ESG) Appliance
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-32409
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-28204
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-32373
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2004-1464
Vendor: Cisco |
Product: IOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-6415
Vendor: Cisco |
Product: IOS, IOS XR, and IOS XE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-21492
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-25717
Vendor: Ruckus Wireless |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-3560
Vendor: Red Hat |
Product: Polkit
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-0196
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-3904
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-5317
Vendor: Jenkins |
Product: Jenkins User Interface (UI)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3427
Vendor: Oracle |
Product: Java SE and JRockit
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-8735
Vendor: Apache |
Product: Tomcat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-29336
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-1389
Vendor: TP-Link |
Product: Archer AX21
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-45046
Vendor: Apache |
Product: Log4j2
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-21839
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-28432
Vendor: MinIO |
Product: MinIO
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-27350
Vendor: PaperCut |
Product: MF/NG
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-2136
Vendor: Google |
Product: Chromium Skia
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6742
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-8526
Vendor: Apple |
Product: macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-2033
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-20963
Vendor: Android |
Product: Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-29492
Vendor: Novi Survey |
Product: Novi Survey
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-28252
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-28205
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-28206
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27876
Vendor: Veritas |
Product: Backup Exec Agent
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27877
Vendor: Veritas |
Product: Backup Exec Agent
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27878
Vendor: Veritas |
Product: Backup Exec Agent
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1388
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-26083
Vendor: Arm |
Product: Mali Graphics Processing Unit (GPU)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-27926
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3163
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-7494
Vendor: Samba |
Product: Samba
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-42948
Vendor: Fortra |
Product: Cobalt Strike
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-39197
Vendor: Fortra |
Product: Cobalt Strike
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30900
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-38181
Vendor: Arm |
Product: Mali Graphics Processing Unit (GPU)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-0266
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-3038
Vendor: Google |
Product: Chromium Network Service
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22706
Vendor: Arm |
Product: Mali Graphics Processing Unit (GPU)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-26360
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-23397
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-24880
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41328
Vendor: Fortinet |
Product: FortiOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-39144
Vendor: XStream |
Product: XStream
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-5741
Vendor: Plex |
Product: Media Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-28810
Vendor: Zoho |
Product: ManageEngine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-33891
Vendor: Apache |
Product: Spark
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-35914
Vendor: Teclib |
Product: GLPI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-36537
Vendor: ZK Framework |
Product: AuUploader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-47986
Vendor: IBM |
Product: Aspera Faspex
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41223
Vendor: Mitel |
Product: MiVoice Connect
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-40765
Vendor: Mitel |
Product: MiVoice Connect
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-46169
Vendor: Cacti |
Product: Cacti
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-21715
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-23376
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-23529
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-21823
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2291
Vendor: Intel |
Product: Ethernet Diagnostics Driver for Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-24990
Vendor: TerraMaster |
Product: TerraMaster OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-0669
Vendor: Fortra |
Product: GoAnywhere MFT
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-21587
Vendor: Oracle |
Product: E-Business Suite
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-22952
Vendor: SugarCRM |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-11357
Vendor: Telerik |
Product: User Interface (UI) for ASP.NET AJAX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-47966
Vendor: Zoho |
Product: ManageEngine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-44877
Vendor: CWP |
Product: Control Web Panel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41080
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2023-21674
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-5430
Vendor: TIBCO |
Product: JasperReports
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-18809
Vendor: TIBCO |
Product: JasperReports
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-42856
Vendor: Apple |
Product: iOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-42475
Vendor: Fortinet |
Product: FortiOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-44698
Vendor: Microsoft |
Product: Defender
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-27518
Vendor: Citrix |
Product: Application Delivery Controller (ADC) and Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26500
Vendor: Veeam |
Product: Backup & Replication
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26501
Vendor: Veeam |
Product: Backup & Replication
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-4262
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-35587
Vendor: Oracle |
Product: Fusion Middleware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-4135
Vendor: Google |
Product: Chromium GPU
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41049
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41091
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41073
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41125
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41128
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25337
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25369
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25370
Vendor: Samsung |
Product: Mobile Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-3723
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-42827
Vendor: Apple |
Product: iOS and iPadOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3433
Vendor: Cisco |
Product: AnyConnect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3153
Vendor: Cisco |
Product: AnyConnect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-19323
Vendor: GIGABYTE |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-19322
Vendor: GIGABYTE |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-19321
Vendor: GIGABYTE |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-19320
Vendor: GIGABYTE |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41352
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-3493
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-40684
Vendor: Fortinet |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41033
Vendor: Microsoft |
Product: Windows COM+ Event System Service
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41082
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-41040
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-36804
Vendor: Atlassian |
Product: Bitbucket Server and Data Center
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-3236
Vendor: Sophos |
Product: Firewall
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-35405
Vendor: Zoho |
Product: ManageEngine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-40139
Vendor: Trend Micro |
Product: Apex One and Apex One as a Service
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-6282
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-2597
Vendor: Code Aurora |
Product: ACDB Audio Driver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-2596
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-2094
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-2568
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-37969
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-32917
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-3075
Vendor: Google |
Product: Chromium Mojo
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-27593
Vendor: QNAP |
Product: Photo Station
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26258
Vendor: D-Link |
Product: DIR-820L
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-9934
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-7445
Vendor: MikroTik |
Product: RouterOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-6530
Vendor: D-Link |
Product: Multiple Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-2628
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-13374
Vendor: Fortinet |
Product: FortiOS and FortiADC
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-5521
Vendor: NETGEAR |
Product: Multiple Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2011-4723
Vendor: D-Link |
Product: DIR-300 Router
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2011-1823
Vendor: Android |
Product: Android OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26352
Vendor: dotCMS |
Product: dotCMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-24706
Vendor: Apache |
Product: CouchDB
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-24112
Vendor: Apache |
Product: APISIX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22963
Vendor: VMware Tanzu |
Product: Spring Cloud
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-2294
Vendor: WebRTC |
Product: WebRTC
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-39226
Vendor: Grafana Labs |
Product: Grafana
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-38406
Vendor: Delta Electronics |
Product: DOPSoft 2
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31010
Vendor: Apple |
Product: iOS, macOS, watchOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-36193
Vendor: PEAR |
Product: Archive_Tar
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-28949
Vendor: PEAR |
Product: Archive_Tar
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-0028
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22536
Vendor: SAP |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-32894
Vendor: Apple |
Product: iOS and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-32893
Vendor: Apple |
Product: iOS and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-2856
Vendor: Google |
Product: Chromium Intents
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26923
Vendor: Microsoft |
Product: Active Directory
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-21971
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-15944
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-27925
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-37042
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-34713
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-30333
Vendor: RARLAB |
Product: UnRAR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-27924
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26138
Vendor: Atlassian |
Product: Confluence
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22047
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26925
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-29499
Vendor: Mitel |
Product: MiVoice Connect
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30533
Vendor: Google |
Product: Chromium PopupBlocker
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-4034
Vendor: Red Hat |
Product: Polkit
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30983
Vendor: Apple |
Product: iOS and iPadOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3837
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-9907
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-8605
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-4344
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-30190
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-38163
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-2386
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-2388
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7195
Vendor: QNAP |
Product: Photo Station
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7194
Vendor: QNAP |
Product: Photo Station
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7193
Vendor: QNAP |
Product: QTS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7192
Vendor: QNAP |
Product: Photo Station
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-5825
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-15271
Vendor: Cisco |
Product: RV Series Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-6065
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-4990
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-17480
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-17463
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6862
Vendor: NETGEAR |
Product: Multiple Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-5070
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-5030
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-5198
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-1646
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-1331
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-5054
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-4969
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-1889
Vendor: Microsoft |
Product: XML Core Services
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-0767
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-0754
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-0151
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2011-2462
Vendor: Adobe |
Product: Reader and Acrobat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2011-0609
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-2883
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-2572
Vendor: Microsoft |
Product: PowerPoint
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-1297
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-4324
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-3953
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-1862
Vendor: Adobe |
Product: Acrobat and Reader, Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-0563
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-0557
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2008-0655
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2007-5659
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2006-2492
Vendor: Microsoft |
Product: Word
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26134
Vendor: Atlassian |
Product: Confluence Server/Data Center
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-3010
Vendor: Oracle |
Product: Solaris
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3393
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-7256
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-1010
Vendor: Adobe |
Product: Flash Player and AIR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0984
Vendor: Adobe |
Product: Flash Player and AIR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0034
Vendor: Microsoft |
Product: Silverlight
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-0310
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-0016
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-0071
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2360
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2425
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1769
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-4495
Vendor: Mozilla |
Product: Firefox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-8651
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-6175
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1671
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-4148
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-8439
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-4123
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-0546
Vendor: Adobe |
Product: Reader and Acrobat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-2817
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-4077
Vendor: Microsoft |
Product: Input Method Editor (IME) Japanese
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-3153
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-7331
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3993
Vendor: IBM |
Product: InfoSphere BigInsights
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3896
Vendor: Microsoft |
Product: Silverlight
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-2423
Vendor: Oracle |
Product: Java Runtime Environment (JRE)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0431
Vendor: Oracle |
Product: Java Runtime Environment (JRE)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0422
Vendor: Oracle |
Product: Java Runtime Environment (JRE)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0074
Vendor: Microsoft |
Product: Silverlight
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-1710
Vendor: Oracle |
Product: Fusion Middleware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-1428
Vendor: Red Hat |
Product: JBoss
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-0840
Vendor: Oracle |
Product: Java Runtime Environment (JRE)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-0738
Vendor: Red Hat |
Product: JBoss
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8611
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-19953
Vendor: QNAP |
Product: Network Attached Storage (NAS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-19949
Vendor: QNAP |
Product: Network Attached Storage (NAS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-19943
Vendor: QNAP |
Product: Network Attached Storage (NAS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0147
Vendor: Microsoft |
Product: SMBv1 server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0022
Vendor: Microsoft |
Product: XML Core Services
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0005
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0149
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0210
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-8291
Vendor: Artifex |
Product: Ghostscript
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-8543
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-18362
Vendor: Kaseya |
Product: Virtual System/Server Administrator (VSA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0162
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3351
Vendor: Microsoft |
Product: Internet Explorer and Edge
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-4655
Vendor: Apple |
Product: iOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-4656
Vendor: Apple |
Product: iOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-4657
Vendor: Apple |
Product: iOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-6366
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-6367
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3298
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-20821
Vendor: Cisco |
Product: IOS XR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1048
Vendor: Android |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-0920
Vendor: Android |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30883
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1027
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0638
Vendor: Microsoft |
Product: Update Notification Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7286
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7287
Vendor: Apple |
Product: iOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0676
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-5786
Vendor: Google |
Product: Chrome Blink
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0703
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0880
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-13720
Vendor: Google |
Product: Chrome WebAudio
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-11707
Vendor: Mozilla |
Product: Firefox and Thunderbird
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-11708
Vendor: Mozilla |
Product: Firefox and Thunderbird
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-8720
Vendor: WebKitGTK |
Product: WebKitGTK
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-18426
Vendor: Meta Platforms |
Product: WhatsApp
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1385
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1130
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-5002
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8589
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-30525
Vendor: Zyxel |
Product: Multiple Firewalls
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22947
Vendor: VMware |
Product: Spring Cloud Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-1388
Vendor: F5 |
Product: BIG-IP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1789
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-8506
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-4113
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-0322
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-0160
Vendor: OpenSSL |
Product: OpenSSL
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-29464
Vendor: WSO2 |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26904
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-21919
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-0847
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-41357
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-40450
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1003029
Vendor: Jenkins |
Product: Script Security Plugin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-6882
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-3568
Vendor: Meta Platforms |
Product: WhatsApp
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22718
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22960
Vendor: VMware |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-1364
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-3929
Vendor: Crestron |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-16057
Vendor: D-Link |
Product: DNS-320 Storage Device
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-7841
Vendor: Schneider Electric |
Product: U.motion Builder
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-4523
Vendor: Trihedral |
Product: VTScada (formerly VTS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-0780
Vendor: InduSoft |
Product: Web Studio
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-5330
Vendor: Ubiquiti |
Product: AirOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2007-3010
Vendor: Alcatel |
Product: OmniPCX Enterprise
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22954
Vendor: VMware |
Product: Workspace ONE Access and Identity Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-24521
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-7602
Vendor: Drupal |
Product: Core
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-20753
Vendor: Kaseya |
Product: Virtual System/Server Administrator (VSA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-5123
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-5122
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-3113
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2502
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-0313
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-0311
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-9163
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-23176
Vendor: WatchGuard |
Product: Firebox and XTM
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-42287
Vendor: Microsoft |
Product: Active Directory
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-42278
Vendor: Microsoft |
Product: Active Directory
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-39793
Vendor: Google |
Product: Pixel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27852
Vendor: Checkbox |
Product: Checkbox Survey
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22600
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-2509
Vendor: QNAP |
Product: QNAP Network-Attached Storage (NAS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-11317
Vendor: Telerik |
Product: User Interface (UI) for ASP.NET AJAX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-3156
Vendor: Sudo |
Product: Sudo
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31166
Vendor: Microsoft |
Product: HTTP Protocol Stack
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0148
Vendor: Microsoft |
Product: SMBv1 server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22965
Vendor: VMware |
Product: Spring Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22675
Vendor: Apple |
Product: macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22674
Vendor: Apple |
Product: macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-45382
Vendor: D-Link |
Product: Multiple Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26871
Vendor: Trend Micro |
Product: Apex Central
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-1040
Vendor: Sophos |
Product: Firewall
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-34484
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-28799
Vendor: QNAP |
Product: Network Attached Storage (NAS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21551
Vendor: Dell |
Product: dbutil Driver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-10562
Vendor: Dasan |
Product: Gigabit Passive Optical Network (GPON) Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-10561
Vendor: Dasan |
Product: Gigabit Passive Optical Network (GPON) Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-1096
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-0543
Vendor: Redis |
Product: Debian-specific Redis Servers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-38646
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-34486
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-26085
Vendor: Atlassian |
Product: Confluence Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20028
Vendor: SonicWall |
Product: Secure Remote Access (SRA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7483
Vendor: SonicWall |
Product: SMA100
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8440
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8406
Vendor: Microsoft |
Product: DirectX Graphics Kernel (DXGKRNL)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8405
Vendor: Microsoft |
Product: DirectX Graphics Kernel (DXGKRNL)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0213
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0059
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0037
Vendor: Microsoft |
Product: Edge and Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-7201
Vendor: Microsoft |
Product: Edge
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-7200
Vendor: Microsoft |
Product: Edge
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0189
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0151
Vendor: Microsoft |
Product: Client-Server Run-time Subsystem (CSRSS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0040
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2426
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2419
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1770
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3660
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-2729
Vendor: Adobe |
Product: Reader and Acrobat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-2551
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-2465
Vendor: Oracle |
Product: Java SE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-1690
Vendor: Mozilla |
Product: Firefox and Thunderbird
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-5076
Vendor: Oracle |
Product: Java SE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-2539
Vendor: Microsoft |
Product: Word
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-2034
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-0518
Vendor: Oracle |
Product: Fusion Middleware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2011-2005
Vendor: Microsoft |
Product: Ancillary Function Driver (afd.sys)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-4398
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26318
Vendor: WatchGuard |
Product: Firebox and XTM Appliances
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26143
Vendor: Mitel |
Product: MiCollab, MiVoice Business Express
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-21999
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-42237
Vendor: Sitecore |
Product: XP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22941
Vendor: Citrix |
Product: ShareFile
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-9377
Vendor: D-Link |
Product: DIR-610 Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-9054
Vendor: Zyxel |
Product: Multiple Network-Attached Storage (NAS) Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-7247
Vendor: OpenBSD |
Product: OpenSMTPD
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-5410
Vendor: VMware Tanzu |
Product: Spring Cloud Configuration (Config) Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-25223
Vendor: Sophos |
Product: SG UTM
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-2506
Vendor: QNAP Systems |
Product: Helpdesk
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-2021
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1956
Vendor: Apache |
Product: Kylin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1631
Vendor: Juniper |
Product: Junos OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-6340
Vendor: Drupal |
Product: Core
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-2616
Vendor: Oracle |
Product: BI Publisher (Formerly XML Publisher)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-16920
Vendor: D-Link |
Product: Multiple Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-15107
Vendor: Webmin |
Product: Webmin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-12991
Vendor: Citrix |
Product: SD-WAN and NetScaler
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-12989
Vendor: Citrix |
Product: SD-WAN and NetScaler
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-11043
Vendor: PHP |
Product: FastCGI Process Manager (FPM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-10068
Vendor: Kentico |
Product: Xperience
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1003030
Vendor: Jenkins |
Product: Matrix Project Plugin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0903
Vendor: Microsoft |
Product: Graphics Device Interface (GDI)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8414
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8373
Vendor: Microsoft |
Product: Internet Explorer Scripting Engine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-6961
Vendor: VMware |
Product: SD-WAN Edge
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-14839
Vendor: LG |
Product: N1A1 NAS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-1273
Vendor: VMware Tanzu |
Product: Spring Data Commons
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-11138
Vendor: Quest |
Product: KACE System Management Appliance
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0147
Vendor: Cisco |
Product: Secure Access Control System (ACS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0125
Vendor: Cisco |
Product: VPN Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6334
Vendor: NETGEAR |
Product: DGN2200 Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6316
Vendor: Citrix |
Product: NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-3881
Vendor: Cisco |
Product: IOS and IOS XE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12617
Vendor: Apache |
Product: Tomcat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12615
Vendor: Apache |
Product: Tomcat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0146
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-7892
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-4171
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-1555
Vendor: NETGEAR |
Product: Wireless Access Point (WAP) Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-11021
Vendor: D-Link |
Product: DCS-930L Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-10174
Vendor: NETGEAR |
Product: WNR2000v5 Router
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0752
Vendor: Rails |
Product: Ruby on Rails
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-4068
Vendor: Arcserve |
Product: Unified Data Protection (UDP)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-3035
Vendor: TP-Link |
Product: Multiple Archer Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1427
Vendor: Elastic |
Product: Elasticsearch
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1187
Vendor: D-Link and TRENDnet |
Product: Multiple Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-0666
Vendor: Cisco |
Product: Prime Data Center Network Manager (DCNM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-6332
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-6324
Vendor: Microsoft |
Product: Kerberos Key Distribution Center (KDC)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-6287
Vendor: Rejetto |
Product: HTTP File Server (HFS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-3120
Vendor: Elastic |
Product: Elasticsearch
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-0130
Vendor: Rails |
Product: Ruby on Rails
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-5223
Vendor: D-Link |
Product: DSL-2760U
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-4810
Vendor: Hewlett Packard (HP) |
Product: ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-2251
Vendor: Apache |
Product: Struts
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-1823
Vendor: PHP |
Product: PHP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-4345
Vendor: Exim |
Product: Exim
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-4344
Vendor: Exim |
Product: Exim
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-3035
Vendor: Cisco |
Product: IOS XR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-2861
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-2055
Vendor: Cisco |
Product: IOS XR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-1151
Vendor: phpMyAdmin |
Product: phpMyAdmin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-0927
Vendor: Adobe |
Product: Reader and Acrobat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2005-2773
Vendor: Hewlett Packard (HP) |
Product: OpenView Network Node Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-5135
Vendor: SonicWall |
Product: SonicOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1405
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1322
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1315
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1253
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1132
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1129
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1069
Vendor: Microsoft |
Product: Task Scheduler
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1064
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0841
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0543
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8120
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0101
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3309
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2546
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26486
Vendor: Mozilla |
Product: Firefox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-26485
Vendor: Mozilla |
Product: Firefox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21973
Vendor: VMware |
Product: vCenter Server and Cloud Foundation
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8218
Vendor: Pulse Secure |
Product: Pulse Connect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-11581
Vendor: Atlassian |
Product: Jira Server and Data Center
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6077
Vendor: NETGEAR |
Product: Wireless Router DGN2200
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-6277
Vendor: NETGEAR |
Product: Multiple Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0631
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0629
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0625
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-3960
Vendor: Adobe |
Product: BlazeDS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-20708
Vendor: Cisco |
Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-20703
Vendor: Cisco |
Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-20701
Vendor: Cisco |
Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-20700
Vendor: Cisco |
Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-20699
Vendor: Cisco |
Product: Small Business RV160, RV260, RV340, and RV345 Series Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-41379
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1938
Vendor: Apache |
Product: Tomcat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-11899
Vendor: Treck TCP/IP stack |
Product: IPv6
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-16928
Vendor: Exim |
Product: Exim Internet Mailer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1652
Vendor: Cisco |
Product: Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1297
Vendor: Microsoft |
Product: Excel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8581
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8298
Vendor: ChakraCore |
Product: ChakraCore scripting engine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0180
Vendor: Cisco |
Product: IOS Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0179
Vendor: Cisco |
Product: IOS Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0175
Vendor: Cisco |
Product: IOS, XR, and XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0174
Vendor: Cisco |
Product: IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0173
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0172
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0167
Vendor: Cisco |
Product: IOS, XR, and XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0161
Vendor: Cisco |
Product: IOS Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0159
Vendor: Cisco |
Product: IOS Software and Cisco IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0158
Vendor: Cisco |
Product: IOS Software and Cisco IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0156
Vendor: Cisco |
Product: IOS Software and Cisco IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0155
Vendor: Cisco |
Product: Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0154
Vendor: Cisco |
Product: IOS Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0151
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-8540
Vendor: Microsoft |
Product: Malware Protection Engine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6744
Vendor: Cisco |
Product: IOS software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6743
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6740
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6739
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6738
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6737
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6736
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6663
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6627
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12319
Vendor: Cisco |
Product: IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12240
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12238
Vendor: Cisco |
Product: Catalyst 6800 Series Switches
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12237
Vendor: Cisco |
Product: IOS and IOS XE Software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12235
Vendor: Cisco |
Product: IOS software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12234
Vendor: Cisco |
Product: IOS software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12233
Vendor: Cisco |
Product: IOS software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12232
Vendor: Cisco |
Product: IOS software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12231
Vendor: Cisco |
Product: IOS software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-11826
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-11292
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0261
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0001
Vendor: Microsoft |
Product: Graphics Device Interface (GDI)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-8562
Vendor: Siemens |
Product: SIMATIC CP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-7855
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-7262
Vendor: Microsoft |
Product: Excel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-7193
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-5195
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-4117
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-1019
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0099
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-7645
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-5119
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-4902
Vendor: Oracle |
Product: Java SE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-3043
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2590
Vendor: Oracle |
Product: Java SE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2545
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2424
Vendor: Microsoft |
Product: PowerPoint
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2387
Vendor: Microsoft |
Product: ATM Font Driver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1701
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1642
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-4114
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-0496
Vendor: Adobe |
Product: Reader and Acrobat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-5065
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3897
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3346
Vendor: Adobe |
Product: Reader and Acrobat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-1675
Vendor: Mozilla |
Product: Firefox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-1347
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0641
Vendor: Adobe |
Product: Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0640
Vendor: Adobe |
Product: Reader and Acrobat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-0632
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-4681
Vendor: Oracle |
Product: Java SE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-1856
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-1723
Vendor: Oracle |
Product: Java SE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-1535
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-0507
Vendor: Oracle |
Product: Java SE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2011-3544
Vendor: Oracle |
Product: Java SE JDK and JRE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2011-1889
Vendor: Microsoft |
Product: Forefront Threat Management Gateway (TMG)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2011-0611
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-3333
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-0232
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-0188
Vendor: Adobe |
Product: Reader and Acrobat
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-3129
Vendor: Microsoft |
Product: Excel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2009-1123
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2008-3431
Vendor: Oracle |
Product: VirtualBox
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2008-2992
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2004-0210
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2002-0367
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-24682
Vendor: Synacor |
Product: Zimbra Collaborate Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-8570
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0222
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-6352
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-23131
Vendor: Zabbix |
Product: Frontend
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-23134
Vendor: Zabbix |
Product: Frontend
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-24086
Vendor: Adobe |
Product: Commerce and Magento Open Source
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-0609
Vendor: Google |
Product: Chromium Animation
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0752
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8174
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-20250
Vendor: RARLAB |
Product: WinRAR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-15982
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-9841
Vendor: PHPUnit |
Product: PHPUnit
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-1761
Vendor: Microsoft |
Product: Word
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3906
Vendor: Microsoft |
Product: Graphics Component
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22620
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-36934
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0796
Vendor: Microsoft |
Product: SMBv3
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-1000861
Vendor: Jenkins |
Product: Jenkins Stapler Web Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-9791
Vendor: Apache |
Product: Struts 1
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-8464
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-10271
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0263
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0262
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0145
Vendor: Microsoft |
Product: SMBv1
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0144
Vendor: Microsoft |
Product: SMBv1
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3088
Vendor: Apache |
Product: ActiveMQ
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-2051
Vendor: D-Link |
Product: DIR-645 Router
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1635
Vendor: Microsoft |
Product: HTTP.sys
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1130
Vendor: Apple |
Product: OS X
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-4404
Vendor: Apple |
Product: OS X
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-21882
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2022-22587
Vendor: Apple |
Product: iOS and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20038
Vendor: SonicWall |
Product: SMA 100 Appliances
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-5722
Vendor: Grandstream |
Product: UCM6200
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0787
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-5689
Vendor: Intel |
Product: Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-1776
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-6271
Vendor: GNU |
Product: Bourne-Again Shell (Bash)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-7169
Vendor: GNU |
Product: Bourne-Again Shell (Bash)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2006-1547
Vendor: Apache |
Product: Struts 1
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-0391
Vendor: Apache |
Product: Struts 2
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8453
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-35247
Vendor: SolarWinds |
Product: Serv-U
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-32648
Vendor: October CMS |
Product: October CMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25296
Vendor: Nagios |
Product: Nagios XI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25297
Vendor: Nagios |
Product: Nagios XI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-25298
Vendor: Nagios |
Product: Nagios XI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-40870
Vendor: Aviatrix |
Product: Aviatrix Controller
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-33766
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21975
Vendor: VMware |
Product: vRealize Operations Manager API
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21315
Vendor: Npm package |
Product: System Information Library for Node.JS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22991
Vendor: F5 |
Product: BIG-IP Traffic Management Microkernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-14864
Vendor: Oracle |
Product: Intelligence Enterprise Edition
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-13671
Vendor: Drupal |
Product: Drupal core
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-11978
Vendor: Apache |
Product: Airflow
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-13927
Vendor: Apache |
Product: Airflow's Experimental API
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22017
Vendor: VMware |
Product: vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-36260
Vendor: Hikvision |
Product: Security cameras web server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-6572
Vendor: Google |
Product: Chrome Media
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1458
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2013-3900
Vendor: Microsoft |
Product: WinVerifyTrust function
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-2725
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-9670
Vendor: Synacor |
Product: Zimbra Collaboration Suite (ZCS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-13382
Vendor: Fortinet |
Product: FortiOS and FortiProxy
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-13383
Vendor: Fortinet |
Product: FortiOS and FortiProxy
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1579
Vendor: Palo Alto Networks |
Product: PAN-OS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-10149
Vendor: Exim |
Product: Mail Transfer Agent (MTA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-7450
Vendor: IBM |
Product: WebSphere Application Server and Server Hypervisor Edition
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-1000486
Vendor: Primetek |
Product: Primefaces Application
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7609
Vendor: Elastic |
Product: Kibana
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27860
Vendor: FatPipe |
Product: WARP, IPVPN, and MPVPN software
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-43890
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-4102
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-44515
Vendor: Zoho |
Product: Desktop Central
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-13272
Vendor: Linux |
Product: Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-35394
Vendor: Realtek |
Product: Jungle Software Development Kit (SDK)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7238
Vendor: Sonatype |
Product: Nexus Repository Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0193
Vendor: Apache |
Product: Solr
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-44168
Vendor: Fortinet |
Product: FortiOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-17562
Vendor: Embedthis |
Product: GoAhead
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-12149
Vendor: Red Hat |
Product: JBoss Application Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-1871
Vendor: Red Hat |
Product: JBoss Seam 2
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-17463
Vendor: Fuel CMS |
Product: Fuel CMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8816
Vendor: Pi-hole |
Product: AdminLTE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-10758
Vendor: MongoDB |
Product: mongo-express
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-44228
Vendor: Apache |
Product: Log4j2
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-11261
Vendor: Qualcomm |
Product: Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-14847
Vendor: MikroTik |
Product: RouterOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-37415
Vendor: Zoho |
Product: ManageEngine ServiceDesk Plus (SDP)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-40438
Vendor: Apache |
Product: Apache
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-44077
Vendor: Zoho |
Product: ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22204
Vendor: Perl |
Product: Exiftool
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-40449
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-42321
Vendor: Microsoft |
Product: Exchange
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-42292
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27104
Vendor: Accellion |
Product: FTA
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27102
Vendor: Accellion |
Product: FTA
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27101
Vendor: Accellion |
Product: FTA
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27103
Vendor: Accellion |
Product: FTA
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21017
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-28550
Vendor: Adobe |
Product: Acrobat and Reader
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-4939
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-15961
Vendor: Adobe |
Product: ColdFusion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-4878
Vendor: Adobe |
Product: Flash Player
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-5735
Vendor: Amcrest |
Product: Cameras and Network Video Recorder (NVR)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-2215
Vendor: Android |
Product: Android Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0041
Vendor: Android |
Product: Android Kernel
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0069
Vendor: MediaTek |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-9805
Vendor: Apache |
Product: Struts
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-42013
Vendor: Apache |
Product: HTTP Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-41773
Vendor: Apache |
Product: HTTP Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0211
Vendor: Apache |
Product: HTTP Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-4437
Vendor: Apache |
Product: Shiro
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-17558
Vendor: Apache |
Product: Solr
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-17530
Vendor: Apache |
Product: Struts
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-5638
Vendor: Apache |
Product: Struts
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-11776
Vendor: Apache |
Product: Struts
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30858
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-6223
Vendor: Apple |
Product: iOS and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30860
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-27930
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30807
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-27950
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-27932
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-9818
Vendor: Apple |
Product: iOS, iPadOS, and watchOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-9819
Vendor: Apple |
Product: iOS, iPadOS, and watchOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30762
Vendor: Apple |
Product: iOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1782
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1870
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1871
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1879
Vendor: Apple |
Product: iOS, iPadOS, and watchOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30661
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30666
Vendor: Apple |
Product: iOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30713
Vendor: Apple |
Product: macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30657
Vendor: Apple |
Product: macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30665
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30663
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30761
Vendor: Apple |
Product: iOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30869
Vendor: Apple |
Product: iOS, iPadOS, and macOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-9859
Vendor: Apple |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20090
Vendor: Arcadyan |
Product: Buffalo Firmware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27562
Vendor: Arm |
Product: Trusted Firmware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-28664
Vendor: Arm |
Product: Mali Graphics Processing Unit (GPU)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-28663
Vendor: Arm |
Product: Mali Graphics Processing Unit (GPU)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-3398
Vendor: Atlassian |
Product: Confluence Server and Data Center
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-26084
Vendor: Atlassian |
Product: Confluence Server and Data Center
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-11580
Vendor: Atlassian |
Product: Crowd and Crowd Data Center
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-3396
Vendor: Atlassian |
Product: Confluence Server and Data Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-42258
Vendor: BQE |
Product: BillQuick Web Suite
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3452
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3580
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1497
Vendor: Cisco |
Product: HyperFlex HX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1498
Vendor: Cisco |
Product: HyperFlex HX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0171
Vendor: Cisco |
Product: IOS and IOS XE
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3118
Vendor: Cisco |
Product: IOS XR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3566
Vendor: Cisco |
Product: IOS XR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3569
Vendor: Cisco |
Product: IOS XR
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3161
Vendor: Cisco |
Product: Cisco IP Phones
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1653
Vendor: Cisco |
Product: Small Business RV320 and RV325 Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0296
Vendor: Cisco |
Product: Adaptive Security Appliance (ASA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-13608
Vendor: Citrix |
Product: StoreFront Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8193
Vendor: Citrix |
Product: Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8195
Vendor: Citrix |
Product: Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8196
Vendor: Citrix |
Product: Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-19781
Vendor: Citrix |
Product: Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-11634
Vendor: Citrix |
Product: Workspace Application and Receiver for Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-29557
Vendor: D-Link |
Product: DIR-825 R1 Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-25506
Vendor: D-Link |
Product: DNS-320 Device
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-15811
Vendor: DotNetNuke (DNN) |
Product: DotNetNuke (DNN)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-18325
Vendor: DotNetNuke (DNN) |
Product: DotNetNuke (DNN)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-9822
Vendor: DotNetNuke (DNN) |
Product: DotNetNuke (DNN)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-15752
Vendor: Docker |
Product: Desktop Community Edition
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8515
Vendor: DrayTek |
Product: Multiple Vigor Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-7600
Vendor: Drupal |
Product: Drupal Core
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22205
Vendor: GitLab |
Product: Community and Enterprise Editions
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-6789
Vendor: Exim |
Product: Exim
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8657
Vendor: EyesOfNetwork |
Product: EyesOfNetwork
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8655
Vendor: EyesOfNetwork |
Product: EyesOfNetwork
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-5902
Vendor: F5 |
Product: BIG-IP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22986
Vendor: F5 |
Product: BIG-IP and BIG-IQ Centralized Management
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-35464
Vendor: ForgeRock |
Product: Access Management (AM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-5591
Vendor: Fortinet |
Product: FortiOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-12812
Vendor: Fortinet |
Product: FortiOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-13379
Vendor: Fortinet |
Product: FortiOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-16010
Vendor: Google |
Product: Chrome for Android UI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-15999
Vendor: Google |
Product: Chrome FreeType
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21166
Vendor: Google |
Product: Chromium
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-16017
Vendor: Google |
Product: Chrome
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-37976
Vendor: Google |
Product: Chromium
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-16009
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30632
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-16013
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30633
Vendor: Google |
Product: Chromium Indexed DB API
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21148
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-37973
Vendor: Google |
Product: Chromium Portals
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30551
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-37975
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-6418
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30554
Vendor: Google |
Product: Chromium WebGL
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21206
Vendor: Google |
Product: Chromium Blink
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-38000
Vendor: Google |
Product: Chromium Intents
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-38003
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21224
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21193
Vendor: Google |
Product: Chromium Blink
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21220
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30563
Vendor: Google |
Product: Chromium V8
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-4430
Vendor: IBM |
Product: Data Risk Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-4427
Vendor: IBM |
Product: Data Risk Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-4428
Vendor: IBM |
Product: Data Risk Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-4716
Vendor: IBM |
Product: Planning Analytics
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3715
Vendor: ImageMagick |
Product: ImageMagick
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3718
Vendor: ImageMagick |
Product: ImageMagick
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-15505
Vendor: Ivanti |
Product: MobileIron Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-30116
Vendor: Kaseya |
Product: Virtual System/Server Administrator (VSA)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-7961
Vendor: Liferay |
Product: Liferay Portal
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-23874
Vendor: McAfee |
Product: McAfee Total Protection (MTP)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22506
Vendor: Micro Focus |
Product: Micro Focus Access Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22502
Vendor: Micro Focus |
Product: Operation Bridge Reporter (OBR)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2014-1812
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-38647
Vendor: Microsoft |
Product: Open Management Infrastructure (OMI)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0167
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0878
Vendor: Microsoft |
Product: Edge and Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31955
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1647
Vendor: Microsoft |
Product: Defender
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-33739
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-0185
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0683
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-17087
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-33742
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31199
Vendor: Microsoft |
Product: Enhanced Cryptographic Provider
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-33771
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31956
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31201
Vendor: Microsoft |
Product: Enhanced Cryptographic Provider
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31979
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0938
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-17144
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0986
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1020
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-38645
Vendor: Microsoft |
Product: Open Management Infrastructure (OMI)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-34523
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-7269
Vendor: Microsoft |
Product: Internet Information Services (IIS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-36948
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-38649
Vendor: Microsoft |
Product: Open Management Infrastructure (OMI)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0688
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0143
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-7255
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0708
Vendor: Microsoft |
Product: Remote Desktop Services
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-34473
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1464
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1732
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-34527
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31207
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0803
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1040
Vendor: Microsoft |
Product: Hyper-V RemoteFX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-28310
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1350
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-26411
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0859
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-40444
Vendor: Microsoft |
Product: MSHTML
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-8759
Vendor: Microsoft |
Product: .NET Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-8653
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0797
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-36942
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1215
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0798
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-0802
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-0158
Vendor: Microsoft |
Product: MSCOMCTL.OCX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-1641
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27085
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0541
Vendor: Microsoft |
Product: MSHTML
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-11882
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0674
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27059
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1367
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-0199
Vendor: Microsoft |
Product: Office and WordPad
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1380
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1429
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-11774
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0968
Vendor: Microsoft |
Product: Internet Explorer
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1472
Vendor: Microsoft |
Product: Netlogon
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-26855
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-26858
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27065
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1054
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1675
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-34448
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0601
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0604
Vendor: Microsoft |
Product: SharePoint
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-0646
Vendor: Microsoft |
Product: .NET Framework
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0808
Vendor: Microsoft |
Product: Win32k
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-26857
Vendor: Microsoft |
Product: Exchange Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-1147
Vendor: Microsoft |
Product: .NET Framework, SharePoint, Visual Studio
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-1214
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3235
Vendor: Microsoft |
Product: Office
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-0863
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-36955
Vendor: Microsoft |
Product: Windows
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-38648
Vendor: Microsoft |
Product: Open Management Infrastructure (OMI)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-6819
Vendor: Mozilla |
Product: Firefox and Thunderbird
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-6820
Vendor: Mozilla |
Product: Firefox and Thunderbird
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-17026
Vendor: Mozilla |
Product: Firefox and Thunderbird
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-15949
Vendor: Nagios |
Product: Nagios XI
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-26919
Vendor: NETGEAR |
Product: JGS516PE Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-19356
Vendor: Netis |
Product: WF2419 Devices
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-2555
Vendor: Oracle |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2012-3152
Vendor: Oracle |
Product: Fusion Middleware
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-14871
Vendor: Oracle |
Product: Solaris and Zettabyte File System (ZFS)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2015-4852
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-14750
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-14882
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-14883
Vendor: Oracle |
Product: WebLogic Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8644
Vendor: PlaySMS |
Product: PlaySMS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-18935
Vendor: Progress |
Product: Telerik UI for ASP.NET AJAX
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22893
Vendor: Ivanti |
Product: Pulse Connect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8243
Vendor: Ivanti |
Product: Pulse Connect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22900
Vendor: Ivanti |
Product: Pulse Connect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22894
Vendor: Ivanti |
Product: Pulse Connect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8260
Vendor: Ivanti |
Product: Pulse Connect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22899
Vendor: Ivanti |
Product: Pulse Connect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-11510
Vendor: Ivanti |
Product: Pulse Connect Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-11539
Vendor: Ivanti |
Product: Pulse Connect Secure and Pulse Policy Secure
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1906
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-1905
Vendor: Qualcomm |
Product: Multiple Chipsets
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-10221
Vendor: rConfig |
Product: rConfig
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-35395
Vendor: Realtek |
Product: AP-Router SDK
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-16651
Vendor: Roundcube |
Product: Roundcube Webmail
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-11652
Vendor: SaltStack |
Product: Salt
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-11651
Vendor: SaltStack |
Product: Salt
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-16846
Vendor: SaltStack |
Product: Salt
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-2380
Vendor: SAP |
Product: Customer Relationship Management (CRM)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2010-5326
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-9563
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-6287
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-6207
Vendor: SAP |
Product: Solution Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3976
Vendor: SAP |
Product: NetWeaver
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-16256
Vendor: SIMalliance |
Product: Toolbox Browser
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-10148
Vendor: SolarWinds |
Product: Orion
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-35211
Vendor: SolarWinds |
Product: Serv-U
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2016-3643
Vendor: SolarWinds |
Product: Virtualization Manager
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-10199
Vendor: Sonatype |
Product: Nexus Repository
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20021
Vendor: SonicWall |
Product: SonicWall Email Security
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-7481
Vendor: SonicWall |
Product: SMA100
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20022
Vendor: SonicWall |
Product: SonicWall Email Security
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20023
Vendor: SonicWall |
Product: SonicWall Email Security
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-20016
Vendor: SonicWall |
Product: SSLVPN SMA100
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-12271
Vendor: Sophos |
Product: SFOS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-10181
Vendor: Sumavision |
Product: Enhanced Multimedia Router (EMR)
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-6327
Vendor: Symantec |
Product: Symantec Messaging Gateway
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-18988
Vendor: TeamViewer |
Product: Desktop
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2017-9248
Vendor: Progress |
Product: ASP.NET AJAX and Sitefinity
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-31755
Vendor: Tenda |
Product: AC11 Router
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-10987
Vendor: Tenda |
Product: AC1900 Router AC15 Model
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-14558
Vendor: Tenda |
Product: AC7, AC9, and AC10 Routers
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2018-20062
Vendor: ThinkPHP |
Product: noneCms
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-9082
Vendor: ThinkPHP |
Product: ThinkPHP
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-18187
Vendor: Trend Micro |
Product: OfficeScan
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8467
Vendor: Trend Micro |
Product: Apex One and OfficeScan
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8468
Vendor: Trend Micro |
Product: Apex One, OfficeScan and Worry-Free Business Security Agents
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-24557
Vendor: Trend Micro |
Product: Apex One, OfficeScan, and Worry-Free Business Security
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-8599
Vendor: Trend Micro |
Product: Apex One and OfficeScan
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-36742
Vendor: Trend Micro |
Product: Apex One, Apex One as a Service, and Worry-Free Business Security
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-36741
Vendor: Trend Micro |
Product: Apex One, Apex One as a Service, and Worry-Free Business Security
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-20085
Vendor: TVT |
Product: NVMS-1000
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-5849
Vendor: Unraid |
Product: Unraid
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-5847
Vendor: Unraid |
Product: Unraid
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-16759
Vendor: vBulletin |
Product: vBulletin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-17496
Vendor: vBulletin |
Product: vBulletin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-5544
Vendor: VMware |
Product: VMware ESXi and Horizon DaaS
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3992
Vendor: VMware |
Product: ESXi
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3950
Vendor: VMware |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-22005
Vendor: VMware |
Product: vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-3952
Vendor: VMware |
Product: vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21972
Vendor: VMware |
Product: vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-21985
Vendor: VMware |
Product: vCenter Server
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-4006
Vendor: VMware |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-25213
Vendor: WordPress |
Product: File Manager Plugin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-11738
Vendor: WordPress |
Product: Snap Creek Duplicator Plugin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-9978
Vendor: WordPress |
Product: Social Warfare Plugin
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-27561
Vendor: Yealink |
Product: Device Management
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2021-40539
Vendor: Zoho |
Product: ManageEngine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-10189
Vendor: Zoho |
Product: ManageEngine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2019-8394
Vendor: Zoho |
Product: ManageEngine
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
CVE-2020-29583
Vendor: Zyxel |
Product: Multiple Products
Status: Actively Exploited in the Wild
This vulnerability is confirmed to be exploited by real-world threat actors. Unpatched systems remain at immediate risk of compromise.
Critical & High-Risk Vulnerabilities
CVE-2026-0106
Severity: Unknown | CVSS: 9.3 | EPSS: 0.0
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
CVE-2026-1962
Severity: Unknown | CVSS: 6.3 | EPSS: 0.0
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
CVE-2026-1963
Severity: Unknown | CVSS: 6.3 | EPSS: 0.0
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
CVE-2026-1964
Severity: Unknown | CVSS: 4.3 | EPSS: 0.0
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
CVE-2026-1970
Severity: Unknown | CVSS: 3.5 | EPSS: 0.0
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
CVE-2026-25815
Severity: Unknown | CVSS: 3.2 | EPSS: 0.0
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
CVE-2025-32393
Severity: Unknown | CVSS: None | EPSS: 0.0
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
CVE-2025-68157
Severity: Unknown | CVSS: 3.7 | EPSS: 0.0
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
CVE-2025-68458
Severity: Unknown | CVSS: 3.7 | EPSS: 0.0
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
CVE-2026-0391
Severity: Unknown | CVSS: 6.5 | EPSS: 0.001
This vulnerability affects commonly deployed software and introduces conditions that may enable unauthorized access, remote code execution, or privilege escalation. Exploitation probability metrics indicate realistic adversary interest.
Malware & Campaign Activity
No confirmed malware samples were retrieved during this reporting window. This does not imply absence of malicious activity, as malware deployment often occurs after initial exploitation.
MITRE ATT&CK Context & Defensive Coverage
No immediate ATT&CK coverage gaps were identified during this reporting window, indicating reasonable alignment between observed techniques and existing detections.
Strategic Security Takeaways
The continued exploitation of known vulnerabilities and reliance on established ATT&CK techniques underscores the importance of disciplined patch management, behavior-based detection, and threat-informed defensive strategies.
CyberDudeBivash Intelligence Note
This report was generated by the CyberDudeBivash Threat Intelligence Platform using automated intelligence correlation, risk enrichment, and adversary behavior analysis.
Access additional research, tools, and intelligence at https://cyberbivash.blogspot.com
Comments
Post a Comment