PULSE
LIVE18signals / 24h
FEED
ransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technologyransomincransom reclama a D.MAG New Material Technology Co., Ltd. Taiwan Giant · TW · Manufacturingransomincransom reclama a vedan corp · VN · Agriculture and Food Productionransomincransom reclama a reatile.co.za · ZA · Not Foundransomincransom reclama a V&P Nurseries · US · Agriculture and Food Productionransomqilin reclama a Powder River Heating & Air Conditioning · US · Consumer Servicesransomqilin reclama a Droguería Martorani · AR · Consumer Servicesransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technologyransomincransom reclama a D.MAG New Material Technology Co., Ltd. Taiwan Giant · TW · Manufacturingransomincransom reclama a vedan corp · VN · Agriculture and Food Productionransomincransom reclama a reatile.co.za · ZA · Not Foundransomincransom reclama a V&P Nurseries · US · Agriculture and Food Productionransomqilin reclama a Powder River Heating & Air Conditioning · US · Consumer Servicesransomqilin reclama a Droguería Martorani · AR · Consumer Servicesransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturing
CVE Watch349,427 in full archive

Vulnerabilities exploitable today

4,278in current view

Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.

In KEV catalog1,647
New KEV · 24H0
Exploit Today ≥ 701,582

Distribution · last window

  • Critical
    1,327
  • High
    4,319
  • Medium
    3,685
  • Low
    289
Filters

Window

Severity

Flags

Vulnerabilities2,081–2,120 · 4,278
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2022-3218
99.4%
30
CVE-2020-4280
99.4%
30
CVE-2014-5073
99.4%
30
CVE-2010-1240
99.4%
30
CVE-2020-9757
99.4%
30
CVE-2017-17560
99.4%
30
CVE-2024-22320
99.4%
30
CVE-2021-40449
99.4%
KEVR80Microsoft Windows Win32k Privilege Escalation Vulnerability
CVE-2021-32610
99.4%
30
CVE-2009-3867
99.4%
30
CVE-2013-0758
99.4%
30
CVE-2008-0621
99.4%
30
CVE-2023-34260
99.4%
30
CVE-2011-3026
99.4%
30
CVE-2004-0362
99.4%
30
CVE-2011-3389
99.4%
30
CVE-2015-3183
99.4%
30
CVE-2014-7868
99.4%
30
CVE-2021-27275
99.4%
30
CVE-2019-12169
99.4%
30
CVE-2023-32165
99.4%
30
CVE-2014-9618
99.4%
30
CVE-2024-37383
99.4%
KEV80RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability
CVE-2021-24862
99.4%
30
CVE-2016-7202
99.4%
30
CVE-2023-47565
99.4%
KEV80QNAP VioStor NVR OS Command Injection Vulnerability
CVE-2022-34265
99.4%
30
CVE-2021-42258
99.4%
KEVR80BQE BillQuick Web Suite SQL Injection Vulnerability
CVE-2020-248819.8 CRI
99.4%
30SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.7d
CVE-2024-28255
99.4%
30
CVE-2023-2034
99.4%
30
CVE-2007-5067
99.4%
30
CVE-2013-1814
99.4%
30
CVE-2018-0824
99.4%
KEV80Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability
CVE-2006-3838
99.4%
30
CVE-2023-5914
99.4%
30
CVE-2022-29885
99.4%
30
CVE-2021-28958
99.4%
30
CVE-2026-222007.5 HIG
99.4%
30Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficiently sanitized before being processed by the mPDF PDF generator during export. When the attacker exports the ticket to PDF, the generated PDF can embed the contents of attacker-selected files from the server filesystem as bitmap images, allowing disclosure of sensitive local files in the context of the osTicket application user. This issue is exploitable in default configurations where guests may create tickets and access ticket status, or where self-registration is enabled.3d
CVE-2018-6389
99.4%
30