Top CVEs by Exploits

1 CVE-2019-0708
9.8 CRITICAL
2 CVE-2014-6271
9.8 CRITICAL
3 CVE-2020-0796
10 CRITICAL
4 CVE-2017-5638
10 CRITICAL
5 CVE-2014-0160
7.5 HIGH
6 CVE-2020-5902
9.8 CRITICAL
7 CVE-2019-19781
9.8 CRITICAL
8 CVE-2020-1472
10 CRITICAL
9 CVE-2018-6574
7.8 HIGH
10 CVE-2016-5195
7.8 HIGH
11 CVE-2018-10933
9.1 CRITICAL
12 CVE-2018-7600
9.8 CRITICAL
13 CVE-2020-0601
8.1 HIGH
14 CVE-2017-10271
7.5 HIGH
15 CVE-2017-11882
7.8 HIGH
16 CVE-2018-2628
9.8 CRITICAL
17 CVE-2017-1000117
8.8 HIGH
18 CVE-2017-0199
7.8 HIGH
19 CVE-2019-5736
8.6 HIGH
20 CVE-2018-11776
8.1 HIGH
21 CVE-2016-10033
9.8 CRITICAL
22 CVE-2020-1938
9.8 CRITICAL
23 CVE-2018-6389
7.5 HIGH
24 CVE-2019-11043
9.8 CRITICAL
25 CVE-2018-20250
7.8 HIGH

Latest PoC Exploit Activity

CVE-2019-0708

9.8 CRITICAL

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using...
over 1 year ago

CVE-2019-0887

8 HIGH

A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka...
over 1 year ago by Eyal Itkin

CVE-2019-10092

6.1 MEDIUM

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to...
over 1 year ago

CVE-2019-1040

5.9 MEDIUM

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka...
over 1 year ago by Eyal Karni

CVE-2019-11869

6.1 MEDIUM

The Yuzo Related Posts plugin 5.12.94 for WordPress has XSS because it mistakenly expects that is_admin() verifies that the request comes from an admin user (it actually only...
over 1 year ago

CVE-2019-12815

9.8 CRITICAL

An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to...
over 1 year ago

CVE-2019-12840

8.8 HIGH

In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
over 1 year ago

CVE-2019-12890

9.8 CRITICAL

RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote attackers to create admin users via a con.automationframework users insert_one...
over 1 year ago

CVE-2019-14223

6.1 MEDIUM

An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a...
over 1 year ago

CVE-2019-14900

6.5 MEDIUM

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized...
6 months ago