EMERGENCY
CVE-2020-10189
9.8
Zoho ManageEngine Desktop Central before 10.0.474 allows unauthenticated remote code execution through Java deserialization in the FileStorage class, exploited by Chinese APT groups for enterprise network compromise.
|
ACT NOW
CVE-2020-0688
8.8
Microsoft Exchange Server contains a remote code execution vulnerability caused by static cryptographic keys used in the Exchange Control Panel, allowing authenticated attackers to execute code as SYSTEM.
|
ACT NOW
CVE-2020-0674
7.5
Internet Explorer scripting engine contains a use-after-free vulnerability allowing remote code execution through crafted web pages, exploited as a zero-day in January 2020 in targeted campaigns attributed to DarkHotel APT.
|
Today's Vulnerabilities Vulnerabilities
Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.
CVEs published in review
Get CVEs that hit your stack — not 200/day
Pick your technologies, get a weekly digest by email. Free, no spam.
React
Python
Postgres
+200 more
React
Next.js
Python
Postgres
AWS
+200 more
Trending Now
See all
Critical Watch
See all
KEV
POC
CVSS
No critical watch entries today
Vendor Today – Quick Filter
Techniques
POC
CISA KEV
PATCH
UNPATCHED
results
Sort:
Base Score
Vector String
Attack Vector (AV)
Attack Complexity (AC)
Privileges Required (PR)
User Interaction (UI)
Scope (S)
Confidentiality (C)
Integrity (I)
Availability (A)
0
|
3.9|
6.9|
8.9|
10
NONE
LOW
MEDIUM
HIGH
CRITICAL
CVSS Filter
– CVEs match
No CVEs match the selected criteria
Loading...
Incoming
20
Pre-NVD – not yet scored
No vulnerabilities found for this date.
Data may not have been fetched yet.
Live Feed
auto-refresh 60s
Track CVEs for your stack
Sign up free →