12817
CVEs
320
Critical
3962
High
23
KEV
599
PoC
504
Unpatched C/H
91.1%
Patch Rate
0.6%
Avg EPSS
Severity Breakdown
CRITICAL
320
HIGH
3962
MEDIUM
7779
LOW
178
Monthly CVE Trend
Affected Products (30)
Linux Kernel
9022
Debian Linux
1338
Ubuntu
740
Android
549
Ubuntu Linux
496
Enterprise Linux
259
Fedora
254
Leap
195
Enterprise Linux Server
135
Enterprise Linux Workstation
132
H410c Firmware
130
Enterprise Linux Desktop
130
H700s Firmware
119
H500s Firmware
119
H410s Firmware
119
H300s Firmware
118
Enterprise Linux Server Aus
116
Enterprise Linux Server Tus
90
Windows
84
Active Iq Unified Manager
78
Opensuse
75
Cloud Backup
74
H700E Firmware
68
Enterprise Linux Server Eus
68
H500E Firmware
68
H300E Firmware
68
Enterprise Linux Eus
61
Solidfire
57
Hci Management Node
57
Solaris
53
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2016-5195 | Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a. Rated high severity (CVSS 7.0). Actively exploited in the wild (cisa kev) and public exploit code available. | HIGH | 7.0 | 94.2% | 199 |
KEV
PoC
|
| CVE-2013-6282 | The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | HIGH | 8.8 | 67.7% | 197 |
KEV
PoC
|
| CVE-2014-3153 | The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | HIGH | 7.8 | 69.3% | 193 |
KEV
PoC
|
| CVE-2013-2094 | The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | HIGH | 8.4 | 65.9% | 178 |
KEV
PoC
|
| CVE-2015-0235 | Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 86.7%. | CRITICAL | 10.0 | 86.7% | 172 |
PoC
|
| CVE-2015-1328 | The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 89.7%. | HIGH | 7.8 | 89.7% | 164 |
PoC
No patch
|
| CVE-2017-1000253 | Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | HIGH | 7.8 | 54.2% | 163 |
KEV
PoC
|
| CVE-2017-7308 | The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 87.0%. | HIGH | 7.8 | 87.0% | 161 |
PoC
No patch
|
| CVE-2017-16995 | The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 82.8%. | HIGH | 7.8 | 82.8% | 157 |
PoC
No patch
|
| CVE-2017-1000112 | Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. Rated high severity (CVSS 7.0). Public exploit code available and EPSS exploitation probability 82.9%. | HIGH | 7.0 | 82.9% | 153 |
PoC
|
| CVE-2016-1960 | Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 86.5%. | HIGH | 8.8 | 86.5% | 150 |
PoC
No patch
|
| CVE-2014-0196 | The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | MEDIUM | 5.5 | 48.6% | 146 |
KEV
PoC
|
| CVE-2016-2776 | buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 88.4%. | HIGH | 7.5 | 88.4% | 146 |
PoC
No patch
|
| CVE-2016-5385 | PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 81.3%. | HIGH | 8.1 | 81.3% | 142 |
PoC
|
| CVE-2015-3036 | Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 70.1%. | CRITICAL | 10.0 | 70.1% | 140 |
PoC
No patch
|