CVE & Exploit Intelligence Database

Updated 5h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,579 CVEs tracked 53,237 with exploits 4,709 exploited in wild 1,539 CISA KEV 3,914 Nuclei templates 37,790 vendors 42,457 researchers
159 results Clear all
CVE-2019-12107 7.5 HIGH 1 Writeup EPSS 0.00
MiniUPnPd <2.1 - Info Disclosure
The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.
CWE-252 May 15, 2019
CVE-2019-10902 7.5 HIGH EPSS 0.01
Wireshark 3.0.0 - Buffer Overflow
In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.
CWE-252 Apr 09, 2019
CVE-2019-9704 5.5 MEDIUM EPSS 0.00
Vixie Cron <3.0pl1-133 - DoS
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
CWE-252 Mar 12, 2019
CVE-2018-20216 7.5 HIGH EPSS 0.00
QEMU - Buffer Overflow
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).
CWE-252 Dec 20, 2018
CVE-2018-16643 6.5 MEDIUM 1 Writeup EPSS 0.00
ImageMagick 7.0.8-4 - DoS
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
CWE-252 Sep 06, 2018
CVE-2018-14622 7.5 HIGH EPSS 0.02
libtirpc <0.3.3-rc3 - Use After Free
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
CWE-252 Aug 30, 2018
CVE-2018-14367 7.5 HIGH EPSS 0.01
Wireshark <2.6.1, <2.4.8 - DoS
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.
CWE-252 Jul 19, 2018
CVE-2017-0774 5.5 MEDIUM EPSS 0.00
Android - DoS
A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62673844.
CWE-252 Sep 08, 2017
CVE-2017-0720 7.8 HIGH 1 PoC Analysis EPSS 0.00
Android <7.1.2 - RCE
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37430213.
CWE-252 Aug 09, 2017
CVE-2017-0599 5.5 MEDIUM EPSS 0.00
Google Android - Denial of Service
A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34672748.
CWE-252 May 12, 2017
CVE-2017-6964 7.8 HIGH EPSS 0.00
eject <2.1.5+deb1+cvs20081104-13.1 - Code Injection
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04 LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04 LTS.
CWE-252 Mar 28, 2017
CVE-2016-10061 6.5 MEDIUM EPSS 0.01
ImageMagick <7.0.1-10 - DoS
The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.
CWE-252 Mar 03, 2017
CVE-2016-10060 6.5 MEDIUM EPSS 0.01
ImageMagick <7.0.1-10 - DoS
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CWE-252 Mar 02, 2017
CVE-2010-0211 9.8 CRITICAL 1 PoC Analysis EPSS 0.43
Openldap < 10.6.5 - Denial of Service
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite.
CWE-252 Jul 28, 2010
CVE-2009-0265 7.5 HIGH EPSS 0.00
ISC BIND 9.6.0 - Info Disclosure
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
CWE-295 Jan 26, 2009
CVE-2007-5191 EPSS 0.00
util-linux/loop-aes-utils - Privilege Escalation
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
CWE-252 Oct 04, 2007
CVE-2007-3798 9.8 CRITICAL 1 PoC Analysis EPSS 0.73
tcpdump <3.9.6 - RCE
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
CWE-252 Jul 16, 2007
CVE-2005-4360 2 PoCs Analysis EPSS 0.77
Microsoft IIS 5.1 - RCE
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot).
CWE-252 Dec 20, 2005
CVE-2002-1372 7.5 HIGH EPSS 0.07
CUPS <1.1.18 - DoS
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.
CWE-252 Dec 26, 2002

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
CVE-2025-15467: From OpenSSL Stack Overflow to Three ROP Chains in 64 Minutes - Introducing Stackforge
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF
 CVE-2026-21525
Microsoft Windows 10 1607 < 10.0.14393.8868 - NULL Pointer Dereference
 CVE-2026-21519
Microsoft Windows 10 1607 < 10.0.14393.8868 - Type Confusion