CVE & Exploit Intelligence Database

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,613 CVEs tracked 53,239 with exploits 4,709 exploited in wild 1,539 CISA KEV 3,918 Nuclei templates 37,790 vendors 42,464 researchers
12,131 results Clear all
CVE-1999-0414 1 PoC Analysis EPSS 0.07
Linux <2.0.36 - Info Disclosure
In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection.
Mar 01, 1999
CVE-1999-0381 1 PoC Analysis EPSS 0.00
Debian Linux - Buffer Overflow
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
Feb 26, 1999
CVE-1999-0460 1 PoC Analysis EPSS 0.00
Linux Kernel - Buffer Overflow
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.
Feb 19, 1999
CVE-1999-0461 EPSS 0.01
rpcbind - SSRF
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.
Jan 28, 1999
CVE-1999-0400 1 PoC Analysis EPSS 0.01
Linux Kernel - Denial of Service
Denial of service in Linux 2.2.0 running the ldd command on a core file.
Jan 26, 1999
CVE-1999-0451 1 PoC Analysis EPSS 0.00
Linux Kernel - Denial of Service
Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.
Jan 19, 1999
CVE-1999-0656 EPSS 0.01
Ugidd - Info Disclosure
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.
CWE-16 Jan 01, 1999
CVE-1999-0401 EPSS 0.00
Linux 2.2.1 - Info Disclosure
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
Jan 01, 1999
CVE-1999-1285 EPSS 0.00
Linux <2.1.132 - DoS
Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.
Dec 27, 1998
CVE-1999-1276 EPSS 0.00
fte-console <0.46b-4.1 - Privilege Escalation
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.
Dec 07, 1998
CVE-1999-0781 EPSS 0.00
KDE - Command Injection
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
Nov 18, 1998
CVE-1999-0780 EPSS 0.00
KDE klock - Privilege Escalation
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
Nov 18, 1998
CVE-1999-0782 EPSS 0.00
KDE kppp - Path Traversal
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
Nov 18, 1998
CVE-1999-1441 1 PoC Analysis EPSS 0.00
Linux 2.0.34 - DoS
Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it.
Jun 30, 1998
CVE-1999-1442 1 PoC Analysis EPSS 0.00
AMD K6 - DoS
Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.
Jun 22, 1998
CVE-1999-0257 EPSS 0.01
Linux Kernel - Denial of Service
Nestea variation of teardrop IP fragmentation denial of service.
Apr 01, 1998
CVE-1999-0330 EPSS 0.00
Linux Kernel - Buffer Overflow
Linux bdash game has a buffer overflow that allows local users to gain root access.
Mar 01, 1998
CVE-1999-0513 1 PoC Analysis EPSS 0.26
Digital Unix - Denial of Service
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
Jan 05, 1998
CVE-1999-0216 EPSS 0.01
GNU Inet - Denial of Service
Denial of service of inetd on Linux through SYN and RST packets.
Nov 01, 1997
CVE-1999-0061 EPSS 0.02
BSD lpD - RCE
File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).
Oct 02, 1997

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
CVE-2025-15467: From OpenSSL Stack Overflow to Three ROP Chains in 64 Minutes - Introducing Stackforge
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF
 CVE-2026-21525
Microsoft Windows 10 1607 < 10.0.14393.8868 - NULL Pointer Dereference
 CVE-2026-21519
Microsoft Windows 10 1607 < 10.0.14393.8868 - Type Confusion