High EPSS Vulnerabilities with Public Exploits

Updated 3h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

346,453 CVEs tracked 53,634 with exploits 4,859 exploited in wild 1,583 CISA KEV 4,077 Nuclei templates 52,330 vendors 43,881 researchers
3,483 results Clear all
CVE-2015-2997 1 PoC Analysis EPSS 0.81
SysAid Help Desk <15.2 - Info Disclosure
SysAid Help Desk before 15.2 allows remote attackers to obtain sensitive information via an invalid value in the accountid parameter to getAgentLogFile, as demonstrated by a large directory traversal sequence, which reveals the installation path in an error message.
CWE-200 Jun 08, 2015
CVE-2015-1579 EXPLOITED 4 PoCs Analysis NUCLEI EPSS 0.81
Elegant Themes Divi - Path Traversal
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.
CWE-22 Feb 11, 2015
CVE-2012-3815 3 PoCs Analysis EPSS 0.81
Sielcosistemi Winlog Lite < 2.07.14 - Memory Corruption
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
CWE-119 Jun 27, 2012
CVE-2008-2245 1 PoC Analysis EPSS 0.81
Microsoft Windows 2000 - Memory Corruption
Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file.
CWE-119 Aug 13, 2008
CVE-2019-10392 8.8 HIGH 3 PoCs Analysis EPSS 0.81
Jenkins Git Client < 2.8.4 - OS Command Injection
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
CWE-78 Sep 12, 2019
CVE-2023-43323 6.5 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.81
mooSocial 3.1.8 - SSRF
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink].
CWE-15 Sep 28, 2023
CVE-2019-25224 9.8 CRITICAL 1 PoC Analysis EPSS 0.81
WP Database Backup <5.2 - Command Injection
The WP Database Backup plugin for WordPress is vulnerable to OS Command Injection in versions before 5.2 via the mysqldump function. This vulnerability allows unauthenticated attackers to execute arbitrary commands on the host operating system.
CWE-78 Jul 25, 2025
CVE-2017-5792 9.8 CRITICAL 2 PoCs Analysis EPSS 0.81
HP Intelligent Management Center - Insecure Deserialization
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CWE-502 Feb 15, 2018
CVE-2005-0688 2 PoCs Analysis EPSS 0.81
Microsoft Windows 2003 Server - Denial of Service
Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016).
Mar 05, 2005
CVE-2001-0731 1 PoC Analysis EPSS 0.81
Apache 1.3.20 - Info Disclosure
Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
Oct 01, 2001
CVE-2008-3257 3 PoCs Analysis EPSS 0.81
Oracle WebLogic Server <10.3 - Buffer Overflow
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
CWE-119 Jul 22, 2008
CVE-2017-16666 8.8 HIGH 2 PoCs Analysis EPSS 0.81
Xplico <1.2.1 - Authenticated RCE
Xplico before 1.2.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the name of an uploaded PCAP file. NOTE: this issue can be exploited without authentication by leveraging the user registration feature.
CWE-78 Jan 05, 2018
CVE-2018-15535 7.5 HIGH 1 PoC Analysis NUCLEI EPSS 0.81
Tecrail Responsive Filemanager < 9.13.4 - Path Traversal
/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize get_file sequences such as ".." that can resolve to a location that is outside of that directory, aka Directory Traversal.
CWE-22 Aug 24, 2018
CVE-2022-30781 7.5 HIGH 3 PoCs Analysis EPSS 0.81
Gitea <1.16.7 - Info Disclosure
Gitea before 1.16.7 does not escape git fetch remote.
CWE-116 May 16, 2022
CVE-2007-3068 5 PoCs Analysis EPSS 0.81
DVD X Studios Dvd X Player - Buffer Overflow
Stack-based buffer overflow in DVD X Player 4.1 Professional allows remote attackers to execute arbitrary code via a PLF playlist containing a long filename.
Jun 06, 2007
CVE-2012-1153 3 PoCs Analysis EPSS 0.81
Apprain < 0.1.5 - Unrestricted File Upload
Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory.
Oct 06, 2012
CVE-1999-0256 4 PoCs Analysis EPSS 0.81
Jgaa Warftpd < 1.66 - Buffer Overflow
Buffer overflow in War FTP allows remote execution of commands.
Feb 01, 1998
CVE-2005-0555 1 PoC Analysis EPSS 0.81
Microsoft Internet Explorer - Buffer Overflow
Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a crafted Content Advisor file, aka "Content Advisor Memory Corruption Vulnerability."
Apr 12, 2005
CVE-2024-37759 9.8 CRITICAL 1 PoC Analysis EPSS 0.81
Datagear < 5.0.0 - Injection
DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing interface.
CWE-74 Jun 24, 2024
CVE-2017-11394 9.8 CRITICAL 2 PoCs Analysis EPSS 0.81
Trendmicro Officescan - Improper Input Validation
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544.
CWE-20 Aug 03, 2017

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest CVEs with Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-35414: Three Bugs, One Commit, and Two More Nobody Mentioned
Apr 03, 2026
WP Google Map Plugin - Three Weak Links, One Critical Chain
Mar 29, 2026
CVE-2026-24289: Windows Kernel IOCP Race Condition - The Ghost We Proved by Salting the Circle
Mar 16, 2026
CVE-2026-3910: The Type the Compiler Promised -- A V8 JIT Story in Seven Acts
Mar 16, 2026
Six AI Agents, One Security Company: The Paperclip AI Experiment
Mar 16, 2026
CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
CVE-2025-12421 CRITICAL
Mattermost <11.0.2, 10.12.1, 10.11.4, 10.5.12 - Auth Bypass
 View all labs →

KEV Gaps

CVE-2025-29635
Dlink Dir-823x Firmware - Command Injection
 CVE-2024-57728
Simple-help Simplehelp < 5.5.8 - Symlink Following
 CVE-2024-57726
Simple-help Simplehelp < 5.5.8 - Missing Authorization
 CVE-2026-20133
Cisco Catalyst SD-WAN Manager - Info Disclosure
 CVE-2026-20128
Cisco Catalyst SD-WAN Manager - Privilege Escalation
 CVE-2026-20122
Cisco Catalyst SD-WAN Manager - Path Traversal
 CVE-2025-32975
Quest KACE SMA <14.1.101 - Auth Bypass
 CVE-2025-48700
Zimbra Collaboration <10.1 - XSS
 CVE-2025-2749
Kentico Xperience < 13.0.178 - Path Traversal
 CVE-2023-27351
Papercut MF < 20.1.7 - Authentication Bypass
 CVE-2009-0238
Microsoft Office <2007 SP1 - RCE
 CVE-2012-1854
Microsoft Office <2010 - Privilege Escalation