Latest zero-days Total: 407, in 2019: Zero-days 1, candidates: 0

Information Disclosure in Microsoft Internet Explorer
CVE-2019-0676

Memory Corruption in Microsoft Internet Explorer
CVE-2018-8653

Privilege escalation in Windows kernel
CVE-2018-8611

This vulnerability was reported to Microsoft by Kaspersky Lab. It is believed it was used by FruityArmor and SandCat APT groups against companies in the Middle East and Africa.

Multiple vulnerabilities in Adobe Flash Player
CVE-2018-15982

Vulnerability exploitation was spotted by several security companies. The attack was detected on November 29, 2018 and seems to be executed by a Ukrainian APT group UA-APT.

360 Core Security dubbed the attack "Operation Poison Needles".

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.

About zero-day vulnerabilities

Zero-day vulnerability is an undisclosed vulnerability in software that hackers can exploit to compromise computer programs, gain unauthorized access to sensitive data, penetrate networks, etc. We consider vulnerability a zero-day when there is no solution provided from software vendor and the vulnerability is being actively exploited by malicious actors.

Zero-day candidate is a potential zero-day vulnerability in software which might have been used in targeted attacks, however there is no evidence to support this suggestion.