9.8 CVE-2022-45639
** DISPUTED ** OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute...

2023-02-01 10:15:00

5.4 CVE-2022-4790
The WP Google My Business Auto Publish WordPress plugin before 3.4 does not validate and escape one...

2023-02-01 03:00:00

5.4 CVE-2022-4789
The WPZOOM Portfolio WordPress plugin before 1.2.2 does not validate and escape one of its shortcode...

2023-02-01 03:00:00

5.4 CVE-2022-4832
The Store Locator WordPress plugin before 1.4.9 does not validate and escape some of its shortcode attributes...

2023-02-01 02:59:00

5.4 CVE-2022-4760
The OneClick Chat to Order WordPress plugin before 1.0.4.2 does not validate and escape some of its...

2023-02-01 02:47:00

5.4 CVE-2022-4775
The GeoDirectory WordPress plugin before 2.2.22 does not validate and escape some of its shortcode attributes...

2023-02-01 02:46:00

5.5 CVE-2022-4816
A denial-of-service vulnerability has been identified in Lenovo Safecenter that could allow a local...

2023-02-01 02:44:00

5.5 CVE-2023-20040
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated,...

2023-02-01 02:43:00

5.4 CVE-2022-40034
Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute...

2023-02-01 02:41:00

8.8 CVE-2023-20038
A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated,...

2023-02-01 02:40:00

7.2 CVE-2023-20026
A vulnerability in the web-based management interface of Cisco Small Business Routers RV042 Series could...

2023-02-01 02:39:00

9.8 CVE-2023-20025
A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could...

2023-02-01 02:37:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).