8.8 CVE-2022-42896
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect...

2022-11-28 01:27:00

5.5 CVE-2022-42895
There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req...

2022-11-28 01:19:00

7.5 CVE-2020-11653
An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before...

2022-11-28 01:15:00

7.5 CVE-2022-45060
An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before...

2022-11-28 01:15:00

7.5 CVE-2020-36518
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large...

2022-11-27 22:15:00

7.5 CVE-2022-42004
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check...

2022-11-27 22:15:00

7.5 CVE-2022-42003
In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of...

2022-11-27 22:15:00

5.3 CVE-2022-36111
immudb is a database with built-in cryptographic proof and verification. In versions prior to 1.4.1,...

2022-11-27 04:33:00

7.5 CVE-2022-34830
An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user...

2022-11-27 04:31:00

7.5 CVE-2022-37772
Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to...

2022-11-27 04:30:00

5.4 CVE-2019-14870
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue,...

2022-11-26 23:15:00

6.5 CVE-2021-3671
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ...

2022-11-26 23:15:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).