Search : 227033 résultats
4.8 CVE-2023-3196
This vulnerability could allow an attacker to store a malicious JavaScript payload in the login footer...
6.5 CVE-2023-5353
Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1.
8.8 CVE-2023-4817
This vulnerability allows an authenticated attacker to upload malicious files by bypassing the restrictions...
6.5 CVE-2023-42508
JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially...
6.5 CVE-2023-32792
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability...
6.5 CVE-2023-32791
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability...
6.1 CVE-2023-32790
Cross-Site Scripting (XSS) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows...
8.1 CVE-2023-4853
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations...
8.2 CVE-2023-4100
Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability...
7.8 CVE-2023-33039
Memory corruption in Automotive Display while destroying the image handle created using connected display...
6.5 CVE-2023-4099
The QSige Monitor application does not have an access control mechanism to verify whether the user requesting...
7.8 CVE-2023-21235
In onCreate of LockSettingsActivity.java, there is a possible way set a new lockscreen PIN without entering...
What is the Sherlock® KB project?
First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).
For what purpose?
ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.
Search for vulnerabilities
We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.
Developments?
We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).