8.8 CVE-2023-20010
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified...

2023-02-01 02:29:00

6.5 CVE-2023-20047
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and Cisco...

2023-02-01 02:27:00

9.8 CVE-2021-3120
An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1...

2023-02-01 02:23:00

7.3 CVE-2019-5624
Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to...

2023-02-01 02:22:00

7.8 CVE-2019-7384
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W,...

2023-02-01 02:21:00

7.8 CVE-2019-7385
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W,...

2023-02-01 02:21:00

7.5 CVE-2019-9922
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal...

2023-02-01 02:16:00

7.8 CVE-2019-5606
In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r349806,...

2023-02-01 02:12:00

7.8 CVE-2019-5607
In FreeBSD 12.0-STABLE before r350222, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350223,...

2023-02-01 02:12:00

9.8 CVE-2020-28636
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1....

2023-02-01 02:11:00

9.8 CVE-2020-35628
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1....

2023-02-01 02:11:00

9.8 CVE-2020-28601
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1....

2023-02-01 02:09:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).