Search : 216814 résultats
8.8 CVE-2023-2929
Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote attacker...
7.5 CVE-2023-24329
An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting...
7.8 CVE-2023-32700
LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained...
6.1 CVE-2023-32681
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers...
7.5 CVE-2023-2879
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet...
6.5 CVE-2023-2858
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service...
6.5 CVE-2023-2856
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service...
5.4 CVE-2021-32862
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert....
7.8 CVE-2023-0341
A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed...
7.4 CVE-2023-33291
In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow...
9.8 CVE-2023-2927
A vulnerability was found in JIZHICMS 2.4.5. It has been classified as critical. Affected is the function...
7.2 CVE-2023-0329
The Elementor Website Builder WordPress plugin before 3.12.2 does not properly sanitize and escape the...
What is the Sherlock® KB project?
First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).
For what purpose?
ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.
Search for vulnerabilities
We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.
Developments?
We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).