Search : 226498 résultats
6.5 CVE-2022-26047
Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM)...
6.5 CVE-2018-12207
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R)...
4.9 CVE-2023-43493
SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a...
6.1 CVE-2023-43484
Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows...
3.3 CVE-2023-29497
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS...
7.2 CVE-2023-40219
Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an...
8.8 CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a...
6.1 CVE-2023-41233
Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions...
7.5 CVE-2022-39028
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer...
5.3 CVE-2023-40049
In WS_FTP Server version prior to 8.8.2,
an unauthenticated user could enumerate files under the...
6.5 CVE-2023-40048
In WS_FTP Server version prior to 8.8.2,
the WS_FTP Server Manager interface was missing cross-site...
4.8 CVE-2023-40047
In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists...
What is the Sherlock® KB project?
First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).
For what purpose?
ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.
Search for vulnerabilities
We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.
Developments?
We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).