9.8 CVE-2023-33269
An issue was discovered in DTS Monitoring 3.57.0. The parameter options within the WGET check function...

2023-10-04 20:34:00

9.8 CVE-2023-33268
An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check...

2023-10-04 20:34:00

7.8 CVE-2023-44464
pretix before 2023.7.2 allows Pillow to parse EPS files.

2023-10-04 20:15:00

9.8 CVE-2023-33273
An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the WGET check function is...

2023-10-04 20:05:00

9.8 CVE-2023-33272
An issue was discovered in DTS Monitoring 3.57.0. The parameter ip within the Ping check function is...

2023-10-04 20:05:00

9.8 CVE-2023-33271
An issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL Certificate...

2023-10-04 20:04:00

8.8 CVE-2023-39165
Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets plugin <= 2.2.8...

2023-10-04 20:00:00

8.8 CVE-2023-2830
Cross-Site Request Forgery (CSRF) vulnerability in Trustindex.Io WP Testimonials plugin <= 1.4.2...

2023-10-04 20:00:00

7.1 CVE-2023-24518
A Cross-site Request Forgery (CSRF) vulnerability in Pandora FMS allows an attacker to force authenticated...

2023-10-04 19:59:00

6.1 CVE-2023-0828
Cross-site Scripting (XSS) vulnerability in Syslog Section of Pandora FMS allows attacker to cause that...

2023-10-04 19:59:00

8.8 CVE-2023-4097
The file upload functionality is not implemented correctly and allows uploading of any type of file....

2023-10-04 19:58:00

8.8 CVE-2023-38398
Cross-Site Request Forgery (CSRF) vulnerability in Taboola plugin <= 2.0.1 versions.

2023-10-04 19:58:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).