5.5 CVE-2019-13223
A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker...

2023-02-01 00:15:00

7.8 CVE-2021-28021
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted...

2023-02-01 00:15:00

5.5 CVE-2021-42715
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file...

2023-02-01 00:15:00

8.8 CVE-2022-28042
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode....

2023-02-01 00:15:00

6.5 CVE-2022-28041
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc....

2023-02-01 00:15:00

8.1 CVE-2021-37789
stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure...

2023-02-01 00:15:00

5.5 CVE-2020-21676
A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows...

2023-01-31 23:15:00

5.5 CVE-2020-21532
fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.

2023-01-31 23:15:00

5.5 CVE-2020-21531
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.

2023-01-31 23:15:00

5.5 CVE-2020-21529
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.

2023-01-31 23:15:00

5.5 CVE-2021-32280
An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function...

2023-01-31 23:15:00

6.5 CVE-2019-9921
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read...

2023-01-31 21:58:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).