6.5 CVE-2022-4111
Unrestricted file size limit can lead to DoS in tooljet/tooljet <1.27 by allowing a logged in attacker...

2022-11-26 03:28:00

9.8 CVE-2022-40602
A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote attacker...

2022-11-26 03:27:00

6.5 CVE-2022-41940
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication...

2022-11-26 03:26:00

9.8 CVE-2022-41326
The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker...

2022-11-26 03:26:00

6.8 CVE-2022-41223
The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated...

2022-11-26 03:25:00

6.8 CVE-2022-40765
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could...

2022-11-26 03:25:00

7.8 CVE-2022-4065
A vulnerability was found in cbeust testng. It has been declared as critical. Affected by this vulnerability...

2022-11-26 03:24:00

3.7 CVE-2022-4064
A vulnerability was found in Dalli. It has been classified as problematic. Affected is the function...

2022-11-26 03:22:00

7.4 CVE-2022-41939
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes...

2022-11-26 03:21:00

5.4 CVE-2022-41938
Flarum is an open source discussion platform. Flarum's page title system allowed for page titles to...

2022-11-26 03:19:00

7.4 CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead...

2022-11-26 03:18:00

7.5 CVE-2022-38150
In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert...

2022-11-26 03:15:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).