7.5 CVE-2022-45059
An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling...

2022-11-26 03:15:00

7.8 CVE-2019-0053
Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead...

2022-11-25 21:15:00

7.5 CVE-2020-28975
** DISPUTED ** svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other...

2022-11-25 21:15:00

6.5 CVE-2021-40491
The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses...

2022-11-25 21:15:00

7.5 CVE-2022-39028
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer...

2022-11-25 21:15:00

8.8 CVE-2022-3199
Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially...

2022-11-25 18:15:00

7.8 CVE-2022-42801
A logic issue was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS...

2022-11-25 18:15:00

7.8 CVE-2022-32924
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur...

2022-11-25 18:15:00

8.8 CVE-2022-3654
Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially...

2022-11-25 18:15:00

9.8 CVE-2022-45474
drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request.

2022-11-25 15:15:00

5.5 CVE-2022-45473
In drachtio-server 0.8.18, /var/log/drachtio has mode 0777 and drachtio.log has mode 0666.

2022-11-25 15:15:00

7.5 CVE-2022-40977
A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. An unauthenticated...

2022-11-25 13:59:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).