5.5 CVE-2022-2873
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller...

2023-01-26 21:15:00

5.5 CVE-2022-36280
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c...

2023-01-26 21:15:00

3.7 CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control...

2023-01-26 21:15:00

7.8 CVE-2022-3545
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability...

2023-01-26 21:15:00

7.5 CVE-2022-3623
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability...

2023-01-26 21:15:00

7.5 CVE-2022-3705
A vulnerability was found in vim and classified as problematic. Affected by this issue is the function...

2023-01-26 21:15:00

7.8 CVE-2022-32915
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13....

2023-01-26 21:15:00

6.1 CVE-2022-3844
A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown...

2023-01-26 21:15:00

5.5 CVE-2022-37290
GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted...

2023-01-26 21:15:00

6.5 CVE-2022-35260
curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive...

2023-01-26 21:15:00

6.5 CVE-2022-35256
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are...

2023-01-26 21:15:00

9.1 CVE-2022-35255
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource()...

2023-01-26 21:15:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).