8.8 CVE-2022-36250
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site...

2023-06-02 19:20:00

7.5 CVE-2023-34227
In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks

2023-06-02 19:20:00

5.4 CVE-2023-33780
A stored cross-site scripting (XSS) vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows...

2023-06-02 19:19:00

4.8 CVE-2023-34224
In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possible

2023-06-02 19:19:00

6.1 CVE-2023-20868
NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote...

2023-06-02 19:18:00

5.3 CVE-2023-34223
In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies...

2023-06-02 19:18:00

6.1 CVE-2023-34222
In JetBrains TeamCity before 2023.05 possible XSS in the Plugin Vendor URL was possible

2023-06-02 19:17:00

5.4 CVE-2023-34221
In JetBrains TeamCity before 2023.05 stored XSS in the Show Connection page was possible

2023-06-02 19:17:00

5.4 CVE-2023-34220
In JetBrains TeamCity before 2023.05 stored XSS in the Commit Status Publisher window was possible

2023-06-02 19:17:00

4.3 CVE-2023-34219
In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions...

2023-06-02 19:17:00

5.5 CVE-2023-1981
A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus...

2023-06-02 19:06:00

7.5 CVE-2023-32688
parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server...

2023-06-02 18:58:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).