Search : 216814 résultats
8.8 CVE-2023-33926
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7...
9.1 CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl...
8.8 CVE-2023-33212
Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks...
7.5 CVE-2023-28321
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching...
9.8 CVE-2014-125101
A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress....
7.8 CVE-2023-26128
All versions of the package keep-module-latest are vulnerable to Command Injection due to missing input...
5.9 CVE-2023-28320
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different...
7.5 CVE-2023-28319
A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify...
7.5 CVE-2023-33247
Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint that allows...
7.8 CVE-2023-26127
All versions of the package n158 are vulnerable to Command Injection due to improper input sanitization...
6.4 CVE-2023-31130
c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow...
7.5 CVE-2023-33192
ntpd-rs is an NTP implementation written in Rust. ntpd-rs does not validate the length of NTS cookies...
What is the Sherlock® KB project?
First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).
For what purpose?
ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.
Search for vulnerabilities
We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.
Developments?
We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).