6.5 CVE-2022-38266
An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception...

2023-01-31 20:59:00

5.4 CVE-2020-7108
The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ld-profile search field.

2023-01-31 20:58:00

6.1 CVE-2019-18859
Digi AnywhereUSB 14 allows XSS via a link for the Digi Page.

2023-01-31 20:57:00

4.3 CVE-2020-1767
Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the...

2023-01-31 20:56:00

7.8 CVE-2019-17190
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability...

2023-01-31 20:55:00

9.8 CVE-2019-20361
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed...

2023-01-31 20:54:00

6.1 CVE-2019-19547
Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may be susceptible to a cross site...

2023-01-31 20:53:00

7.8 CVE-2019-3691
A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise...

2023-01-31 20:52:00

7.8 CVE-2018-3914
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields...

2023-01-31 20:49:00

7.5 CVE-2019-20387
repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last...

2023-01-31 20:49:00

7.5 CVE-2022-41899
TensorFlow is an open source platform for machine learning. Inputs `dense_features` or `example_state_data`...

2023-01-31 20:49:00

3.7 CVE-2019-14834
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers...

2023-01-31 20:48:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.


We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).