6.1 CVE-2022-42747
CandidATS version 3.0.0 on 'sortBy' of the 'ajax.php' resource, allows an external attacker to steal...

2023-01-26 20:20:00

6.1 CVE-2022-42746
CandidATS version 3.0.0 on 'indexFile' of the 'ajax.php' resource, allows an external attacker to steal...

2023-01-26 20:20:00

8.8 CVE-2016-1012
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and...

2023-01-26 20:16:00

8.8 CVE-2016-1021
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and...

2023-01-26 20:16:00

8.1 CVE-2022-33684
The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0...

2023-01-26 20:07:00

5.3 CVE-2023-22334
Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System (CHS)...

2023-01-26 19:59:00

7.5 CVE-2023-22331
Use of default credentials vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows...

2023-01-26 19:52:00

8.8 CVE-2016-1022
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and...

2023-01-26 19:50:00

8.8 CVE-2016-1023
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and...

2023-01-26 19:47:00

7.5 CVE-2023-22339
Improper access control vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote...

2023-01-26 19:46:00

6.1 CVE-2023-23491
The Quick Event Manager WordPress Plugin, version < 9.7.5, is affected by a reflected cross-site...

2023-01-26 19:36:00

5.4 CVE-2023-22373
Cross-site scripting vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote...

2023-01-26 19:31:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).