5.5 CVE-2023-33188
Omni-notes is an open source note-taking application for Android. The Omni-notes Android app had an...

2023-06-02 17:51:00

6.5 CVE-2023-31147
c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares...

2023-06-02 17:44:00

4.3 CVE-2023-33264
In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, configuration routines don't mask...

2023-06-02 17:41:00

6.5 CVE-2023-1972
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This...

2023-06-02 17:40:00

8.1 CVE-2023-33945
SQL injection vulnerability in the upgrade process for SQL Server in Liferay Portal 7.3.1 through 7.4.3.17,...

2023-06-02 16:16:00

5.4 CVE-2023-32686
Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS...

2023-06-02 16:12:00

6.1 CVE-2023-33255
An issue was discovered in Papaya Viewer 4a42701. User-supplied input in form of DICOM or NIFTI images...

2023-06-02 16:07:00

6.5 CVE-2023-33720
mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty.

2023-06-02 15:59:00

5.4 CVE-2023-33394
skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). Attackers can achieve backend XSS by deploying...

2023-06-02 15:53:00

5 CVE-2022-39335
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The...

2023-06-02 15:29:00

5.3 CVE-2023-24597
OX App Suite before frontend 7.10.6-rev24 allows the loading (without user consent) of an e-mail message's...

2023-06-02 15:29:00

4.3 CVE-2023-24598
OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution lists,...

2023-06-02 15:24:00

What is the Sherlock® KB project?

First of all KB for "Knowledge Base". The company ProHacktive is making its database of known vulnerabilities to date available for free. This database combines Nist's CVE database (https://nvd.nist.gov/), the CWE database (https://cwe.mitre.org/) and the CAPEC database (https://capec.mitre.org/).

For what purpose?

ProHacktive's promise is the democratization of the Cybersecurity Audit. For this, it seemed relevant to us to offer our "Knowledge Base" in different languages. Associated with this multilingual database, a clear and concise interface allows you to consult all the CVE ("Common Vulnerabilities and Exposures") present on your network. The Sherlock® service database is updated every hour from the various sources enriching our Sherlock® KB and immediately tested on the devices concerned by the new vulnerability.

Search for vulnerabilities

We also offer a simple search module in the description of each CVE. For the more curious, an advanced search allows you to point precisely to an application, an OS or a hardware. This advanced search is based on the mechanics used in our solution Sherlock®: the permanent Cybersecurity audit accessible financially and technically to all.

Developments?

We will add new languages regularly. A monitoring module will be implemented: you will be able to monitor an application, an OS or a hardware to be alerted of new vulnerabilities concerning it. Subscribe to our mailing list to be alerted when this feature is released (available on search results).