Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7648 matches found

Prion
Prionadded 2022/06/09 5:15 p.m.29 views

Design/Logic Flaw

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from Apache HTTP Server that use t...

5CVSS6.8AI score0.04428EPSS
Exploits0References6Affected Software2
OSV
OSVadded 2022/06/09 5:15 p.m.4 views

UBUNTU-CVE-2022-28614

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from Apache HTTP Server that use t...

5.3CVSS6.8AI score0.04428EPSS
Exploits0References7
OpenVAS
OpenVASadded 2022/06/06 12:0 a.m.9 views

Slackware: Security Advisory (SSA:2022-155-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Slackware Linux
Slackware Linuxadded 2022/06/04 6:51 p.m.20 views

[slackware-security] pidgin

New pidgin packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/pidgin-2.14.10-i586-1slack15.0.txz: Upgraded. This update fixes bugs and several security issues. For more information, see:...

0.3AI score
Exploits0
OpenVAS
OpenVASadded 2022/06/03 12:0 a.m.13 views

Slackware: Security Advisory (SSA:2022-153-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.01055EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiativeadded 2022/06/02 12:0 a.m.32 views

Microsoft Word glTF-SDK Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the glTF-SDK...

7CVSS4.2AI score0.05056EPSS
Exploits0References1
Slackware Linux
Slackware Linuxadded 2022/06/01 12:53 a.m.47 views

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-91.10.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

9.8CVSS0.4AI score0.01055EPSS
Exploits0
CNVD
CNVDadded 2022/05/31 12:0 a.m.27 views

Microsoft Support Diagnostic Tool Remote Code Execution Vulnerability

Microsoft Support Diagnostic Tool MSDT, Microsoft Support Diagnostic Tool is a utility program used to troubleshoot and collect diagnostic data for professionals to analyze and solve problems.Microsoft Office is a popular office software developed by Microsoft Corporation. Microsoft Support...

9.3CVSS8.3AI score0.99374EPSS
Exploits62References1
Code423n4
Code423n4added 2022/05/30 12:0 a.m.6 views

Bribe Rewards Not Collected In Current Period Will Be Lost Forever

Lines of code Vulnerability details High Bribe Rewards Not Collected In Current Period Will Be Lost Forever Vulnerability Details It was observed that if the bribe rewards are not collected in the current period, they will not be accrued to future epoch, and they will be lost forever...

6.5AI score
Exploits0
BDU FSTEC
BDU FSTECadded 2022/05/30 12:0 a.m.5 views

The vulnerability of the Corel WordPerfect text document creation and editing software’s Word97Import200.dll library allows a hacker to execute arbitrary code.

The vulnerability of the Corel WordPerfect text document creation and editing software’s Word97Import200.dll library is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current...

9.3CVSS7.9AI score0.02076EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVASadded 2022/05/27 12:0 a.m.10 views

Slackware: Security Advisory (SSA:2022-146-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7AI score0.00579EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiativeadded 2022/05/26 12:0 a.m.30 views

Apple Safari WebGL generateMipmap Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WebGL library. Th...

8.8CVSS2AI score0.01371EPSS
Exploits0References1
CNVD
CNVDadded 2022/05/25 12:0 a.m.29 views

Adobe Framemaker Out-of-Bounds Write Vulnerability (CNVD-2022-41734)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker. An attacker could exploit the vulnerability to execute...

9.3CVSS7.5AI score0.01934EPSS
Exploits0References1
CNVD
CNVDadded 2022/05/25 12:0 a.m.12 views

Adobe Framemaker Out-of-Bounds Write Vulnerability (CNVD-2022-41736)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker. An attacker could exploit the vulnerability to execute...

9.3CVSS7.5AI score0.01934EPSS
Exploits0References1
Snyk
Snykadded 2022/05/24 10:1 p.m.5 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the currentURL parameter on the Portal Workflow module's edit process page, which is accepted and rendered without sanitization. Details Cross-site scripting or XSS is a code vulnerability that occurs when a...

6.1CVSS5.3AI score0.00754EPSS
Exploits0References2
OSV
OSVadded 2022/05/24 5:6 p.m.43 views

GHSA-R4MW-GXF7-VXR9 Remote code execution in Microsoft.WindowsDesktop.App.Ref

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'...

8.8CVSS9.3AI score0.17263EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2022/05/24 5:6 p.m.52 views

Remote code execution in Microsoft.WindowsDesktop.App.Ref

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'...

9.3CVSS4.1AI score0.17263EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blogadded 2022/05/24 4:48 p.m.29 views

Moodle all messaging conversations could be viewed

A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations...

7.5CVSS6.6AI score0.01318EPSS
Exploits0References6Affected Software1
CNVD
CNVDadded 2022/05/24 12:0 a.m.11 views

Multiple Adobe Product Heap Buffer Overflow Vulnerabilities (CNVD-2022-43208)

Adobe Acrobat is a set of PDF file editing and conversion tools. Adobe Acrobat Reader is a PDF viewer. The software is used to print, sign and annotate PDFs. several Adobe products have a heap buffer overflow vulnerability, which can be exploited by attackers to execute arbitrary code in the...

9.3CVSS5.1AI score0.0472EPSS
Exploits0References1
CNVD
CNVDadded 2022/05/24 12:0 a.m.9 views

Out-of-bounds read vulnerability in multiple Adobe products (CNVD-2022-43383)

Adobe Acrobat is a set of tools for editing and converting PDF files.Adobe Acrobat Reader is a PDF viewer. The software is used to print, sign and annotate PDFs. Multiple Adobe products have out-of-bounds read vulnerabilities that can be exploited by an attacker to execute arbitrary code in the...

9.3CVSS7.8AI score0.0314EPSS
Exploits0References1
Rows per page
Query Builder