CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Overview epg search result viewerkkcald provided by kkcal contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2018-0508 Cross-site request forgery CWE-352 - CVE-2018-0509 Buffer overflow CWE-121 - CVE-2018-0510 Kusano Kazuhiko reported this vulnerability to IPA...

9.8CVSS7.1AI score0.02033EPSS

Exploits0References11

Japan Vulnerability Notes•added 2018/02/01 12:0 a.m.•70 views

JVN#91393903: Multiple vulnerabilities in epg search result viewer(kkcald)

epg search result viewerkkcald provided by kkcal contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2018-0508 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:M/AU:N/C:N/I:P/A:N| Base Score:...

9.8CVSS8.2AI score0.02033EPSS

Exploits0

Patchstack•added 2018/01/30 12:0 a.m.•14 views

WordPress Splashing Images plugin <=2.1 - Authenticated PHP Object Injection vulnerability

Authenticated PHP Object Injection vulnerability found by Nicolas Buzy-Debat in WordPress Splashing Images plugin versions =2.1. PHP Object Injection attack via crafted serialized data in the 'session' HTTP GET parameter to wp-admin/upload.php. Solution Update the WordPress Splashing Images plugi...

7.2CVSS2.3AI score0.03741EPSS

Exploits2References1Affected Software1

OSV•added 2018/01/25 12:0 a.m.•32 views

DSA-4097-1 poppler - security update

Bulletin has no description...

8.8CVSS8.1AI score0.01968EPSS

Exploits1

OSV•added 2018/01/19 12:0 a.m.•29 views

DLA-1248-1 libgd2 - security update

Bulletin has no description...

5.5CVSS6.6AI score0.13446EPSS

Exploits1

OSV•added 2018/01/19 12:0 a.m.•34 views

DLA-1250-1 mysql-5.5 - security update

Bulletin has no description...

7.5CVSS6.5AI score0.03979EPSS

Exploits0

OSV•added 2018/01/18 12:0 a.m.•43 views

DSA-4091-1 mysql-5.5 - security update

Bulletin has no description...

7.5CVSS6.5AI score0.03979EPSS

Exploits0

OSV•added 2018/01/18 12:0 a.m.•22 views

DLA-1246-1 transmission - security update

Bulletin has no description...

8.8CVSS8.6AI score0.12146EPSS

Exploits1

OSV•added 2018/01/15 12:0 a.m.•25 views

DLA-1245-1 graphicsmagick - security update

Bulletin has no description...

6.5CVSS7.2AI score0.01938EPSS

Exploits1

OSV•added 2018/01/14 12:0 a.m.•22 views

DSA-4087-1 transmission - security update

Bulletin has no description...

8.8CVSS8.6AI score0.12146EPSS

Exploits1

OSV•added 2018/01/05 12:58 p.m.•7 views

SUSE-RU-2018:0028-1 Recommended update for icu

This update for icu fixes the following issue: - Fix international date/time format output a regression caused by the fix for CVE-2014-9911 bsc1037416...

9.8CVSS9.5AI score0.05414EPSS

Exploits0References3

Patchstack•added 2018/01/03 12:0 a.m.•56 views

WordPress Smart Google Code Inserter plugin <=3.4 - SQL injection (SQLi) vulnerability

SQL injection SQLi vulnerability found by Benjamin Lim in WordPress Smart Google Code Inserter plugin versions =3.4. Plugin function saveGoogleAdWords function in smartgooglecode.php file passes unsanitized $POST"oId" input into the SQL query. Solution Update the WordPress Smart Google Code...

9.8CVSS3.6AI score0.42911EPSS

Exploits5References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by