CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7821 matches found

Kitploit•added 2023/11/03 11:30 a.m.•37 views

Aws-Waf-Header-Analyzer - The Purpose Of The Project Is To Create Rate Limit In AWS WaF Based On HTTP Headers

The purpose of the project is to create rate limit in AWS WaF based on HTTP headers. Golang is a dependencie to build the binary. See the documentation to install: https://go.dev/doc/install make sudo make install The rules configuration is very simple, for example, the threshold is the limited o...

7.3AI score

Exploits0References1

Positive Technologies•added 2023/11/01 12:0 a.m.•3 views

PT-2023-6689 · Bitrix +1 · Bitrix24 +1

Name of the Vulnerable Software and Affected Versions: Bitrix24 version 22.0.300 Description: The issue in Bitrix24 is related to global variable extraction in the bitrix/modules/main/tools.php component, allowing unauthenticated remote attackers to enumerate attachments on the server and execute...

9.8CVSS9.6AI score0.04973EPSS

Exploits1References17

CNNVD•added 2023/11/01 12:0 a.m.•5 views

GitLab Security Breach

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab, which stems from the possibility th...

8.5CVSS6.9AI score0.00452EPSS

Exploits0References4

FreeBSD•added 2023/10/31 12:0 a.m.•35 views

Gitlab -- Vulnerabilities

Gitlab reports: Disclosure of CI/CD variables using Custom project templates GitLab omnibus DoS crash via OOM with CI Catalogs Parsing gitlab-ci.yml with large string via timeout input leads to Denial of Service DoS - Blocking FIFO files in Tar archives Titles exposed by service-desk template...

8.5CVSS5.9AI score0.00643EPSS

Exploits1References1

OSV•added 2023/10/30 3:15 p.m.•2 views

CVE-2022-4575

A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or local access and elevated privileges the ability to bypass Secure Boot...

6.7CVSS5.8AI score0.0018EPSS

Exploits0References1

Kitploit•added 2023/10/27 8:2 p.m.•47 views

Arsenal - Just A Quick Inventory And Launcher For Hacking Programs

Arsenal is just a quick inventory, reminder and launcher for pentest commands. This project written by pentesters for pentesters simplify the use of all the hard-to-remember commands In arsenal you can search for a command, select one and it's prefilled directly in your terminal. This functionali...

7.5AI score

Exploits0References4

OSV•added 2023/10/25 6:17 p.m.•2 views

DEBIAN-CVE-2023-4693

An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to...

4.6CVSS6.2AI score0.00496EPSS

Exploits1References1

OSV•added 2023/10/25 6:17 p.m.•8 views

AZL-34794 CVE-2023-4693 affecting package grub2 for versions less than 2.06-18

4.6CVSS6.6AI score0.00496EPSS

Exploits1References1

OSV•added 2023/10/25 6:17 p.m.•8 views

AZL-31685 CVE-2023-4693 affecting package grub2 for versions less than 2.06-13

4.6CVSS5.8AI score0.00496EPSS

Exploits1References1

Veracode•added 2023/10/24 11:27 a.m.•30 views

Information Disclosure

@tauri-apps/cli is vulnerable to Information Disclosure. This vulnerability is due to a commonly used misconfiguration which leads to the leakage of the private key and updater key password. If envPrefix: 'VITE', 'TAURI', was pasted from the documentation into vite.config.ts, the TAURIPRIVATEKEY...

8.4CVSS7.2AI score0.00192EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2023/10/23 12:0 a.m.•7 views

PT-2023-8561 · Quarkus · Quarkus

Name of the Vulnerable Software and Affected Versions: Quarkus versions prior to 3.5.1 Quarkus versions prior to 3.2.8 LTS Description: A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain...

7.7CVSS7.1AI score0.00815EPSS

Exploits0References10

OSV•added 2023/10/22 2:15 a.m.•3 views

CVE-2023-38276