CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

941 matches found

Tenable Nessus•added 2023/10/18 12:0 a.m.•14 views

WordPress 5.4.x < 5.4.14 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A potential disclosure of user email addresses. - An RCE POP Chains vulnerability. - A Cross-Site Scripting XSS vulnerability in the post link navigation block. - An issue...

6.6AI score

Exploits0References2

Tenable Nessus•added 2023/10/18 12:0 a.m.•12 views

WordPress 5.0.x < 5.0.20 Multiple Vulnerabilities

6.6AI score

Exploits0References2

Tenable Nessus•added 2023/10/18 12:0 a.m.•7 views

WordPress 5.5.x < 5.5.13 Multiple Vulnerabilities

6.6AI score

Exploits0References2

Tenable Nessus•added 2023/10/18 12:0 a.m.•18 views

WordPress 6.3.x < 6.3.2 Multiple Vulnerabilities

6.6AI score

Exploits0References2

Tenable Nessus•added 2023/10/18 12:0 a.m.•6 views

WordPress 4.5.x < 4.5.30 Multiple Vulnerabilities

6.6AI score

Exploits0References2

Tenable Nessus•added 2023/10/18 12:0 a.m.•10 views

WordPress 4.6.x < 4.6.27 Multiple Vulnerabilities

6.6AI score

Exploits0References2

Tenable Nessus•added 2023/10/18 12:0 a.m.•7 views

WordPress 4.3.x < 4.3.32 Multiple Vulnerabilities

6.6AI score

Exploits0References2

Tenable Nessus•added 2023/10/18 12:0 a.m.•25 views

WordPress 4.9.x < 4.9.24 Multiple Vulnerabilities

6.6AI score

Exploits0References2

Tenable Nessus•added 2023/10/18 12:0 a.m.•19 views

WordPress 5.9.x < 5.9.8 Multiple Vulnerabilities

6.6AI score

Exploits0References2

Tenable Nessus•added 2023/10/18 12:0 a.m.•15 views

WordPress 4.1.x < 4.1.39 Multiple Vulnerabilities

6.6AI score

Exploits0References2

RedHat Linux•added 2023/10/17 5:43 p.m.•3 views

golang: crypto/tls: slow verification of certificate chains containing large RSA keys

A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying...

5.3CVSS6.9AI score0.01328EPSS

Exploits0References8

Tenable Nessus•added 2023/10/17 12:0 a.m.•50 views

AlmaLinux 9 : go-toolset and golang (ALSA-2023:5738)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5738 advisory. - Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA...

7.5CVSS7.3AI score0.99999EPSS

Exploits19References4

RedHat Linux•added 2023/10/16 12:38 p.m.•2 views

golang: crypto/tls: slow verification of certificate chains containing large RSA keys

5.3CVSS6.9AI score0.01328EPSS

Exploits0References8

AlmaLinux•added 2023/10/16 12:0 a.m.•80 views

Important: go-toolset and golang security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325...

7.5CVSS7AI score0.99999EPSS

Exploits19References8

Prion•added 2023/10/13 1:15 p.m.•13 views

Design/Logic Flaw

Frontier is Substrate's Ethereum compatibility layer. Prior to commit aea528198b3b226e0d20cce878551fd4c0e3d5d0, at the end of a contract execution, when opcode SUICIDE marks a contract to be deleted, the software uses storage::removeprefix now renamed to storage::clearprefix to remove all storage...

5CVSS7.5AI score0.00893EPSS

Exploits0References3Affected Software1

The Hacker News•added 2023/10/12 6:20 a.m.•38 views

Researchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom Giants

High-profile government and telecom entities in Asia have been targeted as part of an ongoing campaign since 2021 that's designed to deploy basic backdoors and loaders for delivering next-stage malware. Cybersecurity company Check Point is tracking the activity under the name Stayin' Alive. Targe...

7.5AI score

Exploits0

Chainguard•added 2023/10/11 8:35 p.m.•59 views

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, caddy, kube-logging-logging-operator, newrelic-infrastructure-agent, atlantis, terraform-provider-sendgrid-fips, runc, aactl, kaf, kube-state-metrics, prometheus-adapter-fips, external-dns, kubescape, git-lfs, buildkitd,...

5.8AI score

Exploits0

Tenable Nessus•added 2023/10/06 12:0 a.m.•38 views

Amazon Linux AMI : containerd (ALAS-2023-1849)

The version of containerd installed on the remote host is prior to 1.4.13-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1849 advisory. http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 The HTTP/1 client does not fully validate the...

7.5CVSS7AI score0.04561EPSS

Exploits0References8

IBM Security Bulletins•added 2023/10/05 8:9 p.m.•30 views

Security Bulletin: IBM Spectrum Symphony openssl 1.1.1 End of Life

Summary IBM Spectrum Symphony openssl 1.1.1 End of Life Vulnerability Details CVEID:CVE-2023-0464 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error related to the verification of X.509 certificate chains that include policy constraints. By creating a specially crafted...

7.5CVSS7.3AI score0.77901EPSS

Exploits0Affected Software1