Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7643 matches found

UbuntuCve
UbuntuCveadded 2018/11/14 3:29 p.m.32 views

CVE-2018-6066

Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS7AI score0.02671EPSS
Exploits0References2
Cvelist
Cvelistadded 2018/11/14 3:0 p.m.24 views

CVE-2018-6066

Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.4AI score0.02671EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2018/11/14 3:0 p.m.23 views

CVE-2018-6066

Removed by vendor...

6.5CVSS8AI score0.02671EPSS
Exploits0
FreeBSD
FreeBSDadded 2018/11/10 12:0 a.m.37 views

netatalk3 -- remote code execution vulnerability

NIST reports: Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsiopensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution...

10CVSS3.7AI score0.86539EPSS
Exploits10References2
UbuntuCve
UbuntuCveadded 2018/11/08 8:29 p.m.26 views

CVE-2018-19046

keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name e.g., /tmp/keepalived.data or /tmp/keepalived.stats, with read access for the attacker and...

4.7CVSS6.7AI score0.00366EPSS
Exploits0References1
Veracode
Veracodeadded 2018/11/08 6:30 a.m.32 views

Directory Traversal

Jetty utilities are vulnerable to directory traversal. The vulnerability is due to the lack of checking directory traversal sequences in the URI...

5CVSS9.1AI score0.25802EPSS
Exploits0References20Affected Software2
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.25 views

Joomla! 3.1.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

6.5CVSS6.5AI score0.01333EPSS
Exploits2References13
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.24 views

Joomla! 3.3.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

6.5CVSS6.5AI score0.01333EPSS
Exploits2References16
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.42 views

Joomla! 3.6.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

6.5CVSS6.5AI score0.01333EPSS
Exploits2References17
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.58 views

Joomla! 3.4.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

6.5CVSS6.5AI score0.01333EPSS
Exploits2References17
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.27 views

Joomla! 2.5.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

6.5CVSS6.5AI score0.01333EPSS
Exploits2References13
Oracle linux
Oracle linuxadded 2018/11/05 12:0 a.m.525 views

krb5 security, bug fix, and enhancement update

1.15.1-34 - In FIPS mode, add plaintext fallback for RC4 usages and taint - Resolves: 1570600 1.15.1-33 - Use SHA-256 instead of MD5 for audit ticket IDs - Resolves: 1570600 1.15.1-32 - Include preauth name in trace output if possible - Update cert generation scripts to work on modern openssl - F...

6.5CVSS0.1AI score0.026EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.22 views

Joomla! 1.5.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

6.5CVSS6.5AI score0.01333EPSS
Exploits2References12
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.34 views

Joomla! 3.2.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

6.5CVSS6.5AI score0.01333EPSS
Exploits2References16
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.40 views

Joomla! 3.5.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

6.5CVSS6.5AI score0.01333EPSS
Exploits2References17
Fedora
Fedoraadded 2018/11/04 10:9 p.m.12 views

[SECURITY] Fedora 28 Update: roundcubemail-1.3.8-1.fc28

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

0.2AI score
Exploits0
Fedora
Fedoraadded 2018/11/04 2:14 a.m.22 views

[SECURITY] Fedora 27 Update: roundcubemail-1.3.8-1.fc27

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

0.2AI score
Exploits0
Kitploit
Kitploitadded 2018/10/30 12:43 p.m.45 views

Lynis 2.7.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

6.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2018/10/29 7:55 p.m.21 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2018-1770, CVE-2018-1777)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearCase. Information about the security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6.5CVSS1AI score0.03482EPSS
Exploits1Affected Software1
Prion
Prionadded 2018/10/29 12:29 p.m.26 views

Design/Logic Flaw

An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...

2.1CVSS5.8AI score0.00552EPSS
Exploits0References14Affected Software3
Rows per page
Query Builder