CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2021/02/10 12:0 a.m.•3 views

IBM Security Verify Information Queue 授权问题漏洞

7.5CVSS6.2AI score0.00164EPSS

Exploits0References4

CNNVD•added 2021/01/12 12:0 a.m.•1 views

Microsoft HEVC Video Extensions 安全漏洞

Microsoft HEVC Video Extensions is a video extension application from Microsoft USA. The application enables computers and devices to read High Efficiency Video Coding or HEVC videos. A remote code execution vulnerability exists in Microsoft HEVC Video Extensions. An attacker could exploit this...

9.3CVSS7.9AI score0.08236EPSS

Exploits0References3

CNNVD•added 2021/01/12 12:0 a.m.•2 views

Microsoft HEVC Video Extensions 安全漏洞

9.3CVSS7.9AI score0.08236EPSS

Exploits0References3

Kitploit•added 2020/12/25 8:30 p.m.•73 views

Aura - Python Source Code Auditing And Static Analysis On A Large Scale

Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Project goals: provide an automated monitoring system over uploaded packages to PyPI, alert on anomalies that can either indicate an ongoing attac...

7AI score

Tenable Nessus•added 2020/12/16 12:0 a.m.•34 views

IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 HTTP Request Smuggling (533835)

The version of IBM HTTP Server running on the remote host is affected by an HTTP request smuggling vulnerability related to Apache HTTP Server. The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers t...

5CVSS6.4AI score0.24118EPSS

The Hacker News•added 2020/11/12 10:11 a.m.•1 views

MISSIONS — The Next Level of Interactive Developer Security Training

If organizations want to get serious about software security, they need to empower their engineers to play a defensive role against cyberattacks as they craft their code. The problem is, developers haven't had the most inspiring introduction to security training over the years, and anything that...

5.8AI score

CNVD•added 2020/11/12 12:0 a.m.•2 views

Microsoft HEVC Video Extensions Remote Code Execution Vulnerability (CNVD-2020-65155)

9.3CVSS7.9AI score0.09677EPSS

CNVD•added 2020/11/12 12:0 a.m.•2 views

Microsoft HEVC Video Extensions Remote Code Execution Vulnerability

9.3CVSS7.9AI score0.09677EPSS

OpenVAS•added 2020/10/24 12:0 a.m.•8 views

Fedora: Security Advisory for brotli (FEDORA-2020-c76a35b209)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS7AI score0.0031EPSS

Fedora•added 2020/10/23 10:23 p.m.•32 views

[SECURITY] Fedora 33 Update: brotli-1.0.9-3.fc33

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

6.5CVSS3.3AI score0.0031EPSS

OpenVAS•added 2020/10/18 12:0 a.m.•24 views

Fedora: Security Advisory for brotli (FEDORA-2020-9336b65f82)

6.5CVSS7AI score0.0031EPSS

Fedora•added 2020/10/17 2:24 p.m.•24 views

[SECURITY] Fedora 31 Update: brotli-1.0.9-3.fc31

6.5CVSS3.3AI score0.0031EPSS

Fedora•added 2020/10/17 2:9 p.m.•41 views

[SECURITY] Fedora 32 Update: brotli-1.0.9-3.fc32

6.5CVSS3.3AI score0.0031EPSS

Gitee•added 2020/10/06 8:53 p.m.•1 views

SQLInjectionWiki

This is a comprehensive wiki on SQL injection, a type of web application security vulnerability. The wiki is maintained by NetSPI and is available in both English and Chinese versions. The wiki covers various aspects of SQL injection, including detection, exploitation, and mitigation. The wiki...

8.2AI score

CNVD•added 2020/09/14 12:0 a.m.•0 views

Ingenico Telium 2 POS Hardcoding Vulnerability

Ingenico Telium 2 POS is a cash register system. An FTP hard-coding vulnerability exists in Ingenico Telium 2 POS, which can be exploited by remote attackers to submit a special request for unauthorized access to FTP services...

7.2CVSS7AI score0.0007EPSS

Exploits1References1

NVD•added 2020/08/26 3:15 p.m.•14 views

CVE-2020-5912

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the restjavad process's dump command does not follow current best coding practices and may overwrite arbitrary files...

7.1CVSS7.1AI score0.00084EPSS

Cvelist•added 2020/08/26 2:31 p.m.•25 views

CVE-2020-5912

7.1AI score0.00084EPSS

Hacker One•added 2020/07/30 8:40 a.m.•11 views

Acronis: ClickJacking

I have found the vulnerability called Clickjacking. Please find the details below: Description Clickjacking is an exploit in which malicious coding is hidden beneath apparently legitimate buttons or other clickable content on a website. OWASP Benchmark A6- Security Misconfiguration Steps to...

0.2AI score

Hacker One•added 2020/07/17 10:41 a.m.•145 views

Weblate: Secret_key in GitHub

hello I have found secretkey in GitHub is public and noticed something this key have comment Make this unique, and don't share it with anybody. and it's public in GitHub also I noticed this file has coding to do the payment.db I think information like this must be private SECRETKEY =...

0.2AI score