CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1747 matches found

OSV•added 2023/06/16 8:15 a.m.•1 views

DEBIAN-CVE-2023-2431

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...

5.5CVSS6AI score0.0001EPSS

Exploits0References1

OSV•added 2023/06/16 8:15 a.m.•0 views

UBUNTU-CVE-2023-2431

5.5CVSS6.8AI score0.0001EPSS

Exploits0References4

UbuntuCve•added 2023/06/16 8:15 a.m.•42 views

CVE-2023-2431

5.5CVSS6.8AI score0.0001EPSS

Exploits0References3

Prion•added 2023/06/16 8:15 a.m.•17 views

Design/Logic Flaw

1.7CVSS5.5AI score0.0001EPSS

Exploits0References4Affected Software2

Positive Technologies•added 2023/06/15 12:0 a.m.•2 views

PT-2023-3615 · Kubelet +2 · Kubelet +2

Name of the Vulnerable Software and Affected Versions: Kubelet affected versions not specified Description: A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field ar...

7.7CVSS6.4AI score0.08423EPSS

Exploits1References58

OSV•added 2023/06/09 10:52 p.m.•13 views

GHSA-C6F8-8R25-C4GC Gatsby develop server has Local File Inclusion vulnerability

Impact The Gatsby framework prior to versions 4.25.7 and 5.9.1 contain a Local File Inclusion vulnerability in the file-code-frame and original-stack-frame paths, exposed when running the Gatsby develop server gatsby develop. The following steps can be used to reproduce the vulnerability: Create ...

4.3CVSS4.8AI score0.00632EPSS

Exploits1References5

NVD•added 2023/05/31 12:15 a.m.•7 views

CVE-2023-28345

An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application exposes the teacher's Console password in cleartext via an API endpoint accessible from localhost. Attackers with physical access to the Teacher Console can open a web browser, navigate to t...

4.6CVSS4.6AI score0.00073EPSS

Exploits1References2

ATTACKERKB•added 2023/05/31 12:15 a.m.•2 views

CVE-2023-28345

4.6CVSS5.9AI score0.00073EPSS

Exploits1References3

OSV•added 2023/05/31 12:15 a.m.•1 views

CVE-2023-28345

4.6CVSS5.8AI score

Exploits0References2

Packet Storm•added 2023/05/26 12:0 a.m.•1518 views

Laravel 10.11 Database Disclosure / Information Disclosure

==================================================================================================================================== | Title : Laravel 10.11 Information Disclosure MySQL Credential Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser ...

7.1AI score

Exploits0

OSV•added 2023/05/22 4:15 p.m.•0 views

CVE-2023-33293

An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on .localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read th...

5.3CVSS6.1AI score

Exploits0References1

Github Security Blog•added 2023/04/20 7:5 p.m.•26 views

Path traversal vulnerability in gatsby-plugin-sharp

Impact The gatsby-plugin-sharp plugin prior to versions 5.8.1 and 4.25.1 contains a path traversal vulnerability exposed when running the Gatsby develop server gatsby develop. The following steps can be used to reproduce the vulnerability: Create a new Gatsby project, and install...

4.3CVSS5.1AI score0.00367EPSS

Exploits1References5Affected Software1

NVD•added 2023/04/17 9:15 p.m.•16 views

CVE-2023-30548

gatsby-plugin-sharp is a plugin for the gatsby framework which exposes functions built on the Sharp image processing library. The gatsby-plugin-sharp plugin prior to versions 5.8.1 and 4.25.1 contains a path traversal vulnerability exposed when running the Gatsby develop server gatsby develop. It...

4.3CVSS4.4AI score0.00367EPSS

Exploits1References3

Cvelist•added 2023/04/17 8:43 p.m.•18 views

CVE-2023-30548 Path traversal vulnerability in gatsby-plugin-sharp

4.3CVSS4.8AI score0.00367EPSS

Exploits1References3

Vulnrichment•added 2023/04/17 8:43 p.m.•11 views

CVE-2023-30548 Path traversal vulnerability in gatsby-plugin-sharp

4.3CVSS4.5AI score0.00367EPSS

Exploits1References3

OSV•added 2023/04/17 8:43 p.m.•9 views

CVE-2023-30548 Path traversal vulnerability in gatsby-plugin-sharp

4.3CVSS4.7AI score0.00367EPSS

Exploits1References5

OSV•added 2023/04/15 11:15 p.m.•1 views

UBUNTU-CVE-2018-17452

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery SSRF via a loopback address to the validatelocalhost function in urlblocker.rb...

9.8CVSS5.8AI score0.00286EPSS

Exploits0References3

Github Security Blog•added 2023/04/15 9:30 p.m.•43 views

Mailman Core vulnerable to timing attacks

An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attacke...

6.3CVSS6.4AI score0.00207EPSS

Exploits0References6Affected Software1

Prion•added 2023/04/15 8:16 p.m.•16 views

Cross site scripting

2.4CVSS6.3AI score0.00207EPSS

Exploits0References3Affected Software1

OSV•added 2023/04/15 8:16 p.m.•1 views

DEBIAN-CVE-2021-34337

6.3CVSS6.6AI score0.00207EPSS

Exploits0References1

Rows per page