CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1754 matches found

GithubExploit•added 2023/07/08 11:22 p.m.•374 views

Exploit for Path Traversal in Icinga Icinga_Web_2

Icinga Web 2 - Authenticated Remote Code Execution 2.8.6, 2.9...

8.8CVSS9.3AI score0.72512EPSS

Exploits5

Malwarebytes•added 2023/07/03 2:0 a.m.•13 views

Brave browser will prevent websites from port scanning visitors

If you use Brave browser, then youre shortly going to find you have a new string added to your security bow. Websites performing port scanning will now be automatically blocked beginning with version 1.54 of the browsing tool. Port scanning, I hear you cry? Yes indeed. You may well not have even...

6.7AI score

Exploits0

SUSE CVE•added 2023/06/20 1:14 a.m.•2 views

SUSE CVE-2023-2431

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...

3.4CVSS7.3AI score0.0001EPSS

Exploits0References6

OSV•added 2023/06/16 9:30 a.m.•12 views

GHSA-XC8M-28VV-4PJC Kubelet vulnerable to bypass of seccomp profile enforcement

4.4CVSS4.7AI score0.0001EPSS

Exploits0References12

OSV•added 2023/06/16 8:15 a.m.•1 views

DEBIAN-CVE-2023-2431

5.5CVSS6AI score0.0001EPSS

Exploits0References1

OSV•added 2023/06/16 8:15 a.m.•0 views

UBUNTU-CVE-2023-2431

5.5CVSS6.8AI score0.0001EPSS

Exploits0References4

UbuntuCve•added 2023/06/16 8:15 a.m.•42 views

CVE-2023-2431

5.5CVSS6.8AI score0.0001EPSS

Exploits0References3

Prion•added 2023/06/16 8:15 a.m.•17 views

Design/Logic Flaw

1.7CVSS5.5AI score0.0001EPSS

Exploits0References4Affected Software2

Positive Technologies•added 2023/06/15 12:0 a.m.•3 views

PT-2023-3615 · Kubelet +2 · Kubelet +2

Name of the Vulnerable Software and Affected Versions: Kubelet affected versions not specified Description: A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field ar...

7.7CVSS6.4AI score0.08423EPSS

Exploits1References58

OSV•added 2023/06/09 10:52 p.m.•14 views

GHSA-C6F8-8R25-C4GC Gatsby develop server has Local File Inclusion vulnerability

Impact The Gatsby framework prior to versions 4.25.7 and 5.9.1 contain a Local File Inclusion vulnerability in the file-code-frame and original-stack-frame paths, exposed when running the Gatsby develop server gatsby develop. The following steps can be used to reproduce the vulnerability: Create ...

4.3CVSS4.8AI score0.00632EPSS

Exploits1References5

NVD•added 2023/05/31 12:15 a.m.•7 views

CVE-2023-28345

An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application exposes the teacher's Console password in cleartext via an API endpoint accessible from localhost. Attackers with physical access to the Teacher Console can open a web browser, navigate to t...

4.6CVSS4.6AI score0.00091EPSS

Exploits1References2

ATTACKERKB•added 2023/05/31 12:15 a.m.•2 views

CVE-2023-28345

4.6CVSS5.9AI score0.00091EPSS

Exploits1References3

OSV•added 2023/05/31 12:15 a.m.•1 views

CVE-2023-28345

4.6CVSS5.8AI score

Exploits0References2

Packet Storm•added 2023/05/26 12:0 a.m.•1523 views

Laravel 10.11 Database Disclosure / Information Disclosure

==================================================================================================================================== | Title : Laravel 10.11 Information Disclosure MySQL Credential Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser ...

7.1AI score

Exploits0

OSV•added 2023/05/22 4:15 p.m.•1 views

CVE-2023-33293

An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on .localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read th...

5.3CVSS6.1AI score

Exploits0References1

Github Security Blog•added 2023/04/20 7:5 p.m.•26 views

Path traversal vulnerability in gatsby-plugin-sharp

Impact The gatsby-plugin-sharp plugin prior to versions 5.8.1 and 4.25.1 contains a path traversal vulnerability exposed when running the Gatsby develop server gatsby develop. The following steps can be used to reproduce the vulnerability: Create a new Gatsby project, and install...

4.3CVSS5.1AI score0.00367EPSS

Exploits1References5Affected Software1

NVD•added 2023/04/17 9:15 p.m.•16 views

CVE-2023-30548

gatsby-plugin-sharp is a plugin for the gatsby framework which exposes functions built on the Sharp image processing library. The gatsby-plugin-sharp plugin prior to versions 5.8.1 and 4.25.1 contains a path traversal vulnerability exposed when running the Gatsby develop server gatsby develop. It...

4.3CVSS4.4AI score0.00367EPSS

Exploits1References3