CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

OSV•added 2024/12/13 7:6 p.m.•10 views

GO-2024-3330 Potential Vulnerabilities Due to Outdated golang.org/x/crypto Dependency in NanoProxy in github.com/ryanbekhen/nanoproxy

Potential Vulnerabilities Due to Outdated golang.org/x/crypto Dependency in NanoProxy in github.com/ryanbekhen/nanoproxy...

9.1CVSS9.2AI score0.32338EPSS

Exploits2References2

Github Security Blog•added 2024/12/12 7:20 p.m.•12 views

Potential Vulnerabilities Due to Outdated golang.org/x/crypto Dependency in NanoProxy

A security issue was identified in the NanoProxy project related to the golang.org/x/crypto dependency. The project was using an outdated version of this dependency, which potentially exposed the system to security vulnerabilities that have been addressed in subsequent updates. Impact: The specif...

9.1CVSS7.4AI score0.32338EPSS

Exploits2References4Affected Software1

OSV•added 2024/12/12 7:20 p.m.•8 views

GHSA-7PRJ-HGX4-2XC3 Potential Vulnerabilities Due to Outdated golang.org/x/crypto Dependency in NanoProxy

9.1CVSS9.5AI score0.32338EPSS

Exploits2References4

OSV•added 2024/11/22 3:36 p.m.•1 views

V8-FRESHNESS Outdated dependency on V8 found (see details)

Outdated dependency on V8 found see policy. Please update to the latest beta, stable, or extended stable versions...

7.1AI score

Exploits0

Positive Technologies•added 2024/11/22 12:0 a.m.•2 views

PT-2024-41125 · Git · V8

Outdated dependency on V8 found see policy. Please update to the latest beta, stable, or extended stable versions...

7.2AI score

Exploits0References1

Prion•added 2023/09/05 3:15 p.m.•15 views

Design/Logic Flaw

Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write fil...

4.7CVSS5.5AI score0.00208EPSS

Exploits0References1Affected Software1

Huntr•added 2023/04/10 4:20 p.m.•27 views

An outdated dependency leads to to remote command execution vulnerability

Description A few days ago, the vm2 module of nodejs found a sandbox escape vulnerability, which was officially fixed in v3.9.15 However, a fixed vm2 version is hard-coded in the package.jsonv 3.9.11 of the jsreport-core component of jsreport, which makes it impossible to install the latest vm2...

7.5CVSS7AI score0.74958EPSS

Exploits2References1

CISA KEV Catalog•added 2023/01/23 12:0 a.m.•41 views

Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability

Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario...

9.8CVSS2.6AI score0.94378EPSS

In wildExploits15