CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6655 matches found

rapid7community•added 2017/08/07 8:57 p.m.•145 views

Rapid7 Threat Report: Q2 2017

We cannot believe that we're already into August! Time really flies when the internet is constantly on fire. When it came time to analyze data for our Q2 Threat Report and pull out threat trends and landscape changes, there was plenty to work with. Q2 kept defenders on their toes--from the Shadow...

7AI score

Exploits0

GithubExploit•added 2017/08/07 11:56 a.m.•10 views

Exploit for CVE-2017-8464

CVE-2017-8464-exp-generator this tool can generate a exp for c...

9.3CVSS7.3AI score0.90026EPSS

Exploits20

Oracle linux•added 2017/08/07 12:0 a.m.•48 views

curl security, bug fix, and enhancement update

7.29.0-42 - fix use of uninitialized variable detected by Covscan 7.29.0-41 - make FTPS work with --proxytunnel 1420327 7.29.0-40 - make FTPS work with --proxytunnel 1420327 7.29.0-39 - work around race condition in PK11FindSlotByName in NSS 1404815 7.29.0-38 - make FTPS work with --proxytunnel...

9.8CVSS0.4AI score0.11737EPSS

Exploits0

Openbugbounty•added 2017/08/04 10:42 p.m.•11 views

e-svet.e15.cz XSS vulnerability

Vulnerable URL: http://e-svet.e15.cz/vyhledavani?q=" XANY Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 05.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Chec...

6.3AI score

Exploits0

rapid7community•added 2017/08/03 4:55 p.m.•279 views

Petya-like Ransomware Explained

TL;DR summary June 28 and beyond: A major ransomware attack started in Ukraine yesterday and has spread around the world. The ransomware, which was initially thought to be a modified Petya variant, encrypts files on infected machines and uses multiple mechanisms to both gain entry to target...

6.9AI score

Exploits0

Openbugbounty•added 2017/07/31 3:37 a.m.•10 views

narshahotel.com XSS vulnerability

Vulnerable URL: http://narshahotel.com/content/pageetc.php/'%22--!%3E%20%3Cimg%20src=x%20onerror=alert%22openbugbounty%22%3E?id=privacy Details: Description| Value ---|--- Patched:| Yes, at 27.11.2017 Latest check for patch:| 27.11.2017 17:29 GMT Vulnerability type:| XSS Vulnerability status:|...

6.3AI score

Exploits0

Openbugbounty•added 2017/07/25 1:5 a.m.•13 views

surgeinfitness.com XSS vulnerability

Vulnerable URL: http://surgeinfitness.com/?s=%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosu...

6.3AI score

Exploits0

Openbugbounty•added 2017/07/25 1:4 a.m.•10 views

flow-athletics.com XSS vulnerability

Vulnerable URL: http://flow-athletics.com/?s=%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

6.3AI score

Exploits0

Openbugbounty•added 2017/07/23 4:6 a.m.•9 views

sherwoodparkchev.com XSS vulnerability

Vulnerable URL:...

6.3AI score

Exploits0

Openbugbounty•added 2017/07/21 2:48 a.m.•13 views

liriklagu.co.id XSS vulnerability

Vulnerable URL: http://liriklagu.co.id/search?q=%3C%2Fscript%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at 27.11.2017 Latest check for patch:| 27.11.2017 16:42 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

6.3AI score

Exploits0

ThreatPost•added 2017/07/19 6:0 a.m.•10 views

Bad Code Library Triggers Devil's Ivy Vulnerability in Millions of IoT Devices

Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attackers to remotely gain control over devices or crash them. The vulnerability, dubbed Devil’s Ivy, was identified by researchers at Senrio...

Exploits0References3

ThreatPost•added 2017/07/18 4:47 p.m.•10 views

Oracle Releases Biggest Update Ever: 308 Vulnerabilities Patched

Oracle admins are today staring down the barrel of the biggest quarterly Critical Patch Update ever. The numbers are gory: 308 vulnerabilities patched, 165 of which are remotely exploitable, across more than 90 products. So far in 2017, Oracle has patched 878 vulnerabilities through three CPUs...

1.5AI score

Exploits0References3

Openbugbounty•added 2017/07/18 12:24 p.m.•11 views

ictjobs.ch XSS vulnerability

Vulnerable URL: https://ictjobs.ch/?fs=%22%3E%27%3EI%3Ci%3EI%3Csvg%2Fonload%3Dalert%28%2Fopenbugbounty%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.09.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 534386 VIP website...

6.3AI score

Exploits0

Akamai Blog•added 2017/07/17 4:34 p.m.•41 views

Unwelcome Interruptions

Imagine your player's first experience with your game. Finally, after waiting all these years, she's got the game in hand. She tears the cellophane, cracks the case, slots the disc, and . . . "Game is now updating. Please wait." Watching 20 GB load onto a machine is not anyone's idea of fun. I ha...

6.7AI score

Exploits0

Openbugbounty•added 2017/07/17 11:18 a.m.•11 views

gagosian.com XSS vulnerability

Vulnerable URL: http://www.gagosian.com/search?query=%27%22%3E%3Csvg%2Fonload%3Dprompt%28%2FOPENBUGBOUNTY%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at 27.11.2017 Latest check for patch:| 27.11.2017 16:35 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alex...

6.3AI score

Exploits0

Talos Blog•added 2017/07/17 7:35 a.m.•72 views

Memcached - A Story of Failed Patching & Vulnerable Servers

This blog authored by Aleksandar Nikolich and David Maynor with contributions from Nick BiasiniMemcached - Not secure, Not Patched Fast Enough Recently high profile vulnerabilities in systems were used to unleash several global ransomware attacks that greatly impacted organizations. These types o...

7.5CVSS0.1AI score0.45703EPSS

Exploits3

ThreatPost•added 2017/07/12 12:25 p.m.•9 views

SAP Patches High-Risk Flaws in SAP POS, Host Agent

SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws that could allow an attacker to gain access to SAP POS, the company’s client/server point-of-sale PoS solution. The issues in SAP POS, a series of missing authorization checks, could let...

0.1AI score

Exploits0References9

Information Security Automation•added 2017/06/29 9:29 p.m.•827 views

Petya the Great and why *they* don’t patch vulnerabilities

I really like this. Just imagine. Quiet, routine, everyday Vulnerability Management process in organizations: scanning-patching, scanning-patching, scanning-patching… And then. Suddenly! PEEETYYA!!! And at very same moment everything changes. People from different companies start to communicate...

9.3CVSS0.3AI score0.99933EPSS

Exploits84

Openbugbounty•added 2017/06/26 4:50 p.m.•18 views

jumbowood.nl XSS vulnerability

Vulnerable URL: http://www.jumbowood.nl/catalogsearch/result/?q=a%27aa%22onfocus=prompt/OPENBUGBOUNTY/%20autofocus=x%20bad=--%3E%3C/script%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 16.10.2017 Vulnerability type:|...

6.3AI score

Exploits0

Openbugbounty•added 2017/06/23 11:36 p.m.•13 views

flrules.org XSS vulnerability

Vulnerable URL: https://www.flrules.org/gateway/Division.asp?toType="=347=ID Details: Description| Value ---|--- Patched:| No Latest check for patch:| 19.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 215068 VIP website status:| Yes Check flrules.org SSL...

6.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by