CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2023/10/25 7:15 p.m.•3 views

CVE-2023-40445

The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17.1. A device may persistently fail to lock...

7.5CVSS5.8AI score

Cvelist•added 2023/10/25 6:32 p.m.•18 views

CVE-2023-40445

The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17.1. A device may persistently fail to lock...

6.8AI score0.0016EPSS

RedHat Linux•added 2023/10/25 2:16 p.m.•64 views

Important: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.14 security and bug fix update

OpenShift API for Data Protection OADP 1.0.14 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS7AI score0.0015EPSS

Citrix•added 2023/10/25 12:0 a.m.•6 views

How to Add a Permanent Search Domain Entry in the Resolv.conf File of a XenServer Host

This article describes how to add a permanent search domain entry in the resolv.conf file of a XenServer Host. When manually editing the resolv.conf file to add search domains, the entries are not persistent after a XenServer Host reboot...

7AI score

Exploits0

BDU FSTEC•added 2023/10/21 12:0 a.m.•2 views

The vulnerability of the “Forgotten Password” function of the Mendix software platform for deploying and testing software applications, which allows a perpetrator to execute a brute-force attack.

The vulnerability of the “Forgotten Password” function in the Mendix software deployment and application testing platform is related to its non-persistent execution time. Exploiting this vulnerability allows a malicious actor to execute an attack using brute-force methods...

5.3CVSS6.2AI score0.0023EPSS

Exploits0References2Affected Software1

Prion•added 2023/10/19 7:15 p.m.•23 views

Cross site request forgery (csrf)

A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allow a remote, unauthenticated attacker to execute persistent XSS and CSRF attacks against a user of the admin management interface. A successful attack, combined with a certa...

6.8CVSS9.1AI score0.00551EPSS

Exploits1References5Affected Software1

Microsoft Malware Protection•added 2023/10/18 4:30 p.m.•46 views

Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability

Since early October 2023, Microsoft has observed two North Korean nation-state threat actors – Diamond Sleet and Onyx Sleet – exploiting CVE-2023-42793, a remote-code execution vulnerability affecting multiple versions of JetBrains TeamCity server. TeamCity is a continuous integration/continuous...

7.5CVSS7.4AI score0.92913EPSS

Exploits17

OSSF Malicious Packages•added 2023/10/16 6:50 a.m.•2 views

Malicious code in very-bad-npm-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8b6aab39bd84cb65205f0339a8531e90906143bc204d65dab3f378e8ef83619d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2023/10/16 6:7 a.m.•3 views

Malicious code in fca-kemdev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 287f0297a75a759baf26a653469422f43653a6ccb17b28941f58e54279b623b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CNNVD•added 2023/10/13 12:0 a.m.•2 views

Fortinet FortiSandbox Cross-Site Scripting Vulnerability

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence, real-time control panel and reporting. Fortinet FortiSandbox is vulnerable to a cross-site scripting vulnerability that stem...

7.5CVSS6.2AI score0.00166EPSS

Exploits0References2

CNNVD•added 2023/10/13 12:0 a.m.•1 views

Fortinet FortiSandbox Cross-Site Scripting Vulnerability

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance provides dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. Fortinet FortiSandbox is vulnerable to a cross-site scripting vulnerability...

7.5CVSS6.2AI score0.00276EPSS

OSSF Malicious Packages•added 2023/10/12 11:21 p.m.•2 views

Malicious code in slot-qris-situs-slot-mudah-maxwin-24-jam-online-terpercaya (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e7024e3e37cd20e39f30c363c32d2da667b32231695491e01709a7ed3fad3a09 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2023/10/12 11:21 p.m.•4 views

Malicious code in daftar-10-bandar-togel-singapore-terpercaya-agen-pay4d-terbesar-di-asia (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c010afee8561b173cf2644e0cf79595bc1f4c292cf5d3c68a90de24f2a655cab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2023/10/12 3:44 a.m.•3 views

Malicious code in fas_elbridge_server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9eeb55ec40cca8a30b5ca2b20ede9234fa59a23da2fa5cef2ad9c3e461eba4c9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...