CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1174 matches found

Positive Technologies•added 2023/01/20 12:0 a.m.•4 views

PT-2023-9596 · Sentry +1 · Sentry Sdk +1

Name of the Vulnerable Software and Affected Versions: Sentry SDK versions prior to 1.14.0 Description: The issue is related to the leakage of sensitive cookie values, including session cookies, to Sentry when using the Django integration of the Sentry SDK in a specific configuration. This can...

7.6CVSS7.2AI score0.00641EPSS

Exploits0References17

The Hacker News•added 2023/01/13 4:39 p.m.•30 views

Beware: Tainted VPNs Being Used to Spread EyeSpy Surveillanceware

Tainted VPN installers are being used to deliver a piece of surveillanceware dubbed EyeSpy as part of a malware campaign that started in May 2022. It uses "components of SecondEye – a legitimate monitoring application – to spy on users of 20Speed VPN, an Iranian-based VPN service, via trojanized...

1.6AI score

Exploits0

CNVD•added 2023/01/12 12:0 a.m.•15 views

SAP Bank Account Management Information Disclosure Vulnerability

SAP Bank Account Management is a bank account management system from SAP. An information disclosure vulnerability exists in the SAP Bank Account Management application, which stems from the fact that when a user clicks on a smart link to navigate to another application, personal data is displayed...

5.7CVSS5.1AI score0.00507EPSS

Exploits0References1

OSV•added 2023/01/10 4:15 a.m.•3 views

CVE-2023-0023

In SAP Bank Account Management Manage Banks application, when a user clicks a smart link to navigate to another app, personal data is shown directly in the URL. They might get captured in log files, bookmarks, and so on disclosing sensitive data of the application...

5.7CVSS6.2AI score0.00507EPSS

Exploits0References2

NVD•added 2023/01/10 4:15 a.m.•32 views

CVE-2023-0023

5.7CVSS4.9AI score0.00507EPSS

Exploits0References2

Prion•added 2023/01/10 4:15 a.m.•15 views

Code injection

3.5CVSS5.5AI score0.00507EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/01/10 3:32 a.m.•9 views

CVE-2023-0023 Information Disclosure in SAP Bank Account Management (Manage Banks)

4.5CVSS6.7AI score0.00507EPSS

Exploits0References2

CVE•added 2023/01/10 3:32 a.m.•55 views

CVE-2023-0023

Technical details (affected software, exact versions, root cause, exploit specifics) are not publicly available in the provided connected documents. Monitor SAP notes and related advisories for updates.

5.7CVSS5AI score0.00507EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/01/10 3:32 a.m.•38 views

CVE-2023-0023 Information Disclosure in SAP Bank Account Management (Manage Banks)

4.5CVSS5.8AI score0.00507EPSS

Exploits0References2

CNNVD•added 2023/01/10 12:0 a.m.•27 views

SAP Bank Account Management 信息泄露漏洞

5.7CVSS5.8AI score0.00507EPSS

Exploits0References3

OSV•added 2022/12/12 4:15 a.m.•3 views

CVE-2022-31596

Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjects Business Intelligence Platform Monitoring DB - version 430, can access BOE Monitoring database to retrieve and modify non-personal system data which wou...

6CVSS5.8AI score

Exploits0References2

Positive Technologies•added 2022/12/12 12:0 a.m.•2 views

PT-2022-20865 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform Monitoring DB version 430 Description: Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network can access the BOE Monitoring...

6CVSS7.1AI score0.0066EPSS

Exploits0References7

OSV•added 2022/12/08 4:15 p.m.•2 views

CVE-2022-45118

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions...

5.5CVSS5.8AI score0.00175EPSS

Exploits0References1

ATTACKERKB•added 2022/12/08 4:15 p.m.•4 views

CVE-2022-45118

6.2CVSS6.1AI score0.00175EPSS

Exploits0References2Affected Software1

NVD•added 2022/12/08 4:15 p.m.•11 views

CVE-2022-45118

6.2CVSS0.00175EPSS

Exploits0References1

Prion•added 2022/12/08 4:15 p.m.•15 views

Information disclosure

1.7CVSS5.3AI score0.00175EPSS

Exploits0References1Affected Software1

Wired Threat Level•added 2022/12/08 1:0 p.m.•20 views

Popular HR and Payroll Company Sequoia Discloses a Data Breach

The company, which works with hundreds of startups, said it detected unauthorized access to personal data, including Social Security numbers...

2.4AI score

Exploits0

Cvelist•added 2022/12/08 12:0 a.m.•14 views

CVE-2022-45118 Telephony in communication subsystem sends public events with personal data, but the permission is not set.

6.2CVSS6.3AI score0.00175EPSS

Exploits0References1

Vulnrichment•added 2022/12/08 12:0 a.m.•10 views

CVE-2022-45118 Telephony in communication subsystem sends public events with personal data, but the permission is not set.

6.2CVSS6.5AI score0.00175EPSS

Exploits0References1

CVE•added 2022/12/08 12:0 a.m.•54 views

CVE-2022-45118

OpenHarmony OpenHarmony-v3.1.2 and earlier versions are affected by CVE-2022-45118. The vulnerability lies in the telephony component of the communication subsystem, which fires public events containing personal data without proper permissions. Malicious apps could listen to these public events a...

6.2CVSS5.5AI score0.00175EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by