CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Rockylinux•added 2022/11/15 6:17 a.m.•13 views

gnome-initial-setup bug fix and enhancement update

An update is available for gnome-initial-setup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

Rockylinux•added 2022/11/15 6:11 a.m.•10 views

realtime-setup bug fix and enhancement update

An update is available for realtime-setup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

OSV•added 2022/11/14 3:15 p.m.•2 views

CVE-2022-3631

The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite...

4.8CVSS5.8AI score0.00501EPSS

Exploits2References1

Prion•added 2022/11/14 3:15 p.m.•17 views

Cross site scripting

The WP Attachments WordPress plugin before 5.0.5 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup...

4.3CVSS4.8AI score0.00532EPSS

Exploits2References1Affected Software1

Prion•added 2022/11/14 3:15 p.m.•15 views

Cross site scripting

4.3CVSS4.8AI score0.00501EPSS

Exploits2References1Affected Software1

Fedora•added 2022/11/14 12:48 a.m.•26 views

[SECURITY] Fedora 36 Update: android-tools-33.0.3p1-1.fc36

The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...

9.3CVSS7.8AI score0.05292EPSS

Exploits4

Code423n4•added 2022/11/13 12:0 a.m.•10 views

Buyers unused ETH funds can be stolen (Direct theft of funds)

Lines of code Vulnerability details Impact The protocol has recognized the need to track buyers ETH in order to refund unused ETH by implementing the returnDust function and setupExecution modifier. The implementation creates an attack vector that allows the seller to steal the unused ETH...

7.2AI score

Veracode•added 2022/11/10 12:22 a.m.•29 views

Authorization Bypass

device-mapper-multipath is vulnerable to authorization bypass. The vulnerability exists because the library uses arithmetic ADD instead of bitwise OR, allowing an attacker to write to UNIX domain sockets and bypass access controls and manipulate the multipath setup by repeating a keyword...

7.8CVSS7.7AI score0.00606EPSS

Exploits4References17Affected Software5

Positive Technologies•added 2022/11/10 12:0 a.m.•4 views

PT-2022-6630 · Lenovo · Wmi Setup Driver

Name of the Vulnerable Software and Affected Versions: Lenovo Notebook devices affected versions not specified Description: The issue is related to a potential vulnerability in the WMI Setup driver, which may allow an attacker with elevated privileges to modify secure boot settings. This can be...

6.8CVSS6.3AI score0.00257EPSS

Exploits0References7

WPVulnDB•added 2022/11/09 12:0 a.m.•16 views

Seed Social < 2.0.4 - Admin+ Stored XSS

2.2AI score0.00497EPSS

Rockylinux•added 2022/11/08 10:51 a.m.•17 views

ansible-freeipa bug fix and enhancement update

An update is available for ansible-freeipa. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ansible-freeipa package provides Ansible roles and playbooks to...

1.1AI score

Rockylinux•added 2022/11/08 6:23 a.m.•14 views

gnome-initial-setup bug fix and enhancement update

An update is available for gnome-initial-setup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

Rockylinux•added 2022/11/08 6:19 a.m.•15 views

rt-setup bug fix and enhancement update

An update is available for rt-setup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.7...

Kitploit•added 2022/11/07 11:30 a.m.•873 views

Evilgophish - Evilginx2 + Gophish

Combination of evilginx2 and GoPhish. Credits Before I begin, I would like to say that I am in no way bashing Kuba Gretzky and his work. I thank him personally for releasing evilginx2 to the public. In fact, without his work this work would not exist. I must also thank Jordan Wright for...

7AI score

Exploits0References11

Prion•added 2022/11/07 10:15 a.m.•16 views

Cross site scripting

The Highlight Focus WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.3CVSS4.7AI score0.00532EPSS

Exploits2References1Affected Software1

WPVulnDB•added 2022/11/03 12:0 a.m.•11 views

Fancier Author Box by ThematoSoup <= 1.4 - Admin+ Stored XSS

4.8CVSS0.5AI score0.00501EPSS

WPVulnDB•added 2022/11/03 12:0 a.m.•15 views

Image Hover Effects Css3 <= 4.5 - Admin+ Stored XSS

4.8CVSS0.4AI score0.0047EPSS