CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

933 matches found

Positive Technologies•added 2023/01/10 12:0 a.m.•1 views

PT-2023-1074 · Microsoft · Office

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Description: The issue is related to insufficient input validation in Microsoft Office packages, which can be exploited to execute arbitrary code. This can allow an attacker to perform...

7.8CVSS9.3AI score0.00723EPSS

Exploits0References6

Positive Technologies•added 2023/01/07 12:0 a.m.•2 views

PT-2023-9998 · Unknown · Drazraeltod Pychao

Name of the Vulnerable Software and Affected Versions: DrAzraelTod pyChao affected versions not specified Description: A critical issue was found in DrAzraelTod pyChao, affecting the function klauen/lesen of the file mod fun/ init .py. This issue leads to sql injection. Recommendations: At the...

9.8CVSS5.9AI score0.00673EPSS

Exploits0References8

Positive Technologies•added 2023/01/06 12:0 a.m.•2 views

PT-2023-12594 · Unknown · Hw Keymaster

Name of the Vulnerable Software and Affected Versions: HW KEYMASTER affected versions not specified Description: The issue is related to a problem in the HW KEYMASTER module with releasing memory. Successful exploitation may result in out-of-bounds memory access. Recommendations: At the moment,...

7.5CVSS6.8AI score0.00398EPSS

Exploits0References5

Positive Technologies•added 2023/01/01 12:0 a.m.•3 views

PT-2023-14351 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The record for this issue has been rejected due to non-compliance with CNA rules, as it has not been used. The information is from the National...

6.3AI score

Exploits0References2

Positive Technologies•added 2023/01/01 12:0 a.m.•2 views

PT-2023-10100 · Unknown · Taoeffect Empress

Name of the Vulnerable Software and Affected Versions: taoeffect Empress affected versions not specified Description: A critical issue has been found in taoeffect Empress, affecting some unknown functionality. The manipulation leads to the use of a hard-coded password. Recommendations: To fix thi...

9.8CVSS7AI score0.00876EPSS

Exploits0References7

Positive Technologies•added 2022/12/30 12:0 a.m.•3 views

PT-2022-8342 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The provided information does not contain details about a specific issue. It appears to be a notification about a candidate number that is not in use. Recommendations: At the...

6.2AI score

Exploits0References2

Positive Technologies•added 2022/12/30 12:0 a.m.•4 views

PT-2022-8614 · Undefined · Undefined

6.2AI score

Exploits0References2

OSV•added 2022/12/29 12:0 a.m.•15 views

CVE-2022-4847 Incorrectly Specified Destination in a Communication Channel in usememos/memos

Incorrectly Specified Destination in a Communication Channel in GitHub repository usememos/memos prior to 0.9.1...

8.3CVSS7.3AI score0.00642EPSS

Exploits1References4

UbuntuCve•added 2022/12/22 8:15 p.m.•47 views

CVE-2022-1887

The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS 101...

9.8CVSS7.2AI score0.00581EPSS

Exploits0References1

Positive Technologies•added 2022/12/19 12:0 a.m.•2 views

PT-2022-11624 · Whohas +1 · Whohas +1

Name of the Vulnerable Software and Affected Versions: whohas affected versions not specified Description: A vulnerability was found in the component Package Information Handler of whohas, which leads to cleartext transmission of sensitive information. The attack may be initiated remotely. The re...

7.5CVSS6.7AI score0.0038EPSS

Exploits0References14

Vulnrichment•added 2022/12/07 12:0 a.m.•5 views

CVE-2022-46688

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

6.5AI score0.00429EPSS

Exploits0References1

Positive Technologies•added 2022/12/02 12:0 a.m.•3 views

PT-2022-8787 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The provided information does not contain details about a specific vulnerability. It appears to be a notification about a rejected candidate number from the National...

6.2AI score

Exploits0References2

Positive Technologies•added 2022/11/20 12:0 a.m.•1 views

PT-2022-36777 · Git +1 · Opensc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read error. The crash state involves several functions: authentic get tagged data, authentic parse...

6.8AI score

Exploits0References2

NVD•added 2022/11/15 8:15 p.m.•16 views

CVE-2022-45389

A missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to an attacker-specified repository...

5.3CVSS0.00614EPSS

Exploits0References2

Positive Technologies•added 2022/11/11 12:0 a.m.•2 views

PT-2022-24958 · Unknown · Lanyulei Ferry

Name of the Vulnerable Software and Affected Versions: lanyulei ferry affected versions not specified Description: A problematic issue was found in lanyulei ferry, affecting an unknown part of the file apis/process/task.go. The manipulation of the file name argument leads to path traversal...

9.8CVSS9.3AI score0.00641EPSS

Exploits0References4

Positive Technologies•added 2022/11/11 12:0 a.m.•2 views

PT-2022-36761 · Git +1 · Suricata

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A null-dereference read crash was reported, indicating a potential issue where the software attempts to access a null pointer, leading to a crash. The crash type is specified as a...

6.8AI score

Exploits0References2

Fedora•added 2022/11/10 10:54 p.m.•29 views

[SECURITY] Fedora 37 Update: ghc-cmark-gfm-0.2.5-1.fc37

This package provides Haskell bindings for , the reference parser for , a fully specified variant of Markdown. It includes sources for libcmark-gfm 0.29.0.gfm.6 and does not require prior installation of the C library...

7.5CVSS7.1AI score0.01568EPSS

Exploits0

Positive Technologies•added 2022/11/09 12:0 a.m.•6 views

PT-2022-5695 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to insufficient validation of user-supplied input by the web-based management interface, allowing an authenticated, remote attack...

4.9CVSS6AI score0.00473EPSS

Exploits0References4

Positive Technologies•added 2022/11/09 12:0 a.m.•2 views

PT-2022-27249 · Huawei · Huawei Recovery

Name of the Vulnerable Software and Affected Versions: Huawei Recovery affected versions not specified Description: The issue is related to a race condition vulnerability in SD upgrade mode, which may affect data confidentiality. There is no information provided about the estimated number of...

5.9CVSS5.5AI score0.00317EPSS

Exploits0References5

Positive Technologies•added 2022/10/31 12:0 a.m.•3 views

PT-2022-25332 · Php Point Of Sale Llc +1 · Php Point Of Sale

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, so: Application affected versions not specified Description: The application is susceptible to Server-Side Request Forgery attacks. This allows the backend server to interact with unexpected...

9.8CVSS9.1AI score0.00621EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by