CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2022/12/06 8:15 p.m.•20 views

Cross site scripting

6.8CVSS8.4AI score0.00612EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/12/06 7:52 p.m.•22 views

CVE-2022-46333 Proofpoint Enterprise Protection perl eval() arbitrary command execution

The admin user interface in Proofpoint Enterprise Protection PPS/PoD contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below...

7.2CVSS7.5AI score0.01468EPSS

Vulnrichment•added 2022/12/06 7:52 p.m.•26 views

CVE-2022-46332 Proofpoint Enterprise Protection (PPS/PoD) XSS in "Attachment Names"

9.6CVSS8.8AI score0.00612EPSS

CNNVD•added 2022/12/05 12:0 a.m.•4 views

StackStorm 跨站脚本漏洞

StackStorm is an event-driven automation platform. The platform is primarily used for automated remediation, security response, troubleshooting, and program deployment functions. A security vulnerability exists in StackStorm versions prior to 3.8.0, which originates in the Web UI that allows a...

5.4CVSS5.9AI score0.00389EPSS

Exploits0References3

ATTACKERKB•added 2022/11/30 12:15 a.m.•4 views

CVE-2022-4191

Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00576EPSS

Exploits0References5

OSV•added 2022/11/30 12:15 a.m.•1 views

DEBIAN-CVE-2022-4176

Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: High...

8.8CVSS7.1AI score0.00607EPSS

OSV•added 2022/11/30 12:15 a.m.•1 views

UBUNTU-CVE-2022-4176

8.8CVSS7.3AI score0.00607EPSS

Exploits0References4

Tenable Nessus•added 2022/11/30 12:0 a.m.•48 views

SUSE SLES12: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2022:4283-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4283-1 advisory. Security fixes: - CVE-2022-32888: Fixed possible arbitrary code execution via maliciously crafted web content bsc1205121. -...

Tenable Nessus•added 2022/11/30 12:0 a.m.•33 views

SUSE SLED15: libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc (SUSE-SU-2022:4285-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4285-1 advisory. Security fixes: - CVE-2022-32888: Fixed possible arbitrary code execution via maliciously crafte...

Tenable Nessus•added 2022/11/30 12:0 a.m.•35 views

SUSE SLES15: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2022:4284-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4284-1 advisory. Security fixes: - CVE-2022-32888: Fixed possible arbitrary code execution via maliciously crafted web content bsc1205121. -...

BDU FSTEC•added 2022/11/30 12:0 a.m.•5 views

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, related to information representation errors in the user interface, allow attackers to perform spear-phishing attacks.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to information representation errors in the user interface. Exploiting these vulnerabilities can allow attackers to perform spear-phishing attacks remotely...

6.4CVSS7.1AI score0.00728EPSS

Exploits0References14Affected Software10

OSV•added 2022/11/29 2:53 p.m.•10 views

SUSE-SU-2022:4283-1 Security update for webkit2gtk3

Security fixes: - CVE-2022-32888: Fixed possible arbitrary code execution via maliciously crafted web content bsc1205121. - CVE-2022-32923: Fixed possible information leak via maliciously crafted web content bsc1205122. - CVE-2022-42799: Fixed user interface spoofing when visiting a malicious...

8.8CVSS7.6AI score0.0141EPSS

Exploits0References11

Kaspersky•added 2022/11/29 12:0 a.m.•310 views

KLA20104 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Type confusion vulnerability in V8 can be...

8.8CVSS9.4AI score0.23918EPSS

Exploits4References4

BDU FSTEC•added 2022/11/28 12:0 a.m.•10 views

The vulnerability of Microsoft Exchange Server servers, related to errors in information representation by the user interface, allows attackers to perform spoofing attacks.

The vulnerability of Microsoft Exchange Server is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a malicious actor to perform a spoofing attack remotely...

8CVSS7.5AI score0.00776EPSS

Exploits0References2

Tenable Nessus•added 2022/11/24 12:0 a.m.•39 views

SUSE SLED15: WebKit2GTK-4.0-lang / WebKit2GTK-4.1-lang / WebKit2GTK-5.0-lang / etc (SUSE-SU-2022:4207-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4207-1 advisory. Security fixes: - CVE-2022-32888: Fixed possible arbitrary code execution via maliciously crafte...