CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

GoogleProjectZero•added 2025/12/16 12:0 a.m.•20 views

Welcome to the new Project Zero Blog

Posted by Natalie Silvanovich While on Project Zero, we aim for our research to be leading-edge, our blog design was … not so much. We welcome readers to our shiny new blog! For the occasion, we asked members of Project Zero to dust off old blog posts that never quite saw the light of day. And...

5.9AI score

Exploits0

Akamai Blog•added 2021/04/26 2:0 p.m.•64 views

Don't Risk Getting Caught by Kr3pto Phishing Kits

Akamai's threat research team recently published a report showing that a new phishing toolkit named Kr3pto was targeting UK banking customers. A phishing kit is an all-in-one software package that lets just about anyone create and launch phishing attacks designed to steal user data by posing as a...

0.1AI score

Exploits0

Imperva Blog•added 2017/09/08 4:10 p.m.•1850 views

CVE-2017-9805: Analysis of Apache Struts RCE Vulnerability in REST Plugin

Just two months ago we published an analysis of a critical remote code execution RCE security vulnerability in Apache Struts. Now Apache Struts has published a new version fixing yet another critical RCE vulnerability September 5, 2017. CVE-2017-9805 is a vulnerability in Apache Struts related to...

7.5CVSS1.1AI score0.99461EPSS

Exploits42

Imperva Blog•added 2017/07/13 7:12 p.m.•2640 views

CVE-2017-9791: Analysis of RCE in the Struts Showcase App in Struts 1 Plugin

On July 7th, a new security vulnerability was published in Apache Struts 2 CVE-2017-9791 S2-0481. Struts 2.3.x users with Struts 1 plugin, which includes the Showcase app, are vulnerable. Once again, this vulnerability enables a Remote Code Execution RCE, which is the most commonly exploited Apac...

10CVSS0.3AI score0.99999EPSS

Exploits63

Trend Micro Simply Security•added 2017/07/11 12:0 p.m.•44 views

Not All Threats Are Created Equal

In today’s world, security teams are bombarded constantly with security events and threat information from multiple sources, making it impossible to address each threat with the same amount of urgency. Where does one even start? We know every threat should be addressed, but not all threats are...

6.9AI score

Exploits0

securityvulns•added 2011/08/27 12:0 a.m.•90 views

ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability

ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-273 August 23, 2011 -- CVE ID: CVE-2011-2735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC AutoStart -- TippingPointTM...

7.9CVSS0.4AI score0.02335EPSS

Exploits4

securityvulns•added 2011/02/24 12:0 a.m.•36 views

ZDI-11-091: (0day) Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability

ZDI-11-091: 0day Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-091 February 23, 2011 -- CVE ID: CVE-2011-0926 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Cisco -- Affected Products: Cisco Secure Desktop ...

9.3CVSS0.7AI score0.06812EPSS

Exploits4

securityvulns•added 2010/07/23 12:0 a.m.•49 views

ZDI-10-136: Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability

ZDI-10-136: Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-136 July 21, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell Access Manager -- TippingPointTM IPS Customer...

1.3AI score

Exploits0

securityvulns•added 2010/01/23 12:0 a.m.•82 views

FortiGuard Advisory: Microsoft Internet Explorer Remote Memory Corruption Vulnerability

Microsoft Internet Explorer Remote Memory Corruption Vulnerability 2010.January.21 Summary: ======== Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Microsoft's Internet Explorer. Impact: ======= Remote Code Execution. Risk: ===== Critical Affected Software:...

9.3CVSS8.8AI score0.18499EPSS

Exploits1

securityvulns•added 2009/11/05 12:0 a.m.•107 views

ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability

ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-080 November 4, 2009 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- TippingPointTM IPS Customer Protection:...

0.4AI score

Exploits0

securityvulns•added 2009/04/10 12:0 a.m.•43 views

FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability

FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability 2009.April.08 Summary: ======== Fortinet's FortiGuard Global Security Research Team has discovered a buffer overflow vulnerability in EMC RepliStor. Impact: ======= Remote code execution. Risk: ===== Critical Affected Software: ...

10CVSS0.05359EPSS

Exploits0

securityvulns•added 2009/04/01 12:0 a.m.•69 views

ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability

ZDI-09-015: Mozilla Firefox XUL moveToEdgeShift Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-015 March 30, 2009 -- CVE ID: CVE-2009-1044 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.0.x -- Vulnerability Details: This...

9.3CVSS0.5AI score0.0649EPSS

Exploits2

securityvulns•added 2007/12/07 12:0 a.m.•64 views

ZDI-07-070: Skype skype4com URI Handler Remote Heap Corruption Vulnerability

ZDI-07-070: Skype skype4com URI Handler Remote Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-070.html December 6, 2007 -- CVE ID: CVE-2007-5989 -- Affected Vendor: Skype -- Affected Products: Skype 3.6 GOLD -- TippingPointTM IPS Customer Protection: TippingPoint...

6.8CVSS1AI score0.04441EPSS

Exploits1