CVEs Published
CWE 4.14 is available
2024-03-01MITRE has released version 4.14 of the Common Weakness Enumeration (CWE) with a new weakness for "Hardware Micro Architectures", a view for "ISA/IEC 62443 Requirements", and new demonstrative examples from "HACK@DAC". Changes in 4.14 New Waknesses: CWE-1420: Exposure of Sensitive Information du...
What's new in SecDB 24.2
2024-02-29This new version of SecDB brings new features and improvements. Polished UI, improved support for EPSS, Web & Social references (from Reddit and Mastodon) in CVEs, new Security Advisories and sections (NASL & NVT and Packages), and much more. Improved the EPSS (Exploit Prediction Scoring System) s...
What's new in SecDB 22.11 - EPSS, Packages & Software, new Security Advisory feeds... and more!
2022-11-30Notable changes in SecDB Introduced the Exploit Prediction Scoring System (EPSS) Added the Exploit Prediction Scoring System (EPSS) score in all tables and CVE pages. The Exploit Prediction Scoring System (EPSS) is an open, data-driven effort for estimating the likelihood (probability) that a sof...
- 2022 CWE Top 25 Most Dangerous Software Weaknesses (2022-06-28)
- CISA Adds 34 Known Exploited Vulnerabilities to Catalog (2022-05-25)
- CISA Adds 20 Known Exploited Vulnerabilities to Catalog (2022-05-24)
- CSIRT Publish 71 known vulnerabilities based on evidence of active exploitation (2022-05-12)
- Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228) (2021-12-13)
- ...all articles
GO-2024-2824
2024-05-07Malformed DNS message can cause infinite loop in net
USN-6767-1
2024-05-07high
Linux kernel vulnerabilities
USN-6766-1
2024-05-07high
Linux kernel vulnerabilities
MAVEN:GHSA-P343-9QWP-PQXV
2024-05-07moderate
Neo4j Cypher component mishandles IMMUTABLE privileges
MAVEN:GHSA-64CM-3CJ3-67HF
2024-05-07moderate
MS Basic Cross-site Scripting vulnerability
ALPINE:CVE-2024-27982
2024-05-07medium
nodejs, nodejs-current vulnerability
XSA-457
2024-05-07Linux/xen-netback: Memory leak due to missing cleanup function
NPM:GHSA-QJQP-XR96-CJ99
2024-05-07moderate
Trix Editor Arbitrary Code Execution Vulnerability
NPM:GHSA-87HQ-Q4GP-9WR4
2024-05-07high
react-pdf vulnerable to arbitrary JavaScript execution upon opening a malicious PDF with PDF.js
MAVEN:GHSA-2X52-8F29-7CJR
2024-05-07moderate
Eclipse Dataspace Components vulnerable to OAuth2 client secret disclosure
CVE-2023-35749
2024-05-07CVSS3 8.8 CWE-121
D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vuln...
CVE-2023-35757
2024-05-07CVSS3 8.8 CWE-121
D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulne...
CVE-2023-37325
2024-05-07CVSS3 5.4 CWE-306
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attac...
CVE-2023-40490
2024-05-07CVSS3 7.8 CWE-416
Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote at...
CVE-2022-43653
2024-05-07CVSS3 7.8 CWE-787
Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote ...
CVE-2022-43654
2024-05-07CVSS3 8.8 CWE-78
NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent att...
CVE-2022-43655
2024-05-07CVSS3 7.8 CWE-122
Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows ...
CVE-2022-43656
2024-05-07CVSS3 3.3 CWE-125
Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote ...
CVE-2023-27321
2024-05-07CVSS3 7.5 CWE-400
OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability...
CVE-2023-35748
2024-05-07CVSS3 8.8 CWE-121
D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability...