CVEs Published

Latest Blog Articles

CWE 4.14 is available
2024-03-01
CWE 4.14 is available

MITRE has released version 4.14 of the Common Weakness Enumeration (CWE) with a new weakness for "Hardware Micro Architectures", a view for "ISA/IEC 62443 Requirements", and new demonstrative examples from "HACK@DAC". Changes in 4.14 New Waknesses: CWE-1420: Exposure of Sensitive Information du...

Read more
What's new in SecDB 24.2
2024-02-29
What's new in SecDB 24.2

This new version of SecDB brings new features and improvements. Polished UI, improved support for EPSS, Web & Social references (from Reddit and Mastodon) in CVEs, new Security Advisories and sections (NASL & NVT and Packages), and much more. Improved the EPSS (Exploit Prediction Scoring System) s...

Read more
What's new in SecDB 22.11 - EPSS, Packages & Software, new Security Advisory feeds... and more!
2022-11-30
What's new in SecDB 22.11 - EPSS, Packages & Software, new Security Advisory feeds... and more!

Notable changes in SecDB Introduced the Exploit Prediction Scoring System (EPSS) Added the Exploit Prediction Scoring System (EPSS) score in all tables and CVE pages. The Exploit Prediction Scoring System (EPSS) is an open, data-driven effort for estimating the likelihood (probability) that a sof...

Read more

Latest Vulnerabilities

CVE-2024-29851
2024-05-22

CVSS3 7.2

Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account....

CVE-2024-29852
2024-05-22

CVSS3 2.7

Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs....

CVE-2024-29853
2024-05-22

CVSS3 7.8

An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privilege escalation....

CVE-2023-46806
2024-05-22

CVSS3 6.7

An SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an authenticated user with app...

CVE-2023-46807
2024-05-22

CVSS3 6.7

An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate pr...

CVE-2024-22026
2024-05-22

CVSS3 6.7

A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell re...

CVE-2024-29849
2024-05-22

CVSS3 9.8

Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface....

CVE-2024-29850
2024-05-22

CVSS3 8.8

Veeam Backup Enterprise Manager allows account takeover via NTLM relay....

CVE-2024-4438
2024-05-08

CVSS3 7.5 CWE-400

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487...

CVE-2023-6725
2024-03-15

CVSS3 6.6 CWE-1220

An access-control flaw was found in the OpenStack Designate component where private configuration information including ...

Loading...