CVEs Published

Latest Blog Articles

CWE 4.14 is available
2024-03-01
CWE 4.14 is available

MITRE has released version 4.14 of the Common Weakness Enumeration (CWE) with a new weakness for "Hardware Micro Architectures", a view for "ISA/IEC 62443 Requirements", and new demonstrative examples from "HACK@DAC". Changes in 4.14 New Waknesses: CWE-1420: Exposure of Sensitive Information du...

Read more
What's new in SecDB 24.2
2024-02-29
What's new in SecDB 24.2

This new version of SecDB brings new features and improvements. Polished UI, improved support for EPSS, Web & Social references (from Reddit and Mastodon) in CVEs, new Security Advisories and sections (NASL & NVT and Packages), and much more. Improved the EPSS (Exploit Prediction Scoring System) s...

Read more
What's new in SecDB 22.11 - EPSS, Packages & Software, new Security Advisory feeds... and more!
2022-11-30
What's new in SecDB 22.11 - EPSS, Packages & Software, new Security Advisory feeds... and more!

Notable changes in SecDB Introduced the Exploit Prediction Scoring System (EPSS) Added the Exploit Prediction Scoring System (EPSS) score in all tables and CVE pages. The Exploit Prediction Scoring System (EPSS) is an open, data-driven effort for estimating the likelihood (probability) that a sof...

Read more

Latest Vulnerabilities

CVE-2024-38319
2024-06-22

CVSS3 7.5 CWE-94

IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted s...

CVE-2024-5443
2024-06-22

CVSS3 9.8 CWE-29

CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the `ExtensionBuilder().bui...

CVE-2024-6241
2024-06-21

CVSS3 6.3 CVSS2 6.5 CWE-89

A vulnerability was found in Pear Admin Boot up to 2.0.2 and classified as critical. This issue affects the function get...

CVE-2024-6253
2024-06-22

CVSS3 7.3 CVSS2 7.5 CWE-89

A vulnerability was found in itsourcecode Online Food Ordering System 1.0 and classified as critical. Affected by this i...

CVE-2024-6252
2024-06-22

CVSS3 2.4 CVSS2 3.3 CWE-79

A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic. Affected by this vulnerabilit...

CVE-2024-6251
2024-06-22

CVSS3 2.4 CVSS2 3.3 CWE-80

A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an unknown function of the...

CVE-2024-38379
2024-06-22

CWE-79

Apache Allura's neighborhood settings are vulnerable to a stored XSS attack.  Only neighborhood admins can access these ...

CVE-2024-4940
2024-06-22

CVSS3 5.4 CWE-601

An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows a...

CVE-2024-5596
2024-06-22

CVSS3 6.3

The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, ...

CVE-2024-3593
2024-06-22

CVSS3 7.2

The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8....

Loading...