CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
Recent CVEs
| CVE | Description | Date |
|---|---|---|
| CVE-2023-1777 | Mattermost allows an attacker to request a preview of an existing message when creating a new message via the createPost API ... | Fri, 31 Mar 2023 08:07:05 |
| CVE-2023-1776 | Boards in Mattermost allows an attacker to upload a malicious SVG image file as an attachment to a card and share it using a ... | Fri, 31 Mar 2023 08:06:47 |
| CVE-2023-1775 | When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted eve... | Fri, 31 Mar 2023 08:06:30 |
| CVE-2023-1774 | When processing an email invite to a private channel on a team, Mattermost fails to validate the inviter's permission to that... | Fri, 31 Mar 2023 08:06:05 |
| CVE-2023-1773 | A vulnerability was found in Rockoa 2.3.2. It has been declared as critical. This vulnerability affects unknown code of the f... | Fri, 31 Mar 2023 08:05:51 |
| CVE-2023-1772 | A vulnerability was found in DataGear up to 4.5.1. It has been classified as problematic. This affects an unknown part of the... | Fri, 31 Mar 2023 08:05:23 |
| CVE-2023-1771 | A vulnerability was found in SourceCodester Grade Point Average GPA Calculator 1.0 and classified as problematic. Affected by... | Fri, 31 Mar 2023 08:05:05 |
| CVE-2023-1770 | A vulnerability has been found in SourceCodester Grade Point Average GPA Calculator 1.0 and classified as critical. Affected ... | Fri, 31 Mar 2023 08:04:40 |
| CVE-2023-1769 | A vulnerability, which was classified as problematic, was found in SourceCodester Grade Point Average GPA Calculator 1.0. Aff... | Fri, 31 Mar 2023 07:03:41 |
| CVE-2023-1060 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YKM YKM CRM allows Refl... | Fri, 31 Mar 2023 06:04:33 |
| CVE-2023-1258 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (... | Fri, 31 Mar 2023 04:08:06 |
| CVE-2023-28727 | Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due to mishandling of X-Forward... | Fri, 31 Mar 2023 03:06:22 |
| CVE-2023-28726 | Panasonic AiSEG2 versions 2.80F through 2.93A allows remote attackers to execute arbitrary OS commands. | Fri, 31 Mar 2023 03:05:52 |
| CVE-2023-28756 | A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid UR... | Fri, 31 Mar 2023 00:05:05 |
| CVE-2023-28755 | A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URL... | Fri, 31 Mar 2023 00:04:39 |
| CVE-2023-1761 | Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | Thu, 30 Mar 2023 22:18:40 |
| CVE-2023-1760 | Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | Thu, 30 Mar 2023 22:18:19 |
| CVE-2023-1759 | Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | Thu, 30 Mar 2023 22:17:48 |
| CVE-2023-1762 | Improper Privilege Management in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | Thu, 30 Mar 2023 22:10:50 |
| CVE-2023-1755 | Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | Thu, 30 Mar 2023 21:17:27 |
| CVE-2023-1754 | Improper Input Validation in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | Thu, 30 Mar 2023 21:17:02 |
| CVE-2023-1753 | Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | Thu, 30 Mar 2023 21:09:26 |
| CVE-2023-1747 | A vulnerability has been found in IBOS up to 4.5.4 and classified as critical. Affected by this vulnerability is an unknown f... | Thu, 30 Mar 2023 20:02:43 |
| CVE-2023-1746 | A vulnerability, which was classified as problematic, was found in Dreamer CMS up to 3.5.0. Affected is an unknown function o... | Thu, 30 Mar 2023 19:05:31 |
| CVE-2023-1745 | A vulnerability, which was classified as problematic, has been found in KMPlayer 4.2.2.73. This issue affects some unknown pr... | Thu, 30 Mar 2023 19:05:15 |
| CVE-2023-1744 | A vulnerability classified as critical was found in IBOS 4.5.5. This vulnerability affects unknown code of the component htac... | Thu, 30 Mar 2023 19:05:03 |
| CVE-2023-1670 | A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use thi... | Thu, 30 Mar 2023 19:04:51 |
| CVE-2023-1743 | A vulnerability classified as problematic has been found in SourceCodester Grade Point Average GPA Calculator 1.0. This affec... | Thu, 30 Mar 2023 18:06:19 |
| CVE-2023-1742 | A vulnerability was found in IBOS 4.5.5. It has been rated as critical. Affected by this issue is some unknown functionality ... | Thu, 30 Mar 2023 18:06:06 |
| CVE-2023-1741 | A vulnerability was found in jeecg-boot 3.5.0. It has been declared as problematic. Affected by this vulnerability is an unkn... | Thu, 30 Mar 2023 18:05:42 |
| CVE-2023-1740 | A vulnerability was found in SourceCodester Air Cargo Management System 1.0. It has been classified as critical. Affected is ... | Thu, 30 Mar 2023 17:09:49 |
| CVE-2023-1739 | A vulnerability was found in SourceCodester Simple and Beautiful Shopping Cart System 1.0 and classified as critical. This is... | Thu, 30 Mar 2023 17:09:32 |
| CVE-2023-1738 | A vulnerability has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0 and classified as critical. This vul... | Thu, 30 Mar 2023 17:09:09 |
| CVE-2023-1393 | A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explici... | Thu, 30 Mar 2023 17:06:09 |
| CVE-2022-4744 | A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device w... | Thu, 30 Mar 2023 17:05:41 |
| CVE-2023-26692 | ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper Publication Management System (ZPBS), and Zijper Image Bank Management Sy... | Thu, 30 Mar 2023 16:07:46 |
| CVE-2023-28846 | Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service (DoS) vulnerability ... | Thu, 30 Mar 2023 16:07:16 |
| CVE-2023-28462 | A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 (Enterprise), 5.20.0 and newer (Enterprise), a... | Thu, 30 Mar 2023 16:06:56 |
| CVE-2023-27538 | An authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously established SSH connection despi... | Thu, 30 Mar 2023 16:06:40 |
| CVE-2023-27537 | A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was intr... | Thu, 30 Mar 2023 16:06:11 |
| CVE-2023-27536 | An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously estab... | Thu, 30 Mar 2023 16:05:50 |
| CVE-2023-27535 | An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong ... | Thu, 30 Mar 2023 16:05:37 |
| CVE-2023-27534 | A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replace... | Thu, 30 Mar 2023 16:05:07 |
| CVE-2023-27533 | A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker ... | Thu, 30 Mar 2023 16:04:55 |
| CVE-2023-1737 | A vulnerability, which was classified as critical, was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This ... | Thu, 30 Mar 2023 16:04:29 |
| CVE-2023-1736 | A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. ... | Thu, 30 Mar 2023 16:04:07 |
| CVE-2023-1735 | A vulnerability classified as critical was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this ... | Thu, 30 Mar 2023 16:03:48 |
| CVE-2022-47542 | Red Gate SQL Monitor 11.0.14 through 12.1.46 has Incorrect Access Control, exploitable remotely for Escalation of Privileges. | Thu, 30 Mar 2023 16:03:30 |
| CVE-2023-28835 | Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creat... | Thu, 30 Mar 2023 15:05:43 |
| CVE-2023-28833 | Nextcloud server is an open source home cloud implementation. In affected versions admins of a server were able to upload a l... | Thu, 30 Mar 2023 15:05:28 |
| CVE-2023-28647 | Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 whe... | Thu, 30 Mar 2023 15:05:06 |
| CVE-2023-28646 | Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from 3.7.0 and befo... | Thu, 30 Mar 2023 15:04:39 |
| CVE-2023-28644 | Nextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch before 25.0.3 an inefficient f... | Thu, 30 Mar 2023 15:04:14 |
| CVE-2023-28643 | Nextcloud server is an open source home cloud implementation. In affected versions when a recipient receives 2 shares with th... | Thu, 30 Mar 2023 15:04:00 |
| CVE-2023-26482 | Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation allowed users t... | Thu, 30 Mar 2023 15:03:48 |
| CVE-2023-1734 | A vulnerability classified as critical has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected is ... | Thu, 30 Mar 2023 15:03:19 |
| CVE-2022-23522 | MindsDB is an open source machine learning platform. An unsafe extraction is being performed using `shutil.unpack_archive()` ... | Thu, 30 Mar 2023 15:02:50 |
| CVE-2023-29059 | 3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 1... | Thu, 30 Mar 2023 13:06:30 |
| CVE-2022-43473 | A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168... | Thu, 30 Mar 2023 13:06:03 |
| CVE-2023-24473 | An information disclosure vulnerability exists in the TGAInput::read_tga2_header functionality of OpenImageIO Project OpenIma... | Thu, 30 Mar 2023 12:07:59 |
| CVE-2023-24472 | A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1... | Thu, 30 Mar 2023 12:07:31 |
| CVE-2023-22845 | An out-of-bounds read vulnerability exists in the TGAInput::decode_pixel() functionality of OpenImageIO Project OpenImageIO v... | Thu, 30 Mar 2023 12:07:06 |
| CVE-2022-30351 | PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted informat... | Thu, 30 Mar 2023 12:06:54 |
| CVE-2022-30350 | Avanquest Software RAD PDF (PDFEscape Online) 3.19.2.2 is vulnerable to Information Leak / Disclosure. The PDFEscape Online t... | Thu, 30 Mar 2023 12:06:32 |
| CVE-2023-25076 | A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (c... | Thu, 30 Mar 2023 11:06:05 |
| CVE-2023-1725 | Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows Server Side Request Forgery.Thi... | Thu, 30 Mar 2023 11:05:52 |
| CVE-2023-28733 | AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitabl... | Thu, 30 Mar 2023 08:07:58 |
| CVE-2023-28732 | Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the ... | Thu, 30 Mar 2023 08:07:31 |
| CVE-2023-28731 | AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's ... | Thu, 30 Mar 2023 08:07:04 |
| CVE-2023-25040 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Vova Anokhin WordPress Shortcodes Plugin — Shortcod... | Thu, 30 Mar 2023 08:06:45 |
| CVE-2023-24399 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in OceanWP Ocean Extra plugin <= 2.1.2 versions. | Thu, 30 Mar 2023 08:06:21 |
| CVE-2023-23681 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Labib Ahmed Image Hover Effects For WPBakery Page Bui... | Thu, 30 Mar 2023 08:06:05 |
| CVE-2023-23677 | Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.5 versions. | Thu, 30 Mar 2023 07:06:11 |
| CVE-2023-23675 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Catchsquare WP Smart Preloader plugin <= 1.15 versions. | Thu, 30 Mar 2023 07:05:53 |
| CVE-2023-23670 | Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Team Heateor Fancy Comments WordPress plugin <= 1.2.10 versi... | Thu, 30 Mar 2023 07:05:40 |
| CVE-2023-28935 | ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerabi... | Thu, 30 Mar 2023 06:05:52 |
| CVE-2023-1699 | Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability. This vulnerability allows an attacker ... | Thu, 30 Mar 2023 06:05:25 |
| CVE-2023-1712 | Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30. | Thu, 30 Mar 2023 05:54:27 |
| CVE-2023-1014 | Improper Protection for Outbound Error Messages and Alert Signals vulnerability in Virames Vira-Investing allows Account Foot... | Thu, 30 Mar 2023 05:04:36 |
| CVE-2023-1013 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Virames Vira-Investing allows ... | Thu, 30 Mar 2023 05:04:24 |
| CVE-2023-26118 | All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url">... | Thu, 30 Mar 2023 01:05:04 |
| CVE-2023-26117 | All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service ... | Thu, 30 Mar 2023 01:04:45 |
| CVE-2023-26116 | All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() uti... | Thu, 30 Mar 2023 01:04:33 |
| CVE-2023-25000 | HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timin... | Wed, 29 Mar 2023 21:06:09 |
| CVE-2023-0665 | HashiCorp Vault's PKI mount issuer endpoints did not correctly authorize access to remove an issuer or modify issuer metadata... | Wed, 29 Mar 2023 21:05:43 |
| CVE-2023-0620 | HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring... | Wed, 29 Mar 2023 21:05:18 |
| CVE-2023-0836 | An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11... | Wed, 29 Mar 2023 17:08:31 |
| CVE-2023-28509 | Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2... | Wed, 29 Mar 2023 17:08:07 |
| CVE-2023-28508 | Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2... | Wed, 29 Mar 2023 17:07:53 |
| CVE-2023-28507 | Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2... | Wed, 29 Mar 2023 17:07:25 |
| CVE-2023-28506 | Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2... | Wed, 29 Mar 2023 17:06:55 |
| CVE-2023-28505 | Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2... | Wed, 29 Mar 2023 17:06:38 |
| CVE-2023-28504 | Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2... | Wed, 29 Mar 2023 17:06:16 |
| CVE-2023-28503 | Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2... | Wed, 29 Mar 2023 17:06:01 |
| CVE-2023-28502 | Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2... | Wed, 29 Mar 2023 17:05:43 |
| CVE-2023-1652 | A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This ... | Wed, 29 Mar 2023 17:05:30 |
| CVE-2022-3787 | A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root acces... | Wed, 29 Mar 2023 17:05:08 |
| CVE-2022-1274 | A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emai... | Wed, 29 Mar 2023 17:04:40 |
| CVE-2021-41526 | A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom action. This vulnerability m... | Wed, 29 Mar 2023 16:34:18 |
| CVE-2019-8963 | A Denial of Service (DoS) vulnerability was discovered in FlexNet Publisher's lmadmin 11.16.5, when doing a crafted POST requ... | Wed, 29 Mar 2023 16:34:05 |