High-risk CVEs that may require verification and impact analysis.
-
Updated
May 29, 2024
High-risk CVEs that may require verification and impact analysis.
Audit your Node version for known CVEs and patches
Audit your PHP version for known CVEs and patches
CVE-2019-10092: Limited Cross-Site Scripting in "Proxy Error" Page
CERT/CC's fork of Metasploit Framework in which we are tagging commits that include vulnerability IDs. The first commit for an ID we recognize gets the tag for that ID. Aside from adding git tags, we do not otherwise modify the code. Updates hourly.
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
CERT/CC's fork of the official Exploit Database repository in which we are tagging commits that include vulnerability IDs. The first commit for an ID we recognize gets the tag for that ID. Aside from adding git tags, we do not otherwise modify the code. Updates hourly.
Follow my cybersecurity journey as I explore CTF, Red Teaming, and Malware Analysis. Dive into challenges, insights, and discoveries.
CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail
CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail
CVE-2020-12640: Local PHP File Inclusion via "Plugin Value" in Roundcube Webmail
CVE-2020-12641: Command Injection via “_im_convert_path” Parameter in Roundcube Webmail
CVE-2022-24818: Java Deserialization via Unchecked JNDI Lookups in GeoServer and GeoTools
CVE-2019-14678: XML External Entity in SAS XML Mapper
List of CVEs found by dmdhrumilmistry
Add a description, image, and links to the cves topic page so that developers can more easily learn about it.
To associate your repository with the cves topic, visit your repo's landing page and select "manage topics."