Find the latest CVE releases with Vicarius’s free, unlimited access to the world's software CVE database.
Our advanced and intuitive research engine makes CVE vulnerability data and software analysis easy to find.
Trending CVEs October 2024
Explore by Tags
CVE
Recent Apps
Recent Operating Systems
http://www.vicarius.io
is owned and operated by Vicarius Ltd. (the “Company”). All information contained on the
Website is purely for informational, and educational purposes and should be independently
verified and confirmed. Vicarius does not accept any liability for any loss or damage
whatsoever caused in reliance upon such information or services. No statements or information
presented in any form by Vicarius is intended as fact, and you agree that you will not
consider the statements or information presented on the Website as fact or as a guarantee of
performance.
Security Research Topics
By j00sean (https://twitter.com/j00sean)
Jul 11, 2023
Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability (CVE-2022-44666) (0day)
Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape, which was not fully fixed as CVE-2022-44666 in the patches released on December, 2022.
Command Injection vulnerability that affects Nimbus server in apache storm.
By MHZ Cyber
Jun 19, 2023
CVE-2023-21931 & CVE-2023-21839 RCE via post-deserialization
RCE via post-deserialization was found in Weblogic Server and has been found and registered as CVE-2023-21839 & CVE-2023-21931 both have the same idea.
We are going to go through some of the code, reproduce the vulnerability, explain the exploitation and do some network traffic analysis
By Noa Machter
May 14, 2023
Have you missed them? The new reports feature is here!
our reports are back, and they are better than ever!
By MHZ Cyber
Apr 30, 2023
CVE-2021-45456 Apache Kylin RCE Exploit
This video of the exploitation script of the Apache Kylin RCE CVE-2021-45456