Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2001-1045 |
N/A
|
Directory traversal vulnerability in basilix.php3… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:06.982Z |
| CVE-2001-1047 |
N/A
|
Race condition in OpenBSD VFS allows local users … |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.058Z |
| CVE-2001-1050 |
N/A
|
CCCSoftware CCC PHP script allows remote attacker… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.013Z |
| CVE-2001-1051 |
N/A
|
Dark Hart Portal (darkportal) PHP script allows r… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.746Z |
| CVE-2001-1052 |
N/A
|
Empris PHP script allows remote attackers to incl… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:06.977Z |
| CVE-2001-1057 |
N/A
|
The License Manager (mathlm) for Mathematica 4.0 … |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.203Z |
| CVE-2001-1058 |
N/A
|
The License Manager (mathlm) for Mathematica 4.0 … |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.855Z |
| CVE-2001-1060 |
N/A
|
phpMyAdmin 2.2.0rc3 and earlier allows remote att… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.019Z |
| CVE-2001-1061 |
N/A
|
Vulnerability in lsmcode in unknown versions of A… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:06.669Z |
| CVE-2001-1064 |
N/A
|
Cisco 600 series routers running CBOS 2.0.1 throu… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.047Z |
| CVE-2001-1065 |
N/A
|
Web-based configuration utility in Cisco 600 seri… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.077Z |
| CVE-2001-1068 |
N/A
|
qpopper 4.01 with PAM based authentication on Red… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.255Z |
| CVE-2001-1070 |
N/A
|
Sage Software MAS 200 allows remote attackers to … |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.063Z |
| CVE-2001-1073 |
N/A
|
Webridge PX Application Suite allows remote attac… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.049Z |
| CVE-2001-1076 |
N/A
|
Buffer overflow in whodo in Solaris SunOS 5.5.1 t… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.909Z |
| CVE-2001-1077 |
N/A
|
Buffer overflow in tt_printf function of rxvt 2.6… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.816Z |
| CVE-2001-1078 |
N/A
|
Format string vulnerability in flog function of e… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.792Z |
| CVE-2001-1082 |
N/A
|
Directory traversal vulnerability in Livingston/L… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:08.007Z |
| CVE-2001-0542 |
N/A
|
Buffer overflows in Microsoft SQL Server 7.0 and … |
n/a |
n/a |
2002-02-18T05:00:00 | 2024-08-08T04:21:38.520Z |
| CVE-2001-0551 |
N/A
|
Buffer overflow in CDE Print Viewer (dtprintinfo)… |
n/a |
n/a |
2002-02-18T05:00:00 | 2024-08-08T04:21:38.619Z |
| CVE-2002-0012 |
N/A
|
Vulnerabilities in a large number of SNMP impleme… |
n/a |
n/a |
2002-02-18T05:00:00 | 2024-08-08T02:35:16.981Z |
| CVE-2002-0013 |
N/A
|
Vulnerabilities in the SNMPv1 request handling of… |
n/a |
n/a |
2002-02-18T05:00:00 | 2024-08-08T02:35:17.389Z |
| CVE-2002-0048 |
N/A
|
Multiple signedness errors (mixed signed and unsi… |
n/a |
n/a |
2002-02-18T05:00:00 | 2024-08-08T02:35:17.489Z |
| CVE-2002-0053 |
N/A
|
Buffer overflow in SNMP agent service in Windows … |
n/a |
n/a |
2002-02-18T05:00:00 | 2024-08-08T02:35:17.201Z |
| CVE-2002-0056 |
N/A
|
Buffer overflow in SQL Server 7.0 and 2000 allows… |
n/a |
n/a |
2002-02-21T05:00:00 | 2024-08-08T02:35:17.488Z |
| CVE-2002-0058 |
N/A
|
Vulnerability in Java Runtime Environment (JRE) a… |
n/a |
n/a |
2002-03-07T05:00:00 | 2024-08-08T02:35:17.473Z |
| CVE-2002-0084 |
N/A
|
Buffer overflow in the fscache_setup function of … |
n/a |
n/a |
2002-03-07T05:00:00 | 2024-08-08T02:35:17.429Z |
| CVE-2002-0085 |
N/A
|
cachefsd in Solaris 2.6, 7, and 8 allows remote a… |
n/a |
n/a |
2002-03-07T05:00:00 | 2024-08-08T02:35:17.586Z |
| CVE-2002-0086 |
N/A
|
Buffer overflow in bindsock in Lotus Domino 5.0.4… |
n/a |
n/a |
2002-03-07T05:00:00 | 2024-08-08T02:35:17.576Z |
| CVE-2002-0087 |
N/A
|
bindsock in Lotus Domino 5.07 on Solaris allows l… |
n/a |
n/a |
2002-03-07T05:00:00 | 2024-08-08T02:35:17.471Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2001-1160 |
N/A
|
udirectory.pl in Microburst Technologies uDirecto… |
n/a |
n/a |
2002-06-25T04:00:00 | 2024-08-08T04:44:07.919Z |
| CVE-2001-1080 |
N/A
|
diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR… |
n/a |
n/a |
2002-03-09T05:00:00 | 2024-08-08T04:44:07.942Z |
| CVE-2001-1459 |
N/A
|
OpenSSH 2.9 and earlier does not initiate a Plugg… |
n/a |
n/a |
2005-04-21T04:00:00 | 2024-08-08T04:58:11.181Z |
| CVE-2001-1078 |
N/A
|
Format string vulnerability in flog function of e… |
n/a |
n/a |
2002-02-02T05:00:00 | 2024-08-08T04:44:07.792Z |
| CVE-2001-1276 |
N/A
|
ispell before 3.1.20 allows local users to overwr… |
n/a |
n/a |
2002-06-25T04:00:00 | 2024-08-08T04:51:07.115Z |
| CVE-2001-0906 |
N/A
|
teTeX filter before 1.0.7 allows local users to g… |
n/a |
n/a |
2002-06-25T04:00:00 | 2024-08-08T04:37:06.810Z |
| CVE-2001-1328 |
N/A
|
Buffer overflow in ypbind daemon in Solaris 5.4 t… |
n/a |
n/a |
2004-09-01T04:00:00 | 2024-08-08T04:51:08.447Z |
| CVE-2001-1162 |
N/A
|
Directory traversal vulnerability in the %m macro… |
n/a |
n/a |
2002-06-25T04:00:00 | 2024-08-08T04:44:08.280Z |
| CVE-2001-1083 |
N/A
|
Icecast 1.3.7, and other versions before 1.3.11 w… |
n/a |
n/a |
2002-06-25T04:00:00 | 2024-08-08T04:44:07.420Z |
| CVE-2001-1324 |
N/A
|
cvmlogin and statfile in Paul Jarc idtools before… |
n/a |
n/a |
2002-05-03T04:00:00 | 2024-08-08T04:51:08.135Z |
| CVE-2001-0237 |
N/A
|
Memory leak in Microsoft 2000 domain controller a… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:06.478Z |
| CVE-2001-0240 |
N/A
|
Microsoft Word before Word 2002 allows attackers … |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:06.957Z |
| CVE-2001-0241 |
N/A
|
Buffer overflow in Internet Printing ISAPI extens… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.060Z |
| CVE-2001-0242 |
N/A
|
Buffer overflows in Microsoft Windows Media Playe… |
n/a |
n/a |
2001-05-24T04:00:00 | 2024-08-08T04:14:06.728Z |
| CVE-2001-0243 |
N/A
|
Windows Media Player 7 and earlier stores Interne… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.151Z |
| CVE-2001-0244 |
N/A
|
Buffer overflow in Microsoft Index Server 2.0 all… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.174Z |
| CVE-2001-0245 |
N/A
|
Microsoft Index Server 2.0 in Windows NT 4.0, and… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.257Z |
| CVE-2001-0246 |
N/A
|
Internet Explorer 5.5 and earlier does not proper… |
n/a |
n/a |
2001-05-24T04:00:00 | 2024-08-08T04:14:07.295Z |
| CVE-2001-0328 |
N/A
|
TCP implementations that use random increments fo… |
n/a |
n/a |
2001-05-24T04:00:00 | 2024-08-08T04:14:07.389Z |
| CVE-2001-0329 |
N/A
|
Bugzilla 2.10 allows remote attackers to execute … |
n/a |
n/a |
2001-05-24T04:00:00 | 2024-08-08T04:14:07.395Z |
| CVE-2001-0330 |
N/A
|
Bugzilla 2.10 allows remote attackers to access s… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.400Z |
| CVE-2001-0331 |
N/A
|
Buffer overflow in Embedded Support Partner (ESP)… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-29T15:50:57.052Z |
| CVE-2001-0332 |
N/A
|
Internet Explorer 5.5 and earlier does not proper… |
n/a |
n/a |
2001-05-24T04:00:00 | 2024-08-08T04:14:07.411Z |
| CVE-2001-0333 |
N/A
|
Directory traversal vulnerability in IIS 5.0 and … |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.389Z |
| CVE-2001-0334 |
N/A
|
FTP service in IIS 5.0 and earlier allows remote … |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.396Z |
| CVE-2001-0335 |
N/A
|
FTP service in IIS 5.0 and earlier allows remote … |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.406Z |
| CVE-2001-0336 |
N/A
|
The Microsoft MS00-060 patch for IIS 5.0 and earl… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.391Z |
| CVE-2001-0337 |
N/A
|
The Microsoft MS01-014 and MS01-016 patches for I… |
n/a |
n/a |
2001-05-24T04:00:00 | 2024-08-08T04:14:07.389Z |
| CVE-2001-0338 |
N/A
|
Internet Explorer 5.5 and earlier does not proper… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.405Z |
| CVE-2001-0339 |
N/A
|
Internet Explorer 5.5 and earlier allows remote a… |
n/a |
n/a |
2001-09-18T04:00:00 | 2024-08-08T04:14:07.395Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-xhv5-w9c5-2r2w |
7.5 (3.1)
|
Unbounded connection acceptance in http4s-blaze-server | 2021-02-02T21:42:56Z | 2022-10-25T20:51:11Z |
| ghsa-f62v-xpxf-3v68 |
7.5 (3.1)
|
Code injection in Apache Ant | 2021-02-03T19:16:35Z | 2025-09-27T03:18:25Z |
| ghsa-f5c9-x9j6-87qp |
9.8 (3.1)
|
Prototype pollution in dotty | 2021-02-05T20:43:08Z | 2023-08-08T19:28:24Z |
| ghsa-6cf8-qhqj-vjqm |
7.3 (3.1)
|
Prototype pollution in total.js | 2021-02-05T20:43:19Z | 2023-09-13T20:22:24Z |
| ghsa-4449-hg37-77v8 |
8.6 (3.1)
|
Command injection in total.js | 2021-02-05T20:43:27Z | 2021-07-28T18:57:23Z |
| ghsa-f4hq-453j-p95f |
6.1 (3.1)
|
Open redirect in Slashify | 2021-02-05T20:43:34Z | 2022-05-26T20:40:57Z |
| ghsa-w736-hf9p-qqh3 |
|
Key Caching behavior in the DynamoDB Encryption Client. | 2021-02-08T17:43:36Z | 2021-02-05T21:21:40Z |
| ghsa-4ph2-8337-hm62 |
|
Key Caching behavior in the DynamoDB Encryption Client. | 2021-02-08T17:43:49Z | 2021-02-05T21:22:28Z |
| ghsa-rrqm-p222-8ph2 |
7.2 (3.1)
|
Prototype Pollution in Dynamoose | 2021-02-08T17:44:01Z | 2022-05-26T19:58:25Z |
| ghsa-fwcm-636p-68r5 |
4.3 (3.1)
|
Server-side request forgery in CarrierWave | 2021-02-08T19:16:26Z | 2023-05-16T15:41:50Z |
| ghsa-cf3w-g86h-35x4 |
7.4 (3.1)
|
Code Injection vulnerability in CarrierWave::RMagick | 2021-02-08T19:16:39Z | 2022-04-27T19:58:17Z |
| ghsa-93xj-8mrv-444m |
7.5 (3.1)
7.7 (4.0)
|
Regular Expression Denial of Service (REDoS) in httplib2 | 2021-02-08T19:41:59Z | 2024-09-23T16:13:16Z |
| ghsa-5mcr-gq6c-3hq2 |
6.2 (3.1)
|
Local Information Disclosure Vulnerability in Netty on Unix-Like systems | 2021-02-08T21:17:48Z | 2022-04-19T15:19:08Z |
| ghsa-4r62-v4vq-hr96 |
5.3 (3.1)
|
Regular Expression Denial of Service (REDoS) in Marked | 2021-02-08T21:17:58Z | 2021-02-08T21:17:26Z |
| ghsa-rhm9-p9w5-fwm7 |
9.1 (3.1)
8.8 (4.0)
|
PyCA Cryptography symmetrically encrypting large values can lead to integer overflow | 2021-02-10T01:32:27Z | 2024-09-13T18:33:13Z |
| ghsa-29q4-gxjq-rx5c |
|
Remote Code Execution in SCIMono | 2021-02-10T02:31:53Z | 2021-02-10T01:48:45Z |
| ghsa-jvg4-9rc2-wvcr |
|
Generation of fake documents via public GET-call | 2021-02-10T02:32:07Z | 2021-02-10T02:17:07Z |
| ghsa-f2vv-h5x4-57gr |
|
Leak of information via Store-API | 2021-02-10T02:32:21Z | 2021-10-05T16:12:44Z |
| ghsa-7ggw-h8pp-r95r |
9.8 (3.1)
|
October CMS Session ID not invalidated after logout | 2021-02-10T02:32:35Z | 2023-09-07T17:47:26Z |
| ghsa-pmw4-jgxx-pcq9 |
|
File System Bounds Escape | 2021-02-10T18:11:34Z | 2021-02-11T17:04:52Z |
| ghsa-9pgx-gcph-mpqr |
6.1 (3.1)
|
vrana/adminer via XSS in the history parameter in SQL command | 2021-02-11T20:42:28Z | 2023-09-21T19:59:45Z |
| ghsa-x5r2-hj5c-8jx6 |
7.2 (3.1)
|
SSRF in adminer | 2021-02-11T20:42:59Z | 2025-10-22T19:05:30Z |
| ghsa-m56g-3g8v-2rxw |
|
XSS in Adminer | 2021-02-11T20:46:53Z | 2021-02-11T20:37:00Z |
| ghsa-r3j7-x2g5-9gx6 |
9.8 (3.1)
|
Command injection in samba-client | 2021-02-11T20:47:27Z | 2022-05-03T03:44:37Z |
| ghsa-w46j-8hm6-h8mm |
6.3 (3.1)
|
XSS in apexcharts | 2021-02-11T20:47:34Z | 2023-09-12T20:53:29Z |
| ghsa-43f8-p5w3-5m25 |
|
vrana/adminer vulnerable to SSRF by connecting to privileged ports | 2021-02-11T21:20:40Z | 2023-09-21T19:57:49Z |
| ghsa-pg53-56cg-4m8q |
|
Token verification bug in next-auth | 2021-02-11T21:36:24Z | 2021-02-22T20:43:03Z |
| ghsa-2m8v-572m-ff2v |
7.8 (3.1)
|
Command Injection Vulnerability | 2021-02-16T16:51:04Z | 2025-10-22T19:06:01Z |
| ghsa-pj4g-4488-wmxm |
8.5 (3.1)
|
Dynamic modification of RPyC service due to missing security check | 2021-02-17T19:50:58Z | 2021-09-27T22:48:17Z |
| ghsa-288c-cq4h-88gq |
7.5 (3.1)
|
XML External Entity (XXE) Injection in Jackson Databind | 2021-02-18T20:51:54Z | 2024-03-15T00:30:48Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2025-53 |
|
vLLM is an inference and serving engine for large language models (LLMs). Prior to versio… | vllm | 2025-05-29T17:15:21+00:00 | 2025-06-26T21:23:06.231251+00:00 |
| pysec-2025-50 |
|
vLLM, an inference and serving engine for large language models (LLMs), has a Regular Exp… | vllm | 2025-05-30T18:15:32+00:00 | 2025-06-19T03:02:28.572160+00:00 |
| pysec-2025-54 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.319321+00:00 |
| pysec-2025-55 |
|
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.407481+00:00 |
| pysec-2025-44 |
|
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in mod… | django-helpdesk | 2025-05-31T01:15:19+00:00 | 2025-05-31T03:09:35.357757+00:00 |
| pysec-2025-47 |
|
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2… | django | 2025-06-05T03:15:25+00:00 | 2025-06-05T05:23:28.296596+00:00 |
| pysec-2025-64 |
9.8 (3.1)
|
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… | python-a2a | 2025-06-17T07:15:18+00:00 | 2025-07-02T21:23:13.806273+00:00 |
| pysec-2025-67 |
9.8 (3.1)
|
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.385619+00:00 |
| pysec-2025-68 |
8.0 (3.1)
|
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.449399+00:00 |
| pysec-2025-52 |
|
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2025-70 |
10.0 (3.1)
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… | langchain-community | 2025-06-23T21:15:25+00:00 | 2025-07-16T21:23:40.211079+00:00 |
| pysec-2025-51 |
|
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) v… | apache-airflow-providers-snowflake | 2025-06-24T08:15:24+00:00 | 2025-06-26T21:23:03.132527+00:00 |
| pysec-2025-61 |
|
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … | pillow | 2025-07-01T19:15:27Z | 2025-07-07T14:12:46.226030Z |
| pysec-2025-65 |
|
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… | llama-index | 2025-07-07T13:15:28+00:00 | 2025-07-07T15:23:42.730681+00:00 |
| pysec-2025-69 |
|
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… | roundup | 2025-07-13T20:15:25+00:00 | 2025-07-13T21:23:01.161315+00:00 |
| pysec-2025-71 |
|
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… | cadwyn | 2025-07-21T21:15:25+00:00 | 2025-07-23T15:24:03.825615+00:00 |
| pysec-2025-72 |
|
The `num2words` project was compromised via a phishing attack and two new versions were u… | num2words | 2025-07-31T14:34:47+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2022-1808 | Malicious code in calc_za9op7a3b4 (npm) | 2022-06-20T20:19:48Z | 2022-06-20T20:19:48Z |
| mal-2022-49 | Malicious code in @0xten/calc_wzpz618zfk (npm) | 2022-06-20T20:19:48Z | 2022-06-20T20:19:49Z |
| mal-2022-3221 | Malicious code in frontend-framework-paypal (npm) | 2022-06-20T20:19:49Z | 2022-06-20T20:19:49Z |
| mal-2022-4110 | Malicious code in karma-failed-tests-reporter (npm) | 2022-06-20T20:19:49Z | 2022-06-20T20:19:50Z |
| mal-2022-5435 | Malicious code in pp-vx (npm) | 2022-06-20T20:19:49Z | 2022-06-20T20:19:49Z |
| mal-2022-6319 | Malicious code in story-editor (npm) | 2022-06-20T20:19:49Z | 2022-06-20T20:19:49Z |
| mal-2022-4109 | Malicious code in karma-cuj-reporter (npm) | 2022-06-20T20:19:50Z | 2022-06-20T20:19:50Z |
| mal-2022-4172 | Malicious code in kiota-abstractions (npm) | 2022-06-20T20:19:50Z | 2022-06-20T20:19:51Z |
| mal-2022-4725 | Malicious code in msbuild-sdks (npm) | 2022-06-20T20:19:50Z | 2022-06-20T20:19:50Z |
| mal-2022-5976 | Malicious code in sdk-client (npm) | 2022-06-20T20:19:50Z | 2022-06-20T20:19:50Z |
| mal-2022-6800 | Malicious code in upchieve-server (npm) | 2022-06-20T20:19:50Z | 2022-06-20T20:19:51Z |
| mal-2022-6207 | Malicious code in solc-0.7.6 (npm) | 2022-06-20T20:19:51Z | 2022-06-20T20:19:51Z |
| mal-2022-6513 | Malicious code in testexploit (npm) | 2022-06-20T20:19:51Z | 2022-06-20T20:19:52Z |
| mal-2022-6514 | Malicious code in testexploit1 (npm) | 2022-06-20T20:19:51Z | 2022-06-20T20:19:52Z |
| mal-2022-6567 | Malicious code in tigerpochere6 (npm) | 2022-06-20T20:19:51Z | 2022-06-20T20:19:52Z |
| mal-2022-1809 | Malicious code in calc_zd4nl10t96 (npm) | 2022-06-20T20:19:52Z | 2022-06-20T20:19:53Z |
| mal-2022-2557 | Malicious code in dogwhohacks-npm-poc (npm) | 2022-06-20T20:19:52Z | 2022-06-20T20:19:53Z |
| mal-2022-4714 | Malicious code in mrg-xray (npm) | 2022-06-20T20:19:52Z | 2022-06-20T20:19:52Z |
| mal-2022-6992 | Malicious code in vue-loader-3 (npm) | 2022-06-20T20:19:52Z | 2022-06-20T20:19:53Z |
| mal-2022-1764 | Malicious code in calc_2lxgcr990p (npm) | 2022-06-20T20:19:53Z | 2022-06-20T20:19:53Z |
| mal-2022-1774 | Malicious code in calc_ad57vduuf3 (npm) | 2022-06-20T20:19:53Z | 2022-06-20T20:19:54Z |
| mal-2022-1783 | Malicious code in calc_gl2xiahl1g (npm) | 2022-06-20T20:19:53Z | 2022-06-20T20:19:53Z |
| mal-2022-1794 | Malicious code in calc_r1wpdjwe0y (npm) | 2022-06-20T20:19:53Z | 2022-06-20T20:19:54Z |
| mal-2022-1762 | Malicious code in calc_0ea1axyay6 (npm) | 2022-06-20T20:19:54Z | 2022-06-20T20:19:55Z |
| mal-2022-1763 | Malicious code in calc_265o5cvxxt (npm) | 2022-06-20T20:19:54Z | 2022-06-20T20:19:58Z |
| mal-2022-1785 | Malicious code in calc_ie98wra5sn (npm) | 2022-06-20T20:19:54Z | 2022-06-20T20:19:54Z |
| mal-2022-1799 | Malicious code in calc_tag3iqjm3x (npm) | 2022-06-20T20:19:54Z | 2022-06-20T20:19:54Z |
| mal-2022-1782 | Malicious code in calc_gcc1y6tzao (npm) | 2022-06-20T20:19:55Z | 2022-06-20T20:19:55Z |
| mal-2022-1787 | Malicious code in calc_n5551j7gbr (npm) | 2022-06-20T20:19:55Z | 2022-06-20T20:19:56Z |
| mal-2022-1806 | Malicious code in calc_x0wguvucl1 (npm) | 2022-06-20T20:19:55Z | 2022-06-20T20:19:55Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2023-1379 | D-LINK DIR-842V2: Mehrere Schwachstellen ermöglichen Codeausführung | 2023-06-06T22:00:00.000+00:00 | 2023-06-06T22:00:00.000+00:00 |
| wid-sec-w-2023-1380 | Apache Guacamole: Mehrere Schwachstellen | 2023-06-06T22:00:00.000+00:00 | 2023-06-06T22:00:00.000+00:00 |
| wid-sec-w-2023-1381 | IBM TXSeries: Mehrere Schwachstellen | 2023-06-06T22:00:00.000+00:00 | 2023-06-06T22:00:00.000+00:00 |
| wid-sec-w-2023-1382 | Red Hat Enterprise Linux: Schwachstelle ermöglicht Offenlegung von Informationen | 2023-06-06T22:00:00.000+00:00 | 2023-08-15T22:00:00.000+00:00 |
| wid-sec-w-2023-1384 | Grafana: Mehrere Schwachstellen | 2023-06-06T22:00:00.000+00:00 | 2024-01-23T23:00:00.000+00:00 |
| wid-sec-w-2023-1385 | Mozilla Firefox: Mehrere Schwachstellen | 2023-06-06T22:00:00.000+00:00 | 2024-01-07T23:00:00.000+00:00 |
| wid-sec-w-2023-1386 | dbus: Schwachstelle ermöglicht Denial of Service | 2023-06-06T22:00:00.000+00:00 | 2023-06-06T22:00:00.000+00:00 |
| wid-sec-w-2023-1387 | Trellix Agent: Mehrere Schwachstellen | 2023-06-06T22:00:00.000+00:00 | 2023-06-06T22:00:00.000+00:00 |
| wid-sec-w-2023-1388 | VMware Aria Operations for Networks: Mehrere Schwachstellen | 2023-06-08T22:00:00.000+00:00 | 2023-06-15T22:00:00.000+00:00 |
| wid-sec-w-2023-1394 | Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2023-06-08T22:00:00.000+00:00 | 2025-07-20T22:00:00.000+00:00 |
| wid-sec-w-2023-1395 | NetApp ActiveIQ Unified Manager: Schwachstelle ermöglicht Denial of Service | 2023-06-08T22:00:00.000+00:00 | 2023-06-08T22:00:00.000+00:00 |
| wid-sec-w-2023-1397 | Cisco ASA (Adaptive Security Appliance): Schwachstelle ermöglicht Denial of Service | 2023-06-08T22:00:00.000+00:00 | 2023-06-08T22:00:00.000+00:00 |
| wid-sec-w-2023-1400 | Cisco Expressway: Mehrere Schwachstellen ermöglichen Privilegieneskalation | 2023-06-08T22:00:00.000+00:00 | 2023-06-11T22:00:00.000+00:00 |
| wid-sec-w-2023-1401 | Cisco Small Business: Schwachstelle ermöglicht Cross-Site Scripting | 2023-06-08T22:00:00.000+00:00 | 2023-06-08T22:00:00.000+00:00 |
| wid-sec-w-2023-1402 | dbus: Schwachstelle ermöglicht Denial of Service | 2023-06-08T22:00:00.000+00:00 | 2024-07-18T22:00:00.000+00:00 |
| wid-sec-w-2023-1403 | IBM Maximo Asset Management: Mehrere Schwachstellen | 2023-06-08T22:00:00.000+00:00 | 2023-06-08T22:00:00.000+00:00 |
| wid-sec-w-2023-1404 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2023-06-08T22:00:00.000+00:00 | 2024-12-16T23:00:00.000+00:00 |
| wid-sec-w-2023-1405 | libTIFF: Schwachstelle ermöglicht Denial of Service | 2023-06-08T22:00:00.000+00:00 | 2025-06-30T22:00:00.000+00:00 |
| wid-sec-w-2023-1406 | FasterXML Jackson: Mehrere Schwachstellen ermöglichen Denial of Service | 2023-06-08T22:00:00.000+00:00 | 2023-06-08T22:00:00.000+00:00 |
| wid-sec-w-2023-1407 | QT: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2023-06-08T22:00:00.000+00:00 | 2023-06-08T22:00:00.000+00:00 |
| wid-sec-w-2023-1408 | Hashicorp Vault: Schwachstelle ermöglicht Cross-Site Scripting | 2023-06-11T22:00:00.000+00:00 | 2023-06-11T22:00:00.000+00:00 |
| wid-sec-w-2023-1409 | ImageMagick: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2023-06-11T22:00:00.000+00:00 | 2024-08-05T22:00:00.000+00:00 |
| wid-sec-w-2023-1410 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2023-06-11T22:00:00.000+00:00 | 2024-02-27T23:00:00.000+00:00 |
| wid-sec-w-2023-1411 | Fortinet FortiOS und FortiProxy: Schwachstelle ermöglicht Codeausführung | 2023-06-11T22:00:00.000+00:00 | 2023-06-13T22:00:00.000+00:00 |
| wid-sec-w-2023-1412 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation und Denial of Service | 2023-06-11T22:00:00.000+00:00 | 2023-06-11T22:00:00.000+00:00 |
| wid-sec-w-2023-1413 | Progress Software MOVEit: Schwachstelle ermöglicht SQL Injection | 2023-06-11T22:00:00.000+00:00 | 2023-06-11T22:00:00.000+00:00 |
| wid-sec-w-2023-1414 | Mozilla Thunderbird: Mehrere Schwachstellen | 2023-06-11T22:00:00.000+00:00 | 2024-02-27T23:00:00.000+00:00 |
| wid-sec-w-2023-1415 | D-LINK DI-7500G-CI: Schwachstelle ermöglicht Cross-Site Scripting | 2023-06-11T22:00:00.000+00:00 | 2023-06-11T22:00:00.000+00:00 |
| wid-sec-w-2023-1416 | Bitwarden: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2023-06-11T22:00:00.000+00:00 | 2023-06-12T22:00:00.000+00:00 |
| wid-sec-w-2023-1417 | ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service | 2023-06-11T22:00:00.000+00:00 | 2023-08-22T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2013:0604 | Red Hat Security Advisory: java-1.6.0-openjdk security update | 2013-03-06T19:05:00+00:00 | 2025-11-21T17:42:51+00:00 |
| rhsa-2013:0605 | Red Hat Security Advisory: java-1.6.0-openjdk security update | 2013-03-06T19:05:00+00:00 | 2025-11-21T17:42:51+00:00 |
| rhsa-2013:0566 | Red Hat Security Advisory: kernel-rt security and bug fix update | 2013-03-06T19:16:00+00:00 | 2025-11-21T17:42:38+00:00 |
| rhsa-2013:0608 | Red Hat Security Advisory: kvm security update | 2013-03-07T18:41:00+00:00 | 2026-01-28T22:34:41+00:00 |
| rhsa-2013:0610 | Red Hat Security Advisory: qemu-kvm-rhev security update | 2013-03-07T18:42:00+00:00 | 2026-01-28T22:34:42+00:00 |
| rhsa-2013:0609 | Red Hat Security Advisory: qemu-kvm security update | 2013-03-07T18:43:00+00:00 | 2026-01-28T22:34:42+00:00 |
| rhsa-2013:0611 | Red Hat Security Advisory: ruby security update | 2013-03-07T18:50:00+00:00 | 2026-01-28T22:54:18+00:00 |
| rhsa-2013:0612 | Red Hat Security Advisory: ruby security update | 2013-03-07T18:53:00+00:00 | 2026-01-28T22:54:23+00:00 |
| rhsa-2013:0613 | Red Hat Security Advisory: JBoss Enterprise Portal Platform 5.2.2 security update | 2013-03-07T18:54:00+00:00 | 2025-11-21T17:42:53+00:00 |
| rhsa-2013:0614 | Red Hat Security Advisory: xulrunner security update | 2013-03-08T12:17:00+00:00 | 2025-11-21T17:42:54+00:00 |
| rhsa-2013:0623 | Red Hat Security Advisory: tomcat6 security update | 2013-03-11T18:14:00+00:00 | 2026-01-28T22:54:18+00:00 |
| rhsa-2013:0628 | Red Hat Security Advisory: 389-ds-base security and bug fix update | 2013-03-11T18:26:00+00:00 | 2025-11-21T17:43:01+00:00 |
| rhsa-2013:0622 | Red Hat Security Advisory: kernel-rt security and bug fix update | 2013-03-11T18:31:00+00:00 | 2025-11-21T17:42:56+00:00 |
| rhsa-2013:0629 | Red Hat Security Advisory: jbossweb security update | 2013-03-11T18:33:00+00:00 | 2025-11-21T17:43:01+00:00 |
| rhsa-2013:0631 | Red Hat Security Advisory: jbossweb security update | 2013-03-11T18:33:00+00:00 | 2025-11-21T17:43:02+00:00 |
| rhsa-2013:0624 | Red Hat Security Advisory: java-1.5.0-ibm security update | 2013-03-11T18:37:00+00:00 | 2025-11-21T17:42:56+00:00 |
| rhsa-2013:0625 | Red Hat Security Advisory: java-1.6.0-ibm security update | 2013-03-11T18:47:00+00:00 | 2025-11-21T17:42:58+00:00 |
| rhsa-2013:0626 | Red Hat Security Advisory: java-1.7.0-ibm security update | 2013-03-11T18:48:00+00:00 | 2025-11-21T17:42:58+00:00 |
| rhsa-2013:0632 | Red Hat Security Advisory: jbossweb security update | 2013-03-11T19:03:00+00:00 | 2025-11-21T17:43:03+00:00 |
| rhsa-2013:0633 | Red Hat Security Advisory: jbossweb security update | 2013-03-11T19:03:00+00:00 | 2025-11-21T17:43:03+00:00 |
| rhsa-2013:0627 | Red Hat Security Advisory: thunderbird security update | 2013-03-11T19:15:00+00:00 | 2025-11-21T17:42:58+00:00 |
| rhsa-2013:0621 | Red Hat Security Advisory: kernel security update | 2013-03-11T19:28:00+00:00 | 2025-11-21T17:42:56+00:00 |
| rhsa-2013:0639 | Red Hat Security Advisory: qemu-kvm-rhev security update | 2013-03-12T17:51:00+00:00 | 2026-01-28T22:34:43+00:00 |
| rhsa-2013:0638 | Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.2 update | 2013-03-12T17:52:00+00:00 | 2026-01-28T22:54:19+00:00 |
| rhsa-2013:0641 | Red Hat Security Advisory: tomcat5 security update | 2013-03-12T17:55:00+00:00 | 2026-01-28T22:54:19+00:00 |
| rhsa-2013:0642 | Red Hat Security Advisory: tomcat5 security update | 2013-03-12T17:56:00+00:00 | 2026-01-28T22:54:20+00:00 |
| rhsa-2013:0640 | Red Hat Security Advisory: tomcat5 security update | 2013-03-12T17:57:00+00:00 | 2026-01-28T22:54:22+00:00 |
| rhsa-2013:0630 | Red Hat Security Advisory: kernel security and bug fix update | 2013-03-12T18:53:00+00:00 | 2025-11-21T17:43:02+00:00 |
| rhsa-2013:0643 | Red Hat Security Advisory: flash-plugin security update | 2013-03-13T14:27:00+00:00 | 2025-11-21T17:43:06+00:00 |
| rhsa-2013:0636 | Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update | 2013-03-13T14:40:00+00:00 | 2026-01-28T22:34:43+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-105-09 | Mitsubishi Electric Europe B.V. smartRTU | 2025-04-15T06:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| va-25-104-01 | SicommNet multiple vulnerabilities | 2025-04-15T13:49:55Z | 2025-04-23T00:00:00Z |
| icsa-25-112-01 | Siemens TeleControl Server Basic SQL | 2025-04-16T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-112-02 | Siemens TeleControl Server Basic | 2025-04-16T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-107-04 | Yokogawa Recorder Products | 2025-04-17T06:00:00.000000Z | 2025-04-17T06:00:00.000000Z |
| icsa-25-114-02 | ALBEDO Telecom Net.Time - PTP/NTP clock | 2025-04-24T06:00:00.000000Z | 2025-04-24T06:00:00.000000Z |
| icsa-25-114-03 | Vestel AC Charger | 2025-04-24T06:00:00.000000Z | 2025-04-24T06:00:00.000000Z |
| icsa-25-114-04 | Nice Linear eMerge E3 | 2025-04-24T06:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-114-05 | Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool | 2025-04-24T06:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-114-06 | Planet Technology Network Products | 2025-04-24T06:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-119-01 | Rockwell Automation ThinManager | 2025-04-29T06:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-119-02 | Delta Electronics ISPSoft | 2025-04-29T06:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-196-01 | Hitachi Energy Asset Suite | 2025-04-29T12:30:00.000000Z | 2025-04-29T12:30:00.000000Z |
| va-25-119-01 | MSP360 Backup insecure filesystem permissions | 2025-04-29T15:59:52Z | 2025-05-19T00:00:00Z |
| va-25-120-01 | Commvault Web Server unspecified vulnerability | 2025-04-30T00:00:00Z | 2025-04-30T00:00:00Z |
| icsa-25-121-01 | KUNBUS GmbH Revolution Pi (Update A) | 2025-05-01T06:00:00.000000Z | 2025-07-10T06:00:00.000000Z |
| icsma-25-121-01 | MicroDicom DICOM Viewer | 2025-05-01T06:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-126-01 | Optigo Networks ONS NC600 | 2025-05-06T06:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-126-02 | Milesight UG65-868M-EA | 2025-05-06T06:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-25-126-03 | BrightSign Players (Update A) | 2025-05-06T06:00:00.000000Z | 2026-01-29T07:00:00.000000Z |
| icsa-25-128-01 | Horner Automation Cscape | 2025-05-08T06:00:00.000000Z | 2025-05-08T06:00:00.000000Z |
| icsa-25-128-03 | Mitsubishi Electric Multiple FA Products (Update B) | 2025-05-08T06:00:00.000000Z | 2026-02-03T07:00:00.000000Z |
| icsma-25-128-01 | Pixmeo OsiriX MD | 2025-05-08T06:00:00.000000Z | 2025-05-08T06:00:00.000000Z |
| icsa-25-135-01 | Siemens RUGGEDCOM APE1808 Devices | 2025-05-13T00:00:00.000000Z | 2026-01-22T14:36:08.752265Z |
| icsa-25-135-02 | Siemens INTRALOG WMS | 2025-05-13T00:00:00.000000Z | 2025-05-13T00:00:00.000000Z |
| icsa-25-135-03 | Siemens BACnet ATEC Devices | 2025-05-13T00:00:00.000000Z | 2025-05-13T00:00:00.000000Z |
| icsa-25-135-04 | Siemens Desigo | 2025-05-13T00:00:00.000000Z | 2025-05-13T00:00:00.000000Z |
| icsa-25-135-05 | Siemens SIPROTEC and SICAM | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-135-06 | Siemens Teamcenter Visualization | 2025-05-13T00:00:00.000000Z | 2025-05-13T00:00:00.000000Z |
| icsa-25-135-07 | Siemens SIMATIC IPC RS-828A | 2025-05-13T00:00:00.000000Z | 2025-08-12T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-39402 | Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. While the vulnerability is in MySQL Shell attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Shell accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N). | 2022-10-02T00:00:00.000Z | 2022-10-20T00:00:00.000Z |
| msrc_cve-2022-39403 | Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Shell accessible data as well as unauthorized read access to a subset of MySQL Shell accessible data. CVSS 3.1 Base Score 3.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N). | 2022-10-02T00:00:00.000Z | 2022-10-20T00:00:00.000Z |
| msrc_cve-2022-39408 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2022-10-02T00:00:00.000Z | 2022-10-20T00:00:00.000Z |
| msrc_cve-2022-39410 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2022-10-02T00:00:00.000Z | 2022-10-20T00:00:00.000Z |
| msrc_cve-2022-40617 | strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake or sends an excessive amount of application data. | 2022-10-02T00:00:00.000Z | 2022-11-09T00:00:00.000Z |
| msrc_cve-2022-41674 | An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. | 2022-10-02T00:00:00.000Z | 2022-10-19T00:00:00.000Z |
| msrc_cve-2022-41715 | Memory exhaustion when compiling regular expressions in regexp/syntax | 2022-10-02T00:00:00.000Z | 2022-10-19T00:00:00.000Z |
| msrc_cve-2022-41741 | NGINX ngx_http_mp4_module vulnerability CVE-2022-41741 | 2022-10-02T00:00:00.000Z | 2022-10-25T00:00:00.000Z |
| msrc_cve-2022-41742 | NGINX ngx_http_mp4_module vulnerability CVE-2022-41742 | 2022-10-02T00:00:00.000Z | 2022-10-25T00:00:00.000Z |
| msrc_cve-2022-41973 | multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root. | 2022-10-02T00:00:00.000Z | 2022-11-09T00:00:00.000Z |
| msrc_cve-2022-41974 | multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword which is mishandled because arithmetic ADD is used instead of bitwise OR. | 2022-10-02T00:00:00.000Z | 2022-11-09T00:00:00.000Z |
| msrc_cve-2022-42010 | An issue was discovered in D-Bus before 1.12.24 1.13.x and 1.14.x before 1.14.4 and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. | 2022-10-02T00:00:00.000Z | 2022-10-12T00:00:00.000Z |
| msrc_cve-2022-42011 | An issue was discovered in D-Bus before 1.12.24 1.13.x and 1.14.x before 1.14.4 and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type. | 2022-10-02T00:00:00.000Z | 2022-10-12T00:00:00.000Z |
| msrc_cve-2022-42012 | An issue was discovered in D-Bus before 1.12.24 1.13.x and 1.14.x before 1.14.4 and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. | 2022-10-02T00:00:00.000Z | 2022-10-12T00:00:00.000Z |
| msrc_cve-2022-42703 | mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. | 2022-10-02T00:00:00.000Z | 2022-10-12T00:00:00.000Z |
| msrc_cve-2022-42717 | An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute arbitrary commands as root. | 2022-10-02T00:00:00.000Z | 2022-10-15T00:00:00.000Z |
| msrc_cve-2022-42719 | A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. | 2022-10-02T00:00:00.000Z | 2022-10-19T00:00:00.000Z |
| msrc_cve-2022-42720 | Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. | 2022-10-02T00:00:00.000Z | 2022-10-18T00:00:00.000Z |
| msrc_cve-2022-42721 | A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and in turn potentially execute code. | 2022-10-02T00:00:00.000Z | 2022-10-18T00:00:00.000Z |
| msrc_cve-2022-42722 | In the Linux kernel 5.8 through 5.19.x before 5.19.16 local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. | 2022-10-02T00:00:00.000Z | 2022-10-18T00:00:00.000Z |
| msrc_cve-2022-42915 | curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL it sets up the connection to the remote server by issuing a CONNECT request to the proxy and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict gopher gophers ldap ldaps rtmp rtmps or telnet. The earliest affected version is 7.77.0. | 2022-10-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2022-42916 | In curl before 7.86.0 the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion e.g. using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26. | 2022-10-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2022-42969 | The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability. | 2022-10-02T00:00:00.000Z | 2025-10-01T23:11:25.000Z |
| msrc_cve-2022-43410 | Jenkins Mercurial Plugin 1251.va_b_121f184902 and earlier provides information about which jobs were triggered or scheduled for polling through its webhook endpoint, including jobs the user has no permission to access. | 2022-10-02T00:00:00.000Z | 2025-10-01T23:11:26.000Z |
| msrc_cve-2022-43680 | In libexpat through 2.4.9 there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. | 2022-10-02T00:00:00.000Z | 2022-10-25T00:00:00.000Z |
| msrc_cve-2022-43750 | drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. | 2022-10-02T00:00:00.000Z | 2022-10-29T00:00:00.000Z |
| msrc_cve-2022-44032 | An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open() aka a race condition between cmm_open() and cm4000_detach(). | 2022-10-02T00:00:00.000Z | 2022-11-09T00:00:00.000Z |
| msrc_cve-2022-44033 | An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open() aka a race condition between cm4040_open() and reader_detach(). | 2022-10-02T00:00:00.000Z | 2022-11-09T00:00:00.000Z |
| msrc_cve-2022-44034 | An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open() aka a race condition between scr24x_open() and scr24x_remove(). | 2022-10-02T00:00:00.000Z | 2022-11-09T00:00:00.000Z |
| msrc_cve-2022-22035 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 2022-10-11T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-200005-0111 | The listening port of the Network Associates WebShield SMTP 4.5.44 remote management serv… | 2022-05-17T01:42:55.405000Z |
| var-190001-0706 | The HTC Touch2 T3333 is a 3G smartphone based on the WM6.5 system. HTCVideoPlayer is the … | 2022-05-17T01:42:56.277000Z |
| var-190001-0584 | The SAP J2EE Engine Core is a core component of the SAP NetWeaver application platform. T… | 2022-05-17T01:42:56.357000Z |
| var-202203-2075 | This vulnerability allows remote attackers to disclose sensitive information on affected … | 2022-05-17T01:43:01.232000Z |
| var-202203-2054 | This vulnerability allows network-adjacent attackers to upload arbitrary files on affecte… | 2022-05-17T01:43:01.245000Z |
| var-202012-1639 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte… | 2022-05-17T01:43:03.634000Z |
| var-202006-1864 | Haiwei Cloud Configuration Software is a .NET Framework-based industrial automation monit… | 2022-05-17T01:43:04.624000Z |
| var-202004-2333 | This vulnerability allows remote attackers to execute arbitrary code on affected installa… | 2022-05-17T01:43:05.050000Z |
| var-201910-1740 | S7-200 SMART is a small PLC developed by Siemens, with friendly interface and more user-f… | 2022-05-17T01:43:06.235000Z |
| var-201909-1665 | Huawei HG530 is a router that integrates ADSL2, broadband sharer, 4-port switch and 54M w… | 2022-05-17T01:43:06.385000Z |
| var-201909-1561 | MITSUBISHI PLC is a programmable controller product of Japan's Mitsubishi Electric. MIT… | 2022-05-17T01:43:06.398000Z |
| var-201907-1649 | Advantech WebAccess / SCADA is a set of SCADA software based on browser architecture by A… | 2022-05-17T01:43:06.712000Z |
| var-201905-1333 | Century Star configuration software is a blocking software launched by Beijing Century Ch… | 2022-05-17T01:43:07.076000Z |
| var-201904-1576 | Siemens (China) Co., Ltd. is specialized in the fields of electrification, automation and… | 2022-05-17T01:43:07.243000Z |
| var-201901-1704 | Intel Has released an update for each product.The expected impact depends on each vulnera… | 2022-05-17T01:43:07.884000Z |
| var-201812-1207 | WPLSoft is a plc programming tool. Delta WPLSoft has a buffer overflow vulnerability. A… | 2022-05-17T01:43:08.086000Z |
| var-201809-1194 | Hollysys Group is a professional automation company integrating R & D, production, sales … | 2022-05-17T01:43:08.480000Z |
| var-201807-2274 | The DVW3200 is a router product from Davolink. A password leak vulnerability exists in th… | 2022-05-17T01:43:08.709000Z |
| var-201804-1757 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable instal… | 2022-05-17T01:43:09.238000Z |
| var-201801-1817 | MikroTikRouterOS is a routing operating system, and through this software, the standard P… | 2022-05-17T01:43:09.933000Z |
| var-201709-1262 | SAP NetWeaver is prone to an cross-site scripting vulnerability because it fails to prope… | 2022-05-17T01:43:10.730000Z |
| var-201708-1707 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable instal… | 2022-05-17T01:43:11.194000Z |
| var-201708-1643 | PelcoSarix/SpectraCameras is a camera. A cross-site scripting vulnerability exists in Sch… | 2022-05-17T01:43:11.229000Z |
| var-201708-1578 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable instal… | 2022-05-17T01:43:11.243000Z |
| var-201705-4156 | Advantech WebAccess is a set of HMI / SCADA software based on browser architecture by Adv… | 2022-05-17T01:43:14.127000Z |
| var-201704-1595 | The Modicon M221CE16R is an integrated programmable controller from Schneider Electric. T… | 2022-05-17T01:43:14.344000Z |
| var-201703-1430 | SAP NetWeaver is prone to an unspecified security-bypass vulnerability. Remote attackers … | 2022-05-17T01:43:14.616000Z |
| var-201612-0630 | IPELAEngineIPCameras is an IP camera product from Sony Corporation. There is an unknown r… | 2022-05-17T01:43:18.015000Z |
| var-201611-0415 | ActiontecWCB3000N is a network card product of Actiontec Corporation of the United States… | 2022-05-17T01:43:18.182000Z |
| var-201611-0394 | Scada-OS is a SCADA system developed by multiple SCADA configuration software engineers. … | 2022-05-17T01:43:18.193000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2018:2319-1 | Security update for samba | 2018-08-14T09:52:04Z | 2018-08-14T09:52:04Z |
| suse-su-2018:2318-1 | Security update for samba | 2018-08-14T09:53:11Z | 2018-08-14T09:53:11Z |
| suse-su-2018:2320-1 | Security update for samba | 2018-08-14T11:27:20Z | 2018-08-14T11:27:20Z |
| suse-su-2018:2321-1 | Security update for samba | 2018-08-14T12:40:53Z | 2018-08-14T12:40:53Z |
| suse-su-2018:2322-1 | Security update for MozillaFirefox | 2018-08-14T12:44:40Z | 2018-08-14T12:44:40Z |
| suse-su-2018:2323-1 | Security update for clamav | 2018-08-14T12:45:20Z | 2018-08-14T12:45:20Z |
| suse-su-2018:2325-1 | Security update for MozillaFirefox | 2018-08-14T13:58:21Z | 2018-08-14T13:58:21Z |
| suse-su-2018:2328-1 | Security update for the Linux Kernel | 2018-08-14T17:02:07Z | 2018-08-14T17:02:07Z |
| suse-su-2018:2329-1 | Security update for samba | 2018-08-14T18:00:19Z | 2018-08-14T18:00:19Z |
| suse-su-2018:2337-1 | Security update for php7 | 2018-08-15T11:14:46Z | 2018-08-15T11:14:46Z |
| suse-su-2018:2333-1 | Security update for php7 | 2018-08-15T11:15:00Z | 2018-08-15T11:15:00Z |
| suse-su-2018:2332-1 | Security update for the Linux Kernel | 2018-08-15T11:17:33Z | 2018-08-15T11:17:33Z |
| suse-su-2018:2331-1 | Security update to ucode-intel | 2018-08-15T11:50:29Z | 2018-08-15T11:50:29Z |
| suse-su-2018:2339-1 | Security update for samba | 2018-08-15T12:47:18Z | 2018-08-15T12:47:18Z |
| suse-su-2018:2336-1 | Security update for apache2 | 2018-08-15T12:47:37Z | 2018-08-15T12:47:37Z |
| suse-su-2018:2340-1 | Security update for qemu | 2018-08-15T13:45:55Z | 2018-08-15T13:45:55Z |
| suse-su-2018:2335-1 | Security update to ucode-intel | 2018-08-15T14:01:48Z | 2018-08-15T14:01:48Z |
| suse-su-2018:2338-1 | Security update to ucode-intel | 2018-08-15T15:31:46Z | 2018-08-15T15:31:46Z |
| suse-su-2018:2354-1 | Security update for the Linux Kernel (Live Patch 31 for SLE 12) | 2018-08-16T06:04:25Z | 2018-08-16T06:04:25Z |
| suse-su-2018:2356-1 | Security update for the Linux Kernel (Live Patch 30 for SLE 12) | 2018-08-16T06:05:29Z | 2018-08-16T06:05:29Z |
| suse-su-2018:2341-1 | Security update for the Linux Kernel (Live Patch 33 for SLE 12) | 2018-08-16T06:05:33Z | 2018-08-16T06:05:33Z |
| suse-su-2018:2349-1 | Security update for the Linux Kernel (Live Patch 32 for SLE 12) | 2018-08-16T06:05:37Z | 2018-08-16T06:05:37Z |
| suse-su-2018:2342-1 | Security update for the Linux Kernel (Live Patch 35 for SLE 12) | 2018-08-16T06:05:41Z | 2018-08-16T06:05:41Z |
| suse-su-2018:2345-1 | Security update for the Linux Kernel (Live Patch 34 for SLE 12) | 2018-08-16T06:05:49Z | 2018-08-16T06:05:49Z |
| suse-su-2018:2369-1 | Security update for the Linux Kernel (Live Patch 36 for SLE 12) | 2018-08-16T06:05:53Z | 2018-08-16T06:05:53Z |
| suse-su-2018:2352-1 | Security update for the Linux Kernel (Live Patch 26 for SLE 12) | 2018-08-16T06:05:57Z | 2018-08-16T06:05:57Z |
| suse-su-2018:2346-1 | Security update for the Linux Kernel (Live Patch 27 for SLE 12) | 2018-08-16T06:06:01Z | 2018-08-16T06:06:01Z |
| suse-su-2018:2351-1 | Security update for the Linux Kernel (Live Patch 28 for SLE 12) | 2018-08-16T06:06:05Z | 2018-08-16T06:06:05Z |
| suse-su-2018:2347-1 | Security update for the Linux Kernel (Live Patch 29 for SLE 12) | 2018-08-16T06:06:13Z | 2018-08-16T06:06:13Z |
| suse-su-2018:2358-1 | Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP1) | 2018-08-16T06:06:18Z | 2018-08-16T06:06:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2023:0131-1 | Security update for chromium | 2023-06-16T08:13:15Z | 2023-06-16T08:13:15Z |
| opensuse-su-2023:0132-1 | Security update for chromium | 2023-06-16T08:13:32Z | 2023-06-16T08:13:32Z |
| opensuse-su-2023:0137-1 | Security update for guile1, lilypond | 2023-06-27T15:41:48Z | 2023-06-27T15:41:48Z |
| opensuse-su-2023:0154-1 | Security update for phpMyAdmin | 2023-06-27T17:51:34Z | 2023-06-27T17:51:34Z |
| opensuse-su-2023:0157-1 | Security update for keepass | 2023-06-27T18:21:20Z | 2023-06-27T18:21:20Z |
| opensuse-su-2023:0159-1 | Security update for chromium | 2023-06-29T12:17:46Z | 2023-06-29T12:17:46Z |
| opensuse-su-2023:0160-1 | Security update for gifsicle | 2023-06-29T12:17:58Z | 2023-06-29T12:17:58Z |
| opensuse-su-2023:0161-1 | Security update for libjxl | 2023-06-29T14:01:28Z | 2023-06-29T14:01:28Z |
| opensuse-su-2023:0162-1 | Security update for xonotic | 2023-06-29T18:02:09Z | 2023-06-29T18:02:09Z |
| opensuse-su-2023:0163-1 | Security update for keepass | 2023-06-30T07:32:26Z | 2023-06-30T07:32:26Z |
| opensuse-su-2023:0166-1 | Security update for virtualbox | 2023-07-04T12:07:58Z | 2023-07-04T12:07:58Z |
| opensuse-su-2023:0171-1 | Security update for nextcloud-desktop | 2023-07-10T11:03:58Z | 2023-07-10T11:03:58Z |
| opensuse-su-2023:0174-1 | Security update for python-Django | 2023-07-11T12:12:14Z | 2023-07-11T12:12:14Z |
| opensuse-su-2023:0176-1 | Security update for python-Django1 | 2023-07-12T16:00:53Z | 2023-07-12T16:00:53Z |
| opensuse-su-2023:0177-1 | Security update for python-Django1 | 2023-07-12T16:00:56Z | 2023-07-12T16:00:56Z |
| opensuse-su-2023:0183-1 | Security update for iniparser | 2023-07-17T14:01:43Z | 2023-07-17T14:01:43Z |
| opensuse-su-2023:0191-1 | Security update for zabbix | 2023-07-24T22:01:47Z | 2023-07-24T22:01:47Z |
| opensuse-su-2023:0193-1 | Security update for chromium | 2023-07-26T14:08:03Z | 2023-07-26T14:08:03Z |
| opensuse-su-2023:0201-1 | Security update for libredwg | 2023-08-02T09:53:16Z | 2023-08-02T09:53:16Z |
| opensuse-su-2023:0205-1 | Security update for amanda | 2023-08-04T18:01:48Z | 2023-08-04T18:01:48Z |
| opensuse-su-2023:0206-1 | Security update for amanda | 2023-08-04T18:01:52Z | 2023-08-04T18:01:52Z |
| opensuse-su-2023:0208-1 | Security update for trytond | 2023-08-06T14:01:35Z | 2023-08-06T14:01:35Z |
| opensuse-su-2023:0209-1 | Security update for trytond | 2023-08-06T14:01:38Z | 2023-08-06T14:01:38Z |
| opensuse-su-2023:0213-1 | Security update for virtualbox | 2023-08-06T16:21:12Z | 2023-08-06T16:21:12Z |
| opensuse-su-2023:0215-1 | Security update for perl-Net-Netmask | 2023-08-07T04:01:39Z | 2023-08-07T04:01:39Z |
| opensuse-su-2023:0216-1 | Security update for chromium | 2023-08-07T10:48:54Z | 2023-08-07T10:48:54Z |
| opensuse-su-2023:0217-1 | Security update for perl-Net-Netmask | 2023-08-07T12:01:29Z | 2023-08-07T12:01:29Z |
| opensuse-su-2023:0219-1 | Security update for opensuse-welcome | 2023-08-14T13:45:38Z | 2023-08-14T13:45:38Z |
| opensuse-su-2023:0222-1 | Security update for perl-HTTP-Tiny | 2023-08-15T12:01:47Z | 2023-08-15T12:01:47Z |
| opensuse-su-2023:0223-1 | Security update for perl-HTTP-Tiny | 2023-08-15T12:01:51Z | 2023-08-15T12:01:51Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-python-2022-45061 | 2024-10-04T16:38:13.524Z | 2025-11-06T13:25:46.476Z | |
| bit-python-2022-26488 | 2024-10-04T16:38:49.929Z | 2025-04-03T14:40:37.652Z | |
| bit-python-2021-3177 | 2024-10-04T16:39:59.739Z | 2025-04-03T14:40:37.652Z | |
| bit-mariadb-2024-21096 | 2024-10-05T07:09:39.139Z | 2025-04-03T14:40:37.652Z | |
| bit-mariadb-2023-22084 | 2024-10-05T07:10:03.039Z | 2025-04-03T14:40:37.652Z | |
| bit-parse-2024-47183 | Parse Server's custom object ID allows to acquire role privileges | 2024-10-08T07:14:06.158Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2024-43789 | Denial of service by the absence of restrictions on replies to posts in Discourse | 2024-10-09T16:26:38.041Z | 2025-05-20T10:02:07.006Z |
| bit-keydb-2024-31449 | Lua library commands may lead to stack overflow and RCE in Redis | 2024-10-09T16:30:25.529Z | 2025-09-09T06:08:46.021Z |
| bit-keydb-2024-31228 | Denial-of-service due to unbounded pattern matching in Redis | 2024-10-09T16:30:39.030Z | 2025-11-06T13:25:46.476Z |
| bit-keydb-2024-31227 | Denial-of-service due to malformed ACL selectors in Redis | 2024-10-09T16:30:52.029Z | 2025-05-20T10:02:07.006Z |
| bit-redis-2024-31449 | Lua library commands may lead to stack overflow and RCE in Redis | 2024-10-09T16:41:01.123Z | 2025-09-09T06:08:46.021Z |
| bit-redis-2024-31228 | Denial-of-service due to unbounded pattern matching in Redis | 2024-10-09T16:41:13.129Z | 2025-11-06T13:25:46.476Z |
| bit-redis-2024-31227 | Denial-of-service due to malformed ACL selectors in Redis | 2024-10-09T16:41:26.630Z | 2025-05-20T10:02:07.006Z |
| bit-valkey-2024-31449 | Lua library commands may lead to stack overflow and RCE in Redis | 2024-10-09T16:44:28.833Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2024-31228 | Denial-of-service due to unbounded pattern matching in Redis | 2024-10-09T16:44:40.936Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2024-31227 | Denial-of-service due to malformed ACL selectors in Redis | 2024-10-09T16:44:53.016Z | 2025-11-06T13:25:46.476Z |
| bit-php-2024-9026 | PHP-FPM logs from children may be altered | 2024-10-10T07:13:42.603Z | 2025-11-06T13:25:46.476Z |
| bit-php-2024-8927 | cgi.force_redirect configuration is bypassable due to the environment variable collision | 2024-10-10T07:13:49.920Z | 2025-11-06T13:25:46.476Z |
| bit-php-2024-8926 | PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass) | 2024-10-10T07:13:56.902Z | 2025-11-06T13:25:46.476Z |
| bit-php-2024-8925 | Erroneous parsing of multipart form data | 2024-10-10T07:14:02.704Z | 2025-11-06T13:25:46.476Z |
| bit-moodle-2024-1439 | Inadequate access control vulnerability in Moodle | 2024-10-11T07:11:50.099Z | 2025-08-20T09:06:12.327Z |
| bit-discourse-2024-47773 | Anonymous cache poisoning via XHR requests in Discourse | 2024-10-11T10:50:34.189Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2024-47772 | Cross-site Scripting (XSS) via chat excerpts when content security policy (CSP) disabled in Discourse | 2024-10-11T10:50:47.382Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2024-45297 | Prevent topic list filtering by hidden tags for unauthorized users in Discourse | 2024-10-11T10:50:59.674Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2024-45051 | Bypass of email address validation via encoded email addresses in Discourse | 2024-10-11T10:51:11.978Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-9623 | Incorrect Authorization in GitLab | 2024-10-13T19:07:44.902Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-9596 | Inclusion of Sensitive Information in Source Code in GitLab | 2024-10-13T19:07:52.600Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-8977 | Server-Side Request Forgery (SSRF) in GitLab | 2024-10-13T19:08:00.009Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-6530 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2024-10-13T19:10:25.204Z | 2025-05-20T10:02:07.006Z |
| bit-mlflow-2024-2928 | Local File Inclusion (LFI) via URI Fragment Parsing in mlflow/mlflow | 2024-10-13T19:12:13.705Z | 2025-05-20T10:02:07.006Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2015-03321 | InFocus IN3128HD投影仪验证绕过漏洞 | 2015-05-20 | 2015-05-25 |
| cnvd-2015-03322 | NHN PlayArt LINE远程代码执行漏洞 | 2015-05-20 | 2015-05-25 |
| cnvd-2015-03323 | t1utils缓冲区溢出漏洞 | 2015-05-20 | 2015-05-25 |
| cnvd-2015-03324 | Avsarsoft Matbaa Script跨站脚本漏洞 | 2015-05-20 | 2015-05-25 |
| cnvd-2015-03325 | Volition Pure Faction栈缓冲区溢出漏洞 | 2015-05-20 | 2015-05-25 |
| cnvd-2015-03326 | Debian zfsonlinux 'nfs.c'安全绕过漏洞 | 2015-05-20 | 2015-05-25 |
| cnvd-2015-03327 | Composer远程代码执行漏洞 | 2015-05-20 | 2015-05-25 |
| cnvd-2015-03331 | WSO2 Identity Server SAML验证XXE注入漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03332 | concrete5存在多个脚本跨站脚本漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03333 | async-http-client证书校验漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03334 | WordPress插件WP Symposium 'forum.php' SQL注入漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03335 | concrete5私密消息存在多个跨站脚本漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03336 | Hue /usr/lib/hue/build/env/bin/supervisor不安全权限设置漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03337 | Brainworks Software XpanceNET /index.php/request_passwordChange SQL注入漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03338 | PeakHMI HMI存在未明远程拒绝服务漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03339 | Palo Alto Networks Pan-OS管理接口跨站脚本漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03340 | kexec-tools临时文件处理漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03341 | Infilink HMI存在未明远程拒绝服务漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03342 | WSO2 Identity Server /carbon/user/change-passwd.jsp跨站脚本漏洞 | 2015-05-20 | 2015-05-26 |
| cnvd-2015-03278 | Drupal Services模块信息泄露漏洞 | 2015-05-21 | 2015-05-22 |
| cnvd-2015-03307 | NetCat.ru NetCat CMS目录遍历漏洞 | 2015-05-21 | 2015-05-22 |
| cnvd-2015-03328 | IBM Optim Workload Replay安全绕过漏洞 | 2015-05-21 | 2015-05-26 |
| cnvd-2015-03329 | HP LoadRunner远程缓冲区溢出漏洞 | 2015-05-21 | 2015-05-26 |
| cnvd-2015-03330 | WordPress GigPress插件'handlers.php'存在多个SQL注入漏洞 | 2015-05-21 | 2015-05-26 |
| cnvd-2015-03343 | Google Chrome跨站脚本漏洞(CNVD-2015-03343) | 2015-05-21 | 2015-05-26 |
| cnvd-2015-03344 | Google Chrome中间人攻击漏洞 | 2015-05-21 | 2015-05-26 |
| cnvd-2015-03345 | Google Chrome Blink代码注入漏洞 | 2015-05-21 | 2015-05-26 |
| cnvd-2015-03346 | Google Chrome输入验证漏洞(CNVD-2015-03346) | 2015-05-21 | 2015-05-26 |
| cnvd-2015-03347 | Google Chrome WebRTC内存错误引用漏洞 | 2015-05-21 | 2015-05-26 |
| cnvd-2015-03348 | Google Chrome PDFium代码注入漏洞 | 2015-05-21 | 2015-05-26 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2008-avi-388 | Multiples vulnérabilités dans Mac OS X | 2008-08-01T00:00:00.000000 | 2008-08-01T00:00:00.000000 |
| certa-2008-avi-389 | Faiblesse du Microsoft Protected Storage | 2008-08-05T00:00:00.000000 | 2008-08-05T00:00:00.000000 |
| certa-2008-avi-390 | Multiples vulnérabilités dans Ingres | 2008-08-05T00:00:00.000000 | 2008-08-05T00:00:00.000000 |
| certa-2008-avi-391 | Vulnérabilités de Python | 2008-08-06T00:00:00.000000 | 2008-08-06T00:00:00.000000 |
| certa-2008-avi-392 | Multiples vulnérabilités dans Apache Tomcat | 2008-08-07T00:00:00.000000 | 2008-10-06T00:00:00.000000 |
| certa-2008-avi-393 | Vulnérabilité dans HP-UX libc | 2008-08-07T00:00:00.000000 | 2008-08-07T00:00:00.000000 |
| certa-2008-avi-394 | Vulnérabilité dans Oracle BEA WebLogic Server | 2008-08-08T00:00:00.000000 | 2008-08-08T00:00:00.000000 |
| certa-2008-avi-395 | Vulnérabilité dans IBM Rational ClearQuest | 2008-08-12T00:00:00.000000 | 2008-08-12T00:00:00.000000 |
| certa-2008-avi-396 | Vulnérabilité de PowerDNS Authoritative Server | 2008-08-12T00:00:00.000000 | 2008-08-12T00:00:00.000000 |
| certa-2008-avi-397 | Vulnérabilités dans Cygwin | 2008-08-12T00:00:00.000000 | 2008-08-12T00:00:00.000000 |
| certa-2008-avi-398 | Vulnérabilités dans Adobe Presenter | 2008-08-12T00:00:00.000000 | 2008-08-12T00:00:00.000000 |
| certa-2008-avi-399 | Vulnérabilité de McAfee Encrypted USB Manager | 2008-08-12T00:00:00.000000 | 2008-08-12T00:00:00.000000 |
| certa-2008-avi-400 | Vulnérabilité de Solaris Trusted Extensions | 2008-08-12T00:00:00.000000 | 2008-08-12T00:00:00.000000 |
| certa-2008-avi-401 | Plusieurs vulnérabilités dans des produits CA | 2008-08-12T00:00:00.000000 | 2008-08-12T00:00:00.000000 |
| certa-2008-avi-402 | Multiples vulnérabilités dans Ruby | 2008-08-12T00:00:00.000000 | 2008-08-12T00:00:00.000000 |
| certa-2008-avi-403 | Vulnérabilité dans Microsoft Word | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-404 | Vulnérabilités dans Microsoft Excel | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-405 | Multiples vulnérabilités dans des filtres Microsoft Office | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-406 | Vulnérabilité dans Windows Color Management System | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-407 | Vulnérabilité dans Windows IPsec | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-408 | Vulnérabilité dans Outlook Express et Windows Mail | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-409 | Multiples vulnérabilités dans le système d'événements de Microsoft Windows | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-410 | Vulnérabilité dans Windows Messenger | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-411 | Multiples vulnérabilité de Microsoft PowerPoint | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-412 | Multiples vulnérabilités dans Internet Explorer | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-413 | Vulnérabilité dans le contrôle ActiveX Snapshot Viewer d'Access | 2008-08-13T00:00:00.000000 | 2008-10-15T00:00:00.000000 |
| certa-2008-avi-414 | Vulnérabilité dans Joomla! | 2008-08-13T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-avi-415 | Vulnérabilité d'Alcatel OmniSwitch | 2008-08-14T00:00:00.000000 | 2008-08-14T00:00:00.000000 |
| certa-2008-avi-416 | Vulnérabilité dans Apache Tomcat | 2008-08-14T00:00:00.000000 | 2008-08-14T00:00:00.000000 |
| certa-2008-avi-417 | Multiples vulnérabilités dans PHP | 2008-08-14T00:00:00.000000 | 2008-08-14T00:00:00.000000 |