Recent vulnerabilities

ID CVSS Description Vendor Product Published Updated
CVE-2025-67529
9.8 (3.1)
WordPress Fashion theme < 5.3.0 - Local File Inclusion… Opal_WP
 Fashion
 2025-12-09T14:14:01.047Z 2026-01-20T14:28:25.463Z
CVE-2025-67543
6.5 (3.1)
WordPress Essential Widgets plugin <= 2.2.2 - Cross Si… Catch Themes
 Essential Widgets
 2025-12-09T14:14:05.667Z 2026-01-20T14:28:25.440Z
CVE-2025-67518
9.8 (3.1)
WordPress Accordion Slider PRO plugin <= 1.2 - SQL Inj… LambertGroup
 Accordion Slider PRO
 2025-12-09T14:13:57.826Z 2026-01-20T14:28:25.371Z
CVE-2025-67542
6.5 (3.1)
WordPress Multi-Step Checkout for WooCommerce plugin <… SilkyPress
 Multi-Step Checkout for WooCommerce
 2025-12-09T14:14:05.482Z 2026-01-20T14:28:25.370Z
CVE-2025-67528
5.1 (3.1)
WordPress Urna theme <= 2.5.12 - Local File Inclusion … thembay
 Urna
 2025-12-09T14:14:00.840Z 2026-01-20T14:28:25.332Z
CVE-2025-67516
9.8 (3.1)
WordPress Store Locator WordPress plugin <= 1.6.2 - SQ… Agile Logix
 Store Locator WordPress
 2025-12-09T14:13:57.425Z 2026-01-20T14:28:25.331Z
CVE-2025-67472
8.8 (3.1)
WordPress Online Booking & Scheduling Calendar for Wor… vcita
 Online Booking & Scheduling Calendar for WordPress by vcita
 2025-12-09T14:13:56.599Z 2026-01-20T14:28:25.295Z
CVE-2025-67539
6.5 (3.1)
WordPress Select Core plugin < 2.6 - Cross Site Script… Select-Themes
 Select Core
 2025-12-09T14:14:04.804Z 2026-01-20T14:28:25.256Z
CVE-2025-67524
9.8 (3.1)
WordPress Jobmonster Elementor Addon plugin <= 1.1.4 -… NooTheme
 Jobmonster Elementor Addon
 2025-12-09T14:13:59.520Z 2026-01-20T14:28:25.256Z
CVE-2025-67541
7.1 (3.1)
WordPress WP-ShowHide plugin <= 1.05 - Cross Site Scri… Lester Chan
 WP-ShowHide
 2025-12-09T14:14:05.260Z 2026-01-20T14:28:25.235Z
CVE-2025-67530
9.8 (3.1)
WordPress Besa theme <= 2.3.15 - Local File Inclusion … thembay
 Besa
 2025-12-09T14:14:01.260Z 2026-01-20T14:28:25.221Z
CVE-2025-67471
8.8 (3.1)
WordPress Quick Contact Form plugin <= 8.2.5 - Cross S… Saad Iqbal
 Quick Contact Form
 2025-12-09T14:13:56.242Z 2026-01-20T14:28:25.221Z
CVE-2025-67469
8.8 (3.1)
WordPress PDF Thumbnail Generator plugin <= 1.4 - Cros… kubiq
 PDF Thumbnail Generator
 2025-12-09T14:13:55.861Z 2026-01-20T14:28:25.210Z
CVE-2025-67466
8.1 (3.1)
WordPress Trinity Audio plugin <= 5.23.3 - Broken Acce… sergiotrinity
 Trinity Audio
 2025-12-09T14:13:55.460Z 2026-01-20T14:28:25.210Z
CVE-2025-67517
9.8 (3.1)
WordPress ArtPlacer Widget plugin <= 2.22.9.2 - SQL In… artplacer
 ArtPlacer Widget
 2025-12-09T14:13:57.629Z 2026-01-20T14:28:25.209Z
CVE-2025-67533
6.5 (3.1)
WordPress Themify Portfolio Post plugin <= 1.3.0 - Cro… themifyme
 Themify Portfolio Post
 2025-12-09T14:14:03.414Z 2026-01-20T14:28:25.206Z
CVE-2025-67535
6.5 (3.1)
WordPress WP Maps plugin <= 4.8.6 - PHP Object Injecti… WePlugins - WordPress Development Company
 WP Maps
 2025-12-09T14:14:03.841Z 2026-01-20T14:28:25.201Z
CVE-2025-67515
9.8 (3.1)
WordPress Wilmër theme < 3.5 - Local File Inclusion vu… Mikado-Themes
 Wilmër
 2025-12-09T14:13:57.222Z 2026-01-20T14:28:25.187Z
CVE-2025-67534
7.1 (3.1)
WordPress Rencontre plugin <= 3.13.7 - Cross Site Requ… Jacques Malgrange
 Rencontre
 2025-12-09T14:14:03.622Z 2026-01-20T14:28:25.186Z
CVE-2025-66534
8.8 (3.1)
WordPress The Aisle theme <= 2.9 - Broken Access Contr… Elated-Themes
 The Aisle
 2025-12-09T14:13:54.991Z 2026-01-20T14:28:25.176Z
CVE-2025-67519
9.8 (3.1)
WordPress Ninja Tables plugin <= 5.2.3 - SQL Injection… Shahjahan Jewel
 Ninja Tables
 2025-12-09T14:13:58.092Z 2026-01-20T14:28:25.166Z
CVE-2025-67536
6.5 (3.1)
WordPress LearnPress plugin <= 4.2.9.4 - Cross Site Sc… ThimPress
 LearnPress
 2025-12-09T14:14:04.062Z 2026-01-20T14:28:25.165Z
CVE-2025-67523
9.8 (3.1)
WordPress Exhibz theme <= 3.0.9 - Local File Inclusion… trippleS
 Exhibz
 2025-12-09T14:13:59.287Z 2026-01-20T14:28:25.162Z
CVE-2025-67532
9.8 (3.1)
WordPress Hara theme <= 1.2.17 - Local File Inclusion … thembay
 Hara
 2025-12-09T14:14:03.164Z 2026-01-20T14:28:25.158Z
CVE-2025-67527
9.8 (3.1)
WordPress Digiqole theme < 2.2.7 - Local File Inclusio… trippleS
 Digiqole
 2025-12-09T14:14:00.496Z 2026-01-20T14:28:25.133Z
CVE-2025-67537
6.5 (3.1)
WordPress ThirstyAffiliates plugin <= 3.11.8 - Cross S… Blair Williams
 ThirstyAffiliates
 2025-12-09T14:14:04.310Z 2026-01-20T14:28:25.132Z
CVE-2025-67470
4.3 (3.1)
WordPress Portfolio and Projects plugin <= 1.5.5 - Sen… Essential Plugin
 Portfolio and Projects
 2025-12-09T14:13:56.054Z 2026-01-20T14:28:25.130Z
CVE-2025-67467
4.5 (3.1)
WordPress GiveWP plugin <= 4.13.1 - Cross Site Request… StellarWP
 GiveWP
 2025-12-09T15:03:54.450Z 2026-01-20T14:28:25.119Z
CVE-2025-67522
9.8 (3.1)
WordPress Jobmonster theme <= 4.8.2 - Local File Inclu… NooTheme
 Jobmonster
 2025-12-09T14:13:59.066Z 2026-01-20T14:28:25.110Z
CVE-2025-66533
7.8 (3.1)
WordPress GiveWP plugin <= 4.13.1 - Arbitrary Shortocd… StellarWP
 GiveWP
 2025-12-09T15:03:54.194Z 2026-01-20T14:28:25.106Z
ID CVSS Description Vendor Product Published Updated
CVE-2025-59092
8.7 (4.0)
Unauthenticated RPC Service in dormakaba Kaba exos 9300 dormakaba
 Kaba exos 9300
 2026-01-26T10:03:44.324Z 2026-01-26T17:25:26.111Z
CVE-2025-59091
9.3 (4.0)
Hardcoded Legacy Accounts Allowing Control Over Access… dormakaba
 Kaba exos 9300
 2026-01-26T10:03:34.142Z 2026-01-26T17:26:08.713Z
CVE-2025-59090
9.3 (4.0)
Unauthenticated SOAP API in dormakaba Kaba exos 9300 dormakaba
 Kaba exos 9300
 2026-01-26T10:03:21.868Z 2026-01-26T15:38:17.362Z
CVE-2025-41083
5.1 (4.0)
Improper Neutralization in Altitude Communication Server Altitude
 Altitude Communication Server
 2026-01-26T09:42:42.532Z 2026-01-26T13:49:41.248Z
CVE-2025-41082
6.9 (4.0)
HTTP Request/Response Smuggling in Altitude Communicat… Altitude
 Altitude Communication Server
 2026-01-26T09:24:20.607Z 2026-01-26T13:55:47.853Z
CVE-2025-15516
4.3 (3.1)
All-in-One Video Gallery 4.1.0 - 4.6.4 - Missing Autho… plugins360
 All-in-One Video Gallery
 2026-01-24T08:26:33.155Z 2026-01-26T18:05:35.718Z
CVE-2025-14985
6.4 (3.1)
Alpha Blocks <= 1.5.0 - Authenticated (Contributor+) S… robiulawal40
 Alpha Blocks
 2026-01-24T07:26:44.302Z 2026-01-26T18:19:43.352Z
CVE-2025-14947
6.5 (3.1)
All-in-One Video Gallery <= 4.6.4 - Missing Authorizat… plugins360
 All-in-One Video Gallery
 2026-01-23T17:26:06.739Z 2026-01-23T18:20:37.750Z
CVE-2025-14941
6.4 (3.1)
GZSEO <= 2.0.11 - Authenticated (Contributor+) Authori… aminhashemy
 GZSEO
 2026-01-24T07:26:46.942Z 2026-01-26T15:44:33.238Z
CVE-2025-14907
4.3 (3.1)
Moderate Selected Posts <= 1.4 - Cross-Site Request Fo… hallsofmontezuma
 Moderate Selected Posts
 2026-01-24T08:26:33.683Z 2026-01-26T18:05:17.950Z
CVE-2025-14906
4.3 (3.1)
WP Youtube Video Gallery <= 1.0 - Cross-Site Request F… waqasvickey0071
 WP Youtube Video Gallery
 2026-01-24T07:26:42.114Z 2026-01-26T15:45:27.882Z
CVE-2025-14903
4.3 (3.1)
Simple Crypto Shortcodes <= 1.0.2 - Cross-Site Request… stefanristic
 Simple Crypto Shortcodes
 2026-01-24T07:26:40.557Z 2026-01-26T15:45:49.695Z
CVE-2025-14843
5.3 (3.1)
Wizit Gateway for WooCommerce <= 1.2.9 - Missing Authe… wizit
 Wizit Gateway for WooCommerce
 2026-01-24T07:26:46.217Z 2026-01-26T15:44:44.088Z
CVE-2025-14797
5.4 (3.1)
Same Category Posts <= 1.1.19 - Authenticated (Author+… kometschuh
 Same Category Posts
 2026-01-24T07:26:43.936Z 2026-01-26T18:20:12.658Z
CVE-2025-14630
4.3 (3.1)
AdminQuickbar <= 1.9.3 - Cross-Site Request Forgery to… rtowebsites
 AdminQuickbar
 2026-01-24T08:26:35.023Z 2026-01-26T15:44:27.719Z
CVE-2025-14629
5.3 (3.1)
Alchemist Ajax Upload <= 1.1 - Missing Authorization t… tandubhai
 Alchemist Ajax Upload
 2026-01-24T07:26:45.155Z 2026-01-26T18:18:54.374Z
CVE-2025-14609
5.3 (3.1)
Wise Analytics <= 1.1.9 - Missing Authorization to Una… marcinlawrowski
 Wise Analytics
 2026-01-24T07:26:47.717Z 2026-01-26T18:17:35.427Z
CVE-2025-13920
5.3 (3.1)
WP Directory Kit <= 1.4.9 - Unauthenticated Email Expo… wpdirectorykit
 WP Directory Kit
 2026-01-24T12:27:15.684Z 2026-01-26T15:38:27.646Z
CVE-2025-13676
6.1 (3.1)
JustClick registration plugin <= 0.1 - Reflected Cross… ostin654
 JustClick registration plugin
 2026-01-24T07:26:48.445Z 2026-01-26T18:06:38.909Z
CVE-2025-13374
9.8 (3.1)
Kalrav AI Agent <= 2.3.3 - Unauthenticated Arbitrary F… irisideatechsolutions
 Kalrav AI Agent
 2026-01-24T07:26:42.836Z 2026-01-26T15:45:16.947Z
CVE-2025-13205
4.3 (3.1)
SurveyJS: Drag & Drop WordPress Form Builder to create… devsoftbaltic
 SurveyJS: Drag & Drop Form Builder
 2026-01-24T09:08:09.131Z 2026-01-26T15:44:21.874Z
CVE-2025-13194
4.3 (3.1)
SurveyJS: Drag & Drop WordPress Form Builder to create… devsoftbaltic
 SurveyJS: Drag & Drop Form Builder
 2026-01-24T09:08:08.275Z 2026-01-26T17:39:41.909Z
CVE-2025-13139
4.3 (3.1)
SurveyJS: Drag & Drop WordPress Form Builder <= 1.12.2… devsoftbaltic
 SurveyJS: Drag & Drop Form Builder
 2026-01-24T09:08:05.683Z 2026-01-26T17:46:58.712Z
CVE-2025-12836
6.4 (3.1)
VK Google Job Posting Manager <= 1.2.20 - Authenticate… vektor-inc
 VK Google Job Posting Manager
 2026-01-24T07:26:41.692Z 2026-01-26T15:45:33.120Z
CVE-2022-25369
9.8 (3.1)
An issue was discovered in Dynamicweb before 9.12… n/a
 n/a
 2026-01-23T00:00:00.000Z 2026-01-23T18:28:45.908Z
CVE-2021-47906
5.1 (4.0)
6.4 (3.1)
BloofoxCMS 0.5.2.1 - 'text' Stored Cross Site Scripting BloofoxCMS
 BloofoxCMS
 2026-01-23T16:47:44.644Z 2026-01-23T21:44:13.132Z
CVE-2021-47905
5.1 (4.0)
6.1 (3.1)
MyBB Delete Account Plugin 1.4 - Cross-Site Scripting vintagedaddyo
 MyBB Delete Account Plugin
 2026-01-23T16:47:44.014Z 2026-01-23T21:47:23.266Z
CVE-2021-47904
8.7 (4.0)
8.8 (3.1)
PhreeBooks 5.2.3 - Remote Code Execution Phreesoft
 PhreeBooks
 2026-01-23T16:47:43.329Z 2026-01-23T21:47:32.715Z
CVE-2021-47903
8.6 (4.0)
8.8 (3.1)
LiteSpeed Web Server Enterprise 5.4.11 - Command Injection LiteSpeed Technologies Inc
 LiteSpeed Web Server Enterprise
 2026-01-23T16:47:42.757Z 2026-01-23T21:47:40.934Z
CVE-2021-47899
6.9 (4.0)
4 (3.1)
YetiShare File Hosting Script 5.1.0 Remote File Upload… Mfscripts
 YetiShare File Hosting Script
 2026-01-23T16:47:42.136Z 2026-01-23T21:47:48.936Z
ID Description Published Updated
fkie_cve-2025-15516 The All-in-One Video Gallery plugin for WordPress is vulnerable to unauthorized modification of dat… 2026-01-24T09:15:52.390 2026-01-26T15:03:33.357
fkie_cve-2025-14985 The Alpha Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alpha_b… 2026-01-24T08:16:06.763 2026-01-26T15:03:33.357
fkie_cve-2025-14947 The All-in-One Video Gallery plugin for WordPress is vulnerable to unauthorized modification of dat… 2026-01-23T18:16:02.070 2026-01-26T15:03:33.357
fkie_cve-2025-14941 The GZSEO plugin for WordPress is vulnerable to authorization bypass leading to Stored Cross-Site S… 2026-01-24T08:16:06.593 2026-01-26T15:03:33.357
fkie_cve-2025-14907 The Moderate Selected Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all… 2026-01-24T09:15:52.220 2026-01-26T15:03:33.357
fkie_cve-2025-14906 The WP Youtube Video Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in al… 2026-01-24T08:16:06.420 2026-01-26T15:03:33.357
fkie_cve-2025-14903 The Simple Crypto Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in ve… 2026-01-24T08:16:06.243 2026-01-26T15:03:33.357
fkie_cve-2025-14843 The Wizit Gateway for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary O… 2026-01-24T08:16:06.073 2026-01-26T15:03:33.357
fkie_cve-2025-14797 The Same Category Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the w… 2026-01-24T08:16:05.900 2026-01-26T15:03:33.357
fkie_cve-2025-14630 The AdminQuickbar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions … 2026-01-24T09:15:52.053 2026-01-26T15:03:33.357
fkie_cve-2025-14629 The Alchemist Ajax Upload plugin for WordPress is vulnerable to unauthorized media file deletion du… 2026-01-24T08:16:05.713 2026-01-26T15:03:33.357
fkie_cve-2025-14609 The Wise Analytics plugin for WordPress is vulnerable to Missing Authorization in all versions up t… 2026-01-24T08:16:05.543 2026-01-26T15:03:33.357
fkie_cve-2025-13920 The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all ve… 2026-01-24T13:15:54.013 2026-01-26T15:03:33.357
fkie_cve-2025-13676 The JustClick registration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in … 2026-01-24T08:16:05.367 2026-01-26T15:03:33.357
fkie_cve-2025-13374 The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads due to missing fil… 2026-01-24T08:16:05.173 2026-01-26T15:03:33.357
fkie_cve-2025-13205 The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any c… 2026-01-24T09:15:51.880 2026-01-26T15:03:33.357
fkie_cve-2025-13194 The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any c… 2026-01-24T09:15:51.713 2026-01-26T15:03:33.357
fkie_cve-2025-13139 The SurveyJS: Drag & Drop WordPress Form Builder plugin for WordPress is vulnerable to Cross-Site R… 2026-01-24T09:15:50.647 2026-01-26T15:03:33.357
fkie_cve-2025-12836 The VK Google Job Posting Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting… 2026-01-24T08:16:03.870 2026-01-26T15:03:33.357
fkie_cve-2022-25369 An issue was discovered in Dynamicweb before 9.12.8. An attacker can add a new administrator user w… 2026-01-23T17:16:04.753 2026-01-26T15:03:33.357
fkie_cve-2021-47906 BloofoxCMS 0.5.2.1 contains a stored cross-site scripting vulnerability in the articles text parame… 2026-01-23T17:16:04.383 2026-01-26T15:03:33.357
fkie_cve-2021-47905 MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnerability in the account deletio… 2026-01-23T17:16:04.180 2026-01-26T15:03:33.357
fkie_cve-2021-47904 PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allo… 2026-01-23T17:16:03.990 2026-01-26T15:03:33.357
fkie_cve-2021-47903 LiteSpeed Web Server Enterprise 5.4.11 contains an authenticated command injection vulnerability in… 2026-01-23T17:16:02.743 2026-01-26T15:03:33.357
fkie_cve-2021-47899 YetiShare File Hosting Script 5.1.0 contains a server-side request forgery vulnerability that allow… 2026-01-23T17:16:02.120 2026-01-26T15:03:33.357
fkie_cve-2021-47898 Epson USB Display 1.6.0.0 contains an unquoted service path vulnerability in the EMP_UDSA service r… 2026-01-23T17:16:01.767 2026-01-26T15:03:33.357
fkie_cve-2021-47897 PEEL Shopping 9.3.0 contains a stored cross-site scripting vulnerability in the address parameter o… 2026-01-23T17:16:01.523 2026-01-26T15:03:33.357
fkie_cve-2021-47896 PDF Complete Corporate Edition 4.1.45 contains an unquoted service path vulnerability in the pdfcDi… 2026-01-23T17:15:58.023 2026-01-26T15:03:33.357
fkie_cve-2021-47895 Nsauditor 3.2.2.0 contains a denial of service vulnerability that allows attackers to crash the app… 2026-01-23T17:15:57.390 2026-01-26T15:03:33.357
fkie_cve-2021-47894 Managed Switch Port Mapping Tool 2.85.2 contains a denial of service vulnerability that allows atta… 2026-01-23T17:15:57.020 2026-01-26T15:03:33.357
ID Severity Description Published Updated
ghsa-rcq8-2vrm-5v77
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-r4pj-gvf7-f2q6
7.5 (3.1)
Missing Authorization vulnerability in javothemes Javo Core javo-core allows Exploiting Incorrectly… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-hj95-h3q8-9f44
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-g973-3hcj-2cj8
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-fxfc-66xm-cx3q
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-f87h-73m9-9mvr
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-8gvw-4qwp-qg2j
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-7m79-8c7r-jxp3
8.1 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-6jjm-pf9p-g7hp
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-4q66-mhj3-vmmr
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-45mf-5cgg-gvgg
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-3gwx-5m3q-74wv
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-2mrg-2qcj-p8qp
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-2cq9-p3hh-4x7f
8.6 (3.1)
Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privil… 2025-12-18T09:30:26Z 2026-01-20T15:32:22Z
ghsa-xm4c-mcfr-mg33
7.1 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2025-12-18T09:30:26Z 2026-01-20T15:32:21Z
ghsa-w393-v2hq-cqm8
5.3 (3.1)
Missing Authorization vulnerability in mkscripts Download After Email download-after-email allows E… 2025-12-18T09:30:26Z 2026-01-20T15:32:21Z
ghsa-j386-rxrm-789f
7.1 (3.1)
Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Conf… 2025-12-18T09:30:26Z 2026-01-20T15:32:21Z
ghsa-56gc-5jpx-35jv
8.1 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:21Z
ghsa-3xc3-wg4j-v425
7.2 (3.1)
Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalati… 2025-12-18T09:30:26Z 2026-01-20T15:32:21Z
ghsa-3x9f-jx2x-rgjh
8.1 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:21Z
ghsa-2ffc-fhcm-rq53
6.5 (3.1)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rom… 2025-12-18T09:30:26Z 2026-01-20T15:32:21Z
ghsa-26hr-x62r-xc25
6.5 (3.1)
Missing Authorization vulnerability in miniOrange miniOrange's Google Authenticator miniorange-2-fa… 2025-12-18T09:30:26Z 2026-01-20T15:32:21Z
ghsa-xm4g-rv38-63j8
8.1 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:25Z 2026-01-20T15:32:20Z
ghsa-x45x-35m6-q633
8.6 (3.1)
Missing Authorization vulnerability in Tyler Moore Super Blank super-blank allows Exploiting Incorr… 2025-12-18T09:30:26Z 2026-01-20T15:32:20Z
ghsa-vqf5-665x-v348
8.1 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:25Z 2026-01-20T15:32:20Z
ghsa-mx84-vj9p-47h4
8.2 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:20Z
ghsa-mmh9-ccpx-xx5x
9.8 (3.1)
Deserialization of Untrusted Data vulnerability in BoldThemes DentiCare denticare allows Object Inj… 2025-12-18T09:30:26Z 2026-01-20T15:32:20Z
ghsa-m9vg-3465-4f8h
8.1 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:20Z
ghsa-m4g6-pfwj-xjr9
8.1 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:26Z 2026-01-20T15:32:20Z
ghsa-667v-f7wc-pcmj
8.1 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2025-12-18T09:30:25Z 2026-01-20T15:32:20Z
ID Severity Description Package Published Updated
ID Description Type
ID Description Updated
gsd-2024-3049 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.895924Z
gsd-2024-3086 A vulnerability classified as problematic was found in PHPGurukul Emergency Ambulance Hir… 2024-04-03T05:02:29.895238Z
gsd-2024-3089 A vulnerability has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and cl… 2024-04-03T05:02:29.894382Z
gsd-2024-3056 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.894092Z
gsd-2024-3040 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.893573Z
gsd-2024-3247 In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recur… 2024-04-03T05:02:29.892957Z
gsd-2024-3239 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.892682Z
gsd-2024-3121 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.892472Z
gsd-2024-3144 A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected b… 2024-04-03T05:02:29.891800Z
gsd-2024-3022 The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insu… 2024-04-03T05:02:29.891509Z
gsd-2024-3001 A vulnerability, which was classified as critical, has been found in code-projects Online… 2024-04-03T05:02:29.890828Z
gsd-2024-3053 The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is… 2024-04-03T05:02:29.890502Z
gsd-2024-3093 The Font Farsi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admi… 2024-04-03T05:02:29.890309Z
gsd-2024-3016 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.890118Z
gsd-2024-3023 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.889921Z
gsd-2024-3136 The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all ver… 2024-04-03T05:02:29.889725Z
gsd-2024-3242 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.889524Z
gsd-2024-3205 A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical. Affecte… 2024-04-03T05:02:29.888819Z
gsd-2024-3213 The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modif… 2024-04-03T05:02:29.888531Z
gsd-2024-3059 The ENL Newsletter WordPress plugin through 1.0.1 does not have CSRF checks in some place… 2024-04-03T05:02:29.888335Z
gsd-2024-3197 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.888141Z
gsd-2024-3150 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.887939Z
gsd-2024-3208 The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via … 2024-04-03T05:02:29.887670Z
gsd-2024-3192 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.887465Z
gsd-2024-3196 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.887253Z
gsd-2024-3164 In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, whi… 2024-04-03T05:02:29.886602Z
gsd-2024-3250 It was discovered that Pebble's read-file API and the associated pebble pull command, bef… 2024-04-03T05:02:29.886309Z
gsd-2024-3037 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.886105Z
gsd-2024-3066 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.885908Z
gsd-2024-3104 The format of the source doesn't require a description, click on the link for more details. 2024-04-03T05:02:29.885712Z
ID Description Published Updated
mal-2024-12164 Malicious code in @swiggy-private/aatm-nirbhar-build (npm) 2024-12-30T22:26:24Z 2025-12-02T09:12:12Z
mal-2025-191481 Malicious code in br2s-ui-componentlibrary_r2 (npm) 2025-11-26T08:44:02Z 2025-12-02T08:26:34Z
mal-2025-191485 Malicious code in x402-legacy (npm) 2025-11-29T05:50:32Z 2025-12-02T07:25:51Z
mal-2025-191492 Malicious code in umap-wasm (npm) 2025-11-30T13:12:07Z 2025-12-02T07:25:50Z
mal-2025-191486 Malicious code in vitest-environment-jsdom-patched (npm) 2025-11-29T14:31:10Z 2025-12-02T07:25:50Z
mal-2025-191501 Malicious code in old-hd-keyring (npm) 2025-12-01T16:00:47Z 2025-12-02T07:25:49Z
mal-2025-191500 Malicious code in m365-action-sdk (npm) 2025-12-01T16:00:47Z 2025-12-02T07:25:48Z
mal-2025-191499 Malicious code in libdebugrouter.so (npm) 2025-12-01T16:00:47Z 2025-12-02T07:25:48Z
mal-2025-191489 Malicious code in liblynxtextra.so (npm) 2025-11-29T17:45:40Z 2025-12-02T07:25:48Z
mal-2025-191488 Malicious code in eslint-plugin-react-hooks-published (npm) 2025-11-29T17:40:37Z 2025-12-02T07:25:47Z
mal-2025-191491 Malicious code in babel-plugin-standalone (npm) 2025-11-30T08:52:25Z 2025-12-02T07:25:46Z
mal-2025-191490 Malicious code in com.unity.sharp-zip-lib (npm) 2025-11-29T18:25:43Z 2025-12-02T07:25:46Z
mal-2025-191487 Malicious code in chain-selectors (npm) 2025-11-29T17:20:34Z 2025-12-02T07:25:46Z
mal-2025-191479 Malicious code in chia-gaming-lobby-connection (npm) 2025-11-27T15:17:54Z 2025-12-02T07:25:46Z
mal-2025-191493 Malicious code in 7715-permissions-shared (npm) 2025-11-30T14:53:02Z 2025-12-02T07:25:45Z
mal-2025-190584 Malicious code in @kiwiiw/ez-lib (npm) 2025-11-20T07:30:20Z 2025-12-02T06:26:25Z
mal-2022-54 Malicious code in @8x8/oxygen-constants (npm) 2022-06-20T20:09:19Z 2025-12-01T18:30:32Z
mal-2025-191532 Malicious code in yq-go (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191531 Malicious code in usb_dev (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191530 Malicious code in tilt-ui (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191529 Malicious code in terrain-sample (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191528 Malicious code in telesis (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191527 Malicious code in solana-dev-mcp (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191526 Malicious code in silentcipherui (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191525 Malicious code in ripiocoin (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191524 Malicious code in render-stage (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191523 Malicious code in privy-frames-v2-demo (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191522 Malicious code in privy-farcaster-demo (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191521 Malicious code in nova-angular-project (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
mal-2025-191520 Malicious code in nnc-web (npm) 2025-12-01T16:16:28Z 2025-12-01T16:16:28Z
ID Description Published Updated
wid-sec-w-2025-0502 Docker Desktop: Schwachstelle ermöglicht Offenlegung von Informationen 2025-03-06T23:00:00.000+00:00 2025-03-06T23:00:00.000+00:00
wid-sec-w-2025-0498 python-crypto: Schwachstelle ermöglicht Offenlegung von Informationen 2018-02-15T23:00:00.000+00:00 2025-03-06T23:00:00.000+00:00
wid-sec-w-2025-0487 Kibana: Schwachstelle ermöglicht Codeausführung 2025-03-04T23:00:00.000+00:00 2025-03-06T23:00:00.000+00:00
wid-sec-w-2025-0480 VMware ESXi: Mehrere Schwachstellen 2025-03-03T23:00:00.000+00:00 2025-03-06T23:00:00.000+00:00
wid-sec-w-2025-0449 GitLab: Mehrere Schwachstellen 2025-02-26T23:00:00.000+00:00 2025-03-06T23:00:00.000+00:00
wid-sec-w-2023-1947 Golang Go: Schwachstelle ermöglicht Denial of Service 2023-08-02T22:00:00.000+00:00 2025-03-06T23:00:00.000+00:00
wid-sec-w-2025-0494 Axis Axis OS: Mehrere Schwachstellen 2025-03-05T23:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2025-0493 Laravel Framework: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-03-05T23:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2025-0491 Cisco TelePresence Management Suite: Schwachstelle ermöglicht Cross-Site Scripting 2025-03-05T23:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2025-0490 Cisco Secure Client: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode 2025-03-05T23:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2025-0489 Jenkins: Mehrere Schwachstellen 2025-03-05T23:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2025-0488 IBM FileNet Content Manager: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-03-05T23:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2025-0354 GitLab: Mehrere Schwachstellen 2025-02-11T23:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2024-1856 IBM WebSphere Application Server: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen 2024-08-14T22:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2024-1678 Apache CXF: Mehrere Schwachstellen 2024-07-18T22:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2024-1637 Oracle Fusion Middleware: Mehrere Schwachstellen 2024-07-16T22:00:00.000+00:00 2025-03-05T23:00:00.000+00:00
wid-sec-w-2025-0484 Commvault Backup & Recovery: Schwachstelle ermöglicht Codeausführung 2025-03-04T23:00:00.000+00:00 2025-03-04T23:00:00.000+00:00
wid-sec-w-2025-0481 Pixel Patchday March 2025: Mehrere Schwachstellen 2025-03-04T23:00:00.000+00:00 2025-03-04T23:00:00.000+00:00
wid-sec-w-2025-0470 vim (tar.vim plugin): Schwachstelle ermöglicht Codeausführung 2025-03-02T23:00:00.000+00:00 2025-03-04T23:00:00.000+00:00
wid-sec-w-2024-3563 Jenkins: Mehrere Schwachstellen 2024-11-27T23:00:00.000+00:00 2025-03-04T23:00:00.000+00:00
wid-sec-w-2024-3456 Jenkins Plugins: Mehrere Schwachstellen 2024-11-13T23:00:00.000+00:00 2025-03-04T23:00:00.000+00:00
wid-sec-w-2024-0500 Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff 2024-02-27T23:00:00.000+00:00 2025-03-04T23:00:00.000+00:00
wid-sec-w-2025-0479 PostgreSQL: Mehrere Schwachstellen 2015-05-25T22:00:00.000+00:00 2025-03-03T23:00:00.000+00:00
wid-sec-w-2025-0476 ESRI ArcGIS: Mehrere Schwachstellen 2025-03-03T23:00:00.000+00:00 2025-03-03T23:00:00.000+00:00
wid-sec-w-2025-0475 Samsung Android: Mehrere Schwachstellen 2025-03-03T23:00:00.000+00:00 2025-03-03T23:00:00.000+00:00
wid-sec-w-2025-0474 IBM Business Automation Workflow: Mehrere Schwachstellen ermöglichen Denial of Service 2025-03-03T23:00:00.000+00:00 2025-03-03T23:00:00.000+00:00
wid-sec-w-2025-0473 MinIO: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-03-03T23:00:00.000+00:00 2025-03-03T23:00:00.000+00:00
wid-sec-w-2025-0090 Red Hat Enterprise Linux (librdf): Schwachstelle ermöglicht Denial of Service 2025-01-14T23:00:00.000+00:00 2025-03-03T23:00:00.000+00:00
wid-sec-w-2024-3403 IBM WebSphere Application Server: Schwachstelle ermöglicht Cross-Site Scripting 2024-11-11T23:00:00.000+00:00 2025-03-03T23:00:00.000+00:00
wid-sec-w-2024-3334 IBM WebSphere Anwendungsserver: Schwachstelle ermöglicht Denial of Service und Informationsoffenlegung 2024-11-04T23:00:00.000+00:00 2025-03-03T23:00:00.000+00:00
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
rhsa-2014:1288 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.1 update 2014-09-23T19:41:34+00:00 2026-01-28T22:38:20+00:00
rhsa-2014:1166 Red Hat Security Advisory: jakarta-commons-httpclient security update 2014-09-08T19:37:54+00:00 2026-01-28T22:38:20+00:00
rhsa-2014:1287 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.1 update 2014-09-23T19:51:56+00:00 2026-01-28T22:38:19+00:00
rhsa-2014:1286 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.1 update 2014-09-23T19:53:02+00:00 2026-01-28T22:38:19+00:00
rhsa-2014:1285 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.1 update 2014-09-23T19:54:38+00:00 2026-01-28T22:38:19+00:00
rhsa-2014:1256 Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 openssl security update 2014-09-17T16:30:52+00:00 2026-01-28T22:38:18+00:00
rhsa-2014:1193 Red Hat Security Advisory: axis security update 2014-09-15T15:40:16+00:00 2026-01-28T22:38:18+00:00
rhsa-2014:1149 Red Hat Security Advisory: Red Hat JBoss Operations Network 3.2.3 update 2014-09-03T18:04:38+00:00 2026-01-28T22:38:17+00:00
rhsa-2014:1146 Red Hat Security Advisory: httpcomponents-client security update 2014-09-03T18:15:03+00:00 2026-01-28T22:38:17+00:00
rhsa-2014:1091 Red Hat Security Advisory: mod_wsgi security update 2014-08-25T08:59:36+00:00 2026-01-28T22:38:17+00:00
rhsa-2014:1088 Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 update 2014-08-21T15:29:13+00:00 2026-01-28T22:38:16+00:00
rhsa-2014:1086 Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 update 2014-08-21T15:30:27+00:00 2026-01-28T22:38:16+00:00
rhsa-2014:1082 Red Hat Security Advisory: thermostat1-httpcomponents-client security update 2014-08-20T10:39:58+00:00 2026-01-28T22:38:16+00:00
rhsa-2014:1059 Red Hat Security Advisory: JBoss Enterprise Portal Platform 5.2.2 security update 2014-08-14T15:47:55+00:00 2026-01-28T22:38:15+00:00
rhsa-2014:1054 Red Hat Security Advisory: openssl security update 2014-08-14T04:44:38+00:00 2026-01-28T22:38:15+00:00
rhsa-2014:1034 Red Hat Security Advisory: tomcat security update 2014-08-07T18:23:30+00:00 2026-01-28T22:38:15+00:00
rhsa-2014:1053 Red Hat Security Advisory: openssl security update 2014-08-13T18:18:41+00:00 2026-01-28T22:38:14+00:00
rhsa-2014:1052 Red Hat Security Advisory: openssl security update 2014-08-13T21:32:03+00:00 2026-01-28T22:38:14+00:00
rhsa-2014:1038 Red Hat Security Advisory: tomcat6 security update 2014-08-11T16:44:40+00:00 2026-01-28T22:38:14+00:00
rhsa-2014:1021 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.0 update 2014-08-06T14:52:25+00:00 2026-01-28T22:38:14+00:00
rhsa-2014:0789 Red Hat Security Advisory: python27-mod_wsgi and python33-mod_wsgi security update 2014-06-25T15:40:16+00:00 2026-01-28T22:38:14+00:00
rhsa-2014:1020 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.0 update 2014-08-06T15:03:06+00:00 2026-01-28T22:38:13+00:00
rhsa-2014:1019 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.0 update 2014-08-06T15:06:42+00:00 2026-01-28T22:38:13+00:00
rhsa-2014:1007 Red Hat Security Advisory: Red Hat JBoss BRMS 5.3.1 update 2014-08-05T14:10:28+00:00 2026-01-28T22:38:13+00:00
rhsa-2014:0633 Red Hat Security Advisory: Red Hat JBoss Enterprise Web Platform 5.2.0 security update 2014-06-05T14:56:31+00:00 2026-01-28T22:38:13+00:00
rhsa-2014:0982 Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update 2014-07-29T15:40:11+00:00 2026-01-28T22:38:12+00:00
rhsa-2014:0895 Red Hat Security Advisory: Red Hat JBoss Data Grid 6.3.0 update 2014-07-16T17:12:23+00:00 2026-01-28T22:38:12+00:00
rhsa-2014:0865 Red Hat Security Advisory: tomcat6 security and bug fix update 2014-07-09T15:16:10+00:00 2026-01-28T22:38:12+00:00
rhsa-2014:0843 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.4 security update 2014-07-07T14:49:49+00:00 2026-01-28T22:38:12+00:00
rhsa-2014:0842 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.4 security update 2014-07-07T14:49:59+00:00 2026-01-28T22:38:11+00:00
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
msrc_cve-2023-45288 HTTP/2 CONTINUATION flood in net/http 2024-04-02T07:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2023-33461 iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return. 2023-06-01T07:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2022-40898 An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. 2022-12-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2022-32746 A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes such as userAccountControl. 2022-08-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2022-32149 Denial of service via crafted Accept-Language header in golang.org/x/text/language 2022-10-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2022-29526 Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter the Faccessat function could incorrectly report that a file is accessible. 2022-06-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2021-3672 A flaw was found in c-ares library where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability. 2021-11-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2021-28361 An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected) the iSCSI target can crash with a NULL pointer dereference. 2021-03-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2021-24032 Beginning in v1.4.1 and prior to v1.4.9 due to an incomplete fix for CVE-2021-24031 the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties. 2021-03-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2021-23336 Web Cache Poisoning 2021-02-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2021-20286 A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service. 2021-03-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2021-20277 A flaw was found in Samba's libldb. Multiple consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. 2021-05-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2020-27840 A flaw was found in samba. Spaces used in a string around a domain name (DN) while supposed to be ignored can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory resulting in a crash. The highest threat from this vulnerability is to system availability. 2021-05-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2020-22217 Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. 2023-08-01T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2019-9674 Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. 2020-02-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2019-3833 Openwsman versions up to and including 2.6.9 are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server. 2019-03-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2019-3816 Openwsman versions up to and including 2.6.9 are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. 2019-03-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2019-20907 In Lib/tarfile.py in Python through 3.8.3 an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open because _proc_pax lacks header validation. 2020-07-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2017-18207 The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions. 2018-03-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2017-17522 Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting 2017-12-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2015-9251 jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option causing text/javascript responses to be executed. 2018-01-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2012-6708 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions jQuery only deems the input to be HTML if it explicitly starts with the '<' character limiting exploitability only to attackers who can control the beginning of a string which is far less common. 2018-01-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2012-2677 Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool 2012-07-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2007-4559 Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive a related issue to CVE-2001-1267. 2007-08-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. 2025-04-02T00:00:00.000Z 2025-05-23T00:00:00.000Z
msrc_cve-2025-47181 Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability 2025-05-13T07:00:00.000Z 2025-05-22T07:00:00.000Z
msrc_cve-2025-26646 .NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability 2025-05-13T07:00:00.000Z 2025-05-22T07:00:00.000Z
msrc_cve-2024-56662 acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl 2024-12-02T00:00:00.000Z 2025-05-21T00:00:00.000Z
msrc_cve-2024-42093 net/dpaa2: Avoid explicit cpumask var allocation on stack 2024-07-01T07:00:00.000Z 2025-05-21T00:00:00.000Z
msrc_cve-2024-41057 cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() 2024-07-01T07:00:00.000Z 2025-05-21T00:00:00.000Z
ID Description Published Updated
ID Description Updated
var-202410-0042 A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. This vulnera… 2025-08-02T23:09:38.711000Z
var-202503-2100 A command injection vulnerability exists in the /check_image_and_trigger_recovery API end… 2025-08-02T23:09:37.808000Z
var-202504-3167 A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified… 2025-08-02T23:09:37.510000Z
var-202504-3188 A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been d… 2025-08-02T23:09:37.487000Z
var-202405-4042 A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpip… 2025-08-02T23:07:49.874000Z
var-202410-0072 A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2… 2025-08-02T23:07:49.209000Z
var-202506-0023 A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as cri… 2025-08-02T23:07:44.270000Z
var-202507-0164 INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability… 2025-08-02T23:07:44.055000Z
var-202507-0173 INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability… 2025-08-02T23:05:43.664000Z
var-202503-1337 An improper access control vulnerability exists in Bitdefender Box 1 (firmware version 1.… 2025-08-02T23:04:34.172000Z
var-202507-2480 A vulnerability was found in D-Link DIR-513 up to 20190831. It has been declared as criti… 2025-08-02T23:04:33.367000Z
var-202507-2753 Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSe… 2025-08-02T23:04:33.335000Z
var-201507-0710 An unauthenticated command injection vulnerability exists in the cookie handling process … 2025-08-02T23:02:19.123000Z
var-202309-2863 D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanDhcpplus function.… 2025-08-02T23:01:30.945000Z
var-202405-4078 A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/fo… 2025-08-02T23:01:29.443000Z
var-202410-0077 A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as crit… 2025-08-02T23:01:25.299000Z
var-202410-0119 A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. … 2025-08-02T23:01:25.275000Z
var-202506-3426 A vulnerability, which was classified as problematic, was found in D-Link DCS-7517 up to … 2025-08-02T23:01:23.615000Z
var-202505-0271 A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810… 2025-08-02T22:57:04.093000Z
var-202507-2846 Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/fast_settin… 2025-08-02T22:57:03.303000Z
var-202405-1938 Fuji Electric Monitouch V-SFT is vulnerable to an out-of-bounds write because of a type … 2025-08-02T22:51:37.305000Z
var-202505-0455 A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-… 2025-08-02T22:51:34.127000Z
var-202105-1518 A use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8… 2025-08-02T21:32:32.616000Z
var-202503-1032 Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the … 2025-08-01T23:22:03.384000Z
var-202507-0207 INVT VT-Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability. Thi… 2025-08-01T23:22:02.117000Z
var-202503-4051 An exposure of sensitive system information to an unauthorized control sphere vulnerabili… 2025-08-01T23:21:41.247000Z
var-201902-0460 A vulnerability in the web-based management interface of Cisco Unified Intelligence Cente… 2025-08-01T23:20:55.512000Z
var-202110-1729 A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandb… 2025-08-01T23:19:35.385000Z
var-202503-0851 Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the … 2025-08-01T23:19:30.212000Z
var-202503-0683 Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the … 2025-08-01T23:14:47.157000Z
ID Description Published Updated
ID Description Updated
ID Description Published Updated
suse-su-2024:3770-1 Security update for libgsf 2024-10-29T12:55:13Z 2024-10-29T12:55:13Z
suse-su-2024:3768-1 Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP2) 2024-10-29T06:03:42Z 2024-10-29T06:03:42Z
suse-su-2024:3767-1 Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP2) 2024-10-29T04:33:35Z 2024-10-29T04:33:35Z
suse-su-2024:3766-1 Security update for openssl-3 2024-10-29T01:34:29Z 2024-10-29T01:34:29Z
suse-su-2024:3765-1 Security update for openssl-1_1 2024-10-29T01:34:06Z 2024-10-29T01:34:06Z
suse-su-2024:3764-1 Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6) 2024-10-28T20:49:11Z 2024-10-28T20:49:11Z
suse-su-2024:3760-1 Security update for python3 2024-10-28T03:33:33Z 2024-10-28T03:33:33Z
suse-su-2024:3757-1 Security update for openssl-1_1 2024-10-25T10:30:29Z 2024-10-25T10:30:29Z
suse-su-2024:3159-2 Security update for postgresql16 2024-10-24T08:44:33Z 2024-10-24T08:44:33Z
suse-su-2024:3756-1 Security update for cups-filters 2024-10-24T08:29:03Z 2024-10-24T08:29:03Z
suse-su-2024:3755-1 Security update for go1.21-openssl 2024-10-24T07:54:03Z 2024-10-24T07:54:03Z
suse-su-2024:3754-1 Security update for buildah 2024-10-24T03:34:37Z 2024-10-24T03:34:37Z
suse-su-2024:3753-1 Security update for podman 2024-10-24T03:34:18Z 2024-10-24T03:34:18Z
suse-su-2024:3752-1 Security update for webkit2gtk3 2024-10-24T03:33:43Z 2024-10-24T03:33:43Z
suse-su-2024:3751-1 Security update for webkit2gtk3 2024-10-24T01:33:35Z 2024-10-24T01:33:35Z
suse-su-2024:3750-1 Security update for apache2 2024-10-23T15:33:25Z 2024-10-23T15:33:25Z
suse-su-2024:3749-1 Security update for python-pyOpenSSL 2024-10-23T15:32:52Z 2024-10-23T15:32:52Z
suse-su-2024:3748-1 Security update for cargo-c 2024-10-23T11:33:35Z 2024-10-23T11:33:35Z
suse-su-2024:3747-1 Security update for protobuf 2024-10-22T13:41:37Z 2024-10-22T13:41:37Z
suse-su-2024:3746-1 Security update for protobuf 2024-10-22T13:40:55Z 2024-10-22T13:40:55Z
suse-su-2024:3745-1 Security update for protobuf 2024-10-22T13:39:36Z 2024-10-22T13:39:36Z
suse-su-2024:3744-1 Security update for qemu 2024-10-22T13:34:33Z 2024-10-22T13:34:33Z
suse-su-2024:3742-1 Security update for apache2 2024-10-21T13:58:26Z 2024-10-21T13:58:26Z
suse-su-2024:3741-1 Security update for podman 2024-10-21T12:33:42Z 2024-10-21T12:33:42Z
suse-su-2024:3733-1 Security update for php7 2024-10-18T15:48:27Z 2024-10-18T15:48:27Z
suse-su-2024:3732-1 Security update for php74 2024-10-18T14:47:15Z 2024-10-18T14:47:15Z
suse-su-2024:3731-1 Security update for MozillaThunderbird 2024-10-18T14:29:47Z 2024-10-18T14:29:47Z
suse-su-2024:3729-1 Security update for php8 2024-10-18T13:22:52Z 2024-10-18T13:22:52Z
suse-su-2024:3728-1 Security update for buildah 2024-10-18T13:15:50Z 2024-10-18T13:15:50Z
suse-su-2024:3720-1 Security update for jetty-minimal 2024-10-18T06:33:56Z 2024-10-18T06:33:56Z
ID Description Published Updated
opensuse-su-2024:12208-1 java-17-openjdk-17.0.4.0-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12207-1 java-11-openjdk-11.0.16.0-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12206-1 cri-o-1.24.1-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12205-1 trivy-0.30.2-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12204-1 libopenssl-3-devel-3.0.5-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12203-1 java-18-openjdk-18.0.2.0-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12202-1 java-15-openjdk-15.0.8.0-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12201-1 java-13-openjdk-13.0.12.0-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12200-1 pyenv-2.3.2-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12199-1 corepack16-16.16.0-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12198-1 chromedriver-103.0.5060.134-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12197-1 cereal-devel-1.3.2-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12196-1 stunnel-5.65-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12195-1 ceph-16.2.9.536+g41a9f9a5573-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12194-1 phpPgAdmin-7.13.0-2.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12193-1 kernel-devel-5.18.11-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12192-1 python-M2Crypto-doc-0.38.0-3.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12191-1 phpMyAdmin-5.2.0-2.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12190-1 go1.18-1.18.4-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12189-1 go1.17-1.17.12-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12188-1 git-2.37.1-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12187-1 xorg-x11-server-21.1.3-8.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12186-1 java-1_8_0-openj9-1.8.0.332-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12185-1 java-11-openj9-11.0.15.0-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12184-1 MozillaFirefox-102.0.1-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12183-1 python310-ujson-5.4.0-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12182-1 jetty-annotations-9.4.48-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12181-1 kernel-devel-5.18.9-2.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12180-1 chromedriver-103.0.5060.114-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
opensuse-su-2024:12179-1 libopenssl-1_1-devel-1.1.1q-1.1 on GA media 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z
ID Description Published Updated
ID Description Published Updated
bit-gitlab-2022-1510 2024-03-06T11:15:56.261Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1460 2024-03-06T11:15:57.540Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1433 2024-03-06T11:15:58.824Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1431 2024-03-06T11:16:00.095Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1428 2024-03-06T11:16:01.352Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1426 2024-03-06T11:16:02.593Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1423 2024-03-06T11:16:03.952Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1417 2024-03-06T11:16:05.259Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1416 2024-03-06T11:16:06.582Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1413 2024-03-06T11:16:07.926Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1406 2024-03-06T11:16:09.232Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1352 2024-03-06T11:16:10.678Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1193 2024-03-06T11:16:12.003Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1190 2024-03-06T11:16:13.356Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1189 2024-03-06T11:16:14.701Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1188 2024-03-06T11:16:16.032Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1185 2024-03-06T11:16:17.437Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1175 2024-03-06T11:16:18.710Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1174 2024-03-06T11:16:20.087Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1162 2024-03-06T11:16:21.468Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1157 2024-03-06T11:16:22.823Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1148 2024-03-06T11:16:24.187Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1124 2024-03-06T11:16:25.583Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1121 2024-03-06T11:16:26.945Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1120 2024-03-06T11:16:28.335Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1111 2024-03-06T11:16:29.660Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1105 2024-03-06T11:16:31.138Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1100 2024-03-06T11:16:32.598Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-1099 2024-03-06T11:16:34.135Z 2025-04-03T14:40:37.652Z
bit-gitlab-2022-0751 2024-03-06T11:16:35.547Z 2025-04-03T14:40:37.652Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
cnvd-2025-22262 Huawei HarmonyOS virtualization file模块路径遍历漏洞 2025-08-18 2025-09-22
cnvd-2025-22261 Huawei HarmonyOS NearLink协议栈SSAP模块越界读取漏洞 2025-08-18 2025-09-22
cnvd-2025-22259 Huawei HarmonyOS distributed notification service内存错误引用漏洞 2025-08-18 2025-09-22
cnvd-2025-22258 Huawei HarmonyOS audio codec模块越界访问漏洞 2025-08-18 2025-09-22
cnvd-2025-22257 Huawei HarmonyOS ArkWeb组件认证管理类漏洞 2025-08-18 2025-09-22
cnvd-2025-22256 Huawei HarmonyOS audio codec模块数组索引验证不当漏洞 2025-08-18 2025-09-22
cnvd-2025-22255 Huawei HarmonyOS virtualization base模块竞争条件漏洞 2025-08-18 2025-09-22
cnvd-2025-22254 Huawei HarmonyOS multimodalinput模块非预期注入事件漏洞 2025-08-18 2025-09-22
cnvd-2025-22253 Huawei HarmonyOS kernel hufs模块竞争条件漏洞 2025-08-18 2025-09-22
cnvd-2025-22252 Huawei HarmonyOS ability模块不可信数据反序列化漏洞 2025-08-18 2025-09-22
cnvd-2025-22251 Huawei HarmonyOS card management模块迭代器失效漏洞 2025-08-18 2025-09-22
cnvd-2025-22250 Huawei HarmonyOS wantagent模块迭代器失效漏洞 2025-08-18 2025-09-22
cnvd-2025-22249 PDF-XChange Editor越界读取漏洞(CNVD-2025-22249) 2025-03-28 2025-09-22
cnvd-2025-22248 PDF-XChange Editor越界写入漏洞(CNVD-2025-22248) 2025-06-27 2025-09-22
cnvd-2025-22319 Wavlink WL-WN578W2授权问题漏洞 2025-09-16 2025-09-19
cnvd-2025-22318 Wavlink WL-WN578W2访问控制错误漏洞 2025-09-16 2025-09-19
cnvd-2025-22105 Art Gallery Management System changeimage3.php文件SQL注入漏洞 2025-06-27 2025-09-19
cnvd-2025-22104 Art Gallery Management System changeimage2.php文件SQL注入漏洞 2025-06-27 2025-09-19
cnvd-2025-22103 Art Gallery Management System changeimage1.php文件SQL注入漏洞 2025-06-27 2025-09-19
cnvd-2025-22102 Art Gallery Management System changeimage.php文件SQL注入漏洞 2025-06-27 2025-09-19
cnvd-2025-22101 Art Gallery Management System add-artist.php文件SQL注入漏洞 2025-06-27 2025-09-19
cnvd-2025-22100 ChanCMS服务端请求伪造漏洞 2025-09-12 2025-09-19
cnvd-2025-22099 Wavlink WL-WN578W2 sub_409184命令注入漏洞 2025-09-16 2025-09-19
cnvd-2025-22098 Wavlink WL-WN578W2 sub_404DBC函数操作系统命令注入漏洞 2025-09-16 2025-09-19
cnvd-2025-22097 Wavlink WL-WN578W2 sub_404850函数操作系统命令注入漏洞 2025-09-16 2025-09-19
cnvd-2025-22096 Wavlink WL-WN578W2 sub_401C5C函数命令注入漏洞 2025-09-16 2025-09-19
cnvd-2025-22095 Wavlink WL-WN578W2 sub_401340函数命令注入漏洞 2025-09-16 2025-09-19
cnvd-2025-22094 Gazelle跨站脚本漏洞 2025-09-16 2025-09-19
cnvd-2025-22093 Kubernetes信任管理问题漏洞 2025-09-18 2025-09-19
cnvd-2025-22092 JeeWMS跨站脚本漏洞 2025-09-18 2025-09-19
ID Description Published Updated
certfr-2022-avi-513 Multiples vulnérabilités dans Google Chrome 2022-06-01T00:00:00.000000 2022-06-01T00:00:00.000000
certfr-2022-avi-512 Multiples vulnérabilités dans Mozilla Thunderbird 2022-06-01T00:00:00.000000 2022-06-01T00:00:00.000000
certfr-2022-avi-510 Multiples vulnérabilités dans IBM QRadar 2022-06-01T00:00:00.000000 2022-06-01T00:00:00.000000
certfr-2022-avi-509 Vulnérabilité dans Elasticsearch 2022-05-31T00:00:00.000000 2022-05-31T00:00:00.000000
certfr-2022-avi-508 Vulnérabilité dans Nextcloud Server 2022-05-30T00:00:00.000000 2022-05-30T00:00:00.000000
certfr-2022-avi-507 Vulnérabilité dans Grafana 2022-05-30T00:00:00.000000 2022-05-30T00:00:00.000000
certfr-2022-avi-506 Multiples vulnérabilités dans Ruby on Rails 2022-05-30T00:00:00.000000 2022-05-30T00:00:00.000000
certfr-2022-avi-505 Multiples vulnérabilités dans Google Chrome OS 2022-05-30T00:00:00.000000 2022-05-30T00:00:00.000000
certfr-2022-avi-504 Multiples vulnérabilités dans Tenable Nessus 2022-05-27T00:00:00.000000 2022-05-27T00:00:00.000000
certfr-2022-avi-503 Vulnérabilité dans QNAP Proxy Server 2022-05-27T00:00:00.000000 2022-05-27T00:00:00.000000
certfr-2022-avi-502 Vulnérabilité dans les produits F-Secure 2022-05-27T00:00:00.000000 2022-05-27T00:00:00.000000
certfr-2022-avi-501 Vulnérabilité dans Drupal Core 2022-05-27T00:00:00.000000 2022-05-27T00:00:00.000000
certfr-2022-avi-500 Vulnérabilité dans le client ownCloud Desktop 2022-05-27T00:00:00.000000 2022-05-27T00:00:00.000000
certfr-2022-avi-499 Multiples vulnérabilités dans les produits Citrix 2022-05-27T00:00:00.000000 2022-05-27T00:00:00.000000
certfr-2022-avi-498 Vulnérabilité dans IBM Spectrum Control 2022-05-27T00:00:00.000000 2022-05-27T00:00:00.000000
certfr-2022-avi-497 Multiples vulnérabilités dans le noyau Linux de SUSE 2022-05-27T00:00:00.000000 2022-05-27T00:00:00.000000
certfr-2022-avi-496 Multiples vulnérabilités dans le noyau Linux de Red Hat 2022-05-25T00:00:00.000000 2022-05-25T00:00:00.000000
certfr-2022-avi-495 Multiples vulnérabilités dans le noyau Linux de Ubuntu 2022-05-25T00:00:00.000000 2022-05-25T00:00:00.000000
certfr-2022-avi-494 Multiples vulnérabilités dans les produits IBM 2022-05-25T00:00:00.000000 2022-05-25T00:00:00.000000
certfr-2022-avi-493 Vulnérabilité dans VMware Tools 2022-05-25T00:00:00.000000 2022-05-25T00:00:00.000000
certfr-2022-avi-492 Vulnérabilité dans le noyau Linux de Red Hat 2022-05-24T00:00:00.000000 2022-05-24T00:00:00.000000
certfr-2022-avi-491 Multiples vulnérabilités dans Google Chrome OS 2022-05-24T00:00:00.000000 2022-05-24T00:00:00.000000
certfr-2022-avi-490 Vulnérabilité dans le noyau Linux de SUSE 2022-05-24T00:00:00.000000 2022-05-24T00:00:00.000000
certfr-2022-avi-489 Multiples vulnérabilités dans IBM Spectrum Scale 2022-05-24T00:00:00.000000 2022-05-24T00:00:00.000000
certfr-2022-avi-488 Multiples vulnérabilités dans les produits F-Secure 2022-05-23T00:00:00.000000 2022-05-23T00:00:00.000000
certfr-2022-avi-487 Multiples vulnérabilités dans les produits IBM 2022-05-23T00:00:00.000000 2022-05-23T00:00:00.000000
certfr-2022-avi-486 Vulnérabilité dans le noyau Linux de SUSE 2022-05-23T00:00:00.000000 2022-05-23T00:00:00.000000
certfr-2022-avi-485 Multiples vulnérabilités dans Mozilla Thunderbird 2022-05-23T00:00:00.000000 2022-05-23T00:00:00.000000
certfr-2022-avi-484 Multiples vulnérabilités dans Mozilla Firefox et Firefox ESR 2022-05-23T00:00:00.000000 2022-05-23T00:00:00.000000
certfr-2022-avi-483 Multiples vulnérabilités dans les produits Nextcloud 2022-05-20T00:00:00.000000 2022-05-20T00:00:00.000000
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated