Recent vulnerabilities
Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-6299 |
8.8 (3.1)
|
Use after free in Prerender in Google Chrome prio… |
Google |
Chrome |
2026-04-15T19:04:47.116Z | 2026-04-16T03:55:53.177Z |
| CVE-2026-6298 |
4.3 (3.1)
|
Heap buffer overflow in Skia in Google Chrome pri… |
Google |
Chrome |
2026-04-15T19:04:46.537Z | 2026-04-15T20:25:53.459Z |
| CVE-2026-6297 |
8.3 (3.1)
|
Use after free in Proxy in Google Chrome prior to… |
Google |
Chrome |
2026-04-15T19:04:46.102Z | 2026-04-16T03:55:52.024Z |
| CVE-2026-6296 |
9.6 (3.1)
|
Heap buffer overflow in ANGLE in Google Chrome pr… |
Google |
Chrome |
2026-04-15T19:04:45.229Z | 2026-04-16T03:56:14.151Z |
| CVE-2026-40919 |
6.1 (3.1)
|
Gimp: gimp: denial of service via specially crafted se… |
Red Hat |
Red Hat Enterprise Linux 6 |
2026-04-15T18:59:16.272Z | 2026-04-15T20:01:40.521Z |
| CVE-2026-40918 |
5.5 (3.1)
|
Gimp: gimp: denial of service via crafted pvr image file |
Red Hat |
Red Hat Enterprise Linux 6 |
2026-04-15T18:59:14.823Z | 2026-04-16T14:13:39.099Z |
| CVE-2026-40917 |
5 (3.1)
|
Gimp: gimp: application crashes or information disclos… |
Red Hat |
Red Hat Enterprise Linux 6 |
2026-04-15T18:59:09.003Z | 2026-04-15T19:27:21.721Z |
| CVE-2026-40916 |
5 (3.1)
|
Gimp: gimp: denial of service due to stack buffer over… |
Red Hat |
Red Hat Enterprise Linux 6 |
2026-04-15T18:58:57.615Z | 2026-04-15T19:59:03.461Z |
| CVE-2026-40915 |
5.5 (3.1)
|
Gimp: gimp: heap buffer overflow due to integer overfl… |
Red Hat |
Red Hat Enterprise Linux 6 |
2026-04-15T18:58:52.059Z | 2026-04-15T19:32:55.287Z |
| CVE-2026-21727 |
3.3 (3.1)
|
Grafana Correlations: Cross-Tenant Data Disclosure and… |
Grafana |
Grafana Correlations |
2026-04-15T18:57:25.185Z | 2026-04-15T19:57:25.515Z |
| CVE-2026-5189 |
9.2 (4.0)
|
Nexus Repository 3 - Hardcoded Credential in Internal … |
Sonatype |
Nexus Repository |
2026-04-15T18:43:32.166Z | 2026-04-16T10:01:24.305Z |
| CVE-2026-33667 |
7.4 (3.1)
|
OpenProject: 2FA OTP Verification Missing Rate Limiting |
opf |
openproject |
2026-04-15T18:43:14.130Z | 2026-04-15T20:00:14.503Z |
| CVE-2026-40256 |
5 (3.1)
|
Weblate: Prefix-Based Repository Boundary Check Bypass… |
WeblateOrg |
weblate |
2026-04-15T18:36:44.975Z | 2026-04-16T14:11:15.386Z |
| CVE-2026-34632 |
8.2 (3.1)
|
Photoshop Installer | CWE-427: Uncontrolled Search Pat… |
Adobe |
Adobe Photoshop Installer |
2026-04-15T18:35:52.192Z | 2026-04-16T03:55:40.701Z |
| CVE-2026-6245 |
5.5 (3.1)
|
Sssd: out-of-bounds read in the sssd |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-04-15T18:35:19.401Z | 2026-04-15T20:01:50.488Z |
| CVE-2026-39845 |
4.1 (3.1)
|
Weblate: SSRF via the webhook add-on using unprotected… |
WeblateOrg |
weblate |
2026-04-15T18:26:51.706Z | 2026-04-15T20:01:56.793Z |
| CVE-2026-34393 |
8.8 (3.1)
|
Weblate: Privilege escalation in the user API endpoint |
WeblateOrg |
weblate |
2026-04-15T18:24:30.813Z | 2026-04-15T18:38:53.920Z |
| CVE-2026-34244 |
5 (3.1)
|
Weblate: SSRF via Project-Level Machinery Configuration |
WeblateOrg |
weblate |
2026-04-15T18:22:42.551Z | 2026-04-15T18:50:10.569Z |
| CVE-2026-6383 |
5.4 (3.1)
|
Kubevirt: kubevirt: unauthorized subresource access du… |
Red Hat |
Red Hat OpenShift Virtualization 4 |
2026-04-15T18:22:30.589Z | 2026-04-15T18:40:31.052Z |
| CVE-2026-34242 |
7.7 (3.1)
|
Weblate: Arbitrary File Read via Symlink |
WeblateOrg |
weblate |
2026-04-15T18:19:59.552Z | 2026-04-15T20:02:06.899Z |
| CVE-2026-33440 |
5 (3.1)
|
Weblate: Authenticated SSRF via redirect bypass of ALL… |
WeblateOrg |
weblate |
2026-04-15T18:15:12.560Z | 2026-04-15T18:49:25.077Z |
| CVE-2026-33435 |
8.1 (3.1)
|
Weblate: Remote code execution during backup restoration |
WeblateOrg |
weblate |
2026-04-15T18:13:07.568Z | 2026-04-15T18:40:27.204Z |
| CVE-2026-4857 |
8.4 (3.1)
|
SailPoint IdentityIQ Debug UI Incorrect Authorization |
SailPoint Technologies |
IdentityIQ |
2026-04-15T18:08:45.737Z | 2026-04-16T03:55:39.481Z |
| CVE-2026-33220 |
6.8 (3.1)
|
Weblate: JavaScript localization CDN add-on allows arb… |
WeblateOrg |
weblate |
2026-04-15T18:03:40.728Z | 2026-04-16T14:10:15.340Z |
| CVE-2026-33214 |
4.3 (3.1)
|
Weblate has improper access control for the translatio… |
WeblateOrg |
weblate |
2026-04-15T17:51:46.812Z | 2026-04-15T20:02:14.057Z |
| CVE-2026-33212 |
3.1 (3.1)
|
Weblate: Improper access control for pending tasks in API |
WeblateOrg |
weblate |
2026-04-15T17:48:17.842Z | 2026-04-15T18:09:01.991Z |
| CVE-2026-6290 |
8 (3.1)
|
Velociraptor Query() Plugin Misapplies Permissions To Orgs |
Rapid7 |
Velociraptor |
2026-04-15T17:29:04.306Z | 2026-04-16T03:55:38.112Z |
| CVE-2026-32631 |
7.4 (3.1)
|
Git for Windows: `git clone` from manipulated reposito… |
git-for-windows |
git |
2026-04-15T17:26:44.154Z | 2026-04-15T18:44:04.155Z |
| CVE-2026-5758 |
6.5 (3.1)
|
Mafintosh's protocol-buffers-schema is vulnerable to p… |
Mafintosh |
Protocol-buffers-schema parser |
2026-04-15T17:20:13.551Z | 2026-04-15T18:55:45.526Z |
| CVE-2025-15610 |
9.3 (4.0)
|
Deserialization of untrusted data vulnerability i… |
OpenText, Inc |
RightFax |
2026-04-15T16:31:53.959Z | 2026-04-15T17:32:31.254Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-40917 |
5 (3.1)
|
Gimp: gimp: application crashes or information disclos… |
Red Hat |
Red Hat Enterprise Linux 6 |
2026-04-15T18:59:09.003Z | 2026-04-15T19:27:21.721Z |
| CVE-2026-40916 |
5 (3.1)
|
Gimp: gimp: denial of service due to stack buffer over… |
Red Hat |
Red Hat Enterprise Linux 6 |
2026-04-15T18:58:57.615Z | 2026-04-15T19:59:03.461Z |
| CVE-2026-40915 |
5.5 (3.1)
|
Gimp: gimp: heap buffer overflow due to integer overfl… |
Red Hat |
Red Hat Enterprise Linux 6 |
2026-04-15T18:58:52.059Z | 2026-04-15T19:32:55.287Z |
| CVE-2026-39857 |
5.3 (3.1)
|
Information Disclosure via `choices`/`counts` Query Pa… |
apostrophecms |
apostrophe |
2026-04-15T19:38:57.564Z | 2026-04-16T13:40:17.710Z |
| CVE-2026-35569 |
8.7 (3.1)
|
ApostropheCMS: Stored XSS in SEO Fields Leads to Authe… |
apostrophecms |
apostrophe |
2026-04-15T19:34:23.648Z | 2026-04-16T14:14:58.325Z |
| CVE-2026-33889 |
5.4 (3.1)
|
ApostropheCMS: Stored XSS via CSS Custom Property Inje… |
apostrophecms |
apostrophe |
2026-04-15T19:29:50.899Z | 2026-04-16T12:05:17.734Z |
| CVE-2026-33888 |
5.3 (3.1)
|
ApostropheCMS: publicApiProjection Bypass via `project… |
apostrophecms |
apostrophe |
2026-04-15T19:25:46.262Z | 2026-04-15T20:03:30.594Z |
| CVE-2026-33877 |
3.7 (3.1)
|
ApostropheCMS: User Enumeration via Timing Side Channe… |
apostrophecms |
apostrophe |
2026-04-15T19:11:06.796Z | 2026-04-15T19:30:53.040Z |
| CVE-2026-21727 |
3.3 (3.1)
|
Grafana Correlations: Cross-Tenant Data Disclosure and… |
Grafana |
Grafana Correlations |
2026-04-15T18:57:25.185Z | 2026-04-15T19:57:25.515Z |
| CVE-2026-21726 |
5.3 (3.1)
|
Loki Path Traversal - CVE-2021-36156 Bypass |
Grafana |
Loki |
2026-04-15T19:24:31.268Z | 2026-04-15T20:01:33.375Z |
| CVE-2025-41118 |
9.1 (3.1)
|
Sensitive COS `SecretKey` exposed in plaintext via con… |
Grafana |
Pyroscope |
2026-04-15T19:15:17.689Z | 2026-04-15T19:33:10.329Z |
| CVE-2026-6383 |
5.4 (3.1)
|
Kubevirt: kubevirt: unauthorized subresource access du… |
Red Hat |
Red Hat OpenShift Virtualization 4 |
2026-04-15T18:22:30.589Z | 2026-04-15T18:40:31.052Z |
| CVE-2026-6245 |
5.5 (3.1)
|
Sssd: out-of-bounds read in the sssd |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-04-15T18:35:19.401Z | 2026-04-15T20:01:50.488Z |
| CVE-2026-5189 |
9.2 (4.0)
|
Nexus Repository 3 - Hardcoded Credential in Internal … |
Sonatype |
Nexus Repository |
2026-04-15T18:43:32.166Z | 2026-04-16T10:01:24.305Z |
| CVE-2026-4857 |
8.4 (3.1)
|
SailPoint IdentityIQ Debug UI Incorrect Authorization |
SailPoint Technologies |
IdentityIQ |
2026-04-15T18:08:45.737Z | 2026-04-16T03:55:39.481Z |
| CVE-2026-40256 |
5 (3.1)
|
Weblate: Prefix-Based Repository Boundary Check Bypass… |
WeblateOrg |
weblate |
2026-04-15T18:36:44.975Z | 2026-04-16T14:11:15.386Z |
| CVE-2026-39845 |
4.1 (3.1)
|
Weblate: SSRF via the webhook add-on using unprotected… |
WeblateOrg |
weblate |
2026-04-15T18:26:51.706Z | 2026-04-15T20:01:56.793Z |
| CVE-2026-34632 |
8.2 (3.1)
|
Photoshop Installer | CWE-427: Uncontrolled Search Pat… |
Adobe |
Adobe Photoshop Installer |
2026-04-15T18:35:52.192Z | 2026-04-16T03:55:40.701Z |
| CVE-2026-34393 |
8.8 (3.1)
|
Weblate: Privilege escalation in the user API endpoint |
WeblateOrg |
weblate |
2026-04-15T18:24:30.813Z | 2026-04-15T18:38:53.920Z |
| CVE-2026-34244 |
5 (3.1)
|
Weblate: SSRF via Project-Level Machinery Configuration |
WeblateOrg |
weblate |
2026-04-15T18:22:42.551Z | 2026-04-15T18:50:10.569Z |
| CVE-2026-34242 |
7.7 (3.1)
|
Weblate: Arbitrary File Read via Symlink |
WeblateOrg |
weblate |
2026-04-15T18:19:59.552Z | 2026-04-15T20:02:06.899Z |
| CVE-2026-33667 |
7.4 (3.1)
|
OpenProject: 2FA OTP Verification Missing Rate Limiting |
opf |
openproject |
2026-04-15T18:43:14.130Z | 2026-04-15T20:00:14.503Z |
| CVE-2026-33440 |
5 (3.1)
|
Weblate: Authenticated SSRF via redirect bypass of ALL… |
WeblateOrg |
weblate |
2026-04-15T18:15:12.560Z | 2026-04-15T18:49:25.077Z |
| CVE-2026-33435 |
8.1 (3.1)
|
Weblate: Remote code execution during backup restoration |
WeblateOrg |
weblate |
2026-04-15T18:13:07.568Z | 2026-04-15T18:40:27.204Z |
| CVE-2026-33220 |
6.8 (3.1)
|
Weblate: JavaScript localization CDN add-on allows arb… |
WeblateOrg |
weblate |
2026-04-15T18:03:40.728Z | 2026-04-16T14:10:15.340Z |
| CVE-2026-6290 |
8 (3.1)
|
Velociraptor Query() Plugin Misapplies Permissions To Orgs |
Rapid7 |
Velociraptor |
2026-04-15T17:29:04.306Z | 2026-04-16T03:55:38.112Z |
| CVE-2026-5758 |
6.5 (3.1)
|
Mafintosh's protocol-buffers-schema is vulnerable to p… |
Mafintosh |
Protocol-buffers-schema parser |
2026-04-15T17:20:13.551Z | 2026-04-15T18:55:45.526Z |
| CVE-2026-33214 |
4.3 (3.1)
|
Weblate has improper access control for the translatio… |
WeblateOrg |
weblate |
2026-04-15T17:51:46.812Z | 2026-04-15T20:02:14.057Z |
| CVE-2026-33212 |
3.1 (3.1)
|
Weblate: Improper access control for pending tasks in API |
WeblateOrg |
weblate |
2026-04-15T17:48:17.842Z | 2026-04-15T18:09:01.991Z |
| CVE-2026-32631 |
7.4 (3.1)
|
Git for Windows: `git clone` from manipulated reposito… |
git-for-windows |
git |
2026-04-15T17:26:44.154Z | 2026-04-15T18:44:04.155Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-fwhx-4vqr-m9gj |
6.5 (3.1)
7.1 (4.0)
|
OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gate… | 2026-04-16T03:31:06Z | 2026-04-16T03:31:06Z |
| ghsa-99qg-46r6-v9px |
6.4 (3.1)
|
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-S… | 2026-04-16T03:31:06Z | 2026-04-16T03:31:06Z |
| ghsa-6v5j-prr3-phf9 |
9.8 (3.1)
9.3 (4.0)
|
MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing… | 2026-04-16T03:31:06Z | 2026-04-16T03:31:06Z |
| ghsa-6v58-5584-rv99 |
8.1 (3.1)
|
Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least o… | 2026-04-16T03:31:06Z | 2026-04-16T03:31:06Z |
| ghsa-49h6-4qj3-4f42 |
5.4 (4.0)
|
A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Cente… | 2026-04-16T03:31:06Z | 2026-04-16T03:31:06Z |
| ghsa-48wr-p98v-9w5h |
4.9 (3.1)
|
FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryp… | 2026-04-16T03:31:06Z | 2026-04-16T03:31:06Z |
| ghsa-3r49-76f3-pf2m |
9.8 (3.1)
9.3 (4.0)
|
Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec … | 2026-04-16T03:31:06Z | 2026-04-16T03:31:06Z |
| ghsa-9w66-jgph-vx6j |
8.8 (3.1)
8.7 (4.0)
|
OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote g… | 2026-04-16T03:31:05Z | 2026-04-16T03:31:05Z |
| ghsa-7rhq-9q45-5gm4 |
8.4 (4.0)
|
radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print… | 2026-04-16T03:31:05Z | 2026-04-16T03:31:05Z |
| ghsa-6f54-qjvm-wwq3 |
5.1 (4.0)
|
wger has Stored XSS via Unescaped License Attribution Fields | 2026-04-16T01:37:21Z | 2026-04-16T01:37:21Z |
| ghsa-xppv-4jrx-qf8m |
7.6 (3.1)
|
wger has Broken Access Control in Global Gym Configuration Update Endpoint | 2026-04-16T01:35:16Z | 2026-04-16T01:35:16Z |
| ghsa-5vjq-5jmg-39xq |
6.3 (3.1)
|
Renovate affected by remote code execution was possible using the bazel-module or bazelisk managers… | 2026-04-16T01:34:39Z | 2026-04-16T01:34:40Z |
| ghsa-hm2w-vr2p-hq7w |
9.8 (3.1)
|
UEFI Firmware Parser has a heap out-of-bounds write in tiano decompressor ReadCLen | 2026-04-16T01:31:09Z | 2026-04-16T01:31:09Z |
| ghsa-2689-5p89-6j3j |
9.8 (3.1)
|
UEFI Firmware Parser has a stack out-of-bounds write in tiano decompressor MakeTable | 2026-04-16T01:30:48Z | 2026-04-16T01:30:48Z |
| ghsa-mp82-fmj6-f22v |
4.8 (3.1)
|
pyLoad has a Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Glo… | 2026-04-16T01:20:49Z | 2026-04-16T01:21:32Z |
| ghsa-rr7j-v2q5-chgv |
5.3 (3.1)
|
LangSmith SDK: Streaming token events bypass output redaction | 2026-04-16T01:20:37Z | 2026-04-16T01:20:37Z |
| ghsa-vp22-38m5-r39r |
6.9 (4.0)
|
PySpector has a Plugin Code Execution Bypass via Incomplete Static Analysis in PluginSecurity.valid… | 2026-04-16T01:09:17Z | 2026-04-16T01:09:17Z |
| ghsa-gvvw-8j96-8g5r |
9.8 (3.1)
|
MsQuic has a Remote Elevation of Privilege Vulnerability | 2026-04-16T01:04:03Z | 2026-04-16T01:04:03Z |
| ghsa-6hw5-45gm-fj88 |
9.1 (4.0)
|
@fastify/express has a middleware authentication bypass via URL normalization gaps (duplicate slash… | 2026-04-16T01:03:46Z | 2026-04-16T01:03:46Z |
| ghsa-hrwm-hgmj-7p9c |
9.1 (3.1)
|
@fastify/express's middleware path doubling causes authentication bypass in child plugin scopes | 2026-04-16T01:03:25Z | 2026-04-16T01:03:25Z |
| ghsa-gwhp-pf74-vj37 |
9.0 (4.0)
|
Fastify's connection header abuse enables stripping of proxy-added headers | 2026-04-16T01:02:59Z | 2026-04-16T01:02:59Z |
| ghsa-33r3-4whc-44c2 |
8.4 (4.0)
|
Path traversal in vite-plus/binding downloadPackageManager() writes outside VP_HOME | 2026-04-16T01:02:48Z | 2026-04-16T01:02:48Z |
| ghsa-458j-xx4x-4375 |
4.3 (3.1)
|
hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx SSR | 2026-04-16T01:02:24Z | 2026-04-16T01:02:24Z |
| ghsa-w59f-67xm-rxx7 |
9.9 (3.1)
|
Froxlor has Local File Inclusion via path traversal in API `def_language` parameter leads to Remote… | 2026-04-16T01:02:12Z | 2026-04-16T01:02:12Z |
| ghsa-r35r-mrc6-xgfp |
5.4 (4.0)
|
Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allo… | 2026-04-16T00:54:04Z | 2026-04-16T00:54:04Z |
| ghsa-p8x8-wgf2-jrjm |
9.8 (3.1)
|
The Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale… | 2026-04-16T00:54:04Z | 2026-04-16T00:54:04Z |
| ghsa-mx9c-q7m4-fm97 |
9.1 (3.1)
|
A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions t… | 2026-04-16T00:54:04Z | 2026-04-16T00:54:04Z |
| ghsa-hm98-22vr-c62v |
5.1 (4.0)
|
Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a us… | 2026-04-16T00:54:04Z | 2026-04-16T00:54:04Z |
| ghsa-gmwr-9j4p-96vm |
6.8 (3.1)
6.1 (4.0)
|
ProcessWire: server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature | 2026-04-16T00:54:04Z | 2026-04-16T22:28:24Z |
| ghsa-9wp3-36f6-c335 |
4.3 (3.1)
|
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict … | 2026-04-16T00:54:04Z | 2026-04-16T00:54:04Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2023-204 |
4.3 (3.1)
|
Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an … | apache-airflow | 2023-10-14T10:15:00+00:00 | 2023-10-18T20:24:08.594791+00:00 |
| pysec-2023-203 |
6.5 (3.1)
|
Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows… | apache-airflow | 2023-10-14T10:15:00+00:00 | 2023-10-18T20:24:08.541134+00:00 |
| pysec-2023-202 |
6.5 (3.1)
|
Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows au… | apache-airflow | 2023-10-14T10:15:00+00:00 | 2023-10-18T20:24:08.482939+00:00 |
| pysec-2023-197 |
|
Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user… | apache-airflow | 2023-10-14T10:15:00+00:00 | 2023-10-14T12:46:00.410542+00:00 |
| pysec-2023-201 |
4.3 (3.1)
|
vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/colla… | vantage6 | 2023-10-11T20:15:00+00:00 | 2023-10-18T05:26:18.202930+00:00 |
| pysec-2023-200 |
4.3 (3.1)
|
vantage6 is privacy preserving federated learning infrastructure. When a collaboration is… | vantage6 | 2023-10-11T20:15:00+00:00 | 2023-10-18T05:26:18.112311+00:00 |
| pysec-2023-198 |
5.4 (3.1)
|
vantage6 is privacy preserving federated learning infrastructure. Prior to version 4.0.0,… | vantage6-node | 2023-10-11T20:15:00+00:00 | 2023-10-17T18:31:16.643410+00:00 |
| pysec-2023-196 |
7.2 (3.1)
|
vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0… | vantage6 | 2023-10-11T18:15:00+00:00 | 2023-10-13T22:28:56.802294+00:00 |
| pysec-2023-199 |
4.9 (3.1)
|
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foun… | matrix-synapse | 2023-10-10T18:15:00+00:00 | 2023-10-17T22:26:17.611846+00:00 |
| pysec-2023-194 |
9.8 (3.1)
|
langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and exe… | langchain-experimental | 2023-10-09T20:15:00Z | 2025-02-23T07:46:11Z |
| pysec-2023-195 |
6.5 (3.1)
|
OctoPrint is a web interface for 3D printers. OctoPrint versions up until and including 1… | octoprint | 2023-10-09T16:15:00+00:00 | 2023-10-13T20:25:14.968230+00:00 |
| pysec-2023-193 |
4.8 (3.1)
|
Zope is an open-source web application server. The title property, available on most Zope… | zope | 2023-10-04T21:15:00+00:00 | 2023-10-10T20:21:16.174482+00:00 |
| pysec-2023-192 |
8.1 (3.1)
|
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Coo… | urllib3 | 2023-10-04T17:15:00+00:00 | 2023-10-10T14:28:19.389317+00:00 |
| pysec-2023-190 |
7.5 (3.1)
|
Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) s… | asyncua | 2023-10-03T05:15:00+00:00 | 2023-10-04T18:37:48.407821+00:00 |
| pysec-2023-189 |
7.5 (3.1)
|
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication s… | asyncua | 2023-10-03T05:15:00+00:00 | 2023-10-04T18:37:48.328804+00:00 |
| pysec-2023-187 |
|
An issue was discovered in pretix before 2023.7.1. Incorrect parsing of configuration fil… | pretix | 2023-10-02T20:15:00+00:00 | 2023-10-02T22:26:51.461030+00:00 |
| pysec-2023-183 |
|
opencv-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulne… | opencv-python | 2023-09-29T21:15:28.039030+00:00 | |
| pysec-2023-184 |
|
opencv-python-headless versions before v4.8.1.78 bundled libwebp binaries in wheels that … | opencv-python-headless | 2023-09-29T21:15:27.980982+00:00 | |
| pysec-2023-181 |
|
opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that a… | opencv-contrib-python | 2023-09-29T21:15:27.924031+00:00 | |
| pysec-2023-182 |
|
opencv-contrib-python-headless versions before v4.8.1.78 bundled libwebp binaries in whee… | opencv-contrib-python-headless | 2023-09-29T21:15:27.863960+00:00 | |
| pysec-2023-188 |
7.5 (3.1)
|
When deserializing untrusted or corrupted data, it is possible for a reader to consume me… | avro | 2023-09-29T17:15:00+00:00 | 2023-10-03T22:26:25.361706+00:00 |
| pysec-2023-186 |
8.8 (3.1)
|
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffwe… | rdiffweb | 2023-09-29T14:15:00+00:00 | 2023-10-02T20:24:26.790735+00:00 |
| pysec-2023-179 |
|
This affects versions of the package pydash before 6.0.0. A number of pydash methods such… | pydash | 2023-09-28T05:15:00+00:00 | 2023-09-28T10:29:02.604249+00:00 |
| pysec-2023-191 |
7.5 (3.1)
|
Vyper is a Pythonic Smart Contract Language for the EVM. The `_abi_decode()` function doe… | vyper | 2023-09-27T15:19:00+00:00 | 2023-10-04T20:26:42.494872+00:00 |
| pysec-2023-185 |
3.7 (3.1)
|
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foun… | matrix-synapse | 2023-09-27T15:19:00+00:00 | 2023-09-30T05:24:54.158504+00:00 |
| pysec-2023-180 |
4.3 (3.1)
|
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foun… | matrix-synapse | 2023-09-27T15:19:00+00:00 | 2023-09-29T20:23:39.578838+00:00 |
| pysec-2023-175 |
|
Pillow versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to … | pillow | 2023-09-25T17:25:13.946374Z | |
| pysec-2023-177 |
|
An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges … | gevent | 2023-09-25T12:15:00+00:00 | 2023-09-25T14:28:09.019811+00:00 |
| pysec-2023-310 |
7.5 (3.1)
|
Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NO… | mobsf | 2023-09-21T22:15:11+00:00 | 2025-04-09T17:27:26.663665+00:00 |
| pysec-2023-311 |
5.4 (3.1)
|
plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depen… | plone-namedfile | 2023-09-21T15:15:10+00:00 | 2025-04-09T17:27:27.153848+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-2494 | Malicious code in databasetapes (PyPI) | 2026-04-05T19:35:23Z | 2026-04-16T07:40:04Z |
| mal-2026-2492 | Malicious code in admin0911 (npm) | 2026-04-05T15:30:57Z | 2026-04-14T01:05:14Z |
| mal-2026-2491 | Malicious code in @not-nemo/crypto-tracker (npm) | 2026-04-05T13:50:03Z | 2026-04-20T00:45:38Z |
| mal-2026-2716 | Malicious code in @needl-ai/common (npm) | 2026-04-05T09:03:43Z | 2026-04-20T00:45:38Z |
| mal-2026-2489 | Malicious code in databaserobooms (PyPI) | 2026-04-04T22:24:16Z | 2026-04-16T07:40:04Z |
| mal-2026-2490 | Malicious code in databaserotacos (PyPI) | 2026-04-04T22:03:00Z | 2026-04-16T07:40:04Z |
| mal-2026-2488 | Malicious code in photo-extractor (PyPI) | 2026-04-04T16:41:48Z | 2026-04-04T16:41:48Z |
| mal-2026-2487 | Malicious code in discord-request (PyPI) | 2026-04-04T12:56:18Z | 2026-04-04T12:56:18Z |
| mal-2026-2486 | Malicious code in gangomodule (PyPI) | 2026-04-04T12:01:55Z | 2026-04-04T12:01:55Z |
| mal-2026-2452 | Malicious code in strapi-plugin-blurhash (npm) | 2026-04-03T19:10:29Z | 2026-04-07T16:38:18Z |
| mal-2026-2450 | Malicious code in strapi-plugin-advanced-uuid (npm) | 2026-04-03T19:10:26Z | 2026-04-07T16:38:18Z |
| mal-2026-2463 | Malicious code in strapi-plugin-guardarian-ext (npm) | 2026-04-03T19:10:23Z | 2026-04-07T16:38:18Z |
| mal-2026-2465 | Malicious code in strapi-plugin-health-check (npm) | 2026-04-03T19:10:19Z | 2026-04-07T16:38:18Z |
| mal-2026-2459 | Malicious code in strapi-plugin-debug-tools (npm) | 2026-04-03T19:10:16Z | 2026-04-07T16:38:18Z |
| mal-2026-2455 | Malicious code in strapi-plugin-content-sync (npm) | 2026-04-03T19:09:53Z | 2026-04-07T16:38:18Z |
| mal-2026-2453 | Malicious code in strapi-plugin-cms-tools (npm) | 2026-04-03T19:09:34Z | 2026-04-07T16:38:18Z |
| mal-2026-2466 | Malicious code in strapi-plugin-hextest (npm) | 2026-04-03T19:09:14Z | 2026-04-07T16:38:18Z |
| mal-2026-2461 | Malicious code in strapi-plugin-finseven (npm) | 2026-04-03T19:08:49Z | 2026-04-07T16:38:18Z |
| mal-2026-2471 | Malicious code in strapi-plugin-nordica (npm) | 2026-04-03T19:08:46Z | 2026-04-07T16:38:18Z |
| mal-2026-2474 | Malicious code in strapi-plugin-nordica-deep (npm) | 2026-04-03T19:06:00Z | 2026-04-07T16:38:18Z |
| mal-2026-2480 | Malicious code in strapi-plugin-nordica-vhost (npm) | 2026-04-03T19:05:57Z | 2026-04-07T16:38:18Z |
| mal-2026-2477 | Malicious code in strapi-plugin-nordica-stage (npm) | 2026-04-03T19:05:39Z | 2026-04-07T16:38:18Z |
| mal-2026-2476 | Malicious code in strapi-plugin-nordica-recon (npm) | 2026-04-03T19:05:26Z | 2026-04-07T16:38:18Z |
| mal-2026-2472 | Malicious code in strapi-plugin-nordica-api (npm) | 2026-04-03T19:05:08Z | 2026-04-07T16:38:18Z |
| mal-2026-2473 | Malicious code in strapi-plugin-nordica-cms (npm) | 2026-04-03T19:04:49Z | 2026-04-07T16:38:18Z |
| mal-2026-2478 | Malicious code in strapi-plugin-nordica-sync (npm) | 2026-04-03T19:04:46Z | 2026-04-07T16:38:18Z |
| mal-2026-2475 | Malicious code in strapi-plugin-nordica-lite (npm) | 2026-04-03T19:04:32Z | 2026-04-07T16:38:18Z |
| mal-2026-2479 | Malicious code in strapi-plugin-nordica-tools (npm) | 2026-04-03T19:04:28Z | 2026-04-07T16:38:18Z |
| mal-2026-2484 | Malicious code in strapi-plugin-sitemap-gen (npm) | 2026-04-03T19:04:21Z | 2026-04-07T16:38:18Z |
| mal-2026-2468 | Malicious code in strapi-plugin-locale (npm) | 2026-04-03T17:28:57Z | 2026-04-07T16:38:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2940 | Pega Platform: Schwachstelle ermöglicht Codeausführung | 2025-12-30T23:00:00.000+00:00 | 2025-12-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2939 | Dell Computer: Mehrere Schwachstellen | 2025-12-30T23:00:00.000+00:00 | 2025-12-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2938 | Arista EOS: Schwachstelle ermöglicht Denial of Service | 2025-12-30T23:00:00.000+00:00 | 2026-01-06T23:00:00.000+00:00 |
| wid-sec-w-2025-2937 | Moxa NPort 5000 Series: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-30T23:00:00.000+00:00 | 2025-12-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2936 | LangChain: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2025-12-29T23:00:00.000+00:00 | 2026-03-03T23:00:00.000+00:00 |
| wid-sec-w-2025-2935 | wget: Mehrere Schwachstellen | 2025-12-29T23:00:00.000+00:00 | 2026-01-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2934 | ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-29T23:00:00.000+00:00 | 2026-01-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2933 | binutils: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-29T23:00:00.000+00:00 | 2025-12-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2932 | Nagios Enterprises Nagios XI: Mehrere Schwachstellen | 2025-12-29T23:00:00.000+00:00 | 2025-12-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2931 | GIMP: Schwachstelle ermöglicht Codeausführung | 2025-12-29T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2929 | Linux Kernel: Mehrere Schwachstellen | 2025-12-28T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2025-2928 | GnuPG: Mehrere Schwachstellen | 2025-12-28T23:00:00.000+00:00 | 2026-03-03T23:00:00.000+00:00 |
| wid-sec-w-2025-2927 | NetApp ActiveIQ Unified Manager: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-28T23:00:00.000+00:00 | 2025-12-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2926 | Eaton UPS Companion Software: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-12-28T23:00:00.000+00:00 | 2025-12-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2925 | Gitea: Mehrere Schwachstellen | 2025-12-28T23:00:00.000+00:00 | 2025-12-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2924 | Sitecore Experience Manager: Schwachstelle ermöglicht Codeausführung | 2025-12-28T23:00:00.000+00:00 | 2025-12-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2923 | GStreamer: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-28T23:00:00.000+00:00 | 2025-12-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2922 | NetApp Data ONTAP: Schwachstelle ermöglicht Denial of Service | 2025-12-28T23:00:00.000+00:00 | 2025-12-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2921 | Cacti: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2025-12-28T23:00:00.000+00:00 | 2025-12-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2920 | Linux Kernel: Mehrere Schwachstellen | 2025-12-23T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2025-2919 | Eaton UPS Companion Software: Schwachstelle ermöglicht Codeausführung | 2025-12-23T23:00:00.000+00:00 | 2025-12-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2918 | Linksys E5600 Router: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-12-23T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2917 | Linksys E9450-SG Router: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen und Ausführen von beliebigem Programmcode mit Administratorrechten | 2025-12-23T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2916 | Net-SNMP: Schwachstelle ermöglicht Codeausführung und DoS | 2025-12-23T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2025-2915 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-23T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2025-2914 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-22T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2025-2913 | Mattermost: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-22T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2912 | D-LINK Router: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-22T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2911 | Synacor Zimbra: Mehrere Schwachstellen | 2025-12-22T23:00:00.000+00:00 | 2026-01-05T23:00:00.000+00:00 |
| wid-sec-w-2025-2910 | Hitachi Ops Center: Mehrere Schwachstellen | 2025-12-22T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-168-01 | Siemens Mendix Studio Pro | 2025-06-12T00:00:00.000000Z | 2025-07-08T00:00:00.000000Z |
| icsma-25-160-01 | MicroDicom DICOM Viewer | 2025-06-10T06:00:00.000000Z | 2025-06-10T06:00:00.000000Z |
| icsa-25-160-01 | SinoTrack GPS Receiver | 2025-06-10T05:00:00.000000Z | 2025-06-10T05:00:00.000000Z |
| icsa-25-175-04 | Schneider Electric EVLink WallBox (Update A) | 2025-06-10T04:00:00.000000Z | 2025-07-08T04:00:00.000000Z |
| icsa-25-175-03 | Schneider Electric Modicon Controllers (Update A) | 2025-06-10T04:00:00.000000Z | 2025-07-08T04:00:00.000000Z |
| icsa-25-162-06 | Siemens Energy Services | 2025-06-10T00:00:00.000000Z | 2025-06-10T00:00:00.000000Z |
| icsa-25-162-05 | Siemens SIMATIC S7-1500 CPU Family | 2025-06-10T00:00:00.000000Z | 2026-03-12T06:00:00.000000Z |
| icsa-25-162-04 | Siemens SCALANCE and RUGGEDCOM | 2025-06-10T00:00:00.000000Z | 2026-01-14T22:05:41.593078Z |
| icsa-25-162-03 | Siemens SCALANCE and RUGGEDCOM | 2025-06-10T00:00:00.000000Z | 2025-06-10T00:00:00.000000Z |
| icsa-25-162-02 | Siemens RUGGEDCOM APE1808 | 2025-06-10T00:00:00.000000Z | 2026-03-12T06:00:00.000000Z |
| icsa-25-162-01 | Siemens Tecnomatix Plant Simulation | 2025-06-10T00:00:00.000000Z | 2025-06-10T00:00:00.000000Z |
| icsa-25-155-01 | CyberData 011209 SIP Emergency Intercom | 2025-06-05T06:00:00.000000Z | 2025-06-05T06:00:00.000000Z |
| icsa-25-153-03 | Mitsubishi Electric MELSEC iQ-F Series | 2025-06-03T06:00:00.000000Z | 2025-06-03T06:00:00.000000Z |
| icsa-25-153-01 | Schneider Electric Wiser Home Automation | 2025-06-03T06:00:00.000000Z | 2025-06-03T06:00:00.000000Z |
| icsma-25-148-01 | Santesoft Sante DICOM Viewer Pro | 2025-05-29T06:00:00.000000Z | 2025-05-29T06:00:00.000000Z |
| icsa-25-148-04 | Instantel Micromate (Update A) | 2025-05-29T06:00:00.000000Z | 2025-08-07T06:00:00.000000Z |
| icsa-25-148-03 | Consilium Safety CS5000 Fire Panel (Update A) | 2025-05-29T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| va-25-147-01 | Craft CMS stores user-provided content session files | 2025-05-28T20:57:43Z | 2025-05-28T20:57:43Z |
| va-25-148-01 | ZKTeco BioTime multiple vulnerabilities | 2025-05-28T15:28:55Z | 2025-05-28T15:28:55Z |
| icsa-25-146-01 | Johnson Controls iSTAR Configuration Utility (ICU) tool | 2025-05-27T06:00:00.000000Z | 2025-05-27T06:00:00.000000Z |
| icsa-25-148-01 | Siemens SiPass | 2025-05-23T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-142-02 | Rockwell Automation FactoryTalk Historian ThingWorx | 2025-05-22T06:00:00.000000Z | 2025-05-22T06:00:00.000000Z |
| icsa-25-142-01 | Lantronix Device Installer | 2025-05-22T06:00:00.000000Z | 2025-05-22T06:00:00.000000Z |
| icsa-25-140-11 | Assured Telematics Inc (ATI) Fleet Management System (Update A) | 2025-05-20T06:00:00.000000Z | 2025-06-10T06:00:00.000000Z |
| icsa-25-140-10 | Vertiv Liebert RDU101 and UNITY | 2025-05-20T06:00:00.000000Z | 2025-05-20T06:00:00.000000Z |
| icsa-25-140-09 | AutomationDirect MB-Gateway | 2025-05-20T06:00:00.000000Z | 2025-05-20T06:00:00.000000Z |
| icsa-25-140-03 | Danfoss AK-SM 8xxA Series (Update A) | 2025-05-20T06:00:00.000000Z | 2025-08-26T06:00:00.000000Z |
| icsa-25-140-02 | National Instruments Circuit Design Suite | 2025-05-20T06:00:00.000000Z | 2025-05-20T06:00:00.000000Z |
| icsa-25-140-01 | ABUP IoT Cloud Platform | 2025-05-20T06:00:00.000000Z | 2025-05-20T06:00:00.000000Z |
| icsa-25-140-04 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update F) | 2025-05-20T04:00:00.000000Z | 2026-04-07T05:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-isis-sgjyouhx | Cisco IOS and IOS XE Software Intermediate System-to-Intermediate System Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-iosxe-wlc-privesc-rjsmrmpk | Cisco IOS XE Software for Wireless LAN Controllers Privilege Escalation Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-iosxe-utd-cmd-jbl8kvht | Cisco IOS XE Software Unified Threat Defense Command Injection Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-04-02T20:11:04+00:00 |
| cisco-sa-iosxe-priv-esc-seax6nlx | Cisco IOS XE Software Privilege Escalation Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-iosxe-ospf-dos-dr9sfrxp | Cisco IOS XE Software OSPFv2 Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-ios-xe-sda-edge-dos-qzwuwxwg | Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-ios-dos-hq4d3tzg | Cisco IOS Software for Catalyst 6000 Series Switches Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-04-04T15:31:55+00:00 |
| cisco-sa-ikev1-no2ccfwz | Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerabilities | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-dmi-acl-bypass-xv8fo8vz | Cisco IOS XE Software NETCONF/RESTCONF IPv4 Access Control List Bypass Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-dhcp-dos-t3cxpo9z | Cisco IOS XE Software DHCP Snooping with Endpoint Analytics Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-ccc-authz-bypass-5ekchjrb | Cisco Catalyst Center Authorization Bypass Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-aux-333wbz8f | Cisco IOS XE Software Auxiliary Asynchronous Port Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-ap-secureboot-bypass-zt5vjksd | Cisco Access Point Software Secure Boot Bypass Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-ap-dos-h9tggx6w | Cisco Access Point Software Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-airo-ap-dos-ppptcvw | Cisco Aironet Access Point Software Resource Exhaustion Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-xrl2vpn-jesru3fc | Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability | 2024-03-13T16:00:00+00:00 | 2024-03-13T16:00:00+00:00 |
| cisco-sa-snmp-uhv6zdef | Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability | 2024-03-13T16:00:00+00:00 | 2024-03-13T16:00:00+00:00 |
| cisco-sa-iosxr-ssh-privesc-ewdmkew3 | Cisco IOS XR Software SSH Privilege Escalation Vulnerability | 2024-03-13T16:00:00+00:00 | 2024-03-13T16:00:00+00:00 |
| cisco-sa-iosxr-scp-dos-kb6suuhw | Cisco IOS XR Software Authenticated CLI Secure Copy Protocol and SFTP Denial of Service Vulnerability | 2024-03-13T16:00:00+00:00 | 2024-03-13T16:00:00+00:00 |
| cisco-sa-iosxr-pppma-jkwfgnew | Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE Denial of Service Vulnerability | 2024-03-13T16:00:00+00:00 | 2024-03-13T16:00:00+00:00 |
| cisco-sa-iosxr-dhcp-dos-3tgpkrdm | Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability | 2024-03-13T16:00:00+00:00 | 2024-03-13T16:00:00+00:00 |
| cisco-sa-iosxr-acl-bypass-rzu5nl3e | Cisco IOS XR Software MPLS and Pseudowire Interfaces Access Control List Bypass Vulnerabilities | 2024-03-13T16:00:00+00:00 | 2024-03-13T16:00:00+00:00 |
| cisco-sa-secure-privesc-syxqo6ds | Cisco Secure Client for Linux with ISE Posture Module Privilege Escalation Vulnerability | 2024-03-06T16:00:00+00:00 | 2024-03-06T16:00:00+00:00 |
| cisco-sa-secure-client-crlf-w43v4g7 | Cisco Secure Client Carriage Return Line Feed Injection Vulnerability | 2024-03-06T16:00:00+00:00 | 2024-03-12T14:17:07+00:00 |
| cisco-sa-sb-wap-multi-85g83crb | Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection and Buffer Overflow Vulnerabilities | 2024-03-06T16:00:00+00:00 | 2024-03-06T16:00:00+00:00 |
| cisco-sa-duo-win-bypass-pn42kkbm | Cisco Duo Authentication for Windows Logon and RDP Authentication Bypass Vulnerability | 2024-03-06T16:00:00+00:00 | 2024-03-06T16:00:00+00:00 |
| cisco-sa-duo-infodisc-rlceqm6t | Cisco Duo Authentication for Windows Logon and RDP Information Disclosure Vulnerability | 2024-03-06T16:00:00+00:00 | 2024-03-08T18:23:38+00:00 |
| cisco-sa-appd-xss-3jwqsmnt | Cisco AppDynamics Controller Cross-Site Scripting Vulnerability | 2024-03-06T16:00:00+00:00 | 2024-03-06T16:00:00+00:00 |
| cisco-sa-appd-traversal-m7n8mzpf | Cisco AppDynamics Controller Path Traversal Vulnerability | 2024-03-06T16:00:00+00:00 | 2024-03-06T16:00:00+00:00 |
| cisco-sa-ucsfi-imm-syn-p6kztdqc | Cisco UCS 6400 and 6500 Series Fabric Interconnects Intersight Managed Mode Denial of Service Vulnerability | 2024-02-28T16:00:00+00:00 | 2024-02-28T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-4426 | Libarchive: libarchive: denial of service via malformed iso file processing | 2026-03-02T00:00:00.000Z | 2026-03-31T15:10:59.000Z |
| msrc_cve-2026-4424 | Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing | 2026-03-02T00:00:00.000Z | 2026-03-31T15:11:32.000Z |
| msrc_cve-2026-4395 | Heap-based buffer overflow in wc_ecc_import_x963_ex KCAPI path | 2026-03-02T00:00:00.000Z | 2026-03-31T15:14:03.000Z |
| msrc_cve-2026-4224 | Stack overflow parsing XML with deeply nested DTD content models | 2026-03-02T00:00:00.000Z | 2026-04-13T14:37:54.000Z |
| msrc_cve-2026-4176 | Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib | 2026-03-02T00:00:00.000Z | 2026-04-15T01:41:11.000Z |
| msrc_cve-2026-4159 | wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read | 2026-03-02T00:00:00.000Z | 2026-03-31T15:13:21.000Z |
| msrc_cve-2026-4111 | Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive | 2026-03-02T00:00:00.000Z | 2026-03-18T14:36:47.000Z |
| msrc_cve-2026-4105 | Systemd: systemd: privilege escalation via improper access control in registermachine d-bus method | 2026-03-02T00:00:00.000Z | 2026-04-01T14:36:30.000Z |
| msrc_cve-2026-4046 | iconv crash due to assertion failure with untrusted input | 2026-03-02T00:00:00.000Z | 2026-04-02T01:01:22.000Z |
| msrc_cve-2026-3904 | CVE-2026-3904 | 2026-03-02T00:00:00.000Z | 2026-03-27T01:38:14.000Z |
| msrc_cve-2026-3849 | Buffer Overflow in HPKE via Oversized ECH Config | 2026-03-02T00:00:00.000Z | 2026-04-15T01:43:25.000Z |
| msrc_cve-2026-3805 | use after free in SMB connection reuse | 2026-03-02T00:00:00.000Z | 2026-03-26T01:38:04.000Z |
| msrc_cve-2026-3784 | wrong proxy connection reuse with credentials | 2026-03-02T00:00:00.000Z | 2026-04-14T14:40:33.000Z |
| msrc_cve-2026-3783 | token leak with redirect and netrc | 2026-03-02T00:00:00.000Z | 2026-04-14T14:40:22.000Z |
| msrc_cve-2026-3731 | libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds | 2026-03-02T00:00:00.000Z | 2026-03-31T14:43:04.000Z |
| msrc_cve-2026-3713 | pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow | 2026-03-02T00:00:00.000Z | 2026-03-31T14:42:17.000Z |
| msrc_cve-2026-3644 | Incomplete control character validation in http.cookies | 2026-03-02T00:00:00.000Z | 2026-04-15T01:42:33.000Z |
| msrc_cve-2026-3634 | Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header | 2026-03-02T00:00:00.000Z | 2026-04-14T14:41:33.000Z |
| msrc_cve-2026-3633 | Libsoup: libsoup: header and http request injection via crlf injection | 2026-03-02T00:00:00.000Z | 2026-04-14T14:41:43.000Z |
| msrc_cve-2026-3632 | Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames | 2026-03-02T00:00:00.000Z | 2026-04-14T14:41:38.000Z |
| msrc_cve-2026-3591 | A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass | 2026-03-02T00:00:00.000Z | 2026-03-31T14:59:36.000Z |
| msrc_cve-2026-3580 | Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V | 2026-03-02T00:00:00.000Z | 2026-03-31T15:13:42.000Z |
| msrc_cve-2026-3579 | Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I | 2026-03-02T00:00:00.000Z | 2026-04-15T01:43:31.000Z |
| msrc_cve-2026-3549 | ECH parsing heap buffer overflow | 2026-03-02T00:00:00.000Z | 2026-03-27T01:42:32.000Z |
| msrc_cve-2026-3548 | Buffer overflow in CRL number parsing in wolfSSL | 2026-03-02T00:00:00.000Z | 2026-03-27T01:42:24.000Z |
| msrc_cve-2026-3547 | wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation | 2026-03-02T00:00:00.000Z | 2026-03-27T01:42:40.000Z |
| msrc_cve-2026-3503 | Fault injection attack with ML-DSA and ML-KEM on ARM | 2026-03-02T00:00:00.000Z | 2026-03-31T15:15:51.000Z |
| msrc_cve-2026-3494 | MariaDB Server Audit Plugin Comment Handling Bypass | 2026-03-02T00:00:00.000Z | 2026-03-14T01:37:11.000Z |
| msrc_cve-2026-3479 | pkgutil.get_data() does not enforce documented restrictions | 2026-03-02T00:00:00.000Z | 2026-03-31T15:08:56.000Z |
| msrc_cve-2026-34714 | CVE-2026-34714 | 2026-03-02T00:00:00.000Z | 2026-04-08T01:37:47.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2025-0107 | Kwetsbaarheden verholpen in Microsoft Office | 2025-04-08T18:50:53.931519Z | 2025-04-08T18:50:53.931519Z |
| ncsc-2025-0106 | Kwetsbaarheden verholpen in Siemens producten | 2025-04-08T13:57:11.959816Z | 2025-04-08T13:57:11.959816Z |
| ncsc-2025-0105 | Kwetsbaarheid verholpen in Ivanti Connect Secure, Policy Secure en ZTA Gateways | 2025-04-03T14:19:37.560619Z | 2025-04-03T14:19:37.560619Z |
| ncsc-2025-0104 | Kwetsbaarheid verholpen in Cisco Enterprise Chat and Email | 2025-04-03T08:04:22.928655Z | 2025-04-03T08:04:22.928655Z |
| ncsc-2025-0103 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2025-04-01T08:42:27.059536Z | 2025-04-01T08:42:27.059536Z |
| ncsc-2025-0102 | Kwetsbaarheden verholpen in Apple macOS | 2025-04-01T08:41:09.934597Z | 2025-04-01T08:41:09.934597Z |
| ncsc-2025-0101 | Kwetsbaarheid verholpen in CrushFTP | 2025-04-01T07:47:50.425419Z | 2025-04-07T14:03:59.372671Z |
| ncsc-2025-0100 | Kwetsbaarheden verholpen in GitLab EE/CE | 2025-03-27T14:49:34.316050Z | 2025-03-27T14:49:34.316050Z |
| ncsc-2025-0099 | Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform | 2025-03-27T09:18:30.331072Z | 2025-03-27T09:18:30.331072Z |
| ncsc-2025-0098 | Kwetsbaarheid verholpen in Google Chrome | 2025-03-26T12:45:59.434386Z | 2025-03-26T12:45:59.434386Z |
| ncsc-2025-0097 | Kwetsbaarheid verholpen in NetApp SnapCenter | 2025-03-25T08:41:39.996819Z | 2025-03-25T08:41:39.996819Z |
| ncsc-2025-0096 | Kwetsbaarheid verholpen in Next.js | 2025-03-25T08:38:53.524904Z | 2025-03-25T08:38:53.524904Z |
| ncsc-2025-0095 | Kwetsbaarheden verholpen in Kubernetes Ingress NGINX Controller | 2025-03-25T07:13:08.093318Z | 2025-03-27T14:41:30.387171Z |
| ncsc-2025-0094 | Kwetsbaarheid verholpen in Veeam Backup & Replication | 2025-03-20T14:10:16.806777Z | 2025-03-20T14:10:16.806777Z |
| ncsc-2025-0093 | Kwetsbaarheid verholpen in IBM InfoSphere Information Server | 2025-03-20T13:17:45.897480Z | 2025-03-20T13:17:45.897480Z |
| ncsc-2025-0092 | Kwetsbaarheden verholpen in IBM AIX | 2025-03-20T13:13:43.163579Z | 2025-03-20T13:13:43.163579Z |
| ncsc-2025-0091 | Kwetsbaarheid verholpen in Synology DiskStation Manager | 2025-03-19T15:03:23.414509Z | 2025-03-19T15:03:23.414509Z |
| ncsc-2025-0090 | Kwetsbaarheid verholpen in Synology Replication Service en Synology Unified Controller | 2025-03-19T15:02:46.122619Z | 2025-03-19T15:02:46.122619Z |
| ncsc-2025-0089 | Kwetsbaarheid verholpen in Apache Tomcat | 2025-03-17T18:36:12.978021Z | 2025-03-17T18:36:12.978021Z |
| ncsc-2025-0088 | Kwetsbaarheden verholpen in Autodesk AutoCAD | 2025-03-14T10:10:13.263645Z | 2025-03-14T10:10:13.263645Z |
| ncsc-2025-0087 | Kwetsbaarheden verholpen in GitLab | 2025-03-14T09:14:59.775984Z | 2025-03-14T09:14:59.775984Z |
| ncsc-2025-0086 | Kwetsbaarheid verholpen in Apple iOS, iPadOS, macOS Sequoia, visionOS en Safari | 2025-03-12T13:48:59.223945Z | 2025-03-12T13:48:59.223945Z |
| ncsc-2025-0085 | Kwetsbaarheid verholpen in Ivanti Secure Access Client | 2025-03-12T11:00:45.614633Z | 2025-03-12T11:00:45.614633Z |
| ncsc-2025-0084 | Kwetsbaarheden verholpen in Adobe Acrobat Reader | 2025-03-12T10:56:00.883114Z | 2025-03-12T10:56:00.883114Z |
| ncsc-2025-0083 | Kwetsbaarheden verholpen in Fortinet FortiSandbox | 2025-03-12T10:51:18.487649Z | 2025-03-12T10:51:18.487649Z |
| ncsc-2025-0082 | Kwetsbaarheden verholpen in FortiOS, FortiProxy, FortiPAM, FortiSRA en FortiWeb. | 2025-03-12T10:46:38.451715Z | 2025-03-12T10:46:38.451715Z |
| ncsc-2025-0081 | Kwetsbaarheden verholpen in Microsoft Azure | 2025-03-11T18:45:19.628300Z | 2025-03-11T18:45:19.628300Z |
| ncsc-2025-0080 | Kwetsbaarheden verholpen in Microsoft Office | 2025-03-11T18:44:43.336447Z | 2025-03-11T18:44:43.336447Z |
| ncsc-2025-0079 | Kwetsbaarheden verholpen in Microsoft Developer Tools | 2025-03-11T18:44:07.766518Z | 2025-03-11T18:44:07.766518Z |
| ncsc-2025-0078 | Kwetsbaarheden verholpen in Microsoft Windows | 2025-03-11T18:43:14.505624Z | 2025-03-11T18:43:14.505624Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:10160-1 | python311-Django-5.2.11-1.1 on GA media | 2026-02-06T00:00:00Z | 2026-02-06T00:00:00Z |
| opensuse-su-2026:10159-1 | opencloud-server-5.0.2-1.1 on GA media | 2026-02-06T00:00:00Z | 2026-02-06T00:00:00Z |
| opensuse-su-2026:10158-1 | nginx-1.29.5-1.1 on GA media | 2026-02-06T00:00:00Z | 2026-02-06T00:00:00Z |
| opensuse-su-2026:10157-1 | libsnmp45-32bit-5.9.5.2-1.1 on GA media | 2026-02-06T00:00:00Z | 2026-02-06T00:00:00Z |
| opensuse-su-2026:10156-1 | micropython-1.26.1-2.1 on GA media | 2026-02-06T00:00:00Z | 2026-02-06T00:00:00Z |
| opensuse-su-2026:10155-1 | cockpit-podman-119.1-2.1 on GA media | 2026-02-06T00:00:00Z | 2026-02-06T00:00:00Z |
| opensuse-su-2026:10154-1 | cockpit-354-3.1 on GA media | 2026-02-06T00:00:00Z | 2026-02-06T00:00:00Z |
| opensuse-su-2026:10153-1 | chromedriver-144.0.7559.132-1.1 on GA media | 2026-02-06T00:00:00Z | 2026-02-06T00:00:00Z |
| opensuse-su-2026:20180-1 | Security update for python-maturin | 2026-02-05T20:51:59Z | 2026-02-05T20:51:59Z |
| opensuse-su-2026:20178-1 | Security update for libxml2 | 2026-02-05T11:26:20Z | 2026-02-05T11:26:20Z |
| opensuse-su-2026:20177-1 | Security update for golang-github-prometheus-prometheus | 2026-02-05T10:44:24Z | 2026-02-05T10:44:24Z |
| opensuse-su-2026:10152-1 | python315-3.15.0~a3-4.1 on GA media | 2026-02-05T00:00:00Z | 2026-02-05T00:00:00Z |
| opensuse-su-2026:10151-1 | python311-wheel-0.46.3-1.1 on GA media | 2026-02-05T00:00:00Z | 2026-02-05T00:00:00Z |
| opensuse-su-2026:10150-1 | cockpit-subscriptions-14.4-2.1 on GA media | 2026-02-05T00:00:00Z | 2026-02-05T00:00:00Z |
| opensuse-su-2026:10149-1 | cockpit-repos-4.7-2.1 on GA media | 2026-02-05T00:00:00Z | 2026-02-05T00:00:00Z |
| opensuse-su-2026:10148-1 | cockpit-packages-4.1-2.1 on GA media | 2026-02-05T00:00:00Z | 2026-02-05T00:00:00Z |
| opensuse-su-2026:10147-1 | cockpit-machines-346-2.1 on GA media | 2026-02-05T00:00:00Z | 2026-02-05T00:00:00Z |
| opensuse-su-2026:20172-1 | Security update for cups | 2026-02-04T11:37:13Z | 2026-02-04T11:37:13Z |
| opensuse-su-2026:10146-1 | libpainter0-0.9.27-1.1 on GA media | 2026-02-04T00:00:00Z | 2026-02-04T00:00:00Z |
| opensuse-su-2026:10145-1 | python312-Django6-6.0.2-1.1 on GA media | 2026-02-04T00:00:00Z | 2026-02-04T00:00:00Z |
| opensuse-su-2026:10144-1 | expat-2.7.4-1.1 on GA media | 2026-02-04T00:00:00Z | 2026-02-04T00:00:00Z |
| opensuse-ru-2026:20168-1 | Recommended update for gimp | 2026-02-03T18:05:40Z | 2026-02-03T18:05:40Z |
| opensuse-su-2026:20167-1 | Security update for xrdp | 2026-02-03T15:00:07Z | 2026-02-03T15:00:07Z |
| opensuse-su-2026:10143-1 | traefik2-2.11.35-1.1 on GA media | 2026-02-03T00:00:00Z | 2026-02-03T00:00:00Z |
| opensuse-su-2026:10142-1 | traefik-3.6.7-1.1 on GA media | 2026-02-03T00:00:00Z | 2026-02-03T00:00:00Z |
| opensuse-su-2026:10141-1 | rizin-0.8.2-1.1 on GA media | 2026-02-03T00:00:00Z | 2026-02-03T00:00:00Z |
| opensuse-su-2026:10140-1 | patch-2.8-2.1 on GA media | 2026-02-03T00:00:00Z | 2026-02-03T00:00:00Z |
| opensuse-su-2026:10139-1 | libsoup-3_0-0-3.6.5-12.1 on GA media | 2026-02-03T00:00:00Z | 2026-02-03T00:00:00Z |
| opensuse-su-2026:10138-1 | java-25-openj9-25.0.2.0-1.1 on GA media | 2026-02-03T00:00:00Z | 2026-02-03T00:00:00Z |
| opensuse-su-2026:10137-1 | java-21-openj9-21.0.10.0-1.1 on GA media | 2026-02-03T00:00:00Z | 2026-02-03T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:4936 | Red Hat Security Advisory: Release of containers for RHOSO 18.0.17 security update | 2026-03-18T15:36:04+00:00 | 2026-04-14T09:46:46+00:00 |
| rhsa-2026:4924 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update | 2026-03-18T13:54:46+00:00 | 2026-04-08T13:32:26+00:00 |
| rhsa-2026:4917 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update | 2026-03-18T13:19:11+00:00 | 2026-04-08T13:32:27+00:00 |
| rhsa-2026:4915 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update | 2026-03-18T13:17:52+00:00 | 2026-04-08T13:32:27+00:00 |
| rhsa-2026:4916 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update | 2026-03-18T13:17:47+00:00 | 2026-04-08T13:32:24+00:00 |
| rhsa-2026:4901 | Red Hat Security Advisory: rhc security update | 2026-03-18T11:07:06+00:00 | 2026-04-14T09:46:45+00:00 |
| rhsa-2026:4907 | Red Hat Security Advisory: rhc security update | 2026-03-18T10:44:01+00:00 | 2026-04-14T09:46:45+00:00 |
| rhsa-2026:4899 | Red Hat Security Advisory: kernel security update | 2026-03-18T10:15:46+00:00 | 2026-04-08T13:33:51+00:00 |
| rhsa-2026:4898 | Red Hat Security Advisory: capstone security update | 2026-03-18T10:04:06+00:00 | 2026-04-08T14:06:51+00:00 |
| rhsa-2026:4900 | Red Hat Security Advisory: grub2 security update | 2026-03-18T09:18:11+00:00 | 2026-04-09T14:37:56+00:00 |
| rhsa-2026:4892 | Red Hat Security Advisory: rhc security update | 2026-03-18T08:06:26+00:00 | 2026-04-14T09:46:45+00:00 |
| rhsa-2026:4435 | Red Hat Security Advisory: OpenShift Container Platform 4.19.26 security and extras update | 2026-03-18T08:00:04+00:00 | 2026-04-14T07:59:01+00:00 |
| rhsa-2026:4511 | Red Hat Security Advisory: OpenShift Container Platform 4.17.51 security and extras update | 2026-03-18T02:32:50+00:00 | 2026-04-14T07:59:07+00:00 |
| rhsa-2026:4832 | Red Hat Security Advisory: java-1.8.0-ibm security update | 2026-03-17T19:28:09+00:00 | 2026-03-18T03:19:57+00:00 |
| rhsa-2026:4828 | Red Hat Security Advisory: mysql security update | 2026-03-17T18:26:19+00:00 | 2026-04-02T16:36:36+00:00 |
| rhsa-2026:4823 | Red Hat Security Advisory: grub2 security update | 2026-03-17T18:20:14+00:00 | 2026-04-09T14:36:12+00:00 |
| rhsa-2026:4824 | Red Hat Security Advisory: compat-openssl11 security update | 2026-03-17T18:13:19+00:00 | 2026-04-09T23:06:06+00:00 |
| rhsa-2026:4822 | Red Hat Security Advisory: grub2 security update | 2026-03-17T18:12:24+00:00 | 2026-04-09T14:37:55+00:00 |
| rhsa-2026:4825 | Red Hat Security Advisory: compat-openssl11 security update | 2026-03-17T18:01:25+00:00 | 2026-04-09T23:06:06+00:00 |
| rhsa-2026:4830 | Red Hat Security Advisory: grub2 security update | 2026-03-17T17:52:09+00:00 | 2026-04-09T14:36:10+00:00 |
| rhsa-2026:4772 | Red Hat Security Advisory: glibc security update | 2026-03-17T17:20:27+00:00 | 2026-04-09T18:08:24+00:00 |
| rhsa-2026:4759 | Red Hat Security Advisory: kernel security update | 2026-03-17T17:04:19+00:00 | 2026-03-30T17:22:16+00:00 |
| rhsa-2026:4760 | Red Hat Security Advisory: grub2 security update | 2026-03-17T16:03:43+00:00 | 2026-04-09T14:36:09+00:00 |
| rhsa-2026:4745 | Red Hat Security Advisory: kernel security update | 2026-03-17T15:00:53+00:00 | 2026-04-13T05:43:47+00:00 |
| rhsa-2026:4782 | Red Hat Security Advisory: Cluster Observability Operator 1.4.0 | 2026-03-17T14:16:04+00:00 | 2026-04-13T16:00:36+00:00 |
| rhsa-2026:4756 | Red Hat Security Advisory: libpng security update | 2026-03-17T13:13:58+00:00 | 2026-04-09T14:36:06+00:00 |
| rhsa-2026:4761 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.5 update | 2026-03-17T12:48:03+00:00 | 2026-03-30T15:53:21+00:00 |
| rhsa-2026:4753 | Red Hat Security Advisory: osbuild-composer security update | 2026-03-17T11:44:32+00:00 | 2026-04-14T09:46:44+00:00 |
| rhsa-2026:4746 | Red Hat Security Advisory: python3.12 security update | 2026-03-17T11:12:27+00:00 | 2026-04-09T15:17:02+00:00 |
| rhsa-2026:4715 | Red Hat Security Advisory: vim security update | 2026-03-17T10:50:27+00:00 | 2026-04-10T14:25:21+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-222547 | SSA-222547: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0 | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-145224 | SSA-145224: Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-789162 | SSA-789162: Vulnerabilities in Teamcenter | 2022-05-10T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-736385 | SSA-736385: Memory Corruption Vulnerability in OpenV2G | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-732250 | SSA-732250: Libcurl Vulnerabilities in Industrial Devices | 2022-05-10T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-662649 | SSA-662649: Denial of Service Vulnerability in Desigo DXR and PXC Controllers | 2022-05-10T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-626968 | SSA-626968: Multiple Webserver Vulnerabilities in Desigo PXC and DXR Devices | 2022-05-10T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-553086 | SSA-553086: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-480937 | SSA-480937: Denial of Service Vulnerability in CP 44x-1 RNA before V1.5.18 | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-363107 | SSA-363107: An Improper Initialization Vulnerability Affects SIMATIC WinCC Kiosk Mode | 2022-05-10T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-321292 | SSA-321292: Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products | 2022-05-10T00:00:00Z | 2024-10-08T00:00:00Z |
| ssa-285795 | SSA-285795: Denial of Service in OPC-UA in Industrial Products | 2022-05-10T00:00:00Z | 2023-10-10T00:00:00Z |
| ssa-165073 | SSA-165073: Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-162616 | SSA-162616: File Parsing Vulnerabilities in Simcenter Femap before V2022.2 | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-254054 | SSA-254054: Spring Framework Vulnerability (Spring4Shell or SpringShell, CVE-2022-22965) - Impact to Siemens Products | 2022-04-19T00:00:00Z | 2022-10-11T00:00:00Z |
| ssa-998762 | SSA-998762: File Parsing Vulnerabilities in Simcenter Femap before V2022.1.2 | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-870917 | SSA-870917: Improper Access Control Vulnerability in Mendix | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-836527 | SSA-836527: Multiple Vulnerabilities in SCALANCE X-300 Switch Family Devices | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-711829 | SSA-711829: Denial of Service Vulnerability in TIA Administrator | 2022-04-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-655554 | SSA-655554: Multiple Vulnerabilities in SIMATIC Energy Manager before V7.3 Update 1 | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-557541 | SSA-557541: Denial-of-Service Vulnerability in SIMATIC S7-400 CPUs | 2022-04-12T00:00:00Z | 2023-04-11T00:00:00Z |
| ssa-446448 | SSA-446448: Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack | 2022-04-12T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-414513 | SSA-414513: Information Disclosure Vulnerability in Mendix | 2022-04-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-392912 | SSA-392912: Multiple Denial Of Service Vulnerabilities in SCALANCE W1700 Devices | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-350757 | SSA-350757: Improper Access Control Vulnerability in TIA Portal Affecting S7-1200 and S7-1500 CPUs Web Server (Incl. Related ET200 CPUs and SIPLUS variants) | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-316850 | SSA-316850: Unauthenticated File Access in SICAM A8000 Devices | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-594438 | SSA-594438: Remote Code Execution and Denial-of-Service Vulnerability in multiple RUGGEDCOM ROX products | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-562051 | SSA-562051: Cross-Site Scripting Vulnerability in Polarion ALM | 2022-03-08T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-415938 | SSA-415938: Improper Access Control Vulnerability in Mendix | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-406691 | SSA-406691: Buffer Vulnerabilities in DHCP function of RUGGEDCOM ROX products | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:1026-1 | Security update 5.0.7 for Multi-Linux Manager Salt Bundle | 2026-03-25T10:15:30Z | 2026-03-25T10:15:30Z |
| suse-su-2026:1014-1 | Security update 5.0.7 for Multi-Linux Manager Salt Bundle | 2026-03-25T10:12:32Z | 2026-03-25T10:12:32Z |
| suse-su-2026:1013-1 | Security update 5.0.7 for Multi-Linux Manager Client Tools | 2026-03-25T10:11:52Z | 2026-03-25T10:11:52Z |
| suse-su-2026:1012-1 | Security update 5.0.7 for Multi-Linux Manager Salt Bundle | 2026-03-25T10:10:54Z | 2026-03-25T10:10:54Z |
| suse-su-2026:1011-1 | Security update 5.0.7 for Multi-Linux Manager Client Tools | 2026-03-25T10:10:31Z | 2026-03-25T10:10:31Z |
| suse-su-2026:1010-1 | Security update 5.0.7 for Multi-Linux Manager Server | 2026-03-25T10:10:02Z | 2026-03-25T10:10:02Z |
| suse-su-2026:1008-1 | Security update for Prometheus | 2026-03-25T10:07:27Z | 2026-03-25T10:07:27Z |
| suse-su-2026:20932-1 | Security update for ffmpeg-7 | 2026-03-25T09:58:50Z | 2026-03-25T09:58:50Z |
| suse-su-2026:20878-1 | Security update for python-pyasn1 | 2026-03-25T09:44:19Z | 2026-03-25T09:44:19Z |
| suse-su-2026:20868-1 | Security update for capstone | 2026-03-25T09:40:00Z | 2026-03-25T09:40:00Z |
| suse-su-2026:1002-1 | Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5) | 2026-03-25T09:34:30Z | 2026-03-25T09:34:30Z |
| suse-su-2026:1005-1 | Security update for giflib | 2026-03-25T09:32:48Z | 2026-03-25T09:32:48Z |
| suse-su-2026:1004-1 | Security update for libsoup | 2026-03-25T09:32:40Z | 2026-03-25T09:32:40Z |
| suse-su-2026:20869-1 | Security update for python-PyJWT | 2026-03-25T09:31:26Z | 2026-03-25T09:31:26Z |
| suse-su-2026:1003-1 | Security update for the Linux Kernel | 2026-03-25T09:25:47Z | 2026-03-25T09:25:47Z |
| suse-su-2026:20931-1 | Security update for the Linux Kernel | 2026-03-25T08:48:43Z | 2026-03-25T08:48:43Z |
| suse-su-2026:20838-1 | Security update for the Linux Kernel | 2026-03-25T08:48:43Z | 2026-03-25T08:48:43Z |
| suse-ru-2026:1001-1 | Recommended update for rust1.94 | 2026-03-25T08:36:36Z | 2026-03-25T08:36:36Z |
| suse-su-2026:1000-1 | Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5) | 2026-03-25T07:08:02Z | 2026-03-25T07:08:02Z |
| suse-su-2026:20944-1 | Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16) | 2026-03-25T06:46:04Z | 2026-03-25T06:46:04Z |
| suse-su-2026:20837-1 | Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16) | 2026-03-25T06:46:04Z | 2026-03-25T06:46:04Z |
| suse-su-2026:20943-1 | Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) | 2026-03-25T05:44:30Z | 2026-03-25T05:44:30Z |
| suse-su-2026:20836-1 | Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) | 2026-03-25T05:44:30Z | 2026-03-25T05:44:30Z |
| suse-su-2026:20930-1 | Security update for python-pyOpenSSL | 2026-03-25T03:41:42Z | 2026-03-25T03:41:42Z |
| suse-su-2026:20929-1 | Security update for python-pyasn1 | 2026-03-25T03:09:46Z | 2026-03-25T03:09:46Z |
| suse-su-2026:20835-1 | Security update for python-pyasn1 | 2026-03-25T03:09:46Z | 2026-03-25T03:09:46Z |
| suse-su-2026:20942-1 | Security update for the initial kernel livepatch | 2026-03-24T20:36:24Z | 2026-03-24T20:36:24Z |
| suse-su-2026:20834-1 | Security update for the initial kernel livepatch | 2026-03-24T20:36:24Z | 2026-03-24T20:36:24Z |
| suse-su-2026:20928-1 | Security update for python-black | 2026-03-24T19:40:56Z | 2026-03-24T19:40:56Z |
| suse-su-2026:20927-1 | Security update for 389-ds | 2026-03-24T17:50:31Z | 2026-03-24T17:50:31Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:0108 | Moderate: gcc-toolset-15-binutils security update | 2026-01-06T00:00:00Z | 2026-01-07T14:17:02Z |
| alsa-2026:0067 | Moderate: tar security update | 2026-01-05T00:00:00Z | 2026-01-13T08:42:22Z |
| alsa-2026:0052 | Moderate: gcc-toolset-14-binutils security update | 2026-01-05T00:00:00Z | 2026-01-05T20:18:34Z |
| alsa-2026:0026 | Important: thunderbird security update | 2026-01-05T00:00:00Z | 2026-01-05T10:18:14Z |
| alsa-2026:0025 | Important: thunderbird security update | 2026-01-05T00:00:00Z | 2026-01-05T10:10:00Z |
| alsa-2026:0002 | Moderate: tar security update | 2026-01-05T00:00:00Z | 2026-01-05T09:20:37Z |
| alsa-2025:23948 | Moderate: grafana security update | 2025-12-22T00:00:00Z | 2025-12-23T13:42:03Z |
| alsa-2025:23940 | Moderate: python3.12 security update | 2025-12-22T00:00:00Z | 2025-12-23T05:59:49Z |
| alsa-2025:23932 | Important: httpd security update | 2025-12-22T00:00:00Z | 2025-12-23T06:01:50Z |
| alsa-2025:23919 | Important: httpd security update | 2025-12-22T00:00:00Z | 2026-01-05T20:20:59Z |
| alsa-2025:23856 | Important: thunderbird security update | 2025-12-22T00:00:00Z | 2025-12-23T16:45:01Z |
| alsa-2025:23745 | Important: git-lfs security update | 2025-12-22T00:00:00Z | 2025-12-22T12:34:52Z |
| alsa-2025:23744 | Important: git-lfs security update | 2025-12-22T00:00:00Z | 2025-12-22T12:38:08Z |
| alsa-2025:23739 | Important: mod_md security update | 2025-12-22T00:00:00Z | 2025-12-22T13:37:02Z |
| alsa-2025:23738 | Important: mod_md security update | 2025-12-22T00:00:00Z | 2025-12-22T13:38:35Z |
| alsa-2025:23732 | Important: httpd:2.4 security update | 2025-12-22T00:00:00Z | 2025-12-22T14:02:23Z |
| alsa-2025:23729 | Important: opentelemetry-collector security update | 2025-12-21T00:00:00Z | 2025-12-23T13:07:45Z |
| alsa-2025:23700 | Important: webkit2gtk3 security update | 2025-12-18T00:00:00Z | 2025-12-22T13:39:46Z |
| alsa-2025:23667 | Important: git-lfs security update | 2025-12-18T00:00:00Z | 2025-12-22T13:42:09Z |
| alsa-2025:23664 | Important: opentelemetry-collector security update | 2025-12-18T00:00:00Z | 2025-12-23T13:09:37Z |
| alsa-2025:23663 | Important: webkit2gtk3 security update | 2025-12-18T00:00:00Z | 2025-12-22T14:04:48Z |
| alsa-2025:23543 | Important: container-tools:rhel8 security update | 2025-12-17T00:00:00Z | 2025-12-24T09:25:49Z |
| alsa-2025:23530 | Important: python39:3.9 security update | 2025-12-17T00:00:00Z | 2025-12-22T14:10:23Z |
| alsa-2025:23484 | Moderate: libssh security update | 2025-12-17T00:00:00Z | 2025-12-21T19:50:15Z |
| alsa-2025:23483 | Moderate: libssh security update | 2025-12-17T00:00:00Z | 2025-12-21T19:54:52Z |
| alsa-2025:23481 | Moderate: openssh security update | 2025-12-17T00:00:00Z | 2025-12-21T20:00:09Z |
| alsa-2025:23480 | Moderate: openssh security update | 2025-12-17T00:00:00Z | 2025-12-21T20:03:34Z |
| alsa-2025:23479 | Moderate: openssh security update | 2025-12-17T00:00:00Z | 2025-12-21T20:05:20Z |
| alsa-2025:23383 | Moderate: curl security update | 2025-12-16T00:00:00Z | 2025-12-22T14:12:06Z |
| alsa-2025:23382 | Moderate: binutils security update | 2025-12-16T00:00:00Z | 2025-12-22T14:14:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2024-914 | UNKNOWN READ in boost::re_detail_500::basic_regex_formatter<std::__1::ostream_iterator<char, cha | 2024-08-16T00:08:20.277708Z | 2026-03-11T14:30:35.738187Z |
| osv-2024-883 | Security exception in com.puppycrawl.tools.checkstyle.JavaAstVisitor.getInnerBopAst | 2024-08-16T00:06:29.139503Z | 2024-08-16T00:06:29.139893Z |
| osv-2024-879 | Security exception in java.base/java.util.Arrays.copyOf | 2024-08-16T00:06:11.887593Z | 2024-08-16T00:06:11.888006Z |
| osv-2024-867 | Use-of-uninitialized-value in std::__1::ostreambuf_iterator<char, std::__1::char_traits<char>> std::__1::__pad | 2024-08-16T00:05:38.614485Z | 2025-03-19T14:29:11.494602Z |
| osv-2024-861 | UNKNOWN READ in chunk_free_object | 2024-08-16T00:05:25.024909Z | 2024-08-16T00:05:25.025249Z |
| osv-2024-859 | Heap-double-free in libssh2_default_free | 2024-08-16T00:05:16.221580Z | 2024-08-16T00:05:16.221993Z |
| osv-2024-856 | Use-of-uninitialized-value in cups_fill | 2024-08-16T00:05:10.919440Z | 2024-08-16T00:05:10.919721Z |
| osv-2024-853 | UNKNOWN READ in chunk_free_object | 2024-08-16T00:04:58.897243Z | 2025-01-10T05:30:16.360095Z |
| osv-2024-852 | UNKNOWN READ in jvp_object_free | 2024-08-16T00:04:43.641868Z | 2024-08-16T00:04:43.642269Z |
| osv-2024-847 | Null-dereference READ in _libssh2_packet_add | 2024-08-16T00:04:07.189033Z | 2025-02-01T14:27:03.602163Z |
| osv-2024-838 | Bad-cast to RDKit::AtomRDKit::ROMol::initFromOther | 2024-08-16T00:03:32.029853Z | 2026-03-07T14:34:10.603763Z |
| osv-2024-833 | UNKNOWN READ in chunk_free_object | 2024-08-16T00:03:18.896326Z | 2024-08-16T00:03:18.896644Z |
| osv-2024-832 | UNKNOWN READ in Pistache::Http::Header::Expect::parseRaw | 2024-08-16T00:03:13.834235Z | 2025-01-10T05:18:27.558670Z |
| osv-2024-831 | Heap-buffer-overflow in jv_parse | 2024-08-16T00:03:12.871175Z | 2025-03-07T14:24:40.166702Z |
| osv-2024-830 | UNKNOWN READ in ShadingImage::generateAxialBitmap | 2024-08-16T00:03:09.951294Z | 2024-08-16T00:03:09.951596Z |
| osv-2024-828 | Use-of-uninitialized-value in packet_parse | 2024-08-16T00:03:08.665359Z | 2024-08-16T00:03:08.665719Z |
| osv-2024-817 | Use-of-uninitialized-value in pcapint_filter_with_aux_data | 2024-08-16T00:02:39.185747Z | 2025-01-08T14:19:40.985698Z |
| osv-2024-816 | Use-of-uninitialized-value in pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toString | 2024-08-16T00:02:36.618439Z | 2025-12-22T14:21:20.173609Z |
| osv-2024-812 | Use-of-uninitialized-value in pcpp::PcapFileWriterDevice::writePacket | 2024-08-16T00:02:26.387902Z | 2025-12-22T14:21:19.473015Z |
| osv-2024-805 | Use-of-uninitialized-value in pcpp::NflogLayer::parseNextLayer | 2024-08-16T00:02:19.436836Z | 2024-08-16T00:02:19.437200Z |
| osv-2024-801 | UNKNOWN READ in PointerVector.h | 2024-08-16T00:02:10.140304Z | 2025-04-16T14:27:34.855775Z |
| osv-2024-793 | Heap-buffer-overflow in H5HL__fl_deserialize | 2024-08-16T00:01:45.237305Z | 2025-12-31T14:19:11.515108Z |
| osv-2024-792 | Index-out-of-bounds in AAHD::make_ahd_rb_hv | 2024-08-16T00:01:41.357755Z | 2024-08-16T00:01:41.358066Z |
| osv-2024-777 | Global-buffer-overflow in vte_write_debug | 2024-08-16T00:00:55.259153Z | 2024-08-16T00:00:55.259408Z |
| osv-2024-772 | UNKNOWN READ in H5SL_search | 2024-08-16T00:00:44.075617Z | 2025-08-14T14:39:54.764895Z |
| osv-2024-764 | Use-of-uninitialized-value in _cupsStrAlloc | 2024-08-16T00:00:28.318434Z | 2024-08-16T00:00:28.318983Z |
| osv-2024-748 | Security exception in com.github.javaparser.CommentsInserter.insertComments | 2024-08-13T00:04:40.789098Z | 2024-08-13T00:04:40.789448Z |
| osv-2024-747 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-08-13T00:03:34.008550Z | 2024-08-13T00:03:34.008929Z |
| osv-2024-728 | Negative-size-param in pdf_resize_resource_arrays | 2024-08-08T00:09:33.935595Z | 2026-03-18T14:32:58.071449Z |
| osv-2024-719 | Heap-buffer-overflow in hevc_ref_pic_lists_modification | 2024-08-07T00:05:22.699506Z | 2026-04-17T14:29:25.059247Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2023-0118 | `win_run_rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0116 | `registry-win` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0115 | `acceptxmr-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0113 | `win-base64-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0112 | `monero-rpc-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0111 | `monero-api` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0109 | `win-crypto` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0107 | `lasso-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0106 | `lfest-main` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0076 | `cpython` is unmaintained | 2023-11-14T12:00:00Z | 2023-12-20T22:34:55Z |
| rustsec-2023-0088 | `loopdev` crate is unmaintained; use 'loopdev-3` instead. | 2023-11-13T12:00:00Z | 2024-11-10T16:18:40Z |
| rustsec-2023-0070 | Insufficient covariance check makes self_cell unsound | 2023-11-10T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0114 | `tiny-server` was removed from crates.io for malicious code | 2023-11-06T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0104 | `littest` was removed from crates.io for malicious code | 2023-11-06T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0077 | Remotely exploitable DoS condition in Rosenpass <=0.2.0 | 2023-11-04T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0069 | sudo-rs: Path Traversal vulnerability | 2023-11-01T12:00:00Z | 2023-11-06T12:48:19Z |
| rustsec-2023-0094 | `martin-mbtiles` has been renamed to `mbtiles` | 2023-10-30T12:00:00Z | 2025-09-14T19:19:34Z |
| rustsec-2023-0078 | Potential stack use-after-free in `Instrumented::into_inner` | 2023-10-19T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0068 | Sequential calls of encryption API (`encrypt`, `wrap`, and `dump`) result in nonce reuse | 2023-10-15T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0087 | `MaybeUninit` misuse in `simd-json-derive` | 2023-10-14T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0067 | `fehler` is unmaintained; use `culpa` instead | 2023-10-12T12:00:00Z | 2023-10-14T15:01:02Z |
| rustsec-2023-0065 | Tungstenite allows remote attackers to cause a denial of service | 2023-09-25T12:00:00Z | 2023-09-29T12:03:03Z |
| rustsec-2023-0064 | gix-transport code execution vulnerability | 2023-09-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0063 | Denial of service in Quinn servers | 2023-09-21T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0083 | blurhash: panic on parsing crafted blurhash inputs | 2023-09-19T12:00:00Z | 2026-03-11T10:51:38Z |
| rustsec-2023-0082 | phonenumber: panic on parsing crafted RF3966 phonenumber inputs | 2023-09-19T12:00:00Z | 2026-03-11T10:37:17Z |
| rustsec-2023-0085 | HPACK decoder panics on invalid input | 2023-09-15T12:00:00Z | 2024-04-11T16:16:20Z |
| rustsec-2023-0084 | `hpack` is unmaintained | 2023-09-15T12:00:00Z | 2024-03-06T14:01:14Z |
| rustsec-2023-0062 | BER/CER/DER decoder panics on invalid input | 2023-09-13T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0061 | libwebp: OOB write in BuildHuffmanTable | 2023-09-12T12:00:00Z | 2024-02-10T15:57:43Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-superset-2026-23984 | Apache Superset: SQLLab Read-Only Bypass on PostgreSQL | 2026-03-02T08:51:08.893Z | 2026-03-03T09:19:06.344Z |
| bit-superset-2026-23969 | Apache Superset: Exposure of Sensitive Information via Incomplete ClickHouse Function Filtering | 2026-03-02T08:51:03.240Z | 2026-03-02T09:10:16.414Z |
| bit-moodle-2026-26047 | Moodle: moodle: uncontrolled resource consumption in tex formula editor leading to denial of service | 2026-03-02T08:50:27.185Z | 2026-03-02T09:10:16.414Z |
| bit-moodle-2026-26046 | Moodle: moodle: improper input sanitization in tex filter administration setting | 2026-03-02T08:50:25.461Z | 2026-03-02T09:10:16.414Z |
| bit-moodle-2026-26045 | Moodle: moodle: improper validation in file restore functionality leading to remote code execution | 2026-03-02T08:50:23.910Z | 2026-03-02T09:10:16.414Z |
| bit-mastodon-2026-27477 | Mastodon has SSRF via unvalidated FASP Provider base_url | 2026-03-02T08:42:58.043Z | 2026-03-02T09:10:16.414Z |
| bit-mastodon-2026-27468 | Mastodon may allow unconfirmed FASP to make subscriptions | 2026-03-02T08:42:56.320Z | 2026-03-02T09:10:16.414Z |
| bit-grafana-2026-21725 | Authorization Bypass via TOCTOU in Grafana Datasource Deletion by Name | 2026-03-02T08:41:16.926Z | 2026-03-02T09:10:16.414Z |
| bit-pytorch-2025-2149 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization | 2026-02-26T15:23:05.500Z | 2026-02-26T15:46:51.306Z |
| bit-pytorch-2025-2148 | PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruption | 2026-02-26T15:23:02.496Z | 2026-02-26T15:46:51.306Z |
| bit-neo4j-2026-1337 | Insufficient escaping of unicode characters in query log | 2026-02-26T15:16:17.899Z | 2026-02-26T15:46:51.306Z |
| bit-superset-2026-23983 | Apache Superset: Sensitive Data Exposure via REST API (disabled by default) | 2026-02-26T08:54:03.107Z | 2026-02-26T09:13:58.886Z |
| bit-superset-2026-23982 | Apache Superset: Improper Authorization in Dataset Creation Allows Access Control Bypass | 2026-02-26T08:54:01.397Z | 2026-02-26T09:13:58.886Z |
| bit-superset-2026-23980 | Apache Superset: Improper Neutralization of Special Elements used in a SQL Command | 2026-02-26T08:53:59.760Z | 2026-02-26T09:13:58.886Z |
| bit-valkey-2026-27623 | Valkey has Pre-Authentication DOS from malformed RESP request | 2026-02-26T08:53:22.415Z | 2026-02-26T09:13:58.886Z |
| bit-valkey-2026-21863 | Malformed Valkey Cluster bus message can lead to Remote DoS | 2026-02-26T08:53:20.799Z | 2026-02-26T09:13:58.886Z |
| bit-valkey-2025-67733 | Valkey Affected by RESP Protocol Injection via Lua error_reply | 2026-02-26T08:53:18.978Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-25613 | An unsafe cast in the MongoDB query planner can result in a segmentation fault. | 2026-02-26T08:47:48.322Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-25610 | Invalid $geoNear index hint may cause server crash | 2026-02-26T08:47:46.620Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-25609 | profile command may permit unauthorized configuration | 2026-02-26T08:47:44.983Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-1850 | An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification | 2026-02-26T08:47:43.390Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-1849 | Mongod can run out of stack memory when expressions create deeply nested documents | 2026-02-26T08:47:41.788Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-1848 | Connections received from the proxy port may not count towards total accepted connections | 2026-02-26T08:47:40.094Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-1847 | MongoDB Server may crash when inserting large documents | 2026-02-26T08:47:38.190Z | 2026-02-26T09:13:58.886Z |
| bit-airflow-2025-27555 | Apache Airflow: Connection Secrets not masked in UI when Connection are added via Airflow cli | 2026-02-26T08:39:17.851Z | 2026-02-26T09:13:58.886Z |
| bit-airflow-2024-56373 | Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information | 2026-02-26T08:39:15.266Z | 2026-02-26T09:13:58.886Z |
| bit-airflow-2025-65995 | Apache Airflow: Disclosure of secrets to UI via kwargs | 2026-02-24T08:38:47.831Z | 2026-02-24T09:11:39.593Z |
| bit-ghost-2026-26980 | Ghost has a SQL Injection in its Content API | 2026-02-21T08:39:22.999Z | 2026-02-21T09:08:21.332Z |
| bit-cilium-2026-26963 | Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled | 2026-02-21T08:36:53.368Z | 2026-02-21T09:08:21.332Z |
| bit-cosign-2026-24122 | Cosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be Overlooked | 2026-02-21T08:36:39.661Z | 2026-02-21T09:08:21.332Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-uh39784 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-02-17T00:40:45.017480Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-vg57433 | Within HostnameError | 2026-02-17T00:39:45.599344Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-jr03360 | Within HostnameError | 2026-02-17T00:39:45.300172Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-bs57244 | Within HostnameError | 2026-02-17T00:39:44.907078Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-kk07808 | issue has been found in third-party PNM decoding associated with libpng 1 | 2026-02-14T00:37:45.311656Z | 2026-02-13T12:28:27Z |
| cleanstart-2026-pr84319 | Security fixes for GHSA-2GH3-RMM4-6RQ5, GHSA-R6V5-FH4H-64XC, GHSA-RHFX-M35P-FF5J, GHSA-XWFJ-JGWM-7WP5 applied in versions: 1.27.5-r1, 1.27.6-r0 | 2026-02-14T00:37:23.085740Z | 2026-02-13T12:28:27Z |
| cleanstart-2026-mh09144 | issue was discovered in libexpat before 2 | 2026-02-13T00:45:17.459930Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-wv76464 | libexpat in Expat before 2 | 2026-02-13T00:43:45.311968Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-tr92727 | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... | 2026-02-13T00:41:14.875956Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-ca79883 | Security fixes for GHSA-6V2P-P943-PHR9, GHSA-C6GW-W398-HV78, GHSA-F6X5-JH6R-WRFV, GHSA-HCG3-P754-CR77, GHSA-J5W8-Q4QC-RX2X, GHSA-QXP5-GW88-XV66, GHSA-V778-237X-GJRC, GHSA-VVGC-356P-C3XW applied in versions: 1.15.0-r1 | 2026-02-13T00:40:14.901695Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-gv85693 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-02-13T00:40:14.240914Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-jb30245 | Security fixes for GHSA-F6X5-JH6R-WRFV, GHSA-J5W8-Q4QC-RX2X applied in versions: 0.47.2-r0 | 2026-02-13T00:39:45.274258Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-qi35149 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-02-13T00:39:44.259950Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-fi29887 | During the TLS 1 | 2026-02-13T00:39:44.225771Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-by71381 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-02-11T00:41:59.117560Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-cv28298 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-02-11T00:41:59.034081Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-ls08172 | Within HostnameError | 2026-02-11T00:41:59.030674Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-xb34574 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-11T00:40:59.223419Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-im73098 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-11T00:40:59.052841Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-tj33788 | Within HostnameError | 2026-02-10T00:39:24.476012Z | 2026-02-09T12:51:17Z |
| cleanstart-2026-gp14462 | Security fixes for GHSA-VVGC-356P-C3XW applied in versions: 0.18.0-r0 | 2026-02-10T00:39:23.397354Z | 2026-02-09T12:51:17Z |
| cleanstart-2026-xe32069 | Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ... | 2026-02-06T01:10:32.733224Z | 2026-02-03T13:35:45Z |
| cleanstart-2026-wx01708 | vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device | 2026-02-06T01:10:02.024980Z | 2026-02-03T13:35:45Z |
| cleanstart-2026-ps82605 | Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ... | 2026-02-06T01:09:01.544353Z | 2026-02-03T13:35:45Z |
| cleanstart-2026-tc95380 | vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device | 2026-02-06T01:06:01.062694Z | 2026-02-03T13:35:45Z |
| cleanstart-2026-zm20570 | Moby is an open-source project created by Docker for software containerization | 2026-02-06T00:54:29.621254Z | 2026-02-03T13:35:45Z |
| cleanstart-2026-sp51034 | Moby is an open-source project created by Docker for software containerization | 2026-02-06T00:52:59.619100Z | 2026-02-03T13:35:45Z |
| cleanstart-2026-td34476 | Moby is an open-source project created by Docker for software containerization | 2026-02-06T00:51:29.459800Z | 2026-02-03T13:35:45Z |
| cleanstart-2026-jq02410 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-02-06T00:41:59.411604Z | 2026-02-05T12:20:16Z |
| cleanstart-2026-wk88787 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-02-06T00:41:29.451524Z | 2026-02-05T12:20:16Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2019-023 | 2019-02-20T17:47:47.000Z | 2023-08-11T18:56:27.000Z | |
| drupal-contrib-2019-022 | 2019-02-20T17:44:08.000Z | 2023-08-11T18:55:29.000Z | |
| drupal-contrib-2019-021 | 2019-02-20T17:39:43.000Z | 2023-08-11T18:55:05.000Z | |
| drupal-contrib-2019-019 | 2019-02-20T17:37:45.000Z | 2023-08-11T18:53:47.000Z | |
| drupal-contrib-2019-014 | 2019-02-06T18:13:19.000Z | 2023-08-11T19:23:01.000Z | |
| drupal-contrib-2019-013 | 2019-02-06T17:36:06.000Z | 2023-08-11T19:22:41.000Z | |
| drupal-contrib-2019-010 | 2019-01-23T18:22:41.000Z | 2023-08-11T19:00:18.000Z | |
| drupal-contrib-2019-004 | 2019-01-23T17:01:58.000Z | 2023-08-11T19:25:48.000Z | |
| drupal-contrib-2018-081 | 2018-12-19T17:53:49.000Z | 2023-08-11T21:10:49.000Z | |
| drupal-contrib-2018-078 | 2018-12-05T19:24:02.000Z | 2023-08-11T21:09:51.000Z | |
| drupal-contrib-2018-074 | 2018-11-28T17:32:56.000Z | 2023-08-11T21:15:17.000Z | |
| drupal-contrib-2018-073 | 2018-10-31T17:53:57.000Z | 2023-08-11T21:14:25.000Z | |
| drupal-contrib-2018-071 | 2018-10-31T14:59:17.000Z | 2023-08-11T21:13:17.000Z | |
| drupal-contrib-2018-067 | 2018-10-17T16:29:08.000Z | 2023-08-11T21:21:48.000Z | |
| drupal-contrib-2018-059 | 2018-09-05T17:22:50.000Z | 2023-08-11T21:18:37.000Z | |
| drupal-contrib-2018-057 | 2018-08-29T16:26:33.000Z | 2023-08-11T21:25:35.000Z | |
| drupal-contrib-2018-055 | 2018-08-08T17:14:32.000Z | 2023-08-11T21:24:54.000Z | |
| drupal-contrib-2018-040 | 2018-06-06T13:05:27.000Z | 2023-08-11T21:31:17.000Z | |
| drupal-contrib-2018-039 | 2018-06-06T13:01:46.000Z | 2023-08-11T21:29:11.000Z | |
| drupal-contrib-2018-038 | 2018-06-06T12:58:31.000Z | 2023-08-11T21:28:55.000Z | |
| drupal-contrib-2018-027 | 2018-05-09T20:28:16.000Z | 2023-08-11T21:40:01.000Z | |
| drupal-contrib-2018-025 | 2018-05-09T14:16:32.000Z | 2023-08-11T21:39:24.000Z | |
| drupal-contrib-2018-021 | 2018-04-25T17:43:28.000Z | 2023-08-11T21:38:48.000Z | |
| drupal-contrib-2018-022 | 2018-04-25T17:37:20.000Z | 2023-08-11T21:38:26.000Z | |
| drupal-contrib-2018-018 | 2018-04-18T15:45:18.000Z | 2023-08-11T21:35:30.000Z | |
| drupal-contrib-2018-017 | 2018-03-21T17:05:41.000Z | 2023-08-11T21:44:22.000Z | |
| drupal-contrib-2018-016 | 2018-03-21T16:59:32.000Z | 2023-08-11T21:44:04.000Z | |
| drupal-contrib-2018-015 | 2018-02-21T20:12:22.000Z | 2023-08-11T21:43:40.000Z | |
| drupal-contrib-2018-014 | 2018-02-21T19:04:59.000Z | 2023-08-11T21:43:18.000Z | |
| drupal-contrib-2018-008 | 2018-02-07T18:45:12.000Z | 2023-08-11T21:41:56.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0036 | Multiples vulnérabilités dans Suricata | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0035 | Multiples vulnérabilités dans les produits Fortinet | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0034 | Multiples vulnérabilités dans les produits SAP | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0033 | Multiples vulnérabilités dans les produits Schneider Electric | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0032 | Multiples vulnérabilités dans les produits Siemens | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0031 | Vulnérabilité dans le greffon VSCode pour Spring CLI | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0030 | Vulnérabilité dans MISP | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0029 | Multiples vulnérabilités dans VMware Tanzu Gemfire | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0028 | Multiples vulnérabilités dans MariaDB | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0027 | Vulnérabilité dans NetApp ONTAP | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0026 | Vulnérabilité dans Google Pixel | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0025 | Vulnérabilité dans Microsoft Edge | 2026-01-12T00:00:00.000000 | 2026-01-12T00:00:00.000000 |
| certfr-2026-avi-0024 | Multiples vulnérabilités dans VMware Tanzu Greenplum Backup and Restore | 2026-01-12T00:00:00.000000 | 2026-01-12T00:00:00.000000 |
| certfr-2026-avi-0023 | Multiples vulnérabilités dans les produits Axis | 2026-01-12T00:00:00.000000 | 2026-01-12T00:00:00.000000 |
| certfr-2026-avi-0022 | Multiples vulnérabilités dans les produits Microsoft | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0021 | Vulnérabilité dans Microsoft Edge | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0020 | Multiples vulnérabilités dans les produits IBM | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0019 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0018 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0017 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0016 | Vulnérabilité dans les produits Moxa | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0015 | Multiples vulnérabilités dans les produits Centreon | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0014 | Multiples vulnérabilités dans GitLab | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0013 | Vulnérabilité dans Tenable Nessus Agent | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0012 | Multiples vulnérabilités dans Trend Micro Apex Central | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0011 | Vulnérabilité dans Google Android | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0010 | Multiples vulnérabilités dans Curl | 2026-01-07T00:00:00.000000 | 2026-01-07T00:00:00.000000 |
| certfr-2026-avi-0009 | Vulnérabilité dans Google Chrome | 2026-01-07T00:00:00.000000 | 2026-01-07T00:00:00.000000 |
| certfr-2026-avi-0008 | Multiples vulnérabilités dans Joomla! | 2026-01-07T00:00:00.000000 | 2026-01-07T00:00:00.000000 |
| certfr-2026-avi-0007 | Vulnérabilité dans Stormshield Network Security | 2026-01-06T00:00:00.000000 | 2026-01-06T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-017175 | Proscend Communications M330-W and M330-W5 vulnerable to OS command injection | 2024-04-16T14:30+09:00 | 2024-04-16T14:30+09:00 |
| jvndb-2024-000040 | Multiple vulnerabilities in BUFFALO wireless LAN routers | 2024-04-15T16:29+09:00 | 2024-04-15T16:29+09:00 |
| jvndb-2024-000039 | Multiple vulnerabilities in a-blog cms | 2024-04-10T13:55+09:00 | 2024-04-10T13:55+09:00 |
| jvndb-2024-000038 | Multiple vulnerabilities in WordPress Plugin "Ninja Forms" | 2024-04-08T13:44+09:00 | 2024-04-08T13:44+09:00 |
| jvndb-2024-003068 | Multiple vulnerabilities in Cente middleware | 2024-04-05T15:36+09:00 | 2024-09-24T15:00+09:00 |
| jvndb-2024-000037 | Multiple vulnerabilities in NEC Aterm series | 2024-04-05T14:53+09:00 | 2024-04-05T14:53+09:00 |
| jvndb-2024-003067 | Multiple vulnerabilities in PLANEX COMMUNICATIONS wireless LAN routers | 2024-04-05T14:17+09:00 | 2024-04-05T14:17+09:00 |
| jvndb-2024-003051 | FURUNO SYSTEMS Managed Switch ACERA 9010 running in non MS mode with the initial configuration has no password | 2024-04-02T18:03+09:00 | 2024-04-02T18:03+09:00 |
| jvndb-2024-003050 | KEYENCE VT STUDIO may insecurely load Dynamic Link Libraries | 2024-04-01T14:44+09:00 | 2024-04-01T14:44+09:00 |
| jvndb-2024-003049 | Multiple vulnerabilities in KEYENCE KV STUDIO, KV REPLAY VIEWER, and VT5-WX15/WX12 | 2024-04-01T12:31+09:00 | 2024-09-25T13:51+09:00 |
| jvndb-2024-000036 | "Yahoo! JAPAN" App vulnerable to cross-site scripting | 2024-03-29T13:28+09:00 | 2024-03-29T13:28+09:00 |
| jvndb-2024-003047 | SEEnergy SVR-116 vulnerable to OS command injection | 2024-03-28T11:38+09:00 | 2024-03-28T11:38+09:00 |
| jvndb-2024-003026 | Security information for Hitachi Disk Array Systems | 2024-03-27T15:52+09:00 | 2024-03-27T15:52+09:00 |
| jvndb-2024-000035 | Multiple vulnerabilities in WordPress Plugin "Survey Maker" | 2024-03-27T14:48+09:00 | 2024-03-27T14:48+09:00 |
| jvndb-2024-000034 | SonicDICOM Media Viewer may insecurely load Dynamic Link Libraries | 2024-03-27T14:31+09:00 | 2024-03-27T14:31+09:00 |
| jvndb-2024-003025 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2024-03-27T14:26+09:00 | 2024-11-27T14:34+09:00 |
| jvndb-2024-000905 | Mini Thread vulnerable to cross-site scripting | 2024-03-26T17:43+09:00 | 2024-03-26T17:43+09:00 |
| jvndb-2024-000906 | ffBull vulnerable to OS command injection | 2024-03-26T16:07+09:00 | 2024-03-26T16:07+09:00 |
| jvndb-2024-000900 | "EasyRange" may insecurely load executable files | 2024-03-26T15:50+09:00 | 2024-03-26T15:50+09:00 |
| jvndb-2024-000907 | 0ch BBS Script (0ch) vulnerable to cross-site scripting | 2024-03-26T15:35+09:00 | 2024-03-26T15:35+09:00 |
| jvndb-2024-000902 | TvRock vulnerable to cross-site scripting | 2024-03-26T14:27+09:00 | 2024-03-26T14:27+09:00 |
| jvndb-2024-000904 | WebProxy vulnerable to OS command injection | 2024-03-26T14:19+09:00 | 2024-03-26T14:19+09:00 |
| jvndb-2023-025113 | BUFFALO LinkStation 200 series vulnerable to arbitrary code execution | 2024-03-25T18:16+09:00 | 2024-03-25T18:16+09:00 |
| jvndb-2024-003016 | Multiple vulnerabilities in home gateway HGW BL1500HM | 2024-03-25T17:28+09:00 | 2025-03-28T12:01+09:00 |
| jvndb-2024-000033 | WordPress Plugin "easy-popup-show" vulnerable to cross-site request forgery | 2024-03-25T13:31+09:00 | 2024-03-25T13:31+09:00 |
| jvndb-2024-003008 | Sangoma Technologies CG/MG family driver cg6kwin2k.sys vulnerable to insufficient access control on its IOCTL | 2024-03-22T13:50+09:00 | 2024-04-24T11:45+09:00 |
| jvndb-2024-000032 | Multiple vulnerabilities in FitNesse | 2024-03-18T14:08+09:00 | 2024-03-19T11:02+09:00 |
| jvndb-2024-000031 | "ABEMA" App for Android fails to restrict access permissions | 2024-03-15T16:37+09:00 | 2024-03-15T16:37+09:00 |
| jvndb-2024-002961 | Information Exposure Vulnerability in Cosminexus Component Container | 2024-03-13T12:10+09:00 | 2024-03-13T12:10+09:00 |
| jvndb-2024-000030 | a-blog cms vulnerable to directory traversal | 2024-03-08T15:27+09:00 | 2024-03-08T15:27+09:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-14972 | Chamilo import.php文件操作系统命令注入漏洞 | 2026-03-09 | 2026-03-26 |
| cnvd-2026-14971 | Chamilo editinstance.php文件操作系统命令注入漏洞 | 2026-03-09 | 2026-03-26 |
| cnvd-2026-14970 | Chamilo CSV文件名跨站脚本漏洞 | 2026-03-09 | 2026-03-26 |
| cnvd-2026-14652 | Google Android存在未明漏洞(CNVD-2026-14652 | 2026-03-09 | 2026-03-24 |
| cnvd-2026-14651 | Google Android存在未明漏洞(CNVD-2026-14651) | 2026-03-09 | 2026-03-24 |
| cnvd-2026-14650 | Google Android权限提升漏洞(CNVD-2026-14650) | 2026-03-09 | 2026-03-24 |
| cnvd-2026-14649 | Google Android权限提升漏洞(CNVD-2026-14649) | 2026-03-09 | 2026-03-24 |
| cnvd-2026-14648 | Google Android存在未明漏洞(CNVD-2026-14648) | 2026-03-09 | 2026-03-24 |
| cnvd-2026-14647 | Google Android拒绝服务漏洞(CNVD-2026-14647) | 2026-03-09 | 2026-03-24 |
| cnvd-2026-14646 | Google Android存在未明漏洞(CNVD-2026-14646) | 2026-03-09 | 2026-03-24 |
| cnvd-2026-14645 | Google Android存在未明漏洞(CNVD-2026-14645) | 2026-03-09 | 2026-03-24 |
| cnvd-2026-14644 | Google Android权限提升漏洞(CNVD-2026-14644) | 2026-03-09 | 2026-03-24 |
| cnvd-2026-14643 | Google Android访问控制错误漏洞(CNVD-2026-14643) | 2026-03-09 | 2026-03-24 |
| cnvd-2026-13797 | Google Chrome Skia整数溢出漏洞(CNVD-2026-13797) | 2026-03-09 | 2026-03-16 |
| cnvd-2026-13796 | Google Chrome DevTools堆破坏漏洞 | 2026-03-09 | 2026-03-16 |
| cnvd-2026-13795 | Google Chrome WebAudio内存越界访问漏洞 | 2026-03-09 | 2026-03-16 |
| cnvd-2026-13794 | Google Chrome CSS内存越界读漏洞 | 2026-03-09 | 2026-03-16 |
| cnvd-2026-13793 | Google Chrome WebAssembly内存越界访问漏洞 | 2026-03-09 | 2026-03-16 |
| cnvd-2026-13792 | Google Chrome V8内存越界访问漏洞(CNVD-2026-13792) | 2026-03-09 | 2026-03-16 |
| cnvd-2026-13791 | Google Chrome WebCodecs堆溢出漏洞 | 2026-03-09 | 2026-03-16 |
| cnvd-2026-13790 | Google Android权限提升漏洞(CNVD-2026-13790) | 2026-03-09 | 2026-03-16 |
| cnvd-2026-13782 | IBM InfoSphere Information Server日志信息泄露漏洞 | 2026-03-09 | 2026-03-16 |
| cnvd-2026-13582 | Gradio信任管理问题漏洞 | 2026-03-09 | 2026-03-12 |
| cnvd-2026-13538 | FreeRDP freerdp_image_copy_from_icon_data函数缓冲区溢出漏洞 | 2026-03-09 | 2026-03-12 |
| cnvd-2026-13257 | Chamilo index.php文件SQL注入漏洞 | 2026-03-09 | 2026-03-10 |
| cnvd-2026-13256 | Chamilo hotpotatoes.php文件SQL注入漏洞 | 2026-03-09 | 2026-03-10 |
| cnvd-2026-13255 | Chamilo copy_course_session_selected.php文件SQL注入漏洞 | 2026-03-09 | 2026-03-10 |
| cnvd-2026-13254 | Chamilo check_parse_lang.php文件操作系统命令注入漏洞 | 2026-03-09 | 2026-03-10 |
| cnvd-2026-13253 | Chamilo add_users_to_session.php文件跨站脚本漏洞 | 2026-03-09 | 2026-03-10 |
| cnvd-2026-13252 | Apache Superset安全绕过漏洞(CNVD-2026-13252) | 2026-03-09 | 2026-03-10 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01273 | Уязвимость функции smb2_reconnect_server() модуля fs/smb/client/smb2pdu.c поддержки клие… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01272 | Уязвимость функции amd_iommu_report_page_fault() модуля drivers/iommu/amd/iommu.c драйвер… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01271 | Уязвимость функции parse_features() модуля drivers/md/dm-flakey.c драйвера нескольких уст… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01270 | Уязвимость функции mt7921_usb_sdio_tx_prepare_skb() модуля drivers/net/wireless/mediatek/… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01269 | Уязвимость функции txBegin() модуля fs/jfs/jfs_txnmgr.c файловой системы JFS ядра операци… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01268 | Уязвимость функции btracker_destroy() модуля drivers/md/dm-cache-background-tracker.c дра… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01267 | Уязвимость функции usbtmc_ioctl_request() модуля drivers/usb/class/usbtmc.c драйвера устр… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01266 | Уязвимость функции brcmf_set_pmk() модуля drivers/net/wireless/broadcom/brcm80211/brcmfma… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01265 | Уязвимость функции nfs_set_pgio_error() модуля fs/nfs/pagelist.c поддержки клиентов NFS я… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01264 | Уязвимость функции alloc_event_waiters() модуля drivers/gpu/drm/amd/amdkfd/kfd_events.c д… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01263 | Уязвимость функции vmbus_bus_init() модуля drivers/hv/vmbus_drv.c драйвера поддержки гост… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01262 | Уязвимость функции longhaul_exit() модуля drivers/cpufreq/longhaul.c драйвера масштабиров… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01261 | Уязвимость функции dcn401_init_hw() модуля drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01260 | Уязвимость функции hci_conn_complete_evt() модуля net/bluetooth/hci_event.c ядра операцио… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01259 | Уязвимость функции binder_inc_ref_for_node() модуля drivers/android/binder.c драйвера свя… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01258 | Уязвимость функции pm8001_chip_fw_flash_update_req() модуля drivers/scsi/pm8001/pm8001_hw… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01257 | Уязвимость функции interrupt_preinit_v3_hw() модуля drivers/scsi/hisi_sas/hisi_sas_v3_hw.… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01256 | Уязвимость функции ill_acc_of_setup() модуля arch/mips/ralink/ill_acc.c поддержки архитек… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01255 | Уязвимость функции gc_worker_can_early_drop() модуля net/netfilter/nf_conntrack_core.c ко… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01254 | Уязвимость функции _nfs42_proc_copy_notify() модуля fs/nfs/nfs42proc.c поддержки клиентов… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01253 | Уязвимость функций init() и fini() модуля drivers/char/virtio_console.c драйвера поддержк… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01252 | Уязвимость функции ext4_bmap() модуля fs/ext4/inode.c файловой системы Ext4 ядра операцио… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01251 | Уязвимость функции exfat_find() модуля fs/exfat/namei.c файловой системы exFAT ядра опера… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01250 | Уязвимость функции virtio_net_hdr_to_skb() модуля include/linux/virtio_net.h ядра операци… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01249 | Уязвимость функции asm () модуля kernel/kheaders.c ядра операционной системы Linux, позво… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01248 | Уязвимость функции ffa_device_remove() модуля drivers/firmware/arm_ffa/bus.c драйвера про… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01247 | Уязвимость функции batch_clear_carry() модуля drivers/iommu/iommufd/pages.c драйвера IOMM… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01246 | Уязвимость функции ext4_xattr_move_to_block() модуля fs/ext4/xattr.c файловой системы Ext… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01245 | Уязвимость функции ssif_info_find() модуля drivers/char/ipmi/ipmi_ssif.c драйвера алфавит… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01244 | Уязвимость функции gl861_i2c_master_xfer() модуля drivers/media/usb/dvb-usb-v2/gl861.c д… | 05.02.2026 | 05.02.2026 |
| ID | Description | Updated |
|---|---|---|
| var-201404-0008 | Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, whe… | 2026-04-10T22:27:06.313000Z |
| var-201905-1248 | Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some m… | 2026-04-10T22:26:34.407000Z |
| var-201006-1234 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X… | 2026-04-10T22:25:51.487000Z |
| var-201206-0057 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … | 2026-04-10T22:25:20.504000Z |
| var-201410-0371 | Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows… | 2026-04-10T22:25:18.596000Z |
| var-201404-0398 | Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 an… | 2026-04-10T22:25:18.133000Z |
| var-201408-0090 | The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0… | 2026-04-10T22:25:17.543000Z |
| var-200704-0737 | Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont bef… | 2026-04-10T22:24:43.941000Z |
| var-201506-0266 | Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc… | 2026-04-10T22:24:42.782000Z |
| var-200510-0005 | Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Mic… | 2026-04-10T22:24:42.611000Z |
| var-201412-0613 | Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers … | 2026-04-10T22:24:42.274000Z |
| var-201804-1149 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari be… | 2026-04-10T22:24:41.926000Z |
| var-200701-0320 | The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other … | 2026-04-10T22:24:41.226000Z |
| var-202105-1460 | A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a… | 2026-04-10T22:24:40.883000Z |
| var-201710-1405 | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari befo… | 2026-04-10T22:24:09.050000Z |
| var-200810-0137 | Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remo… | 2026-04-10T22:23:36.809000Z |
| var-202206-1106 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an… | 2026-04-10T22:23:32.258000Z |
| var-201911-1410 | Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/mar… | 2026-04-10T22:23:32.169000Z |
| var-200703-0025 | The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not suffici… | 2026-04-10T22:23:31.574000Z |
| var-202004-0983 | Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager… | 2026-04-10T22:22:15.365000Z |
| var-201912-0128 | A logic issue was addressed with improved state management. This issue is fixed in watchO… | 2026-04-10T22:22:08.943000Z |
| var-201707-1197 | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari … | 2026-04-10T22:22:08.028000Z |
| var-201506-0267 | PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon … | 2026-04-10T22:22:06.515000Z |
| var-201902-0192 | If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (… | 2026-04-10T22:22:06.256000Z |
| var-201806-0859 | Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the L… | 2026-04-10T22:22:05.910000Z |
| var-201210-0456 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … | 2026-04-10T22:22:04.781000Z |
| var-201606-0329 | Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/us… | 2026-04-10T22:22:03.220000Z |
| var-200703-0017 | Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted a… | 2026-04-10T22:22:02.998000Z |
| var-202006-0391 | The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the… | 2026-04-10T22:22:02.011000Z |
| var-202002-1478 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2026-04-10T22:21:30.342000Z |