Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-14837 |
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
|
ZZCMS Backend Website Settings siteconfig.php stripfxg… |
n/a |
ZZCMS |
2025-12-17T23:32:07.466Z | 2026-02-24T05:53:14.358Z |
| CVE-2025-14836 |
5.1 (4.0)
2.7 (3.1)
2.7 (3.0)
|
ZZCMS User Data Storage user_save.php cleartext storag… |
n/a |
ZZCMS |
2025-12-17T23:02:09.511Z | 2026-02-24T05:52:59.387Z |
| CVE-2025-14834 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
code-projects Simple Stock System checkuser.php sql in… |
code-projects |
Simple Stock System |
2025-12-17T23:02:05.789Z | 2026-02-24T05:52:43.393Z |
| CVE-2025-14694 |
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
|
ketr JEPaaS readAllPostil sql injection |
ketr |
JEPaaS |
2025-12-15T00:32:06.939Z | 2026-02-24T05:52:18.612Z |
| CVE-2025-14674 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
aizuda snail-job QLExpressEngine.java QLExpressEngine.… |
aizuda |
snail-job |
2025-12-14T18:02:14.475Z | 2026-02-24T05:52:05.136Z |
| CVE-2025-14673 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
gmg137 snap7-rs client.rs as_ct_write heap-based overflow |
gmg137 |
snap7-rs |
2025-12-14T17:32:10.600Z | 2026-02-24T05:51:39.225Z |
| CVE-2025-14672 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
gmg137 snap7-rs s7_micro_client.cpp opWriteArea heap-b… |
gmg137 |
snap7-rs |
2025-12-14T17:02:10.962Z | 2026-02-24T05:51:18.746Z |
| CVE-2025-14668 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
campcodes Advanced Online Examination System loginExe.… |
campcodes |
Advanced Online Examination System |
2025-12-14T16:32:07.839Z | 2026-02-24T05:50:59.131Z |
| CVE-2025-14665 |
9.3 (4.0)
9.8 (3.1)
9.8 (3.0)
|
Tenda WH450 HTTP Request DhcpListClient stack-based overflow |
Tenda |
WH450 |
2025-12-14T15:02:09.088Z | 2026-02-24T05:50:47.189Z |
| CVE-2025-14664 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Campcodes Supplier Management System view_unit.php sql… |
Campcodes |
Supplier Management System |
2025-12-14T14:32:06.530Z | 2026-02-24T05:50:32.334Z |
| CVE-2025-14656 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda AC20 openSchedWifi httpd buffer overflow |
Tenda |
AC20 |
2025-12-14T11:02:07.310Z | 2026-02-24T05:50:18.678Z |
| CVE-2025-14655 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda AC20 httpd SetSysAutoRebbotCfg formSetRebootTime… |
Tenda |
AC20 |
2025-12-14T10:32:08.489Z | 2026-02-24T05:50:00.913Z |
| CVE-2025-14654 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda AC20 httpd setPptpUserList formSetPPTPUserList s… |
Tenda |
AC20 |
2025-12-14T10:02:08.467Z | 2026-02-24T05:49:45.643Z |
| CVE-2025-14648 |
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
|
DedeBIZ catalog_add.php command injection |
n/a |
DedeBIZ |
2025-12-14T07:02:06.834Z | 2026-02-24T05:49:31.862Z |
| CVE-2025-14636 |
6.3 (4.0)
3.7 (3.1)
3.7 (3.0)
|
Tenda AX9 httpd image_check weak hash |
Tenda |
AX9 |
2025-12-13T19:02:08.025Z | 2026-02-24T05:49:20.379Z |
| CVE-2025-14607 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
OFFIS DCMTK dcmdata dcbytstr.cc makeDicomByteString me… |
OFFIS |
DCMTK |
2025-12-13T13:02:07.302Z | 2026-02-24T05:49:06.961Z |
| CVE-2025-14590 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
code-projects Prison Management System search1.php sql… |
code-projects |
Prison Management System |
2025-12-13T12:02:06.694Z | 2026-02-24T05:48:52.571Z |
| CVE-2025-14589 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
code-projects Prison Management System search.php sql … |
code-projects |
Prison Management System |
2025-12-13T10:32:07.091Z | 2026-02-24T05:48:41.011Z |
| CVE-2025-14586 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
TOTOLINK X5000R cstecgi.cgi snprintf os command injection |
TOTOLINK |
X5000R |
2025-12-13T06:32:10.624Z | 2026-02-24T05:48:28.365Z |
| CVE-2025-14583 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
campcodes Online Student Enrollment System register.ph… |
campcodes |
Online Student Enrollment System |
2025-12-12T22:02:09.974Z | 2026-02-24T05:48:12.459Z |
| CVE-2025-68675 |
N/A
|
Apache Airflow: proxy credentials for various provider… |
Apache Software Foundation |
Apache Airflow |
2026-01-16T10:23:25.946Z | 2026-02-24T05:48:05.537Z |
| CVE-2025-14582 |
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
|
campcodes Online Student Enrollment System index.php u… |
campcodes |
Online Student Enrollment System |
2025-12-12T22:02:07.303Z | 2026-02-24T05:48:00.344Z |
| CVE-2025-14580 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
Qualitor viewDocumento.php cross site scripting |
n/a |
Qualitor |
2025-12-12T20:32:06.152Z | 2026-02-24T05:47:47.304Z |
| CVE-2025-14571 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
projectworlds Advanced Library Management System borro… |
projectworlds |
Advanced Library Management System |
2025-12-12T18:32:08.515Z | 2026-02-24T05:47:34.209Z |
| CVE-2025-14570 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
projectworlds Advanced Library Management System view_… |
projectworlds |
Advanced Library Management System |
2025-12-12T18:32:06.354Z | 2026-02-24T05:47:22.939Z |
| CVE-2025-14566 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
kidaze CourseSelectionSystem reg.php sql injection |
kidaze |
CourseSelectionSystem |
2025-12-12T15:32:08.420Z | 2026-02-24T05:47:11.578Z |
| CVE-2025-14565 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
kidaze CourseSelectionSystem login1.php sql injection |
kidaze |
CourseSelectionSystem |
2025-12-12T15:32:06.269Z | 2026-02-24T05:46:58.180Z |
| CVE-2025-14529 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Campcodes Retro Basketball Shoes Online Store admin_ru… |
Campcodes |
Retro Basketball Shoes Online Store |
2025-12-11T17:32:06.928Z | 2026-02-24T05:46:46.680Z |
| CVE-2025-14527 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
projectworlds Advanced Library Management System view_… |
projectworlds |
Advanced Library Management System |
2025-12-11T17:02:09.729Z | 2026-02-24T05:46:32.987Z |
| CVE-2025-14526 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda CH22 L7Im frmL7ImForm buffer overflow |
Tenda |
CH22 |
2025-12-11T16:32:09.328Z | 2026-02-24T05:46:21.260Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-56807 |
1.7 (4.0)
|
Media Streaming add-on |
QNAP Systems Inc. |
Media Streaming add-on |
2026-02-11T12:20:14.724Z | 2026-02-11T14:23:50.298Z |
| CVE-2024-56808 |
2 (4.0)
|
Media Streaming add-on |
QNAP Systems Inc. |
Media Streaming add-on |
2026-02-11T12:20:08.765Z | 2026-02-11T14:27:11.982Z |
| CVE-2025-20360 |
5.8 (3.1)
|
Multiple Cisco Products Snort 3 MIME Denial of Service… |
Cisco |
Cisco Cyber Vision |
2025-10-15T16:19:46.840Z | 2026-02-12T18:57:32.487Z |
| CVE-2025-13379 |
8.6 (3.1)
|
A SQL Injection vulnerability has been addressed in IB… |
IBM |
Aspera Console |
2026-02-05T13:30:04.998Z | 2026-02-26T15:04:18.212Z |
| CVE-2026-21348 |
5.5 (3.1)
|
Substance3D - Modeler | Out-of-bounds Read (CWE-125) |
Adobe |
Substance3D - Modeler |
2026-02-10T19:33:36.529Z | 2026-02-10T20:07:58.148Z |
| CVE-2026-24300 |
9.8 (3.1)
|
Azure Front Door Elevation of Privilege Vulnerability |
Microsoft |
Azure Front Door |
2026-02-05T22:13:25.676Z | 2026-02-27T20:09:34.999Z |
| CVE-2025-13096 |
7.1 (3.1)
|
XML eXternal Entity injection (XXE) vulnerability affe… |
IBM |
Business Automation Workflow containers |
2026-02-02T20:56:48.318Z | 2026-02-03T15:39:59.140Z |
| CVE-2026-21532 |
8.2 (3.1)
|
Azure Function Information Disclosure Vulnerability |
Microsoft |
Azure Functions |
2026-02-05T22:13:24.102Z | 2026-02-27T20:09:36.248Z |
| CVE-2026-24302 |
8.6 (3.1)
|
Azure Arc Elevation of Privilege Vulnerability |
Microsoft |
Azure ARC |
2026-02-05T22:13:22.975Z | 2026-02-27T20:09:35.605Z |
| CVE-2026-20960 |
8 (3.1)
|
PowerApps Desktop Client Remote Code Execution Vulnerability |
Microsoft |
Microsoft Power Apps Desktop Client |
2026-01-16T21:28:10.895Z | 2026-02-22T17:01:25.756Z |
| CVE-2020-37113 |
8.7 (4.0)
8.8 (3.1)
|
GUnet OpenEclass 1.7.3 E-learning platform - File Uplo… |
Openeclass |
GUnet OpenEclass |
2026-02-03T16:52:45.772Z | 2026-02-06T19:30:43.252Z |
| CVE-2020-37112 |
7.1 (4.0)
7.1 (3.1)
|
GUnet OpenEclass 1.7.3 E-learning platform - 'month' S… |
Openeclass |
GUnet OpenEclass |
2026-02-03T16:52:45.252Z | 2026-02-06T19:33:46.212Z |
| CVE-2026-20666 |
5.5 (3.1)
|
An authorization issue was addressed with improve… |
Apple |
macOS |
2026-02-11T22:58:08.903Z | 2026-02-12T16:56:56.899Z |
| CVE-2025-70997 |
8.1 (3.1)
|
A vulnerability has been discovered in eladmin v2… |
n/a |
n/a |
2026-02-04T00:00:00.000Z | 2026-02-12T17:10:58.510Z |
| CVE-2024-36355 |
7 (4.0)
|
Improper input validation in the SMM handler coul… |
AMD |
AMD EPYC™ 9004 Series Processors |
2026-02-10T19:28:04.884Z | 2026-02-26T14:44:29.203Z |
| CVE-2026-24881 |
8.1 (3.1)
|
In GnuPG before 2.5.17, a crafted CMS (S/MIME) En… |
GnuPG |
GnuPG |
2026-01-27T18:36:56.727Z | 2026-01-27T20:08:54.449Z |
| CVE-2025-55705 |
7.3 (3.1)
|
EVMAPA Insufficient Session Expiration |
EVMAPA |
EVMAPA |
2026-01-22T22:32:48.138Z | 2026-01-23T20:10:44.688Z |
| CVE-2025-67399 |
4.6 (3.1)
|
An issue in AIRTH SMART HOME AQI MONITOR Bootload… |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T16:09:43.888Z |
| CVE-2025-15464 |
7.5 (3.1)
|
KL-001-2026-01: yintibao Fun Print Mobile Unauthorized… |
yintibao |
Fun Print Mobile |
2026-01-08T21:01:31.240Z | 2026-01-08T23:04:12.554Z |
| CVE-2026-22710 |
2.3 (4.0)
|
Stored XSS through autocomment system messages in Wikibase |
The Wikimedia Foundation |
Mediawiki - Wikibase Extension |
2026-01-08T23:48:51.645Z | 2026-01-09T19:16:54.193Z |
| CVE-2026-22712 |
2.3 (4.0)
|
ApprovedRevs allows bypassing the inline CSS sanitizer |
The Wikimedia Foundation |
Mediawiki - ApprovedRevs Extension |
2026-01-09T00:06:22.430Z | 2026-01-09T19:15:28.083Z |
| CVE-2026-22713 |
2.3 (4.0)
|
Stored XSS through edit summaries in GrowthExperiments |
The Wikimedia Foundation |
Mediawiki - GrowthExperiments Extension |
2026-01-09T00:00:57.596Z | 2026-01-09T19:17:27.530Z |
| CVE-2025-64091 |
8.6 (3.1)
|
Authenticated Remote Code Execution in the NTP-configuration |
Zenitel |
TCIS-3+ |
2026-01-09T10:00:45.414Z | 2026-01-09T17:57:30.485Z |
| CVE-2025-64090 |
10 (3.1)
|
Authenticated Remote Code Execution in device hostname |
Zenitel |
TCIS-3+ |
2026-01-09T09:59:58.839Z | 2026-01-09T18:01:00.742Z |
| CVE-2025-64092 |
7.5 (3.1)
|
Unauthenticated SQL injection via GET request parameters |
Zenitel |
ICX500 |
2026-01-09T10:03:49.853Z | 2026-01-09T17:59:17.924Z |
| CVE-2026-0405 |
6.1 (4.0)
|
Authentication Bypass in NETGEAR Orbi Devices |
NETGEAR |
RBE970 |
2026-01-13T16:00:48.296Z | 2026-02-26T15:04:44.730Z |
| CVE-2025-10878 |
10 (3.1)
|
A SQL injection vulnerability exists in the login… |
Insaat |
Fikir Odalari AdminPando |
2026-02-03T00:00:00.000Z | 2026-02-04T16:09:29.359Z |
| CVE-2026-0404 |
4.8 (4.0)
|
Insufficient input validation in NETGEAR Orbi routers |
NETGEAR |
RBRE960 |
2026-01-13T16:01:14.944Z | 2026-02-26T15:04:43.482Z |
| CVE-2026-21218 |
7.5 (3.1)
|
.NET Spoofing Vulnerability |
Microsoft |
.NET 10.0 |
2026-02-10T17:51:23.973Z | 2026-02-27T20:09:30.425Z |
| CVE-2025-70073 |
7.2 (3.1)
|
An issue in ChestnutCMS v.1.5.8 and before allows… |
n/a |
n/a |
2026-02-05T00:00:00.000Z | 2026-02-09T14:53:39.778Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-22713 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-01-09T00:15:46.000 | 2026-02-12T17:47:31.803 |
| fkie_cve-2025-64091 | This vulnerability allows authenticated attackers to execute commands via the NTP-configuration of … | 2026-01-09T10:15:46.627 | 2026-02-12T17:45:46.487 |
| fkie_cve-2025-64090 | This vulnerability allows authenticated attackers to execute commands via the hostname of the device. | 2026-01-09T10:15:46.480 | 2026-02-12T17:45:04.993 |
| fkie_cve-2025-64092 | This vulnerability allows unauthenticated attackers to inject an SQL request into GET request param… | 2026-01-09T10:15:46.750 | 2026-02-12T17:42:53.230 |
| fkie_cve-2026-0405 | An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local… | 2026-01-13T16:16:10.513 | 2026-02-12T17:40:40.530 |
| fkie_cve-2025-10878 | A SQL injection vulnerability exists in the login functionality of Fikir Odalari AdminPando 1.0.1 b… | 2026-02-03T20:15:55.837 | 2026-02-12T17:37:05.497 |
| fkie_cve-2026-0404 | An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allow… | 2026-01-13T16:16:10.343 | 2026-02-12T17:36:09.760 |
| fkie_cve-2026-21218 | Improper handling of missing special element in .NET allows an unauthorized attacker to perform spo… | 2026-02-10T18:16:22.967 | 2026-02-12T17:35:25.617 |
| fkie_cve-2025-70073 | An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via t… | 2026-02-05T18:16:10.953 | 2026-02-12T17:30:51.007 |
| fkie_cve-2025-13295 | Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER all… | 2025-12-02T14:16:22.677 | 2026-02-12T17:30:16.837 |
| fkie_cve-2025-12131 | A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service. | 2026-02-05T20:15:52.130 | 2026-02-12T17:30:02.280 |
| fkie_cve-2026-24307 | Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to d… | 2026-01-22T23:15:59.003 | 2026-02-12T17:29:54.847 |
| fkie_cve-2026-1964 | A vulnerability was determined in WeKan up to 8.20. This impacts an unknown function of the file mo… | 2026-02-05T22:15:53.713 | 2026-02-12T17:29:49.317 |
| fkie_cve-2026-1962 | A vulnerability has been found in WeKan up to 8.20. The impacted element is an unknown function of … | 2026-02-05T21:15:52.987 | 2026-02-12T17:29:38.423 |
| fkie_cve-2025-15557 | An Improper Certificate Validation vulnerability in TP-Link Tapo H100 v1 and Tapo P100 v1 allows an… | 2026-02-05T18:16:09.750 | 2026-02-12T17:29:30.100 |
| fkie_cve-2026-24304 | Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileg… | 2026-01-23T02:15:55.547 | 2026-02-12T17:23:04.043 |
| fkie_cve-2025-30398 | Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information… | 2025-11-11T18:15:35.107 | 2026-02-12T17:20:07.333 |
| fkie_cve-2026-21508 | Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally. | 2026-02-10T18:16:33.003 | 2026-02-12T17:19:52.533 |
| fkie_cve-2025-43914 | Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 … | 2025-10-07T18:16:00.000 | 2026-02-12T17:14:05.740 |
| fkie_cve-2026-26031 | Frappe Learning Management System (LMS) is a learning system that helps users structure their conte… | 2026-02-11T22:15:52.540 | 2026-02-12T17:11:21.400 |
| fkie_cve-2023-53569 | In the Linux kernel, the following vulnerability has been resolved: ext2: Check block size validit… | 2025-10-04T16:15:52.460 | 2026-02-12T17:10:35.287 |
| fkie_cve-2025-59386 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-02-11T13:15:57.540 | 2026-02-12T17:09:24.740 |
| fkie_cve-2025-66274 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-02-11T13:15:58.243 | 2026-02-12T17:08:41.243 |
| fkie_cve-2025-58466 | A use of uninitialized variable vulnerability has been reported to affect several QNAP operating sy… | 2026-02-11T13:15:56.447 | 2026-02-12T17:06:57.050 |
| fkie_cve-2025-66277 | A link following vulnerability has been reported to affect several QNAP operating system versions. … | 2026-02-11T13:15:58.380 | 2026-02-12T17:01:35.340 |
| fkie_cve-2025-52026 | An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the A… | 2026-01-23T21:15:50.813 | 2026-02-12T16:48:21.933 |
| fkie_cve-2026-24128 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top o… | 2026-01-24T00:15:49.007 | 2026-02-12T16:47:29.200 |
| fkie_cve-2025-15551 | The response coming from TP-Link Archer MR200 v5.2, C20 v6, TL-WR850N v3, and TL-WR845N v4 for any … | 2026-02-05T18:16:09.593 | 2026-02-12T16:24:44.087 |
| fkie_cve-2026-2073 | A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknow… | 2026-02-07T04:15:54.083 | 2026-02-12T16:24:08.137 |
| fkie_cve-2026-2083 | A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an un… | 2026-02-07T11:16:06.750 | 2026-02-12T16:22:26.053 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-r7x9-8ph7-w8cg |
6.9 (4.0)
|
Cloudflare Agents SDK has Insecure Direct Object Reference (IDOR) via Header-Based Email Routing | 2026-02-03T18:42:01Z | 2026-02-03T18:42:01Z |
| ghsa-rwmj-c32v-585v |
8.8 (3.1)
|
An arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows a… | 2026-02-03T18:30:46Z | 2026-02-03T18:30:46Z |
| ghsa-w5qr-64rw-ppch |
4.3 (3.1)
5.3 (4.0)
|
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive informati… | 2026-02-03T18:30:45Z | 2026-02-03T18:30:45Z |
| ghsa-jwv7-wwg8-6rjj |
8.2 (3.1)
8.8 (4.0)
|
60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows… | 2026-02-03T18:30:45Z | 2026-02-03T18:30:45Z |
| ghsa-jvr8-79f6-p83g |
6.1 (3.1)
5.1 (4.0)
|
60CycleCMS 2.5.2 contains a cross-site scripting (XSS) vulnerability in news.php that allows attack… | 2026-02-03T18:30:45Z | 2026-02-03T18:30:45Z |
| ghsa-fx56-pxgc-fpm7 |
8.8 (3.1)
8.7 (4.0)
|
GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension restrictions when upload… | 2026-02-03T18:30:45Z | 2026-02-03T18:30:45Z |
| ghsa-cvgp-p3c4-h952 |
7.1 (3.1)
7.1 (4.0)
|
GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated att… | 2026-02-03T18:30:45Z | 2026-02-03T18:30:45Z |
| ghsa-9hrm-54hp-fcpj |
6.5 (3.1)
7.1 (4.0)
|
GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all re… | 2026-02-03T18:30:45Z | 2026-02-03T18:30:45Z |
| ghsa-8xc9-646q-jmv2 |
8.8 (3.1)
8.7 (4.0)
|
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attacke… | 2026-02-03T18:30:45Z | 2026-02-03T18:30:45Z |
| ghsa-7rm5-wh6c-xjgf |
5.5 (3.1)
|
Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended mo… | 2026-02-03T18:30:45Z | 2026-02-03T18:30:45Z |
| ghsa-q8wq-pcxr-7f3j |
7.1 (3.1)
7.1 (4.0)
|
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows au… | 2026-02-03T18:30:44Z | 2026-02-03T18:30:44Z |
| ghsa-mwcw-c9qw-pvc9 |
6.4 (3.1)
5.1 (4.0)
|
DotNetNuke 9.5 contains a persistent cross-site scripting vulnerability that allows normal users to… | 2026-02-03T18:30:44Z | 2026-02-03T18:30:44Z |
| ghsa-h4wj-v9vp-683h |
6.4 (3.1)
5.1 (4.0)
|
Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerability that allows authorized user… | 2026-02-03T18:30:44Z | 2026-02-03T18:30:44Z |
| ghsa-grpw-3qxf-rr2p |
9.6 (3.1)
|
Rapid7 InsightVM versions before 8.34.0 contain a signature verification issue on the Assertion Con… | 2026-02-03T18:30:44Z | 2026-02-03T18:30:44Z |
| ghsa-99wv-4fxc-p8gj |
6.4 (3.1)
5.1 (4.0)
|
Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows a… | 2026-02-03T18:30:44Z | 2026-02-03T18:30:44Z |
| ghsa-6rvh-46hg-f8gv |
7.1 (3.1)
7.1 (4.0)
|
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of product_det… | 2026-02-03T18:30:44Z | 2026-02-03T18:30:44Z |
| ghsa-3fjh-6fwj-4f8v |
6.4 (3.1)
5.1 (4.0)
|
Online Inventory Manager 3.2 contains a stored cross-site scripting vulnerability in the group desc… | 2026-02-03T18:30:44Z | 2026-02-03T18:30:44Z |
| ghsa-wx22-gmgf-5j2h |
4.3 (3.1)
|
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custo… | 2026-02-03T15:30:27Z | 2026-02-03T18:30:43Z |
| ghsa-vfrr-8hph-65pm |
5.4 (3.1)
|
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly … | 2026-02-03T15:30:26Z | 2026-02-03T18:30:43Z |
| ghsa-rq72-h4fj-xhch |
4.3 (3.1)
|
Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allo… | 2026-02-03T15:30:26Z | 2026-02-03T18:30:43Z |
| ghsa-qmh9-pqqv-cwmx |
5.3 (3.1)
|
Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting In… | 2026-02-03T15:30:27Z | 2026-02-03T18:30:43Z |
| ghsa-pqqg-82v7-fxr2 |
5.3 (3.1)
|
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DE… | 2026-02-03T15:30:26Z | 2026-02-03T18:30:43Z |
| ghsa-mh83-6pmq-wf9v |
4.3 (3.1)
|
Missing Authorization vulnerability in wpelemento WPElemento Importer wpelemento-importer allows Ex… | 2026-02-03T15:30:26Z | 2026-02-03T18:30:43Z |
| ghsa-g35p-qgfm-w6v2 |
5.3 (3.1)
|
Missing Authorization vulnerability in gfazioli WP Bannerize Pro wp-bannerize-pro allows Exploiting… | 2026-02-03T15:30:27Z | 2026-02-03T18:30:43Z |
| ghsa-ffxr-cwx4-68hm |
4.3 (3.1)
|
Cross-Site Request Forgery (CSRF) vulnerability in themelooks Enter Addons enteraddons allows Cross… | 2026-02-03T15:30:27Z | 2026-02-03T18:30:43Z |
| ghsa-f4vc-cxj3-j8vh |
5.3 (3.1)
|
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart al… | 2026-02-03T15:30:26Z | 2026-02-03T18:30:43Z |
| ghsa-9286-3frp-2c9j |
5.3 (3.1)
|
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploit… | 2026-02-03T15:30:27Z | 2026-02-03T18:30:43Z |
| ghsa-8rmw-4rx2-vh9r |
5.3 (3.1)
|
Missing Authorization vulnerability in Wired Impact Wired Impact Volunteer Management wired-impact-… | 2026-02-03T15:30:26Z | 2026-02-03T18:30:43Z |
| ghsa-7q5x-vfhw-vv5w |
5.3 (3.1)
|
Insertion of Sensitive Information Into Sent Data vulnerability in WPFactory Advanced WooCommerce P… | 2026-02-03T15:30:26Z | 2026-02-03T18:30:43Z |
| ghsa-54jx-h2q6-qwrf |
4.3 (3.1)
|
Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP userswp allows Cross Site Reques… | 2026-02-03T15:30:27Z | 2026-02-03T18:30:43Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-30420 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.049336Z |
| gsd-2024-30481 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.049137Z |
| gsd-2024-30361 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulner… | 2024-04-03T05:02:29.048614Z |
| gsd-2024-30486 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vuln… | 2024-04-03T05:02:29.047904Z |
| gsd-2024-30302 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.047611Z |
| gsd-2024-30311 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.047422Z |
| gsd-2024-30985 | SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management S… | 2024-04-03T05:02:29.047227Z |
| gsd-2024-30637 | Tenda F1202 v1.2.0.20(408) has a command injection vulnerablility in the formWriteFacMac … | 2024-04-03T05:02:29.046828Z |
| gsd-2024-30047 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.046472Z |
| gsd-2024-30544 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.046270Z |
| gsd-2024-30478 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vuln… | 2024-04-03T05:02:29.045666Z |
| gsd-2024-30297 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.045326Z |
| gsd-2024-30041 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.045127Z |
| gsd-2024-30213 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.044851Z |
| gsd-2024-30981 | SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Managem… | 2024-04-03T05:02:29.044637Z |
| gsd-2024-30590 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedEndTime parame… | 2024-04-03T05:02:29.044239Z |
| gsd-2024-30479 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.043753Z |
| gsd-2024-30779 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.043554Z |
| gsd-2024-30889 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.043344Z |
| gsd-2024-30426 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-03T05:02:29.042677Z |
| gsd-2024-30174 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.042401Z |
| gsd-2024-30869 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.042202Z |
| gsd-2024-30839 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.042009Z |
| gsd-2024-30092 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.041808Z |
| gsd-2024-30096 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.041562Z |
| gsd-2024-30524 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-03T05:02:29.040867Z |
| gsd-2024-30939 | An issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allo… | 2024-04-03T05:02:29.040492Z |
| gsd-2024-30564 | An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remot… | 2024-04-03T05:02:29.040283Z |
| gsd-2024-30439 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-03T05:02:29.039694Z |
| gsd-2024-30581 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.039321Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-190869 | Malicious code in @mcp-use/mcp-use (npm) | 2025-11-24T16:31:47Z | 2025-11-25T00:36:47Z |
| mal-2025-190868 | Malicious code in @mcp-use/inspector (npm) | 2025-11-24T16:31:47Z | 2025-11-25T00:36:47Z |
| mal-2025-190867 | Malicious code in @mcp-use/cli (npm) | 2025-11-24T16:31:47Z | 2025-11-25T00:36:47Z |
| mal-2025-190866 | Malicious code in @ensdomains/buffer (npm) | 2025-11-24T16:31:47Z | 2025-11-25T00:36:47Z |
| mal-2025-190863 | Malicious code in @asyncapi/studio (npm) | 2025-11-24T16:04:58Z | 2025-11-25T00:36:47Z |
| mal-2025-190830 | Malicious code in @zapier/ai-actions (npm) | 2025-11-24T14:28:38Z | 2025-11-25T00:36:47Z |
| mal-2025-190829 | Malicious code in @trigo/hapi-auth-signedlink (npm) | 2025-11-24T14:44:59Z | 2025-11-25T00:36:47Z |
| mal-2025-190828 | Malicious code in @trigo/atrix-pubsub (npm) | 2025-11-24T14:45:49Z | 2025-11-25T00:36:47Z |
| mal-2025-190827 | Malicious code in @strapbuild/react-native-perspective-image-cropper-poojan31 (npm) | 2025-11-24T14:44:44Z | 2025-11-25T00:36:47Z |
| mal-2025-190826 | Malicious code in @strapbuild/react-native-perspective-image-cropper-2 (npm) | 2025-11-24T14:40:44Z | 2025-11-25T00:36:47Z |
| mal-2025-190825 | Malicious code in @strapbuild/react-native-date-time-picker (npm) | 2025-11-24T14:57:30Z | 2025-11-25T00:36:47Z |
| mal-2025-190824 | Malicious code in @quick-start-soft/quick-task-refine (npm) | 2025-11-24T14:38:44Z | 2025-11-25T00:36:47Z |
| mal-2025-190822 | Malicious code in @quick-start-soft/quick-markdown-compose (npm) | 2025-11-24T14:52:15Z | 2025-11-25T00:36:47Z |
| mal-2025-190821 | Malicious code in @quick-start-soft/quick-markdown (npm) | 2025-11-24T14:41:49Z | 2025-11-25T00:36:47Z |
| mal-2025-190820 | Malicious code in @quick-start-soft/quick-git-clean-markdown (npm) | 2025-11-24T14:40:08Z | 2025-11-25T00:36:47Z |
| mal-2025-190819 | Malicious code in @quick-start-soft/quick-document-translator (npm) | 2025-11-24T14:55:50Z | 2025-11-25T00:36:47Z |
| mal-2025-190818 | Malicious code in @markvivanco/app-version-checker (npm) | 2025-11-24T15:01:36Z | 2025-11-25T00:36:47Z |
| mal-2025-190817 | Malicious code in @louisle2/cortex-js (npm) | 2025-11-24T15:03:16Z | 2025-11-25T00:36:47Z |
| mal-2025-190816 | Malicious code in @kvytech/medusa-plugin-newsletter (npm) | 2025-11-24T14:38:29Z | 2025-11-25T00:36:47Z |
| mal-2025-190815 | Malicious code in @ensdomains/web3modal (npm) | 2025-11-24T15:05:47Z | 2025-11-25T00:36:47Z |
| mal-2025-190814 | Malicious code in @ensdomains/unruggable-gateways (npm) | 2025-11-24T14:42:48Z | 2025-11-25T00:36:47Z |
| mal-2025-190813 | Malicious code in @ensdomains/ui (npm) | 2025-11-24T14:40:38Z | 2025-11-25T00:36:47Z |
| mal-2025-190812 | Malicious code in @ensdomains/subdomain-registrar (npm) | 2025-11-24T14:50:54Z | 2025-11-25T00:36:47Z |
| mal-2025-190811 | Malicious code in @ensdomains/server-analytics (npm) | 2025-11-24T14:53:20Z | 2025-11-25T00:36:47Z |
| mal-2025-190810 | Malicious code in @ensdomains/renewal (npm) | 2025-11-24T14:42:17Z | 2025-11-25T00:36:47Z |
| mal-2025-190809 | Malicious code in @ensdomains/react-ens-address (npm) | 2025-11-24T14:53:05Z | 2025-11-25T00:36:47Z |
| mal-2025-190808 | Malicious code in @ensdomains/offchain-resolver-contracts (npm) | 2025-11-24T14:27:51Z | 2025-11-25T00:36:47Z |
| mal-2025-190807 | Malicious code in @ensdomains/name-wrapper (npm) | 2025-11-24T14:26:25Z | 2025-11-25T00:36:47Z |
| mal-2025-190806 | Malicious code in @ensdomains/mock (npm) | 2025-11-24T14:37:23Z | 2025-11-25T00:36:47Z |
| mal-2025-190805 | Malicious code in @ensdomains/ens-archived-contracts (npm) | 2025-11-24T14:32:02Z | 2025-11-25T00:36:47Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-3518 | IBM SPSS: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-11-20T23:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-3517 | Red Hat OpenStack: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-11-20T23:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-3516 | Django: Mehrere Schwachstellen ermöglichen Cross-Site Scripting | 2024-11-20T23:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-3514 | Apache Nifi: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-11-20T23:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-3512 | 7-Zip: Schwachstelle ermöglicht Codeausführung | 2024-11-20T23:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-3307 | IBM InfoSphere Information Server: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-10-29T23:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-3211 | IBM App Connect Enterprise: Schwachstelle ermöglicht Denial of Service | 2024-10-15T22:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-2031 | Zyxel Firewall: Mehrere Schwachstellen | 2024-09-02T22:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-1893 | Red Hat OpenStack: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2024-08-21T22:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-1839 | Intel Chipset: Mehrere Schwachstellen | 2024-08-13T22:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-1642 | Oracle Communications: Mehrere Schwachstellen | 2024-07-16T22:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-0906 | IBM WebSphere Application Server: Mehrere Schwachstellen | 2024-04-16T22:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-0858 | IBM QRadar SIEM: Mehrere Schwachstellen | 2024-04-14T22:00:00.000+00:00 | 2024-11-20T23:00:00.000+00:00 |
| wid-sec-w-2024-3511 | IBM App Connect Enterprise: Schwachstelle ermöglicht Denial of Service | 2024-11-19T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3510 | M-Files Server: Mehrere Schwachstellem | 2024-11-19T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3508 | Atlassian Confluence: Mehrere Schwachstellen | 2024-11-19T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3506 | Arista EOS: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-11-19T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3505 | lxml: Schwachstelle ermöglicht Cross-Site Scripting | 2024-11-19T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3504 | Rancher: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-11-19T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3503 | Apple Safari, iOS, iPadOS, macOS: Mehrere Schwachstellen | 2024-11-19T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3501 | Veritas Enterprise Vault: Mehrere Schwachstellen ermöglichen Cross-Site Scripting | 2024-11-19T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3500 | IBM FileNet Content Manager: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2024-11-19T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3485 | Apache Camel for Spring Boot: Mehrere Schwachstellen | 2024-11-17T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3452 | Microsoft DeveloperTools: Mehrere Schwachstellen | 2024-11-12T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3336 | Red Hat Enterprise Linux (OpenEXR): Schwachstelle ermöglicht Manipulation von Dateien | 2024-11-04T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3331 | Veritas NetBackup: Schwachstelle ermöglicht Privilegieneskalation | 2024-11-04T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-0180 | Squid: Schwachstelle ermöglicht Denial of Service | 2024-01-23T23:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2023-2630 | Google Chrome und Microsoft Edge: Mehrere Schwachstellen | 2023-10-10T22:00:00.000+00:00 | 2024-11-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3492 | Oracle Supply Chain / Agile PLM Framework: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-11-18T23:00:00.000+00:00 | 2024-11-18T23:00:00.000+00:00 |
| wid-sec-w-2024-3490 | SUSE Manager: Mehrere Schwachstellen ermöglichen Cross-Site Scripting | 2024-11-18T23:00:00.000+00:00 | 2024-11-18T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2013:1369 | Red Hat Security Advisory: jboss-remoting security update | 2013-09-30T17:41:00+00:00 | 2026-01-28T22:37:47+00:00 |
| rhea-2015:2126 | Red Hat Enhancement Advisory: elfutils bug fix and enhancement update | 2015-11-19T04:54:56+00:00 | 2026-01-28T22:37:45+00:00 |
| rhea-2015:1302 | Red Hat Enhancement Advisory: elfutils bug fix and enhancement update | 2015-07-20T13:53:52+00:00 | 2026-01-28T22:37:44+00:00 |
| rhea-2015:0369 | Red Hat Enhancement Advisory: elfutils bug fix and enhancement update | 2015-03-05T07:51:21+00:00 | 2026-01-28T22:37:44+00:00 |
| rhba-2016:1501 | Red Hat Bug Fix Advisory: Red Hat Satellite 6.2 Capsule and Server | 2016-07-27T08:28:58+00:00 | 2026-01-28T22:37:42+00:00 |
| rhsa-2023:0556 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update | 2023-01-31T13:18:26+00:00 | 2026-01-28T22:35:20+00:00 |
| rhsa-2023:0554 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update | 2023-01-31T13:15:23+00:00 | 2026-01-28T22:35:20+00:00 |
| rhsa-2023:0553 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update | 2023-01-31T13:12:13+00:00 | 2026-01-28T22:35:20+00:00 |
| rhsa-2015:0850 | Red Hat Security Advisory: Red Hat JBoss BRMS 6.1.0 update | 2015-04-16T16:02:45+00:00 | 2026-01-28T22:35:19+00:00 |
| rhsa-2023:0552 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update | 2023-01-31T13:15:22+00:00 | 2026-01-28T22:35:18+00:00 |
| rhsa-2017:3239 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.18 security update | 2017-11-16T19:10:21+00:00 | 2026-01-28T22:35:18+00:00 |
| rhsa-2016:2957 | Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release | 2016-12-15T22:11:19+00:00 | 2026-01-28T22:35:17+00:00 |
| rhsa-2016:1166 | Red Hat Security Advisory: python27 security, bug fix, and enhancement update | 2016-05-31T10:04:55+00:00 | 2026-01-28T22:35:17+00:00 |
| rhsa-2016:0070 | Red Hat Security Advisory: Red Hat OpenShift Enterprise 3.1.1 bug fix and enhancement update | 2016-01-26T19:12:41+00:00 | 2026-01-28T22:35:16+00:00 |
| rhsa-2016:0062 | Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 security update | 2016-01-21T15:54:39+00:00 | 2026-01-28T22:35:16+00:00 |
| rhsa-2015:1888 | Red Hat Security Advisory: Red Hat JBoss SOA Platform 5.3.1 security update | 2015-10-12T15:27:33+00:00 | 2026-01-28T22:35:16+00:00 |
| rhsa-2015:1009 | Red Hat Security Advisory: Red Hat JBoss Portal 6.2.0 update | 2015-05-14T15:14:47+00:00 | 2026-01-28T22:35:16+00:00 |
| rhsa-2015:0234 | Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.0.3 security update | 2015-02-17T22:27:47+00:00 | 2026-01-28T22:35:16+00:00 |
| rhsa-2014:1891 | Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.3 security update | 2014-11-24T20:46:15+00:00 | 2026-01-28T22:35:16+00:00 |
| rhsa-2015:0851 | Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.1.0 update | 2015-04-16T16:02:37+00:00 | 2026-01-28T22:35:15+00:00 |
| rhsa-2015:0773 | Red Hat Security Advisory: Red Hat JBoss Data Grid 6.4.1 update | 2015-04-01T14:48:20+00:00 | 2026-01-28T22:35:15+00:00 |
| rhsa-2015:0765 | Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.0.0 security update | 2015-03-31T17:00:43+00:00 | 2026-01-28T22:35:14+00:00 |
| rhsa-2015:0720 | Red Hat Security Advisory: Red Hat JBoss Fuse Service Works 6.0.0 security update | 2015-03-24T21:05:53+00:00 | 2026-01-28T22:35:14+00:00 |
| rhsa-2015:0675 | Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.1.0 update | 2015-03-11T16:51:20+00:00 | 2026-01-28T22:35:13+00:00 |
| rhsa-2015:0269 | Red Hat Security Advisory: Red Hat JBoss Operations Network 3.3.1 update | 2015-02-25T21:35:38+00:00 | 2026-01-28T22:35:13+00:00 |
| rhsa-2015:0235 | Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.3 security update | 2015-02-17T22:27:36+00:00 | 2026-01-28T22:35:13+00:00 |
| rhsa-2015:0158 | Red Hat Security Advisory: Red Hat Enterprise Virtualization Manager 3.5.0 | 2015-02-11T17:38:50+00:00 | 2026-01-28T22:35:13+00:00 |
| rhsa-2015:0125 | Red Hat Security Advisory: Red Hat JBoss Web Framework Kit 2.7.0 update | 2015-02-04T17:41:57+00:00 | 2026-01-28T22:35:12+00:00 |
| rhsa-2015:0042 | Red Hat Security Advisory: cloud-init security, bug fix, and enhancement update | 2015-01-13T20:24:32+00:00 | 2026-01-28T22:35:11+00:00 |
| rhsa-2014:2020 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.2 security update | 2014-12-18T17:48:09+00:00 | 2026-01-28T22:35:11+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-11081 | GNU Binutils objdump.c dump_dwarf_section out-of-bounds | 2025-09-02T00:00:00.000Z | 2025-10-02T01:04:20.000Z |
| msrc_cve-2024-42129 | leds: mlxreg: Use devm_mutex_init() for mutex initialization | 2024-07-01T07:00:00.000Z | 2025-10-02T01:04:12.000Z |
| msrc_cve-2024-42128 | leds: an30259a: Use devm_mutex_init() for mutex initialization | 2024-07-01T07:00:00.000Z | 2025-10-02T01:04:07.000Z |
| msrc_cve-2022-48744 | net/mlx5e: Avoid field-overflowing memcpy() | 2024-06-02T07:00:00.000Z | 2025-10-02T01:04:01.000Z |
| msrc_cve-2024-49214 | QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality. | 2024-10-01T07:00:00.000Z | 2025-10-01T23:11:34.000Z |
| msrc_cve-2024-45773 | A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00. | 2024-09-01T07:00:00.000Z | 2025-10-01T23:11:34.000Z |
| msrc_cve-2024-42861 | An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial of service via a crafted Pdelay_Req message to the time synchronization function | 2024-09-01T07:00:00.000Z | 2025-10-01T23:11:34.000Z |
| msrc_cve-2024-21506 | Rejected reason: Duplicate of CVE-2024-5629. | 2024-04-02T07:00:00.000Z | 2025-10-01T23:11:34.000Z |
| msrc_cve-2023-5366 | Openvswitch don't match packets on nd_target field | 2023-10-01T00:00:00.000Z | 2025-10-01T23:11:33.000Z |
| msrc_cve-2023-4813 | Glibc: potential use-after-free in gaih_inet() | 2023-09-01T00:00:00.000Z | 2025-10-01T23:11:33.000Z |
| msrc_cve-2023-45539 | HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server. | 2023-11-01T07:00:00.000Z | 2025-10-01T23:11:33.000Z |
| msrc_cve-2023-45145 | Redis Unix-domain socket may have be exposed with the wrong permissions for a short time window. | 2023-10-01T00:00:00.000Z | 2025-10-01T23:11:32.000Z |
| msrc_cve-2023-3390 | Use-after-free in Linux kernel's netfilter subsystem | 2023-06-01T07:00:00.000Z | 2025-10-01T23:11:32.000Z |
| msrc_cve-2023-32665 | Gvariant deserialisation does not match spec for non-normal data | 2023-09-01T00:00:00.000Z | 2025-10-01T23:11:31.000Z |
| msrc_cve-2023-32611 | G_variant_byteswap() can take a long time with some non-normal inputs | 2023-09-01T00:00:00.000Z | 2025-10-01T23:11:31.000Z |
| msrc_cve-2023-3117 | Rejected reason: Duplicate of CVE-2023-3390. | 2023-06-01T07:00:00.000Z | 2025-10-01T23:11:31.000Z |
| msrc_cve-2023-25761 | Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin. | 2023-02-01T00:00:00.000Z | 2025-10-01T23:11:31.000Z |
| msrc_cve-2023-25136 | OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." | 2023-02-01T00:00:00.000Z | 2025-10-01T23:11:30.000Z |
| msrc_cve-2023-22809 | In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value. | 2023-01-04T00:00:00.000Z | 2025-10-01T23:11:30.000Z |
| msrc_cve-2023-2248 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was the duplicate of CVE-2023-31436. | 2023-05-01T00:00:00.000Z | 2025-10-01T23:11:28.000Z |
| msrc_cve-2023-21843 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run on | 2023-01-04T00:00:00.000Z | 2025-10-01T23:11:28.000Z |
| msrc_cve-2023-21830 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code | 2023-01-04T00:00:00.000Z | 2025-10-01T23:11:28.000Z |
| msrc_cve-2023-0687 | A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It's basically trusted input or input that needs an actual security flaw to be compromised or controlled. | 2023-02-01T00:00:00.000Z | 2025-10-01T23:11:27.000Z |
| msrc_cve-2022-47021 | A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts. | 2023-01-04T00:00:00.000Z | 2025-10-01T23:11:27.000Z |
| msrc_cve-2022-47015 | MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. | 2023-01-04T00:00:00.000Z | 2025-10-01T23:11:26.000Z |
| msrc_cve-2022-45885 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected. | 2022-11-02T00:00:00.000Z | 2025-10-01T23:11:26.000Z |
| msrc_cve-2022-45380 | Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-11-02T00:00:00.000Z | 2025-10-01T23:11:26.000Z |
| msrc_cve-2022-43410 | Jenkins Mercurial Plugin 1251.va_b_121f184902 and earlier provides information about which jobs were triggered or scheduled for polling through its webhook endpoint, including jobs the user has no permission to access. | 2022-10-02T00:00:00.000Z | 2025-10-01T23:11:26.000Z |
| msrc_cve-2022-42969 | The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability. | 2022-10-02T00:00:00.000Z | 2025-10-01T23:11:25.000Z |
| msrc_cve-2022-4285 | An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. | 2023-01-04T00:00:00.000Z | 2025-10-01T23:11:25.000Z |
| ID | Description | Updated |
|---|---|---|
| var-202505-2874 | Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Win… | 2025-06-06T23:32:41.563000Z |
| var-202505-1839 | A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2… | 2025-06-06T23:30:50.279000Z |
| var-202505-3275 | Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Li… | 2025-06-06T23:30:05.050000Z |
| var-202410-1481 | TP-Link WR740N V6 has a stack overflow vulnerability via the ssid parameter in /userRpm/p… | 2025-06-06T23:28:54.115000Z |
| var-202505-2532 | Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, … | 2025-06-06T23:27:22.345000Z |
| var-202505-1786 | A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. T… | 2025-06-06T23:25:55.278000Z |
| var-202505-2694 | Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niag… | 2025-06-06T23:25:55.221000Z |
| var-202505-3074 | Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara F… | 2025-06-06T23:25:55.192000Z |
| var-202505-1807 | A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected… | 2025-06-06T23:24:43.783000Z |
| var-202505-3992 | Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Window… | 2025-06-06T23:24:43.579000Z |
| var-202407-0985 | Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get_merge_mac function. Belk… | 2025-06-06T23:22:51.379000Z |
| var-202407-2076 | AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-… | 2025-06-06T23:22:09.393000Z |
| var-202505-3461 | Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Fr… | 2025-06-06T23:14:13.930000Z |
| var-202306-1966 | Improper authentication vulnerability in WL-WN531AX2 firmware versions prior to 2023526 a… | 2025-06-06T23:10:45.321000Z |
| var-202306-1965 | WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative … | 2025-06-06T23:10:45.290000Z |
| var-202505-1740 | A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical.… | 2025-06-06T23:10:40.113000Z |
| var-202505-3274 | Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagar… | 2025-06-06T23:10:39.993000Z |
| var-202505-0403 | In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /gof… | 2025-06-06T23:07:16.080000Z |
| var-202503-2528 | A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03… | 2025-06-06T22:58:30.005000Z |
| var-202505-3468 | Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Fr… | 2025-06-06T19:31:19.394000Z |
| var-202101-0372 | Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Too… | 2025-06-05T23:20:18.617000Z |
| var-202502-2725 | An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the pub… | 2025-06-05T23:20:00.404000Z |
| var-202504-1354 | An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via … | 2025-06-05T23:18:37.487000Z |
| var-202504-1973 | An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via … | 2025-06-05T23:18:07.535000Z |
| var-202504-1545 | An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via … | 2025-06-05T23:17:42.653000Z |
| var-202505-1652 | A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as prob… | 2025-06-05T23:17:42.482000Z |
| var-202408-1385 | DrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1.5.1.5_Beta and Dray… | 2025-06-05T23:16:55.319000Z |
| var-202503-3607 | A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authoriz… | 2025-06-05T23:16:50.388000Z |
| var-202505-1721 | A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been classifie… | 2025-06-05T23:16:50.087000Z |
| var-202008-0372 | When an actor claims to have a given identity, Philips SureSigns VS4, A.07.107 and prio… | 2025-06-05T23:16:18.384000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2024:2039-1 | Security update for php8 | 2024-06-17T07:32:13Z | 2024-06-17T07:32:13Z |
| suse-su-2024:2038-1 | Security update for php8 | 2024-06-17T07:31:36Z | 2024-06-17T07:31:36Z |
| suse-su-2024:2037-1 | Security update for php7 | 2024-06-17T07:30:42Z | 2024-06-17T07:30:42Z |
| suse-su-2024:2036-1 | Security update for openssl-1_1 | 2024-06-17T07:30:00Z | 2024-06-17T07:30:00Z |
| suse-su-2024:2035-1 | Security update for openssl-1_1 | 2024-06-17T07:29:44Z | 2024-06-17T07:29:44Z |
| suse-su-2024:2033-1 | Security update for bind | 2024-06-16T10:20:06Z | 2024-06-16T10:20:06Z |
| suse-su-2024:2032-1 | Security update for mariadb | 2024-06-14T12:04:58Z | 2024-06-14T12:04:58Z |
| suse-su-2024:2031-1 | Security update for podman | 2024-06-14T11:06:24Z | 2024-06-14T11:06:24Z |
| suse-su-2024:2030-1 | Security update for libaom | 2024-06-14T06:09:28Z | 2024-06-14T06:09:28Z |
| suse-su-2024:2029-1 | Security update for python-scikit-learn | 2024-06-13T15:13:20Z | 2024-06-13T15:13:20Z |
| suse-su-2024:2028-2 | Security update for tiff | 2024-06-13T15:12:52Z | 2024-06-13T15:12:52Z |
| suse-su-2024:2028-1 | Security update for tiff | 2024-06-13T15:12:31Z | 2024-06-13T15:12:31Z |
| suse-su-2024:2027-1 | Security update for php8 | 2024-06-13T15:11:26Z | 2024-06-13T15:11:26Z |
| suse-su-2024:1571-2 | Security update for python-pymongo | 2024-06-13T14:33:38Z | 2024-06-13T14:33:38Z |
| suse-su-2024:2020-1 | Security update for openssl-3 | 2024-06-13T10:41:57Z | 2024-06-13T10:41:57Z |
| suse-su-2024:2019-1 | Security update for the Linux Kernel | 2024-06-13T10:40:58Z | 2024-06-13T10:40:58Z |
| suse-su-2024:1673-2 | Security update for python-Pillow | 2024-06-13T09:22:50Z | 2024-06-13T09:22:50Z |
| suse-su-2024:2012-1 | Security update for MozillaFirefox | 2024-06-12T16:40:30Z | 2024-06-12T16:40:30Z |
| suse-su-2024:2011-1 | Security update for the Linux Kernel | 2024-06-12T16:39:51Z | 2024-06-12T16:39:51Z |
| suse-su-2024:2010-1 | Security update for the Linux Kernel | 2024-06-12T16:39:35Z | 2024-06-12T16:39:35Z |
| suse-su-2024:2009-1 | Security update for curl | 2024-06-12T11:47:48Z | 2024-06-12T11:47:48Z |
| suse-su-2024:2008-1 | Security update for the Linux Kernel | 2024-06-12T11:33:43Z | 2024-06-12T11:33:43Z |
| suse-su-2024:2005-1 | Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed | 2024-06-12T08:55:43Z | 2024-06-12T08:55:43Z |
| suse-su-2024:2003-1 | Security update for cups | 2024-06-12T05:31:00Z | 2024-06-12T05:31:00Z |
| suse-su-2024:2003-2 | Security update for cups | 2024-06-12T05:30:57Z | 2024-06-12T05:30:57Z |
| suse-su-2024:2002-1 | Security update for cups | 2024-06-12T05:27:54Z | 2024-06-12T05:27:54Z |
| suse-su-2024:1991-2 | Security update for unbound | 2024-06-11T11:51:51Z | 2024-06-11T11:51:51Z |
| suse-su-2024:1991-1 | Security update for unbound | 2024-06-11T11:51:36Z | 2024-06-11T11:51:36Z |
| suse-su-2024:1990-1 | Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed | 2024-06-11T11:50:04Z | 2024-06-11T11:50:04Z |
| suse-su-2024:1989-1 | Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer | 2024-06-11T11:49:48Z | 2024-06-11T11:49:48Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2024:11288-1 | libqore6-0.9.15-1.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11287-1 | qemu-6.1.0-32.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11286-1 | python39-3.9.7-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11285-1 | python38-3.8.12-1.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11284-1 | python36-3.6.15-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11283-1 | python310-3.10.0rc1-4.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11282-1 | libblkid-devel-2.36.2-3.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11281-1 | python2-pip-20.0.2-2.6 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11280-1 | python36-websockets-9.1-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11279-1 | python36-w3lib-1.22.0-2.4 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11278-1 | python36-validators-0.18.1-2.4 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11277-1 | python36-urllib3-1.26.6-1.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11276-1 | python-tqdm-bash-completion-4.62.2-1.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11275-1 | python36-suds-jurko-0.6-6.9 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11274-1 | python36-slixmpp-1.5.2-1.9 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11273-1 | python36-sleekxmpp-1.3.3-4.18 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11272-1 | python36-setuptools-57.4.0-1.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11271-1 | python36-ruamel.yaml-0.17.10-1.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11270-1 | python-rtslib-fb-common-2.1.74-2.7 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11269-1 | python36-rsa-4.7.2-1.5 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11268-1 | python36-rpyc-4.1.5-2.7 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11267-1 | python36-rope-0.19.0-1.3 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11266-1 | python36-requests-2.25.1-4.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11265-1 | python36-reportlab-3.5.59-2.6 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11264-1 | python36-pyzmq-22.2.1-1.4 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11263-1 | python36-pywbem-1.1.1-2.7 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11262-1 | python36-python3-saml-1.11.0-1.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11261-1 | python36-python-gnupg-0.4.7-1.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11260-1 | python36-python-engineio-4.2.0-1.2 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:11259-1 | python36-python-cjson-1.2.2-2.5 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-20287 | Kenwood DMX958XR ReadMVGImage函数操作系统命令注入漏洞 | 2025-08-18 | 2025-09-05 |
| cnvd-2025-20286 | Kenwood DMX958XR libSystemLib函数操作系统命令注入漏洞 | 2025-08-18 | 2025-09-05 |
| cnvd-2025-20285 | Kenwood DMX958XR JKWifiService函数操作系统命令注入漏洞 | 2025-08-18 | 2025-09-05 |
| cnvd-2025-20284 | Kenwood DMX958XR堆栈缓冲区溢出漏洞 | 2025-08-18 | 2025-09-05 |
| cnvd-2025-20283 | Kenwood DMX958XR存在未明漏洞 | 2025-08-18 | 2025-09-05 |
| cnvd-2025-20078 | SAMSUNG MagicINFO 9 Server路径遍历漏洞(CNVD-2025-20078) | 2025-07-24 | 2025-09-05 |
| cnvd-2025-20076 | SAMSUNG MagicINFO 9 Server文件上传漏洞(CNVD-2025-20076) | 2025-07-24 | 2025-09-05 |
| cnvd-2025-20075 | SAMSUNG MagicINFO 9 Server文件上传漏洞 | 2025-07-24 | 2025-09-05 |
| cnvd-2025-20074 | SAMSUNG MagicINFO 9 Server路径遍历漏洞(CNVD-2025-20074) | 2025-07-24 | 2025-09-05 |
| cnvd-2025-20073 | SAMSUNG MagicINFO 9 Server代码注入漏洞 | 2025-07-24 | 2025-09-05 |
| cnvd-2025-20072 | SAMSUNG MagicINFO 9 Server安全绕过漏洞 | 2025-07-24 | 2025-09-05 |
| cnvd-2025-20070 | SAMSUNG MagicINFO 9 Server存在未明漏洞(CNVD-2025-20070) | 2025-07-24 | 2025-09-05 |
| cnvd-2025-20430 | Emby Windows文件上传漏洞 | 2025-07-25 | 2025-09-04 |
| cnvd-2025-20429 | Emby Windows跨站脚本漏洞 | 2025-07-25 | 2025-09-04 |
| cnvd-2025-20428 | Emby Windows服务端请求伪造漏洞 | 2025-07-25 | 2025-09-04 |
| cnvd-2025-20395 | 百度网盘Windows客户端远程命令执行漏洞 | 2025-09-04 | 2025-09-04 |
| cnvd-2025-20312 | Simopro Technology WinMatrix3 SQL注入漏洞(CNVD-2025-20312) | 2024-07-31 | 2025-09-04 |
| cnvd-2025-20311 | Simopro Technology WinMatrix3 SQL注入漏洞(CNVD-2025-20311) | 2024-07-31 | 2025-09-04 |
| cnvd-2025-20310 | Simopro Technology WinMatrix3文件上传漏洞 | 2025-07-25 | 2025-09-04 |
| cnvd-2025-20309 | Simopro Technology WinMatrix3跨站脚本漏洞 | 2025-07-25 | 2025-09-04 |
| cnvd-2025-20308 | Simopro Technology WinMatrix3反序列化漏洞 | 2025-07-25 | 2025-09-04 |
| cnvd-2025-20307 | Simopro Technology WinMatrix3 SQL注入漏洞(CNVD-2025-20307) | 2025-07-25 | 2025-09-04 |
| cnvd-2025-20306 | Simopro Technology WinMatrix3 SQL注入漏洞 | 2025-07-25 | 2025-09-04 |
| cnvd-2025-20305 | WordPress Events Addon for Elementor plugin跨站脚本漏洞 | 2025-09-02 | 2025-09-04 |
| cnvd-2025-20304 | WordPress Booster for WooCommerce Plugin文件上传漏洞 | 2025-09-02 | 2025-09-04 |
| cnvd-2025-20303 | WordPress Amministrazione Trasparente plugin跨站脚本漏洞 | 2025-09-02 | 2025-09-04 |
| cnvd-2025-20302 | Kenwood DMX958XR命令注入漏洞(CNVD-2025-20302) | 2025-08-18 | 2025-09-04 |
| cnvd-2025-20300 | Kenwood DMX958XR命令注入漏洞(CNVD-2025-20300) | 2025-08-18 | 2025-09-04 |
| cnvd-2025-20299 | Kenwood DMX958XR命令注入漏洞(CNVD-2025-20299) | 2025-08-18 | 2025-09-04 |
| cnvd-2025-20297 | Kenwood DMX958XR命令注入漏洞(CNVD-2025-20297) | 2025-08-18 | 2025-09-04 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-588 | Vulnérabilité dans MongoDB | 2021-08-03T00:00:00.000000 | 2021-08-03T00:00:00.000000 |
| certfr-2021-avi-587 | Multiples vulnérabilités dans Google Chrome OS | 2021-08-03T00:00:00.000000 | 2021-08-03T00:00:00.000000 |
| certfr-2021-avi-586 | Vulnérabilité dans Mitel Interaction Recording | 2021-08-03T00:00:00.000000 | 2021-08-03T00:00:00.000000 |
| certfr-2021-avi-585 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-08-03T00:00:00.000000 | 2021-08-03T00:00:00.000000 |
| certfr-2021-avi-584 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-08-02T00:00:00.000000 | 2021-08-02T00:00:00.000000 |
| certfr-2021-avi-581 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-07-28T00:00:00.000000 | 2021-07-30T00:00:00.000000 |
| certfr-2021-avi-583 | Vulnérabilité dans IBM Db2 | 2021-07-29T00:00:00.000000 | 2021-07-29T00:00:00.000000 |
| certfr-2021-avi-582 | Multiples vulnérabilités dans les produits Trend Micro | 2021-07-29T00:00:00.000000 | 2021-07-29T00:00:00.000000 |
| certfr-2021-avi-580 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-07-28T00:00:00.000000 | 2021-07-28T00:00:00.000000 |
| certfr-2021-avi-579 | Multiples vulnérabilités dans IBM QRadar | 2021-07-28T00:00:00.000000 | 2021-07-28T00:00:00.000000 |
| certfr-2021-avi-577 | Vulnérabilité dans Nextcloud Richdocuments | 2021-07-27T00:00:00.000000 | 2021-07-27T00:00:00.000000 |
| certfr-2021-avi-576 | Vulnérabilité dans les produits Apple | 2021-07-27T00:00:00.000000 | 2021-07-27T00:00:00.000000 |
| certfr-2021-avi-575 | Vulnérabilité dans Microsoft Windows | 2021-07-26T00:00:00.000000 | 2021-07-26T00:00:00.000000 |
| certfr-2021-avi-574 | Vulnérabilité dans MongoDB | 2021-07-26T00:00:00.000000 | 2021-07-26T00:00:00.000000 |
| certfr-2021-avi-573 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-07-26T00:00:00.000000 | 2021-07-26T00:00:00.000000 |
| certfr-2021-avi-572 | Vulnérabilité dans le noyau Linux de SUSE | 2021-07-26T00:00:00.000000 | 2021-07-26T00:00:00.000000 |
| certfr-2021-avi-571 | Multiples vulnérabilités dans Tenable | 2021-07-23T00:00:00.000000 | 2021-07-23T00:00:00.000000 |
| certfr-2021-avi-570 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-07-23T00:00:00.000000 | 2021-07-23T00:00:00.000000 |
| certfr-2021-avi-569 | Multiples vulnérabilités dans les produits Asterisk | 2021-07-23T00:00:00.000000 | 2021-07-23T00:00:00.000000 |
| certfr-2021-avi-568 | Multiples vulnérabilités dans Apple Safari | 2021-07-23T00:00:00.000000 | 2021-07-23T00:00:00.000000 |
| certfr-2021-avi-567 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2021-07-23T00:00:00.000000 | 2021-07-23T00:00:00.000000 |
| certfr-2021-avi-566 | Multiples vulnérabilités dans Microsoft Edge | 2021-07-23T00:00:00.000000 | 2021-07-23T00:00:00.000000 |
| certfr-2021-avi-565 | Multiples vulnérabilités dans Cisco Intersight Virtual Appliance | 2021-07-22T00:00:00.000000 | 2021-07-22T00:00:00.000000 |
| certfr-2021-avi-564 | Vulnérabilité dans Drupal core | 2021-07-22T00:00:00.000000 | 2021-07-22T00:00:00.000000 |
| certfr-2021-avi-563 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-07-22T00:00:00.000000 | 2021-07-22T00:00:00.000000 |
| certfr-2021-avi-562 | Multiples vulnérabilités dans les produits Apple | 2021-07-22T00:00:00.000000 | 2021-07-22T00:00:00.000000 |
| certfr-2021-avi-561 | Multiples vulnérabilités dans Oracle Virtualization | 2021-07-21T00:00:00.000000 | 2021-07-21T00:00:00.000000 |
| certfr-2021-avi-560 | Multiples vulnérabilités dans Oracle Systems | 2021-07-21T00:00:00.000000 | 2021-07-21T00:00:00.000000 |
| certfr-2021-avi-559 | Multiples vulnérabilités dans Oracle PeopleSoft | 2021-07-21T00:00:00.000000 | 2021-07-21T00:00:00.000000 |
| certfr-2021-avi-558 | Multiples vulnérabilités dans Oracle MySQL | 2021-07-21T00:00:00.000000 | 2021-07-21T00:00:00.000000 |