Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-1999-0531
N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO. N/A N/A 2000-02-04T05:00:00.000Z 2005-11-02T10:00:00.000Z
CVE-1999-0532
N/A
A DNS server allows zone transfers. n/a
 n/a
 2000-02-04T05:00:00.000Z 2025-03-17T15:03:26.630Z
CVE-1999-0533
N/A
A DNS server allows inverse queries. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.220Z
CVE-1999-0534
N/A
A Windows NT user has inappropriate rights or pri… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.562Z
CVE-1999-0535
N/A
A Windows NT account policy for passwords has ina… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.607Z
CVE-1999-0537
N/A
A configuration in a web browser such as Internet… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.684Z
CVE-1999-0539
N/A
A trust relationship exists between two Unix hosts. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.533Z
CVE-1999-0541
N/A
A password for accessing a WWW URL is guessable. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.483Z
CVE-1999-0546
N/A
The Windows NT guest account is enabled. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.470Z
CVE-1999-0547
N/A
An SSH server allows authentication through the .… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.708Z
CVE-1999-0548
N/A
A superfluous NFS server is running, but it is no… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.685Z
CVE-1999-0549
N/A
Windows NT automatically logs in an administrator… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.554Z
CVE-1999-0550
N/A
A router's routing tables can be obtained from ar… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.663Z
CVE-1999-0554
N/A
NFS exports system-critical data to the world, e.… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.685Z
CVE-1999-0555
N/A
A Unix account with a name other than "root" has … n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.566Z
CVE-1999-0556
N/A
Two or more Unix accounts have the same UID. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.487Z
CVE-1999-0559
N/A
A system-critical Unix file or directory has inap… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.643Z
CVE-1999-0560
N/A
A system-critical Windows NT file or directory ha… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.462Z
CVE-1999-0561
N/A
IIS has the #exec function enabled for Server Sid… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.516Z
CVE-1999-0562
N/A
The registry in Windows NT can be accessed remote… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.690Z
CVE-1999-0564
N/A
An attacker can force a printer to print arbitrar… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.562Z
CVE-1999-0565
N/A
A Sendmail alias allows input to be piped to a program. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.585Z
CVE-1999-0568
N/A
rpc.admind in Solaris is not running in a secure mode. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.611Z
CVE-1999-0569
N/A
A URL for a WWW directory allows auto-indexing, w… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.540Z
CVE-1999-0570
N/A
Windows NT is not using a password filter utility… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.711Z
CVE-1999-0571
N/A
A router's configuration service or management in… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.638Z
CVE-1999-0572
N/A
.reg files are associated with the Windows NT reg… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.516Z
CVE-1999-0575
N/A
A Windows NT system's user audit policy does not … n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.675Z
CVE-1999-0576
N/A
A Windows NT system's file audit policy does not … n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.649Z
CVE-1999-0577
N/A
A Windows NT system's file audit policy does not … n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.676Z
ID CVSS Description Vendor Product Published Updated
CVE-1999-0332
N/A
Buffer overflow in NetMeeting allows denial of se… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.949Z
CVE-1999-0342
N/A
Linux PAM modules allow local users to gain root … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.020Z
CVE-1999-0385
N/A
The LDAP bind function in Exchange 5.5 has a buff… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.137Z
CVE-1999-0463
N/A
Remote attackers can perform a denial of service … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:41:44.930Z
CVE-1999-0478
N/A
Denial of service in HP-UX sendmail 8.8.6 related… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:41:44.965Z
CVE-1999-0869
N/A
Internet Explorer 3.x to 4.01 allows a remote att… n/a
 n/a
 2000-01-04T05:00:00.000Z 2024-08-01T16:55:28.864Z
CVE-1999-0836
N/A
UnixWare uidadmin allows local users to modify ar… n/a
 n/a
 2000-06-02T04:00:00.000Z 2024-08-01T16:48:38.069Z
CVE-1999-0936
N/A
BNBSurvey survey.cgi program allows remote attack… n/a
 n/a
 2000-01-04T05:00:00.000Z 2024-08-01T16:55:29.146Z
CVE-1999-0937
N/A
BNBForm allows remote attackers to read arbitrary… n/a
 n/a
 2000-01-04T05:00:00.000Z 2024-08-01T16:55:29.356Z
CVE-1999-1280
N/A
Hummingbird Exceed 6.0.1.0 inadvertently includes… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:02.732Z
CVE-1999-0798
N/A
Buffer overflow in bootpd on OpenBSD, FreeBSD, an… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:48:38.129Z
CVE-1999-1147
N/A
Buffer overflow in Platinum Policy Compliance Man… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:02:53.792Z
CVE-1999-1276
N/A
fte-console in the fte package before 0.46b-4.1 d… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:11:01.258Z
CVE-1999-1282
N/A
RealSystem G2 server stores the administrator pas… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:01.460Z
CVE-1999-0139
N/A
Buffer overflow in Solaris x86 mkcookie allows lo… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.550Z
CVE-1999-0188
N/A
The passwd command in Solaris can be subjected to… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.791Z
CVE-1999-1173
N/A
Corel Word Perfect 8 for Linux creates a temporar… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:02:53.753Z
CVE-1999-1277
N/A
BackWeb client stores the username and password i… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:01.246Z
CVE-1999-1278
N/A
nlog CGI scripts do not properly filter shell met… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:01.671Z
CVE-1999-0968
N/A
Buffer overflow in BNC IRC proxy allows remote at… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T16:55:29.271Z
CVE-1999-1281
N/A
Development version of Breeze Network Server allo… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:03.176Z
CVE-1999-1188
N/A
mysqld in MySQL 3.21 creates log files with world… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:02:53.761Z
CVE-1999-1285
N/A
Linux 2.1.132 and earlier allows local users to c… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:01.463Z
CVE-1999-1159
N/A
SSH 2.0.11 and earlier allows local users to requ… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:02:53.757Z
CVE-1999-0020
N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage N/A N/A 2000-02-04T05:00:00.000Z 2005-02-04T00:00:00.000Z
CVE-1999-0110
N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315. Notes: All CVE users should reference CVE-1999-0315 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage N/A N/A 2000-02-04T05:00:00.000Z 2005-02-04T00:00:00.000Z
CVE-1999-0187
N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candidate is a duplicate of CVE-1999-0022. Notes: All CVE users should reference CVE-1999-0022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage N/A N/A 2000-02-04T05:00:00.000Z 2005-02-04T00:00:00.000Z
CVE-1999-0197
N/A
finger 0@host on some systems may print informati… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:27:57.831Z
CVE-1999-0198
N/A
finger .@host on some systems may print informati… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:27:57.847Z
CVE-1999-0200
N/A
Windows NT FTP server (WFTP) with the guest accou… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:27:57.933Z
ID Description Published Updated
ID Severity Description Published Updated
ghsa-84cm-x2q5-8225
9.8 (3.1)
dojox vulnerable to unescaped string injection 2018-10-15T22:03:48Z 2023-09-27T12:57:00Z
ghsa-rpch-cqj9-h65r
7.8 (3.1)
High severity vulnerability that affects YamlDotNet and YamlDotNet.Signed 2018-10-16T17:01:10Z 2021-09-17T19:23:01Z
ghsa-6pcc-3rfx-4gpm
7.5 (3.1)
Dom4j contains a XML Injection vulnerability 2018-10-16T17:01:25Z 2022-04-26T18:43:56Z
ghsa-7378-6268-4278
5.5 (3.1)
DotNetZip Zip-Slip Vulnerability 2018-10-16T17:16:40Z 2025-05-06T17:56:09Z
ghsa-g8j6-m4p7-5rfq
7.5 (3.1)
High severity vulnerability that affects DotNetNuke.Core 2018-10-16T17:18:12Z 2021-09-10T20:29:38Z
ghsa-qxxx-2pp7-5hmx
9.8 (3.1)
jackson-databind is vulnerable to a deserialization flaw 2018-10-16T17:21:35Z 2024-03-01T21:41:47Z
ghsa-hvpr-9cr6-q5v7
9.8 (3.1)
Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization 2018-10-16T17:21:42Z 2022-11-17T18:54:40Z
ghsa-rr3c-f55v-qhv5
7.5 (3.1)
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents 2018-10-16T17:34:00Z 2022-04-27T19:25:26Z
ghsa-xpwp-rq3x-x6v7
Critical severity vulnerability that affects recurly-api-client 2018-10-16T17:35:04Z 2020-06-16T22:03:58Z
ghsa-898j-5cc8-cmf5
5.5 (3.1)
ZipSlip in org.apache.storm:storm-core 2018-10-16T17:35:24Z 2024-03-20T17:34:55Z
ghsa-9gcm-f4x3-8jpw
5.9 (3.1)
Spring Framework Cross Site Tracing (XST) 2018-10-16T17:35:54Z 2024-03-05T17:33:42Z
ghsa-f26x-pr96-vw86
5.9 (3.1)
Moderate severity vulnerability that affects org.springframework:spring-core 2018-10-16T17:43:45Z 2024-05-15T06:25:53Z
ghsa-mwcx-532g-8pq3
8.8 (3.1)
Access and integrity issue within Eclipse Jetty 2018-10-16T17:44:11Z 2022-04-26T18:56:02Z
ghsa-xqj7-j8j5-f2xr
7.5 (3.1)
Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator 2018-10-16T17:44:39Z 2025-09-12T19:26:53Z
ghsa-cggj-fvv3-cqwv
9.8 (3.1)
FasterXML jackson-databind allows unauthenticated remote code execution 2018-10-16T17:45:18Z 2024-03-15T01:08:04Z
ghsa-v76m-f5cx-8rg4
Moderate severity vulnerability that affects DotNetNuke.Core 2018-10-16T19:33:25Z 2020-06-16T21:57:07Z
ghsa-x8f7-h444-97w4
9.8 (3.1)
The installation wizard in DotNetNuke (DNN) allows privilege escalation 2018-10-16T19:33:42Z 2022-04-26T18:57:42Z
ghsa-5c66-x4wm-rjfx
5.4 (3.1)
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN) 2018-10-16T19:34:10Z 2022-04-26T18:58:10Z
ghsa-x2rg-fmcv-crq5
8.8 (3.1)
DNN (aka DotNetNuke) has Remote Code Execution via a cookie 2018-10-16T19:34:22Z 2022-04-26T18:58:37Z
ghsa-38cr-2ph5-frr9
7.5 (3.1)
Apache Struts REST Plugin can potentially allow a DoS attack 2018-10-16T19:35:26Z 2024-01-05T16:06:12Z
ghsa-8fx9-5hx8-crhm
9.8 (3.1)
Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal 2018-10-16T19:35:40Z 2024-01-04T21:54:05Z
ghsa-xcrm-qpp8-hcw4
6.2 (3.1)
Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin 2018-10-16T19:35:55Z 2021-09-21T22:29:46Z
ghsa-9gp7-jvm2-r4mx
5.9 (3.1)
Apache Struts Improper Input Validation vulnerability 2018-10-16T19:36:43Z 2024-01-04T23:08:58Z
ghsa-8mr5-h28g-36qx
7.5 (3.1)
Spring AOP functionality (Struts) vulnerable to DoS attack 2018-10-16T19:37:07Z 2022-04-26T19:00:20Z
ghsa-vwxj-6m5m-rrvh
7.5 (3.1)
The REST Plugin in Apache Struts is using an outdated XStream library 2018-10-16T19:37:22Z 2022-04-26T19:02:10Z
ghsa-x5x7-3v85-wpc4
7.5 (3.1)
Apache Struts allows entering a custom URL in a form field if built-in URLValidator is used 2018-10-16T19:37:33Z 2024-01-04T23:26:47Z
ghsa-gg9m-fj3v-r58c
8.1 (3.1)
REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization… 2018-10-16T19:37:56Z 2025-10-22T17:31:31Z
ghsa-49h4-g8p5-jgq6
6.1 (3.1)
Moderate severity vulnerability that affects org.apache.juddi:juddi-client 2018-10-16T19:49:32Z 2021-09-01T14:10:51Z
ghsa-q66c-h853-gqw2
9.1 (3.1)
AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remo… 2018-10-16T19:49:48Z 2023-01-18T06:20:33Z
ghsa-jj9h-mwhq-8vhm
5.9 (3.1)
Improper Input Validation in org.apache.qpid:qpid-broker 2018-10-16T19:50:13Z 2023-05-22T21:30:04Z
ID Severity Description Package Published Updated
pysec-2018-29
Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.… salt 2018-10-24T22:29:00Z 2021-06-16T00:03:24.871222Z
pysec-2018-30
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to byp… salt 2018-10-24T22:29:00Z 2021-06-10T06:51:17.561337Z
pysec-2018-85
python-kdcproxy before 0.3.2 allows remote attackers to cause a denial of service via a l… kdcproxy 2018-10-30T18:29:00Z 2021-08-27T03:22:05.569463Z
pysec-2018-92
A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the … mistral 2018-11-02T21:29:00Z 2021-08-27T03:22:07.552723Z
pysec-2018-140
6.5 (3.1)
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in… exiv2 2018-11-03T04:29:00Z 2024-11-21T14:22:48.914006Z
pysec-2018-74
Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to … superset 2018-11-07T14:29:00Z 2021-08-25T04:30:32.701868Z
pysec-2018-141
6.5 (3.1)
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD… exiv2 2018-11-08T08:29:00Z 2024-11-21T14:22:48.973676Z
pysec-2018-142
6.5 (3.1)
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may … exiv2 2018-11-08T08:29:00Z 2024-11-21T14:22:49.03444Z
pysec-2018-96
Py-EVM v0.2.0-alpha.33 allows attackers to make a vm.execute_bytecode call that triggers … py-evm 2018-11-12T02:29:00Z 2021-08-27T03:22:16.474976Z
pysec-2018-17
Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert resp… notebook 2018-11-18T17:29:00Z 2021-06-10T06:51:21.489049Z
pysec-2018-18
Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/st… notebook 2018-11-18T17:29:00Z 2021-06-10T06:52:01.452566Z
pysec-2018-77
The client in Tryton 5.x before 5.0.1 tries to make a connection to the bus in cleartext … tryton 2018-11-22T19:29:00Z 2021-08-25T04:30:34.252835Z
pysec-2018-143
6.5 (3.1)
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a d… exiv2 2018-11-27T07:29:00Z 2024-11-21T14:22:49.094932Z
pysec-2018-60
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging a… ansible 2018-11-29T18:29:00Z 2021-08-25T04:29:51.914778Z
pysec-2018-12
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean m… lxml 2018-12-02T10:29:00Z 2021-06-16T00:03:23.627691Z
pysec-2018-32
urllib3 before version 1.23 does not remove the Authorization HTTP header when following … urllib3 2018-12-11T17:29:00Z 2021-06-10T06:51:03.467032Z
pysec-2018-117
6.5 (3.1)
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.c… exiv2 2018-12-12T10:29:00Z 2024-01-02T15:20:59.143416Z
pysec-2018-118
6.5 (3.1)
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.… exiv2 2018-12-12T10:29:00Z 2024-01-02T15:20:59.201635Z
pysec-2018-119
6.5 (3.1)
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cp… exiv2 2018-12-12T10:29:00Z 2024-01-02T15:20:59.259575Z
pysec-2018-120
6.5 (3.1)
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.… exiv2 2018-12-12T10:29:00Z 2024-01-02T15:20:59.318592Z
pysec-2018-9
** DISPUTED ** OpenStack Keystone through 14.0.1 has a user enumeration vulnerability bec… keystone 2018-12-17T07:29:00Z 2021-06-10T06:51:56.696140Z
pysec-2018-103
ymlref allows code injection. ymlref 2018-12-17T19:29:00Z 2021-09-26T23:33:39.795406Z
pysec-2018-11
Luigi version prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aa… luigi 2018-12-20T15:29:00Z 2021-06-10T06:51:41.493009Z
pysec-2018-35
aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability… aiohttp-session 2018-12-20T15:29:00Z 2021-07-02T02:41:32.834524Z
pysec-2018-22
OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management… pykmip 2018-12-20T17:29:00Z 2021-06-10T06:50:52.184344Z
pysec-2018-82
There is a vulnerability in load() method in definitions/parser.py in the Danijar Hafner … definitions 2018-12-21T23:29:00Z 2021-08-27T03:21:57.237018Z
pysec-2019-141
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure f… ansible 2019-01-03T15:29:00Z 2021-06-10T06:51:54.692225Z
pysec-2019-122
Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixt… sqla-yaml-fixtures 2019-01-03T19:29:00Z 2019-01-31T18:00:00Z
pysec-2019-17
In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper… django 2019-01-09T23:29:00Z 2019-04-23T13:11:00Z
pysec-2019-150
Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection c… bodhi 2019-01-10T21:29:00Z 2021-07-05T00:01:17.244288Z
ID Description Updated
ID Description Published Updated
mal-2022-291 Malicious code in @gmelius/fetlife-assets (npm) 2022-06-20T18:20:15Z 2022-06-20T18:20:15Z
mal-2022-333 Malicious code in @hilcorp/fetlife-assets (npm) 2022-06-20T18:20:15Z 2022-06-20T18:20:16Z
mal-2022-336 Malicious code in @homebrew/fetlife-assets (npm) 2022-06-20T18:20:15Z 2022-06-20T18:20:16Z
mal-2022-337 Malicious code in @honeywell/fetlife-assets (npm) 2022-06-20T18:20:16Z 2022-06-20T18:20:16Z
mal-2022-339 Malicious code in @hudapp/fetlife-assets (npm) 2022-06-20T18:20:16Z 2022-06-20T18:20:17Z
mal-2022-340 Malicious code in @huji/fetlife-assets (npm) 2022-06-20T18:20:16Z 2022-06-20T18:20:17Z
mal-2022-341 Malicious code in @ibb-apache/fetlife-assets (npm) 2022-06-20T18:20:16Z 2022-06-20T18:20:18Z
mal-2022-343 Malicious code in @icbc-ltd/fetlife-assets (npm) 2022-06-20T18:20:17Z 2022-06-20T18:20:18Z
mal-2022-344 Malicious code in @icmb/fetlife-assets (npm) 2022-06-20T18:20:18Z 2022-06-20T18:20:19Z
mal-2022-347 Malicious code in @igame/fetlife-assets (npm) 2022-06-20T18:20:18Z 2022-06-20T18:20:19Z
mal-2022-355 Malicious code in @impresscms/fetlife-assets (npm) 2022-06-20T18:20:19Z 2022-06-20T18:20:19Z
mal-2022-357 Malicious code in @infogram/fetlife-assets (npm) 2022-06-20T18:20:19Z 2022-06-20T18:20:20Z
mal-2022-359 Malicious code in @instagram/fetlife-assets (npm) 2022-06-20T18:20:20Z 2022-06-20T18:20:20Z
mal-2022-362 Malicious code in @insulet/fetlife-assets (npm) 2022-06-20T18:20:20Z 2022-06-20T18:20:21Z
mal-2022-363 Malicious code in @investnext/fetlife-assets (npm) 2022-06-20T18:20:20Z 2022-06-20T18:20:21Z
mal-2022-365 Malicious code in @israelhayom/fetlife-assets (npm) 2022-06-20T18:20:21Z 2022-06-20T18:20:21Z
mal-2022-368 Malicious code in @jerusalem/fetlife-assets (npm) 2022-06-20T18:20:21Z 2022-06-20T18:20:21Z
mal-2022-371 Malicious code in @jnjmobile/fetlife-assets (npm) 2022-06-20T18:20:21Z 2022-06-20T18:20:25Z
mal-2022-374 Malicious code in @justauth/fetlife-assets (npm) 2022-06-20T18:20:21Z 2022-06-20T18:20:22Z
mal-2022-375 Malicious code in @kaspersky/fetlife-assets (npm) 2022-06-20T18:20:22Z 2022-06-20T18:20:22Z
mal-2022-376 Malicious code in @keybank/fetlife-assets (npm) 2022-06-20T18:20:22Z 2022-06-20T18:20:23Z
mal-2022-379 Malicious code in @kimley-horn/fetlife-assets (npm) 2022-06-20T18:20:22Z 2022-06-20T18:20:22Z
mal-2022-382 Malicious code in @kindredext/fetlife-assets (npm) 2022-06-20T18:20:22Z 2022-06-20T18:20:23Z
mal-2022-384 Malicious code in @kolikkopelit/fetlife-assets (npm) 2022-06-20T18:20:23Z 2022-06-20T18:20:23Z
mal-2022-389 Malicious code in @localizejs/fetlife-assets (npm) 2022-06-20T18:20:23Z 2022-06-20T18:20:24Z
mal-2022-400 Malicious code in @loofah/fetlife-assets (npm) 2022-06-20T18:20:23Z 2022-06-20T18:20:24Z
mal-2022-401 Malicious code in @lowes/fetlife-assets (npm) 2022-06-20T18:20:23Z 2022-06-20T18:20:24Z
mal-2022-407 Malicious code in @maariv/fetlife-assets (npm) 2022-06-20T18:20:24Z 2022-06-20T18:20:24Z
mal-2022-408 Malicious code in @maccabi4u/fetlife-assets (npm) 2022-06-20T18:20:24Z 2022-06-20T18:20:25Z
mal-2022-410 Malicious code in @mainwp/fetlife-assets (npm) 2022-06-20T18:20:24Z 2022-06-20T18:20:25Z
ID Description Published Updated
ID Description Published Updated
wid-sec-w-2024-0586 Red Hat fontforge: Schwachstelle ermöglicht Codeausführung 2020-04-28T22:00:00.000+00:00 2024-03-07T23:00:00.000+00:00
wid-sec-w-2024-1288 Red Hat edk2: Schwachstelle ermöglicht nicht spezifizierten Angriff 2020-04-28T22:00:00.000+00:00 2024-06-04T22:00:00.000+00:00
wid-sec-w-2025-2180 Red Hat libmspack: Schwachstelle ermöglicht Offenlegung von Informationen 2020-04-28T22:00:00.000+00:00 2025-10-01T22:00:00.000+00:00
wid-sec-w-2024-3163 OpenLDAP: Schwachstelle ermöglicht Denial of Service 2020-04-29T22:00:00.000+00:00 2024-10-14T22:00:00.000+00:00
wid-sec-w-2025-2772 Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation 2020-04-29T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2022-1347 jQuery: Mehrere Schwachstellen ermöglichen Cross-Site Scripting 2020-05-03T22:00:00.000+00:00 2025-07-21T22:00:00.000+00:00
wid-sec-w-2025-2773 Linux Kernel: Schwachstelle ermöglicht Denial of Service 2020-05-03T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2022-1924 Linux Kernel: Mehrere Schwachstellen 2020-05-04T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2024-1449 SaltStack Salt: Mehrere Schwachstellen ermöglichen Erlangen von Administratorrechten 2020-05-04T22:00:00.000+00:00 2024-06-25T22:00:00.000+00:00
wid-sec-w-2022-1571 GraphicsMagick: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Benutzerrechten 2020-05-05T22:00:00.000+00:00 2023-03-27T22:00:00.000+00:00
wid-sec-w-2022-1923 Linux Kernel: Mehrere Schwachstellen 2020-05-05T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2024-0748 libvirt: Schwachstelle ermöglicht Denial of Service 2020-05-05T22:00:00.000+00:00 2024-11-17T23:00:00.000+00:00
wid-sec-w-2024-0450 Cisco Adaptive Security Appliance (ASA) und Cisco Firepower Threat Defense (FTD): Mehrere Schwachstellen 2020-05-06T22:00:00.000+00:00 2024-02-21T23:00:00.000+00:00
wid-sec-w-2025-2774 Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff 2020-05-07T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2022-1614 Linux Kernel: Mehrere Schwachstellen 2020-05-10T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2023-2473 Ansible: Schwachstelle ermöglicht Offenlegung von Informationen 2020-05-11T22:00:00.000+00:00 2025-11-23T23:00:00.000+00:00
wid-sec-w-2025-2123 Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen 2020-05-11T22:00:00.000+00:00 2025-09-24T22:00:00.000+00:00
wid-sec-w-2023-2472 Ansible Tower: Schwachstelle ermöglicht Offenlegung von Informationen 2020-05-12T22:00:00.000+00:00 2025-11-23T23:00:00.000+00:00
wid-sec-w-2025-2775 Linux Kernel: Schwachstelle ermöglicht Denial of Service 2020-05-12T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2025-2776 Linux Kernel: Schwachstelle ermöglichen Umgehen von Sicherheitsvorkehrungen 2020-05-12T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2025-2777 Linux Kernel: Schwachstelle ermöglicht Denial of Service 2020-05-13T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2023-1517 VLC: mehrere Schwachstellen 2020-05-17T22:00:00.000+00:00 2025-01-28T23:00:00.000+00:00
wid-sec-w-2024-1037 Ansible: Schwachstelle ermöglicht nicht spezifizierten Angriff 2020-05-17T22:00:00.000+00:00 2024-05-06T22:00:00.000+00:00
wid-sec-w-2022-1807 LibreOffice: Schwachstelle ermöglicht Offenlegung von Informationen 2020-05-18T22:00:00.000+00:00 2024-01-01T23:00:00.000+00:00
wid-sec-w-2023-1093 Ruby on Rails: Mehrere Schwachstellen 2020-05-18T22:00:00.000+00:00 2024-01-15T23:00:00.000+00:00
wid-sec-w-2024-1554 Bluetooth Spezifikation: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen 2020-05-18T22:00:00.000+00:00 2024-11-12T23:00:00.000+00:00
wid-sec-w-2025-0236 Dovecot: Mehrere Schwachstellen ermöglichen Denial of Service 2020-05-18T22:00:00.000+00:00 2025-02-02T23:00:00.000+00:00
wid-sec-w-2025-1198 Internet Systems Consortium BIND: Mehrere Schwachstellen ermöglichen Denial of Service 2020-05-18T22:00:00.000+00:00 2025-05-29T22:00:00.000+00:00
wid-sec-w-2025-2778 Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff 2020-05-18T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2022-2095 Linux Kernel: Schwachstelle ermöglicht Denial of Service 2020-05-19T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
ID Description Published Updated
icsa-17-187-03f ICSA-17-187-03F Siemens SIPROTEC 4 and SIPROTEC Compact (Update F) 2017-07-04T00:00:00.000000Z 2018-06-12T00:00:00.000000Z
icsa-17-187-01 Siemens OZW672 and OZW772 2017-07-06T00:00:00.000000Z 2017-07-06T00:00:00.000000Z
icsa-17-187-02 Siemens Reyrolle 2017-07-06T00:00:00.000000Z 2017-07-06T00:00:00.000000Z
icsa-17-187-04 Schneider Electric Wonderware ArchestrA Logger 2017-07-06T00:00:00.000000Z 2017-07-06T00:00:00.000000Z
icsa-17-187-05 Schneider Electric Ampla MES 2017-07-06T00:00:00.000000Z 2017-07-06T00:00:00.000000Z
icsa-17-192-01 Siemens SIMATIC Logon 2017-07-11T00:00:00.000000Z 2017-07-11T00:00:00.000000Z
icsa-17-192-02 Fuji Electric V-Server 2017-07-11T00:00:00.000000Z 2017-07-11T00:00:00.000000Z
icsa-17-192-03 ABB VSN300 WiFi Logger Card 2017-07-11T00:00:00.000000Z 2017-07-11T00:00:00.000000Z
icsa-17-192-04 OSIsoft PI Coresight 2017-07-11T00:00:00.000000Z 2017-07-11T00:00:00.000000Z
icsa-17-192-06 Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622 2017-07-11T00:00:00.000000Z 2017-07-11T00:00:00.000000Z
icsa-17-194-01 Siemens SiPass integrated 2017-07-13T00:00:00.000000Z 2017-07-13T00:00:00.000000Z
icsa-17-194-03 Siemens SIMATIC Sm@rtClient Android App 2017-07-13T00:00:00.000000Z 2017-07-13T00:00:00.000000Z
icsa-17-201-01 Schneider Electric PowerSCADA Anywhere and Citect Anywhere 2017-07-20T00:00:00.000000Z 2017-07-20T00:00:00.000000Z
icsa-17-208-01 Continental AG Infineon S-Gold 2 (PMB 8876) 2017-07-27T00:00:00.000000Z 2017-07-27T00:00:00.000000Z
icsa-17-208-02 Mirion Technologies Telemetry Enabled Devices 2017-07-27T00:00:00.000000Z 2017-07-27T00:00:00.000000Z
icsa-17-208-03 PDQ Manufacturing, Inc. LaserWash, Laser Jet and ProTouch 2017-07-27T00:00:00.000000Z 2017-07-27T00:00:00.000000Z
icsa-17-208-04 Rockwell Automation Allen-Bradley Stratix and ArmorStratix 2017-07-27T00:00:00.000000Z 2017-08-24T00:00:00.000000Z
icsa-17-213-01 Mitsubishi Electric Europe B.V. E-Designer 2017-08-01T00:00:00.000000Z 2017-08-01T00:00:00.000000Z
icsa-17-215-01 Schneider Electric Pro-face GP-Pro EX 2017-08-03T00:00:00.000000Z 2017-08-03T00:00:00.000000Z
icsma-17-215-01 ICSMA-17-215-01_Siemens Molecular Imaging Vulnerabilities 2017-08-03T00:00:00.000000Z 2017-08-03T00:00:00.000000Z
icsma-17-215-02 ICSMA-17-215-02_Siemens Molecular Imaging Vulnerabilities 2017-08-03T00:00:00.000000Z 2017-08-03T00:00:00.000000Z
icsa-17-220-01 OSIsoft PI Integrator 2017-08-08T00:00:00.000000Z 2017-08-08T00:00:00.000000Z
icsa-17-220-02 Moxa SoftNVR-IA Live Viewer 2017-08-08T00:00:00.000000Z 2017-08-08T00:00:00.000000Z
icsa-17-222-01 SIMPlight SCADA Software 2017-08-10T00:00:00.000000Z 2017-08-10T00:00:00.000000Z
icsa-17-222-02 Solar Controls Heating Control Downloader (HCDownloader) 2017-08-10T00:00:00.000000Z 2017-08-10T00:00:00.000000Z
icsa-17-222-03 Solar Controls WATTConfig M Software 2017-08-10T00:00:00.000000Z 2017-08-10T00:00:00.000000Z
icsa-17-222-04 Fuji Electric Monitouch V-SFT 2017-08-10T00:00:00.000000Z 2017-08-10T00:00:00.000000Z
icsa-17-222-05 ABB SREA-01 and SREA-50 2017-08-10T00:00:00.000000Z 2017-08-10T00:00:00.000000Z
icsa-17-227-01 Advantech WebOP 2017-08-15T00:00:00.000000Z 2017-08-15T00:00:00.000000Z
icsma-17-227-01 ICSMA-17-227-01_BMC Medical and 3B Medical Luna CPAP Machine 2017-08-15T00:00:00.000000Z 2017-08-15T00:00:00.000000Z
ID Description Published Updated
cisco-sa-20190501-frpwr-dos Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability 2019-05-01T16:00:00+00:00 2019-05-02T17:41:24+00:00
cisco-sa-20190501-frpwr-smb-snort Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities 2019-05-01T16:00:00+00:00 2019-05-02T17:54:49+00:00
cisco-sa-20190501-ftd-cmd-inject Cisco Firepower Threat Defense Software Command Injection Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190501-hyperflex-csrf Cisco HyperFlex HX-Series Web-Based Management Interface Cross-Site Request Forgery Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190501-nexus9k-rpe Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability 2019-05-01T16:00:00+00:00 2019-05-15T13:28:14+00:00
cisco-sa-20190501-nexus9k-sshkey Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability 2019-05-01T16:00:00+00:00 2019-05-09T12:49:51+00:00
cisco-sa-20190501-pca-xss Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190501-phone-sip-xml-dos Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190501-pnr-xss Cisco Prime Network Registrar Cross-Site Scripting Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190501-sbr-hijack Cisco Small Business RV320 and RV325 Routers Session Hijacking Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190501-scbv Cisco Small Business Switches Secure Shell Certificate Authentication Bypass Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190501-sd-cpu-dos Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability 2019-05-01T16:00:00+00:00 2019-05-02T17:57:14+00:00
cisco-sa-20190501-udb-sm Cisco Umbrella Dashboard Session Management Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190501-wsa-dos Cisco Web Security Appliance Malformed Request Denial of Service Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190501-wsa-privesc Cisco Web Security Appliance Privilege Escalation Vulnerability 2019-05-01T16:00:00+00:00 2019-05-01T16:00:00+00:00
cisco-sa-20190507-esc-authbypass Cisco Elastic Services Controller REST API Authentication Bypass Vulnerability 2019-05-07T16:00:00+00:00 2019-05-07T16:00:00+00:00
cisco-sa-20190513-secureboot Cisco Secure Boot Hardware Tampering Vulnerability 2019-05-13T17:30:00+00:00 2019-11-20T17:23:18+00:00
cisco-sa-20190513-webui Cisco IOS XE Software Web UI Command Injection Vulnerability 2019-05-13T17:30:00+00:00 2019-05-13T17:30:00+00:00
cisco-sa-20190515-anyconnectclient-oob-read Cisco AnyConnect Secure Mobility Client for Linux Out-of-Bounds Memory Read Vulnerability 2019-05-15T16:00:00+00:00 2019-05-15T16:00:00+00:00
cisco-sa-20190515-cuic-cmdinj Cisco Unified Intelligence Center Remote File Injection Vulnerability 2019-05-15T16:00:00+00:00 2019-06-06T14:42:43+00:00
cisco-sa-20190515-cvsm Cisco Video Surveillance Manager Web-Based Management Interface Information Disclosure Vulnerability 2019-05-15T16:00:00+00:00 2019-05-15T16:00:00+00:00
cisco-sa-20190515-ftd-ssltls-bypass Cisco Firepower Threat Defense Software SSL/TLS Policy Bypass Vulnerability 2019-05-15T16:00:00+00:00 2019-05-15T16:00:00+00:00
cisco-sa-20190515-ftdde-poly-bypass Cisco Firepower Threat Defense Software Detection Engine Policy Bypass Vulnerability 2019-05-15T16:00:00+00:00 2019-05-15T16:00:00+00:00
cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782) 2019-05-15T16:00:00+00:00 2019-05-15T16:00:00+00:00
cisco-sa-20190515-iosxr-evpn-dos Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability 2019-05-15T16:00:00+00:00 2019-07-10T16:56:52+00:00
cisco-sa-20190515-iosxr-mpls-dos Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability 2019-05-15T16:00:00+00:00 2019-05-15T16:00:00+00:00
cisco-sa-20190515-ise-certcreation Cisco Identity Services Engine Arbitrary Client Certificate Creation Vulnerability 2019-05-15T16:00:00+00:00 2019-05-15T16:00:00+00:00
cisco-sa-20190515-nxos-bash-bypass Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability 2019-05-15T16:00:00+00:00 2019-05-20T14:00:47+00:00
cisco-sa-20190515-nxos-cmd-inject-1784 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784) 2019-05-15T16:00:00+00:00 2019-07-18T00:00:26+00:00
cisco-sa-20190515-nxos-cmdinj-1735 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735) 2019-05-15T16:00:00+00:00 2021-07-12T14:24:27+00:00
ID Description Published Updated
msrc_cve-2020-15106 Improper Input Validation in etcd 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-15112 Improper Input Validation in etcd 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-15113 Improper Preservation of Permissions in etcd 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-15114 Denial of Service in etcd 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-15115 No minimum password length in etcd 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-15136 Improper authentication in etcd 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-16092 In QEMU through 5.0.0 an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c. 2020-08-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-16845 Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. 2020-08-02T00:00:00.000Z 2026-02-19T01:37:33.000Z
msrc_cve-2020-17507 An issue was discovered in Qt through 5.12.9 and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-24241 In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c. 2020-08-02T00:00:00.000Z 2026-02-18T15:14:57.000Z
msrc_cve-2020-24330 An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user it fails to drop the root gid privilege when no longer needed. 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-24331 An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon). 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-24332 An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files which could possibly lead to a DoS attack. 2020-08-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-24342 Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row. 2020-08-02T00:00:00.000Z 2026-02-18T14:28:04.000Z
msrc_cve-2020-24347 njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c. 2020-08-02T00:00:00.000Z 2026-02-18T01:14:41.000Z
msrc_cve-2020-24370 ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal as demonstrated by getlocal(32^31). 2020-08-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2020-24371 lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage. 2020-08-02T00:00:00.000Z 2025-09-03T22:25:53.000Z
msrc_cve-2020-24394 In the Linux kernel before 5.7.8 fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support aka CID-22cf8419f131. This occurs because the current umask is not considered. 2020-08-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-7019 In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran the scrolling search can leak fields that should be hidden. This could result in an attacker gaining additional permissions against a restricted index. 2020-08-02T00:00:00.000Z 2021-12-01T00:00:00.000Z
msrc_cve-2020-8620 In BIND 9.15.6 -> 9.16.5 9.17.0 -> 9.17.3 An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure causing the server to exit. 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-8621 Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-8622 A truncated TSIG response can lead to an assertion failure 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-8623 A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-8624 update-policy rules of type "subdomain" are enforced incorrectly 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-9490 Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers. 2020-08-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2014-10402 An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401. 2020-09-02T00:00:00.000Z 2026-02-18T01:45:33.000Z
msrc_cve-2019-20916 The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command because a Content-Disposition header can have ../ in a filename as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py. 2020-09-02T00:00:00.000Z 2020-12-21T00:00:00.000Z
msrc_cve-2020-0570 Uncontrolled search path in the QT Library before 5.14.0 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. 2020-09-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2020-10733 The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add files into one of those directories can use this to execute arbitrary code with the installer's administrative rights. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-10766 A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per task/process conditional STIPB switching was added on top of the existing SSBD switching. The highest threat from this vulnerability is to confidentiality. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
ID Description Published Updated
ncsc-2025-0377 Kwetsbaarheden verholpen in GitLab 2025-11-27T13:35:09.121804Z 2025-11-27T13:35:09.121804Z
ncsc-2025-0378 Kwetsbaarheden verholpen in Mattermost 2025-11-28T09:53:42.334621Z 2025-11-28T09:53:42.334621Z
ncsc-2025-0379 Kwetsbaarheden verholpen in Google Android en Samsung Mobile 2025-12-02T13:25:17.745981Z 2025-12-02T13:25:17.745981Z
ncsc-2025-0380 Kwetsbaarheden verholpen in React Server Components 2025-12-03T20:11:57.728117Z 2025-12-05T12:13:36.590522Z
ncsc-2025-0381 Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform 2025-12-08T08:23:21.965599Z 2025-12-08T08:23:21.965599Z
ncsc-2025-0382 Kwetsbaarheden verholpen in Siemens producten 2025-12-09T13:15:05.391966Z 2025-12-09T13:15:05.391966Z
ncsc-2025-0383 Kwetsbaarheden verholpen in Microsoft Windows 2025-12-09T18:39:18.152251Z 2025-12-09T18:39:18.152251Z
ncsc-2025-0384 Kwetsbaarheden verholpen in Microsoft Office 2025-12-09T18:40:33.839342Z 2025-12-09T18:40:33.839342Z
ncsc-2025-0385 Kwetsbaarheden verholpen in Microsoft Exchange 2025-12-09T18:42:32.332749Z 2025-12-09T18:42:32.332749Z
ncsc-2025-0386 Kwetsbaarheden verholpen in Fortinet producten 2025-12-10T09:51:34.918202Z 2026-01-28T15:46:10.814803Z
ncsc-2025-0387 Kwetsbaarheden verholpen in Adobe ColdFusion 2025-12-10T13:34:08.908897Z 2025-12-10T13:34:08.908897Z
ncsc-2025-0388 Kwetsbaarheden verholpen in Adobe Acrobat Reader 2025-12-10T13:35:58.314547Z 2025-12-10T13:35:58.314547Z
ncsc-2025-0389 Kwetsbaarheden verholpen in Adobe Experience Manager 2025-12-10T14:59:57.911864Z 2025-12-10T14:59:57.911864Z
ncsc-2025-0390 Kwetsbaarheden verholpen in GitLab CE/EE 2025-12-11T09:22:54.841848Z 2025-12-11T09:22:54.841848Z
ncsc-2025-0391 Kwetsbaarheden verholpen in Ivanti Endpoint Manager 2025-12-11T13:51:55.178462Z 2025-12-11T13:51:55.178462Z
ncsc-2025-0392 Kwetsbaarheid verholpen in Barracuda Service Center 2025-12-11T13:53:23.819008Z 2025-12-11T13:53:23.819008Z
ncsc-2025-0393 Kwetsbaarheid verholpen in GeoServer 2025-12-12T08:12:18.831044Z 2025-12-12T09:02:27.681292Z
ncsc-2025-0394 Kwetsbaarheden verholpen in React Server Components 2025-12-12T09:04:19.324080Z 2025-12-12T10:46:34.688189Z
ncsc-2025-0395 Kwetsbaarheden verholpen in SAP Software 2025-12-12T09:29:08.429888Z 2025-12-12T09:29:08.429888Z
ncsc-2025-0396 Kwetsbaarheden verholpen in Apple macOS 2025-12-15T09:06:36.450655Z 2025-12-15T09:06:36.450655Z
ncsc-2025-0397 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2025-12-15T09:08:39.804149Z 2025-12-15T09:08:39.804149Z
ncsc-2025-0398 Kwetsbaarheid in Cisco AsyncOS 2025-12-17T19:47:00.346651Z 2025-12-17T19:47:00.346651Z
ncsc-2025-0399 Kwetsbaarheid verholpen in HPE OneView Software 2025-12-18T18:38:20.794784Z 2025-12-24T11:29:46.123674Z
ncsc-2025-0400 Kwetsbaarheid verholpen in WatchGuard Firebox 2025-12-19T11:16:01.438518Z 2025-12-19T11:16:01.438518Z
ncsc-2025-0401 Kwetsbaarheden verholpen in Foxit PDF Reader 2025-12-24T09:14:56.590353Z 2025-12-24T09:14:56.590353Z
ncsc-2025-0402 Kwetsbaarheid verholpen in MongoDB 2025-12-27T11:38:11.514349Z 2025-12-27T11:38:11.514349Z
ncsc-2025-0403 Kwetsbaarheden verholpen in QNAP besturingssystemen 2025-12-29T09:17:28.385450Z 2025-12-29T09:17:28.385450Z
ncsc-2025-0404 Kwetsbaarheid verholpen in SmarterMail 2025-12-31T14:19:01.847364Z 2025-12-31T14:19:01.847364Z
ncsc-2025-0405 Kwetsbaarheid verholpen in Roundcube Webmail 2025-12-31T14:29:26.821576Z 2025-12-31T14:29:26.821576Z
ncsc-2026-0001 Kwetsbaarheden verholpen in Hanwha camera systemen 2026-01-08T12:28:21.446188Z 2026-01-08T12:28:21.446188Z
ID Description Published Updated
ID Description Published Updated
opensuse-su-2019:2078-1 Security update for python-SQLAlchemy 2019-09-06T08:21:54Z 2019-09-06T08:21:54Z
opensuse-su-2019:2080-1 Security update for chromium 2019-09-07T06:57:47Z 2019-09-07T06:57:47Z
opensuse-su-2019:2081-1 Security update for chromium 2019-09-07T07:20:18Z 2019-09-07T07:20:18Z
opensuse-su-2019:2083-1 Security update for srt 2019-09-07T10:20:42Z 2019-09-07T10:20:42Z
opensuse-su-2019:2085-1 Security update for go1.12 2019-09-07T14:22:30Z 2019-09-07T14:22:30Z
opensuse-su-2019:2089-1 Security update for httpie 2019-09-07T14:23:00Z 2019-09-07T14:23:00Z
opensuse-su-2019:2093-1 Security update for exim 2019-09-08T14:55:24Z 2019-09-08T14:55:24Z
opensuse-su-2019:2094-1 Security update for chromium 2019-09-08T15:07:49Z 2019-09-08T15:07:49Z
opensuse-su-2019:2095-1 Security update for libmirage 2019-09-08T16:18:09Z 2019-09-08T16:18:09Z
opensuse-su-2019:2096-1 Security update for libmirage 2019-09-08T16:18:21Z 2019-09-08T16:18:21Z
opensuse-su-2019:2107-1 Recommended update for opera 2019-09-10T05:28:28Z 2019-09-10T05:28:28Z
opensuse-su-2019:2108-1 Security update for SDL2_image 2019-09-10T14:20:24Z 2019-09-10T14:20:24Z
opensuse-su-2019:2109-1 Security update for SDL_image 2019-09-10T14:20:33Z 2019-09-10T14:20:33Z
opensuse-su-2019:2110-1 Security update for python-Twisted 2019-09-10T14:20:42Z 2019-09-10T14:20:42Z
opensuse-su-2019:2114-1 Security update for nodejs10 2019-09-10T16:22:24Z 2019-09-10T16:22:24Z
opensuse-su-2019:2115-1 Security update for nodejs8 2019-09-10T16:22:52Z 2019-09-10T16:22:52Z
opensuse-su-2019:2118-1 Security update for python-Werkzeug 2019-09-10T16:23:43Z 2019-09-10T16:23:43Z
opensuse-su-2019:2120-1 Security update for nginx 2019-09-10T18:18:07Z 2019-09-10T18:18:07Z
opensuse-su-2019:2121-1 Security update for util-linux and shadow 2019-09-10T18:18:24Z 2019-09-10T18:18:24Z
opensuse-su-2019:2128-1 Security update for srt 2019-09-12T16:18:20Z 2019-09-12T16:18:20Z
opensuse-su-2019:2129-1 Security update for libmirage 2019-09-14T04:17:39Z 2019-09-14T04:17:39Z
opensuse-su-2019:2130-1 Security update for go1.12 2019-09-14T12:16:57Z 2019-09-14T12:16:57Z
opensuse-su-2019:2131-1 Security update for python-urllib3 2019-09-14T12:17:04Z 2019-09-14T12:17:04Z
opensuse-su-2019:2133-1 Security update for python-urllib3 2019-09-14T16:16:45Z 2019-09-14T16:16:45Z
opensuse-su-2019:2135-1 Security update for rdesktop 2019-09-14T16:17:10Z 2019-09-14T16:17:10Z
opensuse-su-2019:2137-1 Security update for buildah 2019-09-15T12:16:46Z 2019-09-15T12:16:46Z
opensuse-su-2019:2138-1 Security update for skopeo 2019-09-15T12:16:54Z 2019-09-15T12:16:54Z
opensuse-su-2019:2139-1 Security update for ghostscript 2019-09-16T04:17:00Z 2019-09-16T04:17:00Z
opensuse-su-2019:2142-1 Security update for samba 2019-09-16T16:17:28Z 2019-09-16T16:17:28Z
opensuse-su-2019:2143-1 Security update for podman 2019-09-16T18:16:43Z 2019-09-16T18:16:43Z
ID Description Published Updated
ID Description Published Updated
rhsa-2005:434 Red Hat Security Advisory: firefox security update 2005-05-23T09:14:00+00:00 2026-01-08T09:18:31+00:00
rhsa-2005:435 Red Hat Security Advisory: mozilla security update 2005-05-23T09:42:00+00:00 2026-01-08T09:18:32+00:00
rhsa-2005:473 Red Hat Security Advisory: lesstif security update 2005-05-24T17:17:00+00:00 2025-11-21T17:29:08+00:00
rhsa-2005:427 Red Hat Security Advisory: ethereal security update 2005-05-24T17:27:00+00:00 2026-01-13T20:57:27+00:00
rhsa-2005:413 Red Hat Security Advisory: ImageMagick security update 2005-05-25T16:14:00+00:00 2026-01-13T22:14:55+00:00
rhsa-2005:472 Red Hat Security Advisory: kernel security update 2005-05-25T16:42:00+00:00 2026-01-13T22:06:45+00:00
rhsa-2005:430 Red Hat Security Advisory: gnutls security update 2005-06-01T13:11:00+00:00 2025-11-21T17:29:06+00:00
rhsa-2005:433 Red Hat Security Advisory: postgresql security update 2005-06-01T13:24:00+00:00 2026-01-13T20:57:27+00:00
rhsa-2005:476 Red Hat Security Advisory: openssl security update 2005-06-01T13:32:00+00:00 2025-11-21T17:29:09+00:00
rhsa-2005:480 Red Hat Security Advisory: ImageMagick security update 2005-06-02T14:30:00+00:00 2025-11-21T17:29:09+00:00
rhsa-2005:481 Red Hat Security Advisory: openssh security update 2005-06-02T14:31:00+00:00 2025-11-21T17:29:09+00:00
rhsa-2005:416 Red Hat Security Advisory: kdbg security update 2005-06-02T14:32:00+00:00 2025-11-21T17:29:05+00:00
rhsa-2005:102 Red Hat Security Advisory: dbus security update. 2005-06-08T15:00:00+00:00 2025-11-21T17:28:27+00:00
rhsa-2005:165 Red Hat Security Advisory: rsh security update 2005-06-08T15:01:00+00:00 2025-11-21T17:28:36+00:00
rhsa-2005:420 Red Hat Security Advisory: Updated kernel packages available for Red Hat Enterprise Linux 4 Update 1 2005-06-08T15:12:00+00:00 2026-01-13T20:57:24+00:00
rhsa-2005:198 Red Hat Security Advisory: xorg-x11 security update 2005-06-08T15:33:00+00:00 2025-11-21T17:28:38+00:00
rhsa-2005:505 Red Hat Security Advisory: tcpdump security update 2005-06-13T12:03:00+00:00 2025-11-21T17:29:12+00:00
rhsa-2005:410 Red Hat Security Advisory: gftp security update 2005-06-13T12:07:00+00:00 2025-11-21T17:29:03+00:00
rhsa-2005:489 Red Hat Security Advisory: squid security update 2005-06-13T12:08:00+00:00 2026-01-06T20:20:09+00:00
rhsa-2005:357 Red Hat Security Advisory: gzip security update 2005-06-13T12:12:00+00:00 2026-01-13T22:10:09+00:00
rhsa-2005:506 Red Hat Security Advisory: mikmod security update 2005-06-13T12:18:00+00:00 2025-11-21T17:29:12+00:00
rhsa-2005:502 Red Hat Security Advisory: sysreport security update 2005-06-13T12:22:00+00:00 2026-01-13T20:57:33+00:00
rhsa-2005:495 Red Hat Security Advisory: rsh security update 2005-06-13T12:23:00+00:00 2025-11-21T17:29:10+00:00
rhsa-2005:499 Red Hat Security Advisory: gedit security update 2005-06-13T12:28:00+00:00 2026-01-13T22:32:15+00:00
rhsa-2005:415 Red Hat Security Advisory: squid security update 2005-06-14T19:40:00+00:00 2026-01-13T22:09:29+00:00
rhsa-2005:474 Red Hat Security Advisory: bzip2 security update 2005-06-16T17:36:00+00:00 2025-11-21T17:29:08+00:00
rhsa-2005:512 Red Hat Security Advisory: mc security update 2005-06-16T17:44:00+00:00 2025-11-21T17:29:13+00:00
rhsa-2005:498 Red Hat Security Advisory: spamassassin security update 2005-06-23T19:19:00+00:00 2026-01-13T20:57:30+00:00
rhsa-2005:523 Red Hat Security Advisory: RealPlayer security update 2005-06-23T19:21:00+00:00 2025-11-21T17:29:14+00:00
rhsa-2005:524 Red Hat Security Advisory: freeradius security update 2005-06-23T19:25:00+00:00 2026-01-13T20:57:34+00:00
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
suse-su-2016:0429-1 Security update for krb5 2016-02-11T10:51:55Z 2016-02-11T10:51:55Z
suse-su-2016:0428-1 Security update for java-1_6_0-ibm 2016-02-11T10:52:08Z 2016-02-11T10:52:08Z
suse-su-2016:0433-1 Security update for java-1_7_0-ibm 2016-02-11T10:52:24Z 2016-02-11T10:52:24Z
suse-su-2016:0431-1 Security update for java-1_6_0-ibm 2016-02-11T10:52:39Z 2016-02-11T10:52:39Z
suse-su-2016:0432-1 Security update for rubygem-activemodel-4_2 2016-02-11T10:52:47Z 2016-02-11T10:52:47Z
suse-su-2016:0434-1 Security update for kernel live patch 1 2016-02-11T16:46:47Z 2016-02-11T16:46:47Z
suse-su-2016:0435-1 Security update for rubygem-activesupport-4_2 2016-02-11T16:47:38Z 2016-02-11T16:47:38Z
suse-su-2016:0455-1 Security update for libnettle 2016-02-15T13:25:14Z 2016-02-15T13:25:14Z
suse-su-2016:0456-1 Security update for rubygem-actionview-4_2 2016-02-15T13:25:24Z 2016-02-15T13:25:24Z
suse-su-2016:0458-1 Security update for rubygem-activerecord-4_2 2016-02-15T13:25:30Z 2016-02-15T13:25:30Z
suse-su-2016:0457-1 Security update for rubygem-actionpack-4_2 2016-02-15T13:25:35Z 2016-02-15T13:25:35Z
suse-su-2016:0459-1 Security update for qemu 2016-02-15T14:28:30Z 2016-02-15T14:28:30Z
suse-su-2016:0471-1 Security update for glibc 2016-02-16T15:19:53Z 2016-02-16T15:19:53Z
suse-su-2016:0473-1 Security update for glibc 2016-02-16T15:20:20Z 2016-02-16T15:20:20Z
suse-su-2016:0470-1 Security update for glibc 2016-02-16T15:37:56Z 2016-02-16T15:37:56Z
suse-su-2016:0472-1 Security update for glibc 2016-02-16T15:39:44Z 2016-02-16T15:39:44Z
suse-su-2016:0482-1 Security update for postgresql94 2016-02-16T17:31:39Z 2016-02-16T17:31:39Z
suse-su-2016:0481-1 Security update for dhcp 2016-02-16T17:34:05Z 2016-02-16T17:34:05Z
suse-ru-2016:0496-1 Recommended update for certification-sles-eal4 2016-02-17T16:38:28Z 2016-02-17T16:38:28Z
suse-su-2016:0539-1 Security update for postgresql93 2016-02-22T10:07:15Z 2016-02-22T10:07:15Z
suse-su-2016:0540-1 Security update for dhcp 2016-02-22T13:35:56Z 2016-02-22T13:35:56Z
suse-su-2016:0541-1 Security update for dhcp 2016-02-22T13:36:16Z 2016-02-22T13:36:16Z
suse-su-2016:0555-1 Security update for postgresql94 2016-02-24T09:01:11Z 2016-02-24T09:01:11Z
suse-su-2016:0554-1 Security update for MozillaFirefox 2016-02-24T09:06:06Z 2016-02-24T09:06:06Z
suse-su-2016:0564-1 Security update for MozillaFirefox 2016-02-24T13:21:54Z 2016-02-24T13:21:54Z
suse-su-2016:0584-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss 2016-02-25T15:19:11Z 2016-02-25T15:19:11Z
suse-su-2016:0585-1 Security update for the Linux Kernel 2016-02-25T16:23:22Z 2016-02-25T16:23:22Z
suse-su-2016:0599-1 Security update for rubygem-actionview-4_1 2016-02-26T15:08:28Z 2016-02-26T15:08:28Z
suse-su-2016:0597-1 Security update for rubygem-activemodel-4_1 2016-02-26T15:08:35Z 2016-02-26T15:08:35Z
suse-su-2016:0598-1 Security update for rubygem-activerecord-4_1 2016-02-26T15:08:40Z 2016-02-26T15:08:40Z
ID Description Published Updated
alsa-2022:8070 Moderate: dnsmasq security and bug fix update 2022-11-15T00:00:00Z 2022-11-18T04:29:49Z
alsa-2022:8078 Moderate: flac security update 2022-11-15T00:00:00Z 2022-11-18T13:06:19Z
alsa-2022:8090 Low: runc security update 2022-11-15T00:00:00Z 2022-11-18T04:22:00Z
alsa-2022:8096 Low: redis security and bug fix update 2022-11-15T00:00:00Z 2022-11-18T13:07:04Z
alsa-2022:8098 Moderate: toolbox security and bug fix update 2022-11-15T00:00:00Z 2022-11-18T04:15:33Z
alsa-2022:8100 Low: swtpm security and bug fix update 2022-11-15T00:00:00Z 2022-11-18T04:13:26Z
alsa-2022:8112 Moderate: frr security, bug fix, and enhancement update 2022-11-15T00:00:00Z 2022-11-18T04:10:45Z
alsa-2022:8126 Moderate: ignition security, bug fix, and enhancement update 2022-11-15T00:00:00Z 2022-11-18T04:06:48Z
alsa-2022:8139 Low: wavpack security update 2022-11-15T00:00:00Z 2022-11-18T13:08:19Z
alsa-2022:8151 Moderate: poppler security and bug fix update 2022-11-15T00:00:00Z 2022-11-18T13:08:51Z
alsa-2022:8162 Moderate: 389-ds-base security, bug fix, and enhancement update 2022-11-15T00:00:00Z 2022-11-18T03:52:36Z
alsa-2022:8194 Moderate: libtiff security update 2022-11-15T00:00:00Z 2022-11-18T13:09:36Z
alsa-2022:8197 Moderate: php security, bug fix, and enhancement update 2022-11-15T00:00:00Z 2022-11-18T03:44:53Z
alsa-2022:8207 Low: openjpeg2 security update 2022-11-15T00:00:00Z 2022-11-18T13:10:56Z
alsa-2022:8208 Moderate: dovecot security and enhancement update 2022-11-15T00:00:00Z 2022-11-18T13:11:11Z
alsa-2022:8219 Moderate: mutt security update 2022-11-15T00:00:00Z 2022-11-18T01:45:17Z
alsa-2022:8221 Moderate: xorg-x11-server security and bug fix update 2022-11-15T00:00:00Z 2022-11-18T13:12:08Z
alsa-2022:8222 Moderate: xorg-x11-server-Xwayland security update 2022-11-15T00:00:00Z 2022-11-18T01:30:44Z
alsa-2022:8226 Moderate: python-lxml security update 2022-11-15T00:00:00Z 2022-11-18T01:25:22Z
alsa-2022:8250 Moderate: grafana-pcp security update 2022-11-15T00:00:00Z 2022-11-18T01:19:53Z
alsa-2022:8252 Moderate: yajl security update 2022-11-15T00:00:00Z 2022-11-18T15:48:03Z
alsa-2022:8263 Important: dpdk security and bug fix update 2022-11-15T00:00:00Z 2022-11-18T01:14:45Z
alsa-2022:8267 Moderate: kernel security, bug fix, and enhancement update 2022-11-15T00:00:00Z 2022-11-18T00:56:49Z
alsa-2022:8291 Moderate: rsync security and bug fix update 2022-11-15T00:00:00Z 2022-11-18T00:39:29Z
alsa-2022:8299 Low: curl security update 2022-11-15T00:00:00Z 2022-11-18T13:16:11Z
alsa-2022:8317 Moderate: samba security, bug fix, and enhancement update 2022-11-15T00:00:00Z 2022-11-18T13:17:38Z
alsa-2022:8318 Moderate: libldb security, bug fix, and enhancement update 2022-11-15T00:00:00Z 2022-11-18T13:18:20Z
alsa-2022:8340 Moderate: freetype security update 2022-11-15T00:00:00Z 2022-11-18T13:18:39Z
alsa-2022:8353 Moderate: python3.9 security, bug fix, and enhancement update 2022-11-15T00:00:00Z 2022-11-18T13:19:27Z
alsa-2022:8361 Moderate: e2fsprogs security update 2022-11-15T00:00:00Z 2022-11-18T12:09:25Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
osv-2020-1185 Global-buffer-overflow in kencodingprober::nsCodingStateMachine::NextState 2020-07-22T21:49:54.464513Z 2022-04-13T03:04:39.341423Z
osv-2020-1186 Index-out-of-bounds in WelsDec::DecodeCurrentAccessUnit 2020-07-22T21:49:54.494323Z 2022-04-13T03:04:37.488799Z
osv-2020-1187 Heap-buffer-overflow in ndpi_int_check_stun 2020-07-22T21:49:54.545726Z 2022-04-13T03:04:36.063720Z
osv-2020-1188 Heap-buffer-overflow in pcpp::IPv6Extension::getExtensionLen 2020-07-22T21:49:54.616174Z 2022-04-13T03:04:38.520954Z
osv-2020-1192 Index-out-of-bounds in decoder_context::has_sps 2020-07-22T21:49:55.027546Z 2022-04-13T03:04:32.436045Z
osv-2020-1193 Heap-buffer-overflow in cdf_read_property_info 2020-07-22T21:49:55.080772Z 2022-04-13T03:04:30.891785Z
osv-2020-1194 Heap-buffer-overflow in ndpi_search_mail_smtp_tcp 2020-07-22T21:49:55.131761Z 2022-04-13T03:04:36.053193Z
osv-2020-1200 UNKNOWN WRITE in DumpModeDecode 2020-07-22T21:49:55.773582Z 2022-04-13T03:04:31.512475Z
osv-2020-1202 Use-of-uninitialized-value in pcpp::NullLoopbackLayer::parseNextLayer 2020-07-22T21:49:56.151381Z 2022-04-13T03:04:38.549134Z
osv-2020-1203 Heap-use-after-free in WelsDec::WelsReorderRefList 2020-07-22T21:49:56.222517Z 2022-04-13T03:34:09.198121Z
osv-2020-1204 Heap-buffer-overflow in pcpp::IPv4Layer::getSrcIpAddress 2020-07-22T21:49:56.253812Z 2022-04-13T03:04:38.680094Z
osv-2020-1209 Use-of-uninitialized-value in psnip_safe_size_mul 2020-07-22T21:49:56.819105Z 2022-04-13T03:04:43.203187Z
osv-2020-1210 UNKNOWN READ in xmlXPathCompileExpr 2020-07-22T21:49:56.883463Z 2022-04-13T03:04:33.730239Z
osv-2020-1211 Heap-buffer-overflow in ihevcd_parse_slice_data 2020-07-22T21:49:57.049652Z 2022-04-13T03:04:31.004787Z
osv-2020-1212 Heap-buffer-overflow in helper_ret_stb_mmu_mips 2020-07-22T21:49:57.228163Z 2022-04-13T03:04:39.215116Z
osv-2020-1216 Heap-buffer-overflow in ihevcd_ctb_boundary_strength_islice 2020-07-22T21:49:57.563500Z 2022-04-13T03:04:30.966929Z
osv-2020-1220 Heap-use-after-free in WelsDec::WelsReorderRefList 2020-07-22T21:49:57.865682Z 2022-04-13T03:04:37.462411Z
osv-2020-1221 Use-of-uninitialized-value in ps_read_doseps 2020-07-22T21:49:57.917822Z 2022-04-13T03:04:34.987968Z
osv-2020-1222 UNKNOWN READ in hpeek 2020-07-22T21:49:57.988557Z 2022-04-13T03:04:32.274127Z
osv-2020-1226 Heap-buffer-overflow in void mc_chroma<unsigned short> 2020-07-22T21:49:58.234804Z 2022-04-13T03:04:32.447601Z
osv-2020-1228 Heap-use-after-free in arrow::internal::CountSetBits 2020-07-22T21:49:58.406648Z 2022-04-13T03:04:31.916896Z
osv-2020-1230 Heap-buffer-overflow in to_u32 2020-07-22T21:49:58.592376Z 2022-04-13T03:04:42.884077Z
osv-2020-1231 Heap-buffer-overflow in find_dom 2020-07-22T21:49:58.641798Z 2022-04-13T03:04:38.736368Z
osv-2020-1232 Use-of-uninitialized-value in TIFFYCbCrtoRGB 2020-07-22T21:49:58.709915Z 2022-04-13T03:04:31.076042Z
osv-2020-1233 Heap-buffer-overflow in getTLScertificate 2020-07-22T21:49:58.860561Z 2022-04-13T03:04:36.352534Z
osv-2020-1234 Use-of-uninitialized-value in ihevc_recon_32x32 2020-07-22T21:49:58.911110Z 2023-04-20T22:43:43.224937Z
osv-2020-1235 Heap-buffer-overflow in mbc_case_fold 2020-07-22T21:49:59.040421Z 2022-04-13T03:04:40.931744Z
osv-2020-1237 Use-of-uninitialized-value in pcpp::NullLoopbackLayer::getFamily 2020-07-22T21:49:59.199632Z 2022-04-13T03:04:38.563072Z
osv-2020-1238 Use-of-uninitialized-value in pcpp::Packet::createFirstLayer 2020-07-22T21:49:59.288052Z 2022-04-13T03:04:38.696815Z
osv-2020-1240 Use-of-uninitialized-value in jbig2_decode_mmr_line 2020-07-22T21:49:59.411582Z 2022-04-13T03:04:40.563878Z
ID Description Published Updated
rustsec-2024-0420 gtk-rs GTK3 bindings - no longer maintained 2024-03-04T12:00:00Z 2024-12-09T12:29:00Z
rustsec-2024-0021 Parts of Report are dropped as the wrong type during downcast 2024-03-05T12:00:00Z 2024-04-11T16:16:20Z
rustsec-2024-0407 Fails to ensure slice elements match the slice's declared type 2024-03-05T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2024-0341 Slow loris vulnerability with default configuration 2024-03-15T12:00:00Z 2024-05-21T02:12:32Z
rustsec-2024-0320 yaml-rust is unmaintained. 2024-03-20T12:00:00Z 2024-11-01T12:31:51Z
rustsec-2024-0429 Unsoundness in `Iterator` and `DoubleEndedIterator` impls for `glib::VariantStrIter` 2024-03-30T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2024-0331 Puccinier is unmainted. 2024-03-31T12:00:00Z 2024-03-31T14:44:37Z
rustsec-2024-0441 Panic when using a dropped extenref-typed element segment 2024-04-02T12:00:00Z 2025-05-02T08:23:27Z
rustsec-2024-0332 Degradation of service in h2 servers with CONTINUATION Flood 2024-04-03T12:00:00Z 2024-04-11T16:16:20Z
rustsec-2024-0334 `libp2p-tokio-socks5` is unmaintained 2024-04-05T12:00:00Z 2024-04-12T16:31:39Z
rustsec-2024-0333 `rsa-export` is unmaintained 2024-04-06T12:00:00Z 2024-04-12T16:29:46Z
rustsec-2024-0335 gix-transport indirect code execution via malicious username 2024-04-13T12:00:00Z 2024-07-02T23:39:37Z
rustsec-2024-0336 `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input 2024-04-19T12:00:00Z 2024-04-20T02:21:14Z
rustsec-2024-0337 The crate `zip_next` has been renamed to `zip`. 2024-04-20T12:00:00Z 2024-04-24T14:13:51Z
rustsec-2024-0338 Arithmetic overflows in cosmwasm-std 2024-04-24T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2024-0342 Degraded secret zeroization capabilities 2024-05-02T12:00:00Z 2024-05-20T15:25:56Z
rustsec-2024-0339 Tor path lengths too short when "Vanguards lite" configured 2024-05-15T12:00:00Z 2024-05-21T02:12:32Z
rustsec-2024-0340 Tor path lengths too short when "full Vanguards" configured 2024-05-15T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2024-0406 BTreeMap memory leak when deallocating nodes with overflows 2024-05-17T12:00:00Z 2024-12-04T12:44:24Z
rustsec-2024-0348 Traversal outside working tree enables arbitrary code execution 2024-05-22T12:00:00Z 2024-07-08T15:12:43Z
rustsec-2024-0349 Traversal outside working tree enables arbitrary code execution 2024-05-22T12:00:00Z 2024-07-08T15:12:43Z
rustsec-2024-0350 Traversal outside working tree enables arbitrary code execution 2024-05-22T12:00:00Z 2024-07-08T15:12:43Z
rustsec-2024-0351 Refs and paths with reserved Windows device names access the devices 2024-05-22T12:00:00Z 2024-07-08T15:14:36Z
rustsec-2024-0352 Refs and paths with reserved Windows device names access the devices 2024-05-22T12:00:00Z 2024-07-08T15:14:36Z
rustsec-2024-0353 Refs and paths with reserved Windows device names access the devices 2024-05-22T12:00:00Z 2024-07-08T15:14:36Z
rustsec-2024-0343 Reduced entropy due to inadequate character set usage 2024-06-03T12:00:00Z 2024-06-15T13:11:33Z
rustsec-2024-0394 mmap unmaintained 2024-06-10T12:00:00Z 2024-11-10T14:06:58Z
rustsec-2024-0344 Timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub` 2024-06-18T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2024-0395 The maintainer of chrono-english is unresponsive 2024-06-24T12:00:00Z 2024-11-10T20:38:56Z
rustsec-2024-0345 Low severity (DoS) vulnerability in sequoia-openpgp 2024-06-26T12:00:00Z 2025-10-28T06:02:18Z
ID Description Published Updated
bit-golang-2022-41724 Panic on large handshake records in crypto/tls 2024-03-06T10:57:37.680Z 2025-05-20T10:02:07.006Z
bit-mlflow-2023-6568 Reflected XSS via Content-Type Header in mlflow/mlflow 2024-03-06T10:57:37.872Z 2025-05-20T10:02:07.006Z
bit-dotnet-2022-34716 .NET Spoofing Vulnerability 2024-03-06T10:57:38.101Z 2025-05-20T10:02:07.006Z
bit-minio-2021-43858 User privilege escalation in MinIO 2024-03-06T10:57:38.503Z 2025-05-20T10:02:07.006Z
bit-apache-2020-11993 2024-03-06T10:57:38.504Z 2025-04-03T14:40:37.652Z
bit-moodle-2023-5545 Moodle: auto-populated h5p author name causes a potential information leak 2024-03-06T10:57:40.178Z 2025-05-20T10:02:07.006Z
bit-drupal-2020-13669 2024-03-06T10:57:40.474Z 2025-04-03T14:40:37.652Z
bit-lua-2020-15888 2024-03-06T10:57:40.500Z 2025-04-03T14:40:37.652Z
bit-mongodb-2021-32036 Denial of Service and Data Integrity vulnerability in features command 2024-03-06T10:57:41.177Z 2025-05-20T10:02:07.006Z
bit-jenkins-2022-34172 2024-03-06T10:57:42.487Z 2025-04-03T14:40:37.652Z
bit-grafana-2022-23552 Grafana stored XSS in FileUploader component 2024-03-06T10:57:42.704Z 2025-05-20T10:02:07.006Z
bit-mariadb-2022-31624 2024-03-06T10:57:43.007Z 2025-04-03T14:40:37.652Z
bit-envoy-2021-32781 Continued processing of requests after locally generated response 2024-03-06T10:57:44.379Z 2025-05-20T10:02:07.006Z
bit-magento-2021-36021 Magento Commerce CMS Page Improper Input Validation Could Lead To Remote Code Execution 2024-03-06T10:57:45.085Z 2026-03-20T09:47:33.381Z
bit-gitlab-2023-5061 Missing Authorization in GitLab 2024-03-06T10:57:46.379Z 2025-05-20T10:02:07.006Z
bit-airflow-2022-38649 Apache Airflow Pinot provider allowed Command Injection 2024-03-06T10:57:47.165Z 2025-05-20T10:02:07.006Z
bit-golang-2022-41723 Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net 2024-03-06T10:57:47.288Z 2025-05-20T10:02:07.006Z
bit-discourse-2023-30538 Stored Cross-site Scripting via improper sanitization of svg files in Discourse 2024-03-06T10:57:47.289Z 2025-05-20T10:02:07.006Z
bit-apache-2020-11985 2024-03-06T10:57:47.876Z 2025-04-03T14:40:37.652Z
bit-dotnet-2022-30184 .NET and Visual Studio Information Disclosure Vulnerability 2024-03-06T10:57:49.379Z 2025-05-20T10:02:07.006Z
bit-moodle-2023-5544 Moodle: stored xss and potential idor risk in wiki comments 2024-03-06T10:57:50.082Z 2025-05-20T10:02:07.006Z
bit-drupal-2020-13668 Access bypass in Drupal Core 8/9 2024-03-06T10:57:51.785Z 2025-05-20T10:02:07.006Z
bit-jenkins-2022-34171 2024-03-06T10:57:51.992Z 2025-04-03T14:40:37.652Z
bit-mariadb-2022-31623 2024-03-06T10:57:52.080Z 2025-04-03T14:40:37.652Z
bit-mongodb-2021-20333 Server log entry spoofing via newline injection 2024-03-06T10:57:52.807Z 2025-05-20T10:02:07.006Z
bit-envoy-2021-32780 Incorrect handling of H/2 GOAWAY followed by SETTINGS frames 2024-03-06T10:57:54.997Z 2025-05-20T10:02:07.006Z
bit-grafana-2022-23498 When query caching is enabled in Grafana users can query another users session 2024-03-06T10:57:55.176Z 2025-05-20T10:02:07.006Z
bit-mastodon-2022-0432 Prototype Pollution in mastodon/mastodon 2024-03-06T10:57:55.881Z 2025-05-20T10:02:07.006Z
bit-gitlab-2023-5009 Incorrect Authorization in GitLab 2024-03-06T10:57:56.479Z 2025-05-20T10:02:07.006Z
bit-mlflow-2023-6015 MLflow Arbitrary File Upload 2024-03-06T10:57:56.782Z 2025-05-20T10:02:07.006Z
ID Description Published Updated
cleanstart-2026-gn22652 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5 2026-04-06T02:48:55.605608Z 2026-04-03T06:50:37Z
cleanstart-2026-io43826 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T02:49:47.698715Z 2026-04-02T04:45:04Z
cleanstart-2026-ny32236 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T02:49:48.749661Z 2026-04-02T04:45:04Z
cleanstart-2026-an95970 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T02:49:57.502118Z 2026-04-02T04:45:04Z
cleanstart-2026-ag21538 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 2026-04-06T02:50:01.578746Z 2026-04-02T04:45:04Z
cleanstart-2026-ly39171 Security fixes for CVE-2026-33186 applied in versions: 3.1.4-r0 2026-04-06T02:51:58.911697Z 2026-04-01T11:39:45Z
cleanstart-2026-ip72442 Security fixes for CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 3.0.2-r0, 3.0.2-r1 2026-04-06T02:52:00.185166Z 2026-04-01T14:41:16Z
cleanstart-2026-mq18886 Security fixes for CVE-2026-22735, CVE-2026-22737 applied in versions: 6.2.3-r0 2026-04-06T02:52:03.544300Z 2026-04-01T11:39:45Z
cleanstart-2026-nb78893 Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-64715, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-33726 applied in versions: 0.13.3-r0, 0.13.3-r1 2026-04-06T02:52:24.792809Z 2026-04-01T13:08:16Z
cleanstart-2026-kc06018 Security fixes for CVE-2017-12158, CVE-2017-12159, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-4cx2-fc23-5wg6, ghsa-5rfx-cp42-p624, ghsa-72hv-8253-57qq, ghsa-84h7-rjj3-6jx4, ghsa-9342-92gg-6v29, ghsa-cbdj-484d-3x9q, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-pwqr-wmgm-9rr8, ghsa-w9fj-cfpg-grvv applied in versions: 26.1.4-r1, 26.5.0-r0, 26.5.0-r1, 26.5.0-r2, 26.5.6-r3 2026-04-06T02:52:37.677608Z 2026-04-01T11:37:49Z
cleanstart-2026-bl95928 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T02:52:47.736498Z 2026-04-01T11:32:34Z
cleanstart-2026-po55014 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 2026-04-06T02:53:00.589014Z 2026-04-01T11:32:34Z
cleanstart-2026-hj96712 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5 2026-04-06T02:53:02.079256Z 2026-04-01T11:32:34Z
cleanstart-2026-mu54962 Security fixes for ghsa-527x-5wrf-22m2, ghsa-g754-hx8w-x2g6, ghsa-jgfp-53c3-624w, ghsa-px8v-pp82-rcvr, ghsa-vv39-3w5q-974q applied in versions: 1.25.0-r0, 1.26.7-r0 2026-04-06T02:54:48.662994Z 2026-04-01T11:32:34Z
cleanstart-2026-jg79570 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T06:19:24.747052Z 2026-04-06T04:56:02Z
cleanstart-2026-dz75075 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T06:19:24.775093Z 2026-04-06T04:56:02Z
cleanstart-2026-ob18608 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T06:19:25.639311Z 2026-04-06T04:56:02Z
cleanstart-2026-jl41223 In libexpat before 2 2026-04-06T06:19:55.229801Z 2026-04-06T04:56:02Z
cleanstart-2026-kf75900 In libexpat before 2 2026-04-06T06:20:25.150640Z 2026-04-06T04:56:02Z
cleanstart-2026-bk17545 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-07T00:38:33.362093Z 2026-04-06T13:01:42Z
cleanstart-2026-aj47488 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11 2026-04-07T00:40:03.631106Z 2026-04-06T13:01:42Z
cleanstart-2026-gg94489 go-retryablehttp prior to 0 2026-04-07T00:41:33.578433Z 2026-04-06T13:01:42Z
cleanstart-2026-fe32006 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-07T00:41:34.518345Z 2026-04-06T06:37:58Z
cleanstart-2026-dp59378 In libexpat before 2 2026-04-07T00:42:33.537935Z 2026-04-06T06:37:58Z
cleanstart-2026-ej93145 attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames 2026-04-07T00:44:04.086276Z 2026-04-06T13:01:42Z
cleanstart-2026-hx94762 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-07T00:45:34.962189Z 2026-04-06T13:01:42Z
cleanstart-2026-fu47971 protojson 2026-04-07T00:47:07.546790Z 2026-04-06T13:01:42Z
cleanstart-2026-bb02574 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-08T00:37:58.971684Z 2026-04-07T05:54:38Z
cleanstart-2026-mp09743 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-08T00:37:59.326932Z 2026-04-07T05:54:38Z
cleanstart-2026-pd43534 In libexpat before 2 2026-04-08T00:39:47.879615Z 2026-04-07T05:54:38Z
ID Description Published Updated
ID Description Updated
ID Description Published Updated
ID Description Published Updated
certa-2003-avi-118 Multiples vulnérabilités dans le noyau linux 2.4 2003-07-24T00:00:00.000000 2003-07-24T00:00:00.000000
certa-2003-avi-119 Vulnérabilité IPv6 dans Solaris 8 2003-07-24T00:00:00.000000 2003-07-24T00:00:00.000000
certa-2003-avi-120 Vulnérabilité dans la suite Oracle E-Business 2003-07-25T00:00:00.000000 2003-07-25T00:00:00.000000
certa-2003-avi-121 Débordement de mémoire dans le programme FNDWRR de la suite Oracle E-Business 2003-07-25T00:00:00.000000 2003-07-25T00:00:00.000000
certa-2003-avi-122 Vulnérabilité dans EXTPROC d'Oracle Database Server 2003-07-25T00:00:00.000000 2003-07-25T00:00:00.000000
certa-2003-avi-123 Vulnérabilité dans les serveurs Novell Netware 2003-07-25T00:00:00.000000 2003-07-25T00:00:00.000000
certa-2003-avi-124 Vulnérabilité de VMware pour plates-formes Linux 2003-07-25T00:00:00.000000 2003-07-25T00:00:00.000000
certa-2003-avi-125 Vulnérabilité de Merge de SCO UnixWare 2003-07-25T00:00:00.000000 2003-07-25T00:00:00.000000
certa-2003-avi-126 Vulnérabilité de Workgroup Manager de MacOS X 2003-07-25T00:00:00.000000 2003-07-25T00:00:00.000000
certa-2003-avi-127 Vulnérabilité dans l'éditeur de liens dynamiques sur Solaris 2003-07-31T00:00:00.000000 2003-08-01T00:00:00.000000
certa-2003-avi-128 Vulnérabilité dans CISCO IOS 2003-07-31T00:00:00.000000 2003-07-31T00:00:00.000000
certa-2003-avi-129 Vulnérabilité du serveur HTTP dans CISCO IOS 2003-07-31T00:00:00.000000 2003-07-31T00:00:00.000000
certa-2003-avi-130 Vulnérabilité de l'application Stunnel 2003-07-31T00:00:00.000000 2003-07-31T00:00:00.000000
certa-2003-avi-131 Vulnérabilité sur les gardes-barrières NetScreen 2003-08-01T00:00:00.000000 2003-08-01T00:00:00.000000
certa-2003-avi-132 Vulnérabilité du serveur wu-ftpd 2003-08-01T00:00:00.000000 2003-09-04T00:00:00.000000
certa-2003-avi-133 Multiples failles dans McAfee »Security ePolicy Orchestrator» 2003-08-01T00:00:00.000000 2003-08-01T00:00:00.000000
certa-2003-avi-134 Vulnérabilité de la fonction realpath pour les systèmes BSD 2003-08-06T00:00:00.000000 2003-08-18T00:00:00.000000
certa-2003-avi-135 Vulnérabilités du serveur de messagerie Postfix 2003-08-07T00:00:00.000000 2003-08-07T00:00:00.000000
certa-2003-avi-136 Vulnérabilité du serveur in.ftpd sous Solaris 9 2003-08-18T00:00:00.000000 2003-08-18T00:00:00.000000
certa-2003-avi-137 Vulnérabilités de l'application CiscoWorks 2003-08-19T00:00:00.000000 2003-08-19T00:00:00.000000
certa-2003-avi-138 Vulnérabilité de la commande UnZip 2003-08-20T00:00:00.000000 2003-08-20T00:00:00.000000
certa-2003-avi-139 Multiples vulnérabilités dans Internet Explorer 2003-08-21T00:00:00.000000 2003-08-21T00:00:00.000000
certa-2003-avi-140 Vulnérabilité de Microsoft Data Access Components 2003-08-21T00:00:00.000000 2003-08-21T00:00:00.000000
certa-2003-avi-141 Vulnérabilité de sendmail 2003-08-27T00:00:00.000000 2003-09-03T00:00:00.000000
certa-2003-avi-142 Défaut du client SNTP des routeurs Netgear 2003-08-28T00:00:00.000000 2003-08-28T00:00:00.000000
certa-2003-avi-143 Vulnérabilités dans XFree86 2003-09-03T00:00:00.000000 2003-09-03T00:00:00.000000
certa-2003-avi-144 Vulnérabilité de NetBIOS 2003-09-04T00:00:00.000000 2003-09-04T00:00:00.000000
certa-2003-avi-145 Vulnérabilité de Microsoft Word 2003-09-04T00:00:00.000000 2003-09-04T00:00:00.000000
certa-2003-avi-146 Vulnérabilité du convertisseur Microsoft WordPerfect 2003-09-04T00:00:00.000000 2003-09-04T00:00:00.000000
certa-2003-avi-147 Vulnérabilité dans Visual Basic pour Applications (VBA) 2003-09-04T00:00:00.000000 2003-09-04T00:00:00.000000
ID Description Published Updated
jvndb-2011-000056 Plone vulnerable to cross-site scripting 2011-07-27T16:17+09:00 2011-07-27T16:17+09:00
jvndb-2011-000055 Mozilla Firefox vulnerability in processing content-length header 2011-07-28T16:24+09:00 2011-07-28T16:24+09:00
jvndb-2011-000057 Mozilla Firefox vulnerable to denial-of-service (DoS) 2011-07-28T16:27+09:00 2011-07-28T16:27+09:00
jvndb-2011-000058 Mozilla Firefox vulnerable to cross-site scripting 2011-07-28T16:29+09:00 2011-07-28T16:29+09:00
jvndb-2011-000059 Mozilla Firefox vulnerable to cross-site scripting 2011-07-28T16:31+09:00 2011-07-28T16:31+09:00
jvndb-2011-000053 Android vulnerability where an incorrect SSL certificate is displayed 2011-07-29T14:26+09:00 2014-05-19T17:19+09:00
jvndb-2011-001927 Arbitrary Code Execution Vulnerability in HiRDB Control Manager 2011-08-09T10:10+09:00 2011-08-09T10:10+09:00
jvndb-2011-001928 JP1/Performance Management - Web Console Cross-Site Scripting Vulnerability 2011-08-09T10:11+09:00 2011-08-09T10:11+09:00
jvndb-2011-000060 Windows URL Protocol Handler may insecurely load executable files 2011-08-10T17:17+09:00 2011-08-10T17:17+09:00
jvndb-2011-000061 Internet Explorer window display vulnerability 2011-08-12T14:06+09:00 2011-08-12T14:06+09:00
jvndb-2011-000062 Aipo vulnerable to cross-site request forgery 2011-08-16T16:41+09:00 2011-08-16T16:41+09:00
jvndb-2011-000063 Aipo vulnerable to SQL injection 2011-08-16T16:44+09:00 2011-08-16T16:44+09:00
jvndb-2011-000064 Microsoft Windows XP vulnerable to denial-of-service (DoS) 2011-08-19T16:32+09:00 2011-08-19T16:32+09:00
jvndb-2011-000067 WebsiteBaker vulnerable to cross-site scripting 2011-08-26T15:50+09:00 2011-08-26T15:50+09:00
jvndb-2011-002110 Samba Web Administration Tool vulnerable to cross-site request forgery 2011-08-26T17:12+09:00 2012-12-26T11:37+09:00
jvndb-2011-002111 Samba Web Administration Tool vulnerable to cross-site scripting 2011-08-26T17:14+09:00 2012-12-26T11:42+09:00
jvndb-2011-000068 Multiple vulnerabilities in Phorum 2011-09-02T19:11+09:00 2011-09-02T19:11+09:00
jvndb-2011-000069 Sage vulnerable to arbitrary script execution 2011-09-02T19:14+09:00 2011-09-02T19:14+09:00
jvndb-2011-000070 Sage vulnerable to arbitrary script execution 2011-09-02T19:19+09:00 2011-09-02T19:19+09:00
jvndb-2011-000071 Juniper Networks IDP ACM vulnerable to cross-site scripting 2011-09-02T19:22+09:00 2011-09-02T19:22+09:00
jvndb-2011-000072 GTK+ may insecurely load dynamic libraries 2011-09-02T19:26+09:00 2011-09-02T19:26+09:00
jvndb-2011-000073 Megalith vulnerable to authentication bypass 2011-09-12T09:19+09:00 2011-09-12T09:19+09:00
jvndb-2011-000074 SemanticScuttle vulnerable to cross-site scripting 2011-09-16T18:08+09:00 2011-09-16T18:08+09:00
jvndb-2011-000065 BaserCMS vulnerable to cross-site scripting 2011-09-30T18:39+09:00 2011-09-30T18:39+09:00
jvndb-2011-000066 BaserCMS vulnerable to access restriction 2011-09-30T18:45+09:00 2011-09-30T18:45+09:00
jvndb-2011-000077 Enkai-kun vulnerable to cross-site scripting 2011-10-11T09:00+09:00 2011-10-11T09:00+09:00
jvndb-2011-000078 A-Form vulnerable in restricting access 2011-10-11T09:08+09:00 2011-10-11T09:08+09:00
jvndb-2011-000079 Cybozu Office vulnerable in restricting access 2011-10-11T09:11+09:00 2011-11-28T16:48+09:00
jvndb-2011-000080 WEB FORUM vulnerable to cross-site scripting 2011-10-11T19:24+09:00 2011-10-25T13:44+09:00
jvndb-2011-000081 WEB FORUM vulnerable to cross-site scripting 2011-10-11T19:27+09:00 2011-10-25T13:45+09:00
ID Description Published Updated
cnvd-2015-00673 pigz目录遍历漏洞 2015-01-22 2015-01-27
cnvd-2015-00674 IBM AIX和VIOS提升权限漏洞 2015-01-22 2015-01-27
cnvd-2015-00675 Haxx Libcurl中间人攻击漏洞 2015-01-22 2015-01-27
cnvd-2015-00676 Oracle PeopleSoft Enterprise HRMS组件存在未明漏洞 2015-01-22 2015-01-27
cnvd-2015-00677 Oracle PeopleSoft Enterprise PeopleTools组件存在未明漏洞(CNVD-2015-00677) 2015-01-22 2015-01-27
cnvd-2015-00678 Oracle PeopleSoft Enterprise PeopleTools组件存在未明漏洞(CNVD-2015-00678) 2015-01-22 2015-01-27
cnvd-2015-00679 Oracle PeopleSoft Enterprise PeopleTools组件存在未明漏洞(CNVD-2015-00679) 2015-01-22 2015-01-27
cnvd-2015-00680 Oracle PeopleSoft Enterprise PeopleTools组件存在未明漏洞(CNVD-2015-00680) 2015-01-22 2015-01-27
cnvd-2015-00681 Oracle PeopleSoft Enterprise PeopleTools组件存在未明漏洞(CNVD-2015-00681) 2015-01-22 2015-01-27
cnvd-2015-00682 Oracle PeopleSoft Enterprise PeopleTools组件存在未明漏洞(CNVD-2015-00682) 2015-01-22 2015-01-27
cnvd-2015-00683 Oracle Siebel UI Framework组件存在未明漏洞(CNVD-2015-00683) 2015-01-22 2015-01-27
cnvd-2015-00684 Oracle Siebel UI Framework组件存在未明漏洞(CNVD-2015-00684) 2015-01-22 2015-01-27
cnvd-2015-00685 Oracle Siebel UI Framework组件存在未明漏洞(CNVD-2015-00685) 2015-01-22 2015-01-27
cnvd-2015-00686 Oracle Siebel UI Framework组件存在未明漏洞(CNVD-2015-00686) 2015-01-22 2015-01-27
cnvd-2015-00687 Oracle Siebel UI Framework组件存在未明漏洞(CNVD-2015-00687) 2015-01-22 2015-01-27
cnvd-2015-00599 Sympa文件泄露漏洞 2015-01-23 2015-01-26
cnvd-2015-00600 Kiwix跨站脚本漏洞 2015-01-23 2015-01-26
cnvd-2015-00601 Defense4all安全绕过漏洞 2015-01-23 2015-01-26
cnvd-2015-00602 xdg-utils Eval注入漏洞 2015-01-23 2015-01-26
cnvd-2015-00603 pax存在未明漏洞 2015-01-23 2015-01-26
cnvd-2015-00604 FFmpeg及Libav 'libavcodec/xface.h'拒绝服务漏洞 2015-01-23 2015-01-26
cnvd-2015-00605 Exponent CMS 'index.php'跨站脚本漏洞 2015-01-23 2015-01-26
cnvd-2015-00606 X-CART 'xcart/cart.php'存在多个跨站脚本漏洞 2015-01-23 2015-01-26
cnvd-2015-00607 osTicket 'tickets.php'跨站脚本漏洞 2015-01-23 2015-01-26
cnvd-2015-00608 Samba权限提升漏洞 2015-01-23 2015-01-26
cnvd-2015-00609 Cisco Unified Communications Manager文件泄露漏洞 2015-01-23 2015-01-26
cnvd-2015-00610 Linux Kernel 'evdev.c'本地信息泄露漏洞 2015-01-23 2015-01-26
cnvd-2015-00611 PHP Calendar Extension远程整数溢出漏洞 2015-01-23 2015-01-26
cnvd-2015-00612 Zend Framework Session Validators安全绕过漏洞 2015-01-23 2015-01-26
cnvd-2015-00613 Adobe Flash Player内存破坏漏洞(CNVD-2015-00613) 2015-01-23 2015-01-26
ID Description Published Updated
bdu:2015-03051 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03052 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03053 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03054 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03055 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03056 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03057 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03058 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03059 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03060 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03061 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03062 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03063 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03064 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 27.12.2024
bdu:2015-03065 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03066 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03067 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03068 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03069 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03070 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03071 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03072 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03073 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03074 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03075 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03076 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03077 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-03078 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03079 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-03080 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
ID Description Updated
var-201903-1735 Shenzhen Woshida Technology Co., Ltd. is an enterprise specializing in the development, p… 2022-05-04T09:10:23.919000Z
var-201901-1689 D-LINK Central WifiManager CWM-100 is D-LINK centralized wireless management software. T… 2022-05-04T09:10:26.770000Z
var-201812-1301 UNIFI SDN Controller is an SDN controller produced by Ubiquiti Network. A code execution… 2022-05-04T09:10:28.596000Z
var-201810-1605 DocuPrint C1110 is a laser printer. FUJI XEROX DocuPrint C1110 has a command execution v… 2022-05-04T09:10:35.359000Z
var-201807-2275 Dr.COM APG Anti-Proxy Gateway is a network behavior analysis and management gateway devic… 2022-05-04T09:10:42.903000Z
var-201805-1239 Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are enterprise VPN routers and enterpr… 2022-05-04T09:10:50.966000Z
var-201803-2351 The Play Library SDK is developed based on Dahua's proprietary stream encapsulation proto… 2022-05-04T09:10:58.163000Z
var-201801-1841 The Huawei S7700 and S9700 are Huawei's intelligent routing switches. The HuaweiS7700 and… 2022-05-04T09:11:02.538000Z
var-201801-1820 pelco Sarix Professional is a video camera. A command execution vulnerability exists in … 2022-05-04T09:11:02.550000Z
var-201709-1255 A vulnerability to denial-of-service attacks was found in JP1 and Hitachi IT Operations D… 2022-05-04T09:11:15.536000Z
var-201709-1234 MoxaSoftCMSLiveViewer is a video surveillance software designed for industrial automation… 2022-05-04T09:11:15.549000Z
var-201707-1354 AppEx is a software and hardware product that provides full-line application delivery, WA… 2022-05-04T09:11:20.549000Z
var-201706-1147 Foscamcamera is a webcam that can push messages to mobile phones and directly implement v… 2022-05-04T09:11:25.222000Z
var-201706-1126 Foscamcamera is a webcam that can push messages to mobile phones and directly implement v… 2022-05-04T09:11:25.233000Z
var-201704-1631 LinksysSmartWi-FiRouters are smart Wi-Fi routers. There are multiple denial of service vu… 2022-05-04T09:11:29.958000Z
var-201703-1383 Apache Struts is an open source framework for creating enterprise Java web applications. … 2022-05-04T09:11:34.956000Z
var-201702-1106 The D-Link DGS-1510 series is the next generation of intelligent managed switches. There … 2022-05-04T09:11:37.551000Z
var-201612-0641 MileSight camera is a network camera produced by Xiamen Pulse Vision Digital Technology C… 2022-05-04T09:11:43.289000Z
var-201611-0409 Beijing Wangkang Technology Co., Ltd. Wangkang Internet Control Gateway is a software and… 2022-05-04T09:11:44.214000Z
var-201610-0733 AVTECH, founded in 1996, is one of the world's leading manufacturers of CCTV. The main pr… 2022-05-04T09:11:45.702000Z
var-201610-0712 ZXECS EBG2800 is a converged communications product that integrates data, voice, security… 2022-05-04T09:11:45.713000Z
var-201609-0692 ASUSRT-N10EWirelessRouter is a wireless router device developed by ASUS. ASUSRT-N10E has … 2022-05-04T09:11:46.604000Z
var-201601-0680 Hikvision camera has weak password, allowing initial password login 2022-05-04T09:11:55.051000Z
var-201507-0714 WAS China Mobile Proxy Server is to meet the high informationization group customers 'mob… 2022-05-04T09:12:01.956000Z
var-201506-0568 Pulian Technology Co., Ltd. is a network equipment research and development and manufactu… 2022-05-04T09:12:02.416000Z
var-201502-0541 A cross-site scripting vulnerability was found in the online help of JP1/IT Desktop Manag… 2022-05-04T09:12:08.707000Z
var-201411-0522 The Hikvision DVR is a hard disk recorder. Hikvision DVR DS-7204 has a remote buffer over… 2022-05-04T09:12:14.607000Z
var-201405-0538 VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VM… 2022-05-04T09:12:23.053000Z
var-201404-0754 The Comtrend CT-5361T is a router device. The Comtrend CT-5361T ddnsmngr.cmd script faile… 2022-05-04T09:12:23.577000Z
var-201309-0591 Moxa OnCell G3100 is an industrial grade IP gateway. The Moxa OnCell G3100 has a default … 2022-05-04T09:12:31.834000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated