Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-53351 |
7.1 (3.1)
|
WordPress Fidelo Snippet plugin <= 1.12 - Cross Site S… |
Fidelo Software GmbH |
Fidelo Snippet |
2025-10-22T14:32:31.652Z | 2026-01-20T14:28:09.337Z |
| CVE-2025-53352 |
7.1 (3.1)
|
WordPress Grid Plus plugin <= 3.3 - Cross Site Scripti… |
G5Theme |
Grid Plus |
2025-10-22T14:32:31.986Z | 2026-01-20T14:28:09.308Z |
| CVE-2025-53283 |
10 (3.1)
|
WordPress Drop Uploader for CF7 - Drag&Drop File Uploa… |
borisolhor |
Drop Uploader for CF7 - Drag&Drop File Uploader Addon |
2025-11-06T15:54:03.506Z | 2026-01-20T14:28:09.297Z |
| CVE-2025-53350 |
7.1 (3.1)
|
WordPress Calendar Plus plugin <= 1.2.4 - Cross Site S… |
webjunk |
Calendar Plus |
2025-10-22T14:32:31.360Z | 2026-01-20T14:28:09.295Z |
| CVE-2025-53316 |
8.8 (3.1)
|
WordPress WP GDPR Cookie Consent plugin <= 1.0.0 - Cro… |
Shahjahan Jewel |
WP GDPR Cookie Consent |
2025-11-06T15:54:04.995Z | 2026-01-20T14:28:09.287Z |
| CVE-2025-53324 |
5.4 (3.1)
|
WordPress Gutenify Plugin <= 1.5.7 - Cross Site Script… |
CodeYatri |
Gutenify |
2025-11-06T15:54:05.737Z | 2026-01-20T14:28:09.259Z |
| CVE-2025-53242 |
9.8 (3.1)
|
WordPress Seil Theme <= 1.7.1 - Deserialization of unt… |
VictorThemes |
Seil |
2025-11-06T15:53:58.962Z | 2026-01-20T14:28:09.204Z |
| CVE-2025-53235 |
7.1 (3.1)
|
WordPress Easy Social plugin <= 1.3 - Cross Site Scrip… |
osuthorpe |
Easy Social |
2025-12-31T20:11:25.669Z | 2026-01-20T14:28:09.199Z |
| CVE-2025-53297 |
7.1 (3.1)
|
WordPress Woocommerce Envato Affiliates plugin <= 1.2.… |
AA-Team |
Woocommerce Envato Affiliates |
2025-10-22T14:32:31.023Z | 2026-01-20T14:28:09.198Z |
| CVE-2025-53245 |
5.4 (3.1)
|
WordPress WP Logo Changer Plugin <= 1.2 - Cross Site S… |
Afzal Multani |
WP Logo Changer |
2025-11-06T15:53:59.391Z | 2026-01-20T14:28:09.187Z |
| CVE-2025-53238 |
7.1 (3.1)
|
WordPress Toast Mobile Menu plugin <= 1.0.7 - Cross Si… |
Toast Plugins |
Toast Mobile Menu |
2025-10-22T14:32:30.376Z | 2026-01-20T14:28:09.178Z |
| CVE-2025-53246 |
8.8 (3.1)
|
WordPress Backup and Move Plugin <= 0.1 - Broken Acces… |
Gaurav Aggarwal |
Backup and Move |
2025-11-06T15:53:59.915Z | 2026-01-20T14:28:09.176Z |
| CVE-2025-53286 |
6.1 (3.1)
|
WordPress Dropify Plugin <= 4.6.9 - Cross Site Scripti… |
Jhainey Milevis |
Dropify |
2025-11-06T15:54:04.283Z | 2026-01-20T14:28:09.165Z |
| CVE-2025-53214 |
9.1 (3.1)
|
WordPress Sertifier Certificate & Badge Maker plugin <… |
sertifier |
Sertifier Certificate & Badge Maker |
2025-11-06T15:53:58.037Z | 2026-01-20T14:28:09.163Z |
| CVE-2025-53252 |
9.8 (3.1)
|
WordPress Zegen Theme <= 1.1.9 - Local File Inclusion … |
zozothemes |
Zegen |
2025-11-06T15:54:02.680Z | 2026-01-20T14:28:09.155Z |
| CVE-2025-52753 |
7.1 (3.1)
|
WordPress Contact Form by Supsystic plugin <= 1.7.35 -… |
supsystic |
Contact Form by Supsystic |
2025-10-22T14:32:25.219Z | 2026-01-20T14:28:09.147Z |
| CVE-2025-53236 |
6.3 (3.1)
|
WordPress UDesign Core plugin <= 4.14.0 - Broken Acces… |
AndonDesign |
UDesign Core |
2025-10-22T14:32:29.996Z | 2026-01-20T14:28:09.128Z |
| CVE-2025-52764 |
6.1 (3.1)
|
WordPress flexoslider plugin <= 1.0004 - Cross Site Sc… |
marielav |
flexoslider |
2025-11-06T15:53:56.937Z | 2026-01-20T14:28:09.106Z |
| CVE-2025-53239 |
6.1 (3.1)
|
WordPress User Registration Aide Plugin <= 1.5.3.8 - C… |
bnovotny |
User Registration Aide |
2025-11-06T15:53:58.555Z | 2026-01-20T14:28:09.103Z |
| CVE-2025-53234 |
7.1 (3.1)
|
WordPress UDesign Core plugin <= 4.14.0 - Cross Site S… |
AndonDesign |
UDesign Core |
2025-10-22T14:32:29.678Z | 2026-01-20T14:28:09.019Z |
| CVE-2025-53232 |
5.8 (3.1)
|
WordPress WP Gmail SMTP plugin <= 1.0.7 - Sensitive Da… |
inkthemes |
WP Gmail SMTP |
2025-10-22T14:32:29.356Z | 2026-01-20T14:28:09.018Z |
| CVE-2025-53218 |
5.8 (3.1)
|
WordPress AppExperts plugin <= 1.4.5 - Sensitive Data … |
Saad Iqbal |
AppExperts |
2025-10-22T14:32:28.882Z | 2026-01-20T14:28:09.009Z |
| CVE-2025-52835 |
9.6 (3.1)
|
WordPress WING WordPress Migrator plugin <= 1.1.9 - Cr… |
ConoHa by GMO |
WING WordPress Migrator |
2025-12-30T16:48:13.719Z | 2026-01-20T14:28:08.992Z |
| CVE-2025-52752 |
6.5 (3.1)
|
WordPress IDonatePro plugin <= 2.1.9 - Sensitive Data … |
ThemeAtelier |
IDonatePro |
2025-10-22T14:32:25.039Z | 2026-01-20T14:28:08.978Z |
| CVE-2025-53229 |
7.1 (3.1)
|
WordPress RockON DJ theme <= 3.3 - Reflected Cross Sit… |
kamleshyadav |
RockON DJ |
2025-10-22T14:32:29.122Z | 2026-01-20T14:28:08.975Z |
| CVE-2025-52755 |
7.1 (3.1)
|
WordPress Child Themes plugin <= 1.0.1 - Cross Site Sc… |
Chris Taylor |
Child Themes |
2025-10-22T14:32:26.093Z | 2026-01-20T14:28:08.903Z |
| CVE-2025-52770 |
7.1 (3.1)
|
WordPress Hello Followers plugin <= 2.5 - Cross Site S… |
appscreo |
Hello Followers |
2025-10-22T14:32:28.679Z | 2026-01-20T14:28:08.839Z |
| CVE-2025-52743 |
7.1 (3.1)
|
WordPress oik-privacy-policy Plugin <= 1.4.9 - Cross S… |
bobbingwide |
oik-privacy-policy |
2025-10-22T14:32:24.069Z | 2026-01-20T14:28:08.836Z |
| CVE-2025-52768 |
8.1 (3.1)
|
WordPress Faith & Hope theme <= 2.13.0 - Local File In… |
AncoraThemes |
Faith & Hope |
2025-12-18T07:21:45.204Z | 2026-01-20T14:28:08.823Z |
| CVE-2025-52760 |
6.1 (3.1)
|
WordPress MultiSite Clone Duplicator plugin <= 1.5.3 -… |
Globalis |
MultiSite Clone Duplicator |
2025-10-22T14:32:28.248Z | 2026-01-20T14:28:08.789Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-62892 |
9.1 (3.1)
|
WordPress Sunshine Photo Cart plugin <= 3.5.3 - Broken… |
sunshinephotocart |
Sunshine Photo Cart |
2025-10-27T01:33:47.085Z | 2026-01-20T14:28:16.510Z |
| CVE-2025-62891 |
8.8 (3.1)
|
WordPress Off-Canvas Sidebars & Menus (Slidebars) plug… |
Jory Hogeveen |
Off-Canvas Sidebars & Menus (Slidebars) |
2025-10-27T01:33:46.691Z | 2026-01-20T14:28:16.451Z |
| CVE-2025-62890 |
8.8 (3.1)
|
WordPress Premmerce Brands for WooCommerce plugin <= 1… |
Premmerce |
Premmerce Brands for WooCommerce |
2025-10-27T01:33:46.308Z | 2026-01-20T14:28:16.461Z |
| CVE-2025-62889 |
8.8 (3.1)
|
WordPress King Addons for Elementor plugin <= 51.1.37 … |
KingAddons.com |
King Addons for Elementor |
2025-10-27T01:33:45.909Z | 2026-01-20T14:28:16.379Z |
| CVE-2025-62888 |
5.4 (3.1)
|
WordPress WP Attachments plugin <= 5.2 - Broken Access… |
Marco Milesi |
WP Attachments |
2025-12-31T14:17:55.113Z | 2026-01-20T14:28:16.341Z |
| CVE-2025-62887 |
5.4 (3.1)
|
WordPress King Addons for Elementor plugin <= 51.1.37 … |
KingAddons.com |
King Addons for Elementor |
2025-10-27T01:33:45.420Z | 2026-01-20T14:28:16.351Z |
| CVE-2025-62886 |
8.8 (3.1)
|
WordPress Pricing Table builder plugin <= 1.5.1 - Cros… |
wpdevart |
Pricing Table builder |
2025-10-27T01:33:44.741Z | 2026-01-20T14:28:16.371Z |
| CVE-2025-62885 |
6.5 (3.1)
|
WordPress WP VR plugin <= 8.5.42 - Cross Site Scriptin… |
RexTheme |
WP VR |
2025-10-27T01:33:44.357Z | 2026-01-20T14:28:16.346Z |
| CVE-2025-62884 |
5.3 (3.1)
|
WordPress Coupon Affiliates plugin <= 7.0.3 - Broken A… |
Elliot Sowersby / RelyWP |
Coupon Affiliates |
2025-10-27T01:33:43.969Z | 2026-01-20T14:28:16.310Z |
| CVE-2025-62883 |
4.3 (3.1)
|
WordPress Premmerce User Roles plugin <= 1.0.13 - Brok… |
Premmerce |
Premmerce User Roles |
2025-10-27T01:33:43.581Z | 2026-01-20T14:28:16.387Z |
| CVE-2025-62882 |
4.3 (3.1)
|
WordPress Seriously Simple Podcasting plugin <= 3.13.0… |
Craig Hewitt |
Seriously Simple Podcasting |
2025-10-27T01:33:43.191Z | 2026-01-20T14:28:16.318Z |
| CVE-2025-62881 |
4.3 (3.1)
|
WordPress WP-Lister Lite for eBay plugin <= 3.8.3 - Br… |
WP Lab |
WP-Lister Lite for eBay |
2025-10-27T01:33:42.812Z | 2026-01-20T14:28:16.411Z |
| CVE-2025-62880 |
4.3 (3.1)
|
WordPress Custom 404 Pro plugin <= 3.12.0 - Cross Site… |
Kunal Nagar |
Custom 404 Pro |
2025-12-22T09:31:35.354Z | 2026-01-20T14:28:16.367Z |
| CVE-2025-62874 |
4.3 (3.1)
|
WordPress AnyComment plugin <= 0.3.6 - Broken Access C… |
Alexander |
AnyComment |
2025-12-31T16:42:24.180Z | 2026-01-20T14:28:16.295Z |
| CVE-2025-62873 |
4.3 (3.1)
|
WordPress WP Flashy Marketing Automation plugin <= 2.0… |
Flashyapp |
WP Flashy Marketing Automation |
2025-12-09T14:52:25.051Z | 2026-01-20T14:28:16.351Z |
| CVE-2025-62872 |
4.3 (3.1)
|
WordPress Social Photo Fetcher plugin <= 3.0.4 - Cross… |
JK |
Social Photo Fetcher |
2025-12-09T14:52:24.849Z | 2026-01-20T14:28:16.381Z |
| CVE-2025-62871 |
4.3 (3.1)
|
WordPress Just TinyMCE Custom Styles plugin <= 1.2.1 -… |
Alex Prokopenko / JustCoded |
Just TinyMCE Custom Styles |
2025-12-09T14:52:24.656Z | 2026-01-20T14:28:16.345Z |
| CVE-2025-62870 |
5.3 (3.1)
|
WordPress Eupago Gateway For Woocommerce plugin <= 4.6… |
Eupago |
Eupago Gateway For Woocommerce |
2025-12-09T14:52:24.458Z | 2026-01-20T14:28:16.371Z |
| CVE-2025-62869 |
4.3 (3.1)
|
WordPress Gravitec.net – Web Push Notifications plugin… |
Gravitec.net - Web Push Notifications |
Gravitec.net – Web Push Notifications |
2025-12-09T14:52:24.237Z | 2026-01-20T14:28:16.320Z |
| CVE-2025-62868 |
8.1 (3.1)
|
WordPress Edge CPT plugin <= 1.4 - Local File Inclusio… |
Edge-Themes |
Edge CPT |
2025-10-24T07:52:58.711Z | 2026-01-20T14:28:16.105Z |
| CVE-2025-62867 |
4.3 (3.1)
|
WordPress Ergonet Cache plugin <= 1.0.11 - Broken Acce… |
ergonet |
Ergonet Cache |
2025-12-09T14:52:24.049Z | 2026-01-20T14:28:16.163Z |
| CVE-2025-62866 |
4.3 (3.1)
|
WordPress Auto Alt Text plugin <= 2.5.2 - Cross Site R… |
Valerio Monti |
Auto Alt Text |
2025-12-09T14:52:23.816Z | 2026-01-20T14:28:16.114Z |
| CVE-2025-62865 |
5.3 (3.1)
|
WordPress Post Cloner plugin <= 1.0.0 - Broken Access … |
Evan Herman |
Post Cloner |
2025-12-09T14:52:23.580Z | 2026-01-20T14:28:16.107Z |
| CVE-2025-62762 |
4.3 (3.1)
|
WordPress SMTP Mail plugin <= 1.3.47 - Cross Site Requ… |
photoboxone |
SMTP Mail |
2025-12-09T14:52:23.375Z | 2026-01-20T14:28:16.035Z |
| CVE-2025-62761 |
6.5 (3.1)
|
WordPress Knowledge Base documentation & wiki plugin –… |
BasePress |
Knowledge Base documentation & wiki plugin – BasePress |
2025-12-31T08:44:22.540Z | 2026-01-20T14:28:16.034Z |
| CVE-2025-62760 |
6.5 (3.1)
|
WordPress BuddyPress Activity Shortcode plugin <= 1.1.… |
BuddyDev |
BuddyPress Activity Shortcode |
2025-12-31T08:52:04.460Z | 2026-01-20T14:28:16.033Z |
| CVE-2025-62759 |
6.5 (3.1)
|
WordPress Series plugin <= 2.0.1 - Cross Site Scriptin… |
Justin Tadlock |
Series |
2025-12-31T08:53:31.863Z | 2026-01-20T14:28:16.035Z |
| CVE-2025-62758 |
6.5 (3.1)
|
WordPress Funnelforms Free plugin <= 3.8 - Cross Site … |
Funnelforms |
Funnelforms Free |
2025-12-31T08:55:12.187Z | 2026-01-20T14:28:16.036Z |
| CVE-2025-62757 |
6.5 (3.1)
|
WordPress WebMan Amplifier plugin <= 1.5.12 - Cross Si… |
WebMan Design | Oliver Juhas |
WebMan Amplifier |
2025-12-31T11:53:12.910Z | 2026-01-20T14:28:16.035Z |
| CVE-2025-62756 |
6.5 (3.1)
|
WordPress The Moneytizer plugin <= 10.0.6 - Cross Site… |
lvaudore |
The Moneytizer |
2025-12-31T11:54:40.487Z | 2026-01-20T14:28:16.033Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-62892 | Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart al… | 2025-10-27T02:15:48.140 | 2026-01-20T15:18:01.947 |
| fkie_cve-2025-62891 | Cross-Site Request Forgery (CSRF) vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slide… | 2025-10-27T02:15:48.013 | 2026-01-20T15:18:01.823 |
| fkie_cve-2025-62890 | Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Brands for WooCommerce premm… | 2025-10-27T02:15:47.883 | 2026-01-20T15:18:01.680 |
| fkie_cve-2025-62889 | Missing Authorization vulnerability in KingAddons.com King Addons for Elementor king-addons allows … | 2025-10-27T02:15:47.757 | 2026-01-20T15:18:01.547 |
| fkie_cve-2025-62888 | Missing Authorization vulnerability in Marco Milesi WP Attachments allows Exploiting Incorrectly Co… | 2025-12-31T15:15:53.663 | 2026-01-20T15:18:01.443 |
| fkie_cve-2025-62887 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T02:15:47.617 | 2026-01-20T15:18:01.313 |
| fkie_cve-2025-62886 | Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Pricing Table builder wpdevart-pricing-… | 2025-10-27T02:15:47.490 | 2026-01-20T15:18:01.177 |
| fkie_cve-2025-62885 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T02:15:47.350 | 2026-01-20T15:18:01.043 |
| fkie_cve-2025-62884 | Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage … | 2025-10-27T02:15:47.220 | 2026-01-20T15:18:00.903 |
| fkie_cve-2025-62883 | Missing Authorization vulnerability in Premmerce Premmerce User Roles premmerce-user-roles allows E… | 2025-10-27T02:15:47.090 | 2026-01-20T15:18:00.760 |
| fkie_cve-2025-62882 | Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-po… | 2025-10-27T02:15:46.940 | 2026-01-20T15:18:00.620 |
| fkie_cve-2025-62881 | Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exp… | 2025-10-27T02:15:46.787 | 2026-01-20T15:18:00.487 |
| fkie_cve-2025-62880 | Cross-Site Request Forgery (CSRF) vulnerability in Kunal Nagar Custom 404 Pro allows Cross Site Req… | 2025-12-22T10:16:01.030 | 2026-01-20T15:18:00.387 |
| fkie_cve-2025-62874 | Missing Authorization vulnerability in Alexander AnyComment allows Exploiting Incorrectly Configure… | 2025-12-31T17:15:47.617 | 2026-01-20T15:18:00.290 |
| fkie_cve-2025-62873 | Cross-Site Request Forgery (CSRF) vulnerability in Flashyapp WP Flashy Marketing Automation wp-flas… | 2025-12-09T16:18:04.473 | 2026-01-20T15:18:00.157 |
| fkie_cve-2025-62872 | Cross-Site Request Forgery (CSRF) vulnerability in JK Social Photo Fetcher facebook-photo-fetcher a… | 2025-12-09T16:18:04.340 | 2026-01-20T15:18:00.027 |
| fkie_cve-2025-62871 | Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / JustCoded Just TinyMCE Custom … | 2025-12-09T16:18:04.203 | 2026-01-20T15:17:59.893 |
| fkie_cve-2025-62870 | Missing Authorization vulnerability in Eupago Eupago Gateway For Woocommerce eupago-gateway-for-woo… | 2025-12-09T16:18:04.073 | 2026-01-20T15:17:59.763 |
| fkie_cve-2025-62869 | Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – W… | 2025-12-09T16:18:03.943 | 2026-01-20T15:17:59.637 |
| fkie_cve-2025-62868 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-10-24T08:15:34.430 | 2026-01-20T15:17:59.530 |
| fkie_cve-2025-62867 | Missing Authorization vulnerability in ergonet Ergonet Cache ergonet-varnish-cache allows Exploitin… | 2025-12-09T16:18:03.807 | 2026-01-20T15:17:59.407 |
| fkie_cve-2025-62866 | Cross-Site Request Forgery (CSRF) vulnerability in Valerio Monti Auto Alt Text auto-alt-text allows… | 2025-12-09T16:18:03.667 | 2026-01-20T15:17:59.283 |
| fkie_cve-2025-62865 | Missing Authorization vulnerability in Evan Herman Post Cloner post-cloner allows Exploiting Incorr… | 2025-12-09T16:18:03.523 | 2026-01-20T15:17:59.160 |
| fkie_cve-2025-62762 | Cross-Site Request Forgery (CSRF) vulnerability in photoboxone SMTP Mail smtp-mail allows Cross Sit… | 2025-12-09T16:18:03.027 | 2026-01-20T15:17:59.037 |
| fkie_cve-2025-62761 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T09:15:51.923 | 2026-01-20T15:17:58.940 |
| fkie_cve-2025-62760 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T09:15:51.770 | 2026-01-20T15:17:58.843 |
| fkie_cve-2025-62759 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T09:15:51.620 | 2026-01-20T15:17:58.753 |
| fkie_cve-2025-62758 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T09:15:51.473 | 2026-01-20T15:17:58.660 |
| fkie_cve-2025-62757 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T12:16:18.740 | 2026-01-20T15:17:58.567 |
| fkie_cve-2025-62756 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T12:16:18.593 | 2026-01-20T15:17:58.470 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-mp53-vxqr-3f76 |
9.8 (3.1)
|
An issue in Automai BotManager v.25.2.0 allows a remote attacker to execute arbitrary code via the … | 2026-01-12T18:30:30Z | 2026-01-12T18:30:30Z |
| ghsa-m3m3-pp28-9hrp |
4.8 (3.1)
|
The Quiz Maker WordPress plugin before 6.7.0.89 does not sanitise and escape some of its settings, … | 2026-01-12T06:30:14Z | 2026-01-12T18:30:30Z |
| ghsa-f3vq-4x38-vg3x |
5.5 (3.1)
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe … | 2026-01-10T00:30:30Z | 2026-01-12T18:30:30Z |
| ghsa-f2cj-whwv-wjfw |
6.5 (3.1)
|
The issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.… | 2026-01-10T00:30:30Z | 2026-01-12T18:30:30Z |
| ghsa-c87m-hx3f-42wq |
5.3 (3.1)
|
Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for in… | 2026-01-12T18:30:30Z | 2026-01-12T18:30:30Z |
| ghsa-8mfp-xmv3-hv35 |
8.1 (3.1)
|
Authentication Bypass by Spoofing vulnerability in Apache NimBLE. Receiving specially crafted Secu… | 2026-01-10T12:30:15Z | 2026-01-12T18:30:30Z |
| ghsa-7g4v-c9v7-6647 |
8.8 (3.1)
|
An issue in Automai Director v.25.2.0 allows a remote attacker to execute arbitrary code via the up… | 2026-01-12T18:30:30Z | 2026-01-12T18:30:30Z |
| ghsa-6phw-p8vc-q8gp |
7.5 (3.1)
|
NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection comp… | 2026-01-10T12:30:16Z | 2026-01-12T18:30:30Z |
| ghsa-4rm3-56gv-9xv3 |
8.2 (3.1)
|
An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges and obtain se… | 2026-01-12T18:30:30Z | 2026-01-12T18:30:30Z |
| ghsa-44vp-c93r-6656 |
9.8 (3.1)
|
EDIMAX BR-6208AC V2_1.02 is vulnerable to Command Injection. This arises because the pppUserName fi… | 2026-01-09T18:31:37Z | 2026-01-12T18:30:30Z |
| ghsa-3hjw-x946-3rhg |
8.2 (3.1)
|
Errands before 46.2.10 does not verify TLS certificates for CalDAV servers. | 2026-01-12T18:30:30Z | 2026-01-12T18:30:30Z |
| ghsa-qgg6-hj2r-3x43 |
7.5 (3.1)
|
fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_mono… | 2026-01-09T18:31:36Z | 2026-01-12T18:30:29Z |
| ghsa-jxg2-gp53-m88h |
7.5 (3.1)
|
In Yonyou YonBIP v3 and before, the LoginWithV8 interface in the series data application service sy… | 2026-01-09T18:31:36Z | 2026-01-12T18:30:29Z |
| ghsa-9w9h-4qfh-f6m6 |
6.5 (3.1)
|
An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files… | 2026-01-09T18:31:36Z | 2026-01-12T18:30:29Z |
| ghsa-75mq-3gf9-64wc |
9.8 (3.1)
|
A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA… | 2026-01-09T18:31:37Z | 2026-01-12T18:30:29Z |
| ghsa-mmrr-c2j6-cqfp |
7.5 (3.1)
5.1 (4.0)
|
Panda3D versions up to and including 1.10.16 egg-mkfont contains an uncontrolled format string vuln… | 2026-01-07T21:31:56Z | 2026-01-12T18:30:25Z |
| ghsa-gwg6-62mc-7h63 |
9.8 (3.1)
6.9 (4.0)
|
Panda3D versions up to and including 1.10.16 egg-mkfont contains a stack-based buffer overflow vuln… | 2026-01-07T21:31:56Z | 2026-01-12T18:30:25Z |
| ghsa-xvxx-4fr3-55xv |
5.5 (3.1)
6.9 (4.0)
|
Panda3D versions up to and including 1.10.16 deploy-stub contains a denial of service vulnerability… | 2026-01-07T21:31:56Z | 2026-01-12T18:30:24Z |
| ghsa-6mw8-c4j3-m9rv |
8.1 (3.1)
5.1 (4.0)
|
A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An aut… | 2026-01-06T18:31:36Z | 2026-01-12T18:30:24Z |
| ghsa-5r65-89wp-6mxr |
9.8 (3.1)
9.4 (4.0)
|
wolfSSH’s key exchange state machine can be manipulated to leak the client’s password in the clear,… | 2026-01-06T18:31:36Z | 2026-01-12T18:30:24Z |
| ghsa-mhwg-hvw8-9w84 |
5.4 (3.1)
5.3 (4.0)
|
Microweber 2.0.15 contains a stored cross-site scripting vulnerability that allows authenticated at… | 2025-12-12T00:30:20Z | 2026-01-12T18:30:21Z |
| ghsa-9247-4234-vwrq |
7.8 (3.1)
8.8 (4.0)
|
A local privilege escalation vulnerability in Bitdefender Total Security 27.0.46.231 allows low-pri… | 2025-12-10T12:31:27Z | 2026-01-12T18:30:20Z |
| ghsa-wh65-53hg-mxpv |
5.5 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: Revert "fs/ntfs3: Replace inod… | 2025-09-07T18:31:27Z | 2026-01-12T18:30:19Z |
| ghsa-jx3q-xcpc-36h3 |
5.5 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: fix panic due to… | 2025-09-05T18:31:27Z | 2026-01-12T18:30:19Z |
| ghsa-frvj-f982-mfmx |
7.8 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds che… | 2025-09-07T18:31:27Z | 2026-01-12T18:30:19Z |
| ghsa-cvwp-768v-w5r3 |
7.1 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for … | 2025-09-05T18:31:27Z | 2026-01-12T18:30:19Z |
| ghsa-45h6-97cw-2x6c |
5.5 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Lock resolution … | 2025-09-05T18:31:27Z | 2026-01-12T18:30:19Z |
| ghsa-887v-xh2x-47cm |
6.1 (3.1)
|
Mattermost Server is vulnerable to XSS through display name field | 2022-05-24T17:21:05Z | 2026-01-12T18:30:08Z |
| ghsa-vrh2-rprg-rgc6 |
6.1 (3.1)
|
Mattermost Server does not safeguard against phishing via error page links | 2022-05-24T17:21:05Z | 2026-01-12T18:16:42Z |
| ghsa-h742-xx59-r9pq |
5.3 (3.1)
|
Mattermost Server exposes sensitive user status information via REST API version 4 endpoint | 2022-05-24T17:21:05Z | 2026-01-12T16:19:55Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-27359 | Certain WithSecure products allow a Denial of Service because the engine scanner can go i… | 2024-02-26T06:02:26.737701Z |
| gsd-2024-27367 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.735975Z |
| gsd-2024-27352 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.733615Z |
| gsd-2024-27433 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.732767Z |
| gsd-2024-27398 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.732390Z |
| gsd-2024-27378 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.730296Z |
| gsd-2024-27403 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.728818Z |
| gsd-2024-27364 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.727727Z |
| gsd-2024-27402 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.725937Z |
| gsd-2024-27365 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.717503Z |
| gsd-2024-27424 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.715283Z |
| gsd-2024-27428 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.708254Z |
| gsd-2024-27420 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.707962Z |
| gsd-2024-27353 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.706342Z |
| gsd-2024-27407 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.705641Z |
| gsd-2024-27446 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.700337Z |
| gsd-2024-27443 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.699975Z |
| gsd-2024-27417 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.697944Z |
| gsd-2024-27410 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.697669Z |
| gsd-2024-27401 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.696178Z |
| gsd-2024-27379 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.695824Z |
| gsd-2024-27357 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.691857Z |
| gsd-2024-27426 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.691509Z |
| gsd-2024-27369 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.690489Z |
| gsd-2024-27439 | An error in the evaluation of the fetch metadata headers could allow a bypass of the CSRF… | 2024-02-26T06:02:26.690198Z |
| gsd-2024-27354 | An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before… | 2024-02-26T06:02:26.689042Z |
| gsd-2024-27371 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.687244Z |
| gsd-2024-27438 | Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver f… | 2024-02-26T06:02:26.685817Z |
| gsd-2024-27395 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.685436Z |
| gsd-2024-27355 | An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before… | 2024-02-26T06:02:26.679887Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-186135 | Malicious code in chi-error-kappa-shell-error (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186134 | Malicious code in chi-cron-sudo-finally-visualize (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186133 | Malicious code in chi-bad-deserialize-throw-static (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186132 | Malicious code in charon-transhumanism-zephyr-electron-builder (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186131 | Malicious code in charon-stream-fornax-dotenv (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186130 | Malicious code in chariklo-sirius-relay-leda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186129 | Malicious code in chariklo-perseus-chalk-antares (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186128 | Malicious code in chariklo-library-public-local (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186127 | Malicious code in chariklo-dysonswarm-yildun-adonis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186126 | Malicious code in chariklo-babel-postgres-thuban (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186125 | Malicious code in chariklo-areology-changelog-arcturus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186124 | Malicious code in char-xml-xml-validate-validate (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186123 | Malicious code in char-hot-import-public-process (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186122 | Malicious code in char-double-load-notify-gamma (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186121 | Malicious code in char-cat-execute-eta-authenticate (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186120 | Malicious code in char-bundle-route-refactor-async (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186119 | Malicious code in char-alert-abstract-decrypt-test (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186118 | Malicious code in changelog-unuk-antares-restart (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186117 | Malicious code in changelog-tachyon-writable-pipe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186116 | Malicious code in changelog-supernova-mantle-hermes (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186115 | Malicious code in changelog-prompts-europa-blazar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186114 | Malicious code in changelog-polaris-dotenv-safe-phoebe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186113 | Malicious code in changelog-multiverse-heliophysics-regulus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186112 | Malicious code in changelog-middleware-koa-betelgeuse (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186111 | Malicious code in changelog-hugo-fusion-tectonic (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186110 | Malicious code in changelog-gridsome-perseus-css-minimizer-webpack-plugin (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186109 | Malicious code in changelog-graviton-hadron-panspermia (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186108 | Malicious code in changelog-borealis-resolvers-resonance (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186107 | Malicious code in changelog-archaeogenetics-mini-css-extract-plugin-dotenv (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186106 | Malicious code in chalk-supercluster-repository-morgan (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2023-0706 | Insyde UEFI Firmware: Mehrere Schwachstellen | 2023-03-21T23:00:00.000+00:00 | 2023-03-21T23:00:00.000+00:00 |
| wid-sec-w-2023-0705 | Nextcloud: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2023-03-21T23:00:00.000+00:00 | 2023-03-21T23:00:00.000+00:00 |
| wid-sec-w-2023-0704 | Jenkins Plugins: Mehrere Schwachstellen | 2023-03-21T23:00:00.000+00:00 | 2023-03-21T23:00:00.000+00:00 |
| wid-sec-w-2023-0696 | Moodle: Mehrere Schwachstellen | 2023-03-20T23:00:00.000+00:00 | 2023-03-21T23:00:00.000+00:00 |
| wid-sec-w-2022-2180 | Wind River VxWorks: Schwachstelle ermöglicht Denial of Service | 2022-11-27T23:00:00.000+00:00 | 2023-03-21T23:00:00.000+00:00 |
| wid-sec-w-2022-0201 | Ghostscript: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2022-04-28T22:00:00.000+00:00 | 2023-03-21T23:00:00.000+00:00 |
| wid-sec-w-2023-0702 | Samsung Exynos-Chipsätze: Mehrere Schwachstellen ermöglichen Codeausführung | 2023-03-20T23:00:00.000+00:00 | 2023-03-20T23:00:00.000+00:00 |
| wid-sec-w-2023-0699 | tribe29 checkmk: Schwachstelle ermöglicht Darstellen falscher Informationen | 2023-03-20T23:00:00.000+00:00 | 2023-03-20T23:00:00.000+00:00 |
| wid-sec-w-2023-0698 | Apache Sling: Schwachstelle ermöglicht Denial of Service | 2023-03-20T23:00:00.000+00:00 | 2023-03-20T23:00:00.000+00:00 |
| wid-sec-w-2023-0693 | OTRS: Mehrere Schwachstellen | 2023-03-19T23:00:00.000+00:00 | 2023-03-19T23:00:00.000+00:00 |
| wid-sec-w-2023-0689 | IBM Spectrum Protect: Schwachstelle ermöglicht Denial of Service | 2023-03-19T23:00:00.000+00:00 | 2023-03-19T23:00:00.000+00:00 |
| wid-sec-w-2023-0687 | MISP: Mehrere Schwachstellen ermöglichen Cross-Site Scripting | 2023-03-19T23:00:00.000+00:00 | 2023-03-19T23:00:00.000+00:00 |
| wid-sec-w-2023-0683 | Treck TCP/IP-Stack: Mehrere Schwachstellen | 2020-06-16T22:00:00.000+00:00 | 2023-03-19T23:00:00.000+00:00 |
| wid-sec-w-2022-2100 | Atlassian Bitbucket: Schwachstelle ermöglicht Codeausführung | 2022-11-16T23:00:00.000+00:00 | 2023-03-19T23:00:00.000+00:00 |
| wid-sec-w-2023-0676 | ILIAS: Mehrere Schwachstellen | 2023-03-16T23:00:00.000+00:00 | 2023-03-16T23:00:00.000+00:00 |
| wid-sec-w-2023-0675 | OpenBSD: Schwachstelle ermöglicht Denial of Service | 2023-03-16T23:00:00.000+00:00 | 2023-03-16T23:00:00.000+00:00 |
| wid-sec-w-2023-0644 | Apache Tomcat: Schwachstelle ermöglicht Denial of Service | 2016-06-22T22:00:00.000+00:00 | 2023-03-16T23:00:00.000+00:00 |
| wid-sec-w-2022-1749 | QEMU: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2021-01-31T23:00:00.000+00:00 | 2023-03-16T23:00:00.000+00:00 |
| wid-sec-w-2023-0672 | LibreSSL: Schwachstelle ermöglicht Offenlegung von Informationen | 2023-03-15T23:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| wid-sec-w-2023-0666 | OpenJPEG: Schwachstelle ermöglicht Denial of Service | 2020-01-12T23:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| wid-sec-w-2023-0665 | OpenJPEG: Schwachstelle ermöglicht Denial of Service | 2020-01-28T23:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| wid-sec-w-2023-0664 | OpenJPEG: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2020-06-29T22:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| wid-sec-w-2023-0663 | PHPMailer: Mehrere Schwachstellen ermöglichen Codeausführung | 2021-06-17T22:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| wid-sec-w-2023-0662 | Mattermost: Schwachstelle ermöglicht Cross-Site Scripting | 2023-03-15T23:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| wid-sec-w-2023-0101 | Mattermost: Mehrere Schwachstellen | 2023-01-16T23:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| wid-sec-w-2022-1880 | OpenJPEG: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode mit Benutzerrechten | 2020-12-29T23:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| wid-sec-w-2022-0897 | PCRE (Perl Compatible Regular Expressions): Schwachstelle ermöglicht Denial of Service | 2020-02-16T23:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| wid-sec-w-2022-0523 | PCRE2: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-05-12T22:00:00.000+00:00 | 2023-03-15T23:00:00.000+00:00 |
| bsi-2022-0004 | Insufficient restrictions in validate functions of CSAF full validators | 2022-09-01T15:22:00+02:00 | 2023-03-15T21:00:00.000Z |
| wid-sec-w-2023-0659 | Aruba ClearPass Policy Manager: Mehrere Schwachstellen | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:8481 | Red Hat Security Advisory: libsoup security update | 2025-06-04T03:34:04+00:00 | 2025-11-21T19:36:36+00:00 |
| rhsa-2025:8480 | Red Hat Security Advisory: libsoup security update | 2025-06-04T03:41:29+00:00 | 2025-11-21T19:36:36+00:00 |
| rhsa-2025:8467 | Red Hat Security Advisory: nodejs:22 security update | 2025-06-03T20:28:49+00:00 | 2025-11-21T19:36:34+00:00 |
| rhsa-2025:8465 | Red Hat Security Advisory: firefox security update | 2025-06-03T16:45:58+00:00 | 2025-11-21T19:36:34+00:00 |
| rhsa-2025:8419 | Red Hat Security Advisory: python36:3.6 security update | 2025-06-03T02:04:07+00:00 | 2025-11-21T19:36:32+00:00 |
| rhsa-2025:8399 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-06-02T21:36:32+00:00 | 2025-11-21T19:36:31+00:00 |
| rhsa-2025:8374 | Red Hat Security Advisory: kernel security update | 2025-06-02T10:12:06+00:00 | 2025-11-21T19:36:29+00:00 |
| rhsa-2025:8371 | Red Hat Security Advisory: firefox security update | 2025-06-02T07:59:46+00:00 | 2025-11-21T19:36:29+00:00 |
| rhsa-2025:8370 | Red Hat Security Advisory: firefox security update | 2025-06-02T08:02:01+00:00 | 2025-11-21T19:36:28+00:00 |
| rhsa-2025:8369 | Red Hat Security Advisory: firefox security update | 2025-06-02T08:01:16+00:00 | 2025-11-21T19:36:28+00:00 |
| rhsa-2025:8351 | Red Hat Security Advisory: varnish security update | 2025-06-02T03:16:50+00:00 | 2025-11-21T19:36:28+00:00 |
| rhsa-2025:8350 | Red Hat Security Advisory: varnish security update | 2025-06-02T03:04:25+00:00 | 2025-11-21T19:36:28+00:00 |
| rhsa-2025:8349 | Red Hat Security Advisory: varnish security update | 2025-06-02T03:12:20+00:00 | 2025-11-21T19:36:28+00:00 |
| rhsa-2025:8341 | Red Hat Security Advisory: firefox security update | 2025-06-02T02:12:45+00:00 | 2025-11-21T19:36:25+00:00 |
| rhsa-2025:8340 | Red Hat Security Advisory: varnish:6 security update | 2025-06-02T02:14:50+00:00 | 2025-11-21T19:36:25+00:00 |
| rhsa-2025:8339 | Red Hat Security Advisory: varnish:6 security update | 2025-06-02T01:55:30+00:00 | 2025-11-21T19:36:25+00:00 |
| rhsa-2025:8337 | Red Hat Security Advisory: varnish security update | 2025-06-02T02:18:05+00:00 | 2025-11-21T19:36:24+00:00 |
| rhsa-2025:8336 | Red Hat Security Advisory: varnish:6 security update | 2025-06-02T03:23:55+00:00 | 2025-11-21T19:36:24+00:00 |
| rhsa-2025:8333 | Red Hat Security Advisory: kernel security update | 2025-06-02T01:35:15+00:00 | 2025-11-21T19:36:23+00:00 |
| rhsa-2025:8294 | Red Hat Security Advisory: varnish:6 security update | 2025-05-29T08:50:30+00:00 | 2025-11-21T19:36:23+00:00 |
| rhsa-2025:8310 | Red Hat Security Advisory: varnish:6 security update | 2025-05-29T12:37:36+00:00 | 2025-11-21T19:36:21+00:00 |
| rhsa-2025:8308 | Red Hat Security Advisory: firefox security update | 2025-05-29T11:31:05+00:00 | 2025-11-21T19:36:21+00:00 |
| rhsa-2025:8303 | Red Hat Security Advisory: OpenShift Container Platform 4.12.77 bug fix and security update | 2025-06-05T09:36:03+00:00 | 2025-11-21T19:36:21+00:00 |
| rhsa-2025:8293 | Red Hat Security Advisory: firefox security update | 2025-05-29T07:17:14+00:00 | 2025-11-21T19:36:19+00:00 |
| rhsa-2025:8292 | Red Hat Security Advisory: mingw-freetype and spice-client-win security update | 2025-05-29T06:42:49+00:00 | 2025-11-21T19:36:19+00:00 |
| rhsa-2025:8253 | Red Hat Security Advisory: spice-client-win security update | 2025-05-28T08:03:42+00:00 | 2025-11-21T19:36:17+00:00 |
| rhsa-2025:8278 | Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.16.1 security update | 2025-05-28T20:55:14+00:00 | 2025-11-21T19:36:16+00:00 |
| rhsa-2025:8277 | Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.3 security update | 2025-05-28T20:51:24+00:00 | 2025-11-21T19:36:16+00:00 |
| rhsa-2025:8269 | Red Hat Security Advisory: Red Hat OpenShift GitOps 1.16.1 security release | 2025-05-28T16:54:33+00:00 | 2025-11-21T19:36:16+00:00 |
| rhsa-2025:8252 | Red Hat Security Advisory: libsoup security update | 2025-05-28T08:05:32+00:00 | 2025-11-21T19:36:14+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-29650 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value aka CID-175e476b8cdf. | 2021-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-29649 | An issue was discovered in the Linux kernel before 5.11.11. The user mode driver (UMD) has a copy_process() memory leak related to a lack of cleanup steps in kernel/usermode_driver.c and kernel/bpf/preload/bpf_preload_kern.c aka CID-f60a85cad677. | 2021-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-29648 | An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type Format (BTF) which can cause a system crash upon an unexpected access attempt (in map_create in kernel/bpf/syscall.c or check_btf_info in kernel/bpf/verifier.c) aka CID-350a5c4dd245. | 2021-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-29647 | An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure aka CID-50535249f624. | 2021-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-29646 | An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes aka CID-0217ed2848e8. | 2021-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-29155 | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically for sequences of pointer arithmetic operations the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-29154 | BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-28965 | The REXML gem before 3.2.5 in Ruby before 2.6.7 2.7.x before 2.7.3 and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-28879 | In the standard library in Rust before 1.52.0 the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-28878 | In the standard library in Rust before 1.52.0 the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-28877 | In the standard library in Rust before 1.51.0 the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-28876 | In the standard library in Rust before 1.52.0 the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-28875 | In the standard library in Rust before 1.50.0 read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-23133 | Linux Kernel sctp_destroy_sock race condition | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2308 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2307 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2305 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2304 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2301 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2300 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2299 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2298 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2293 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-22890 | curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3 libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. When confusing the tickets a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2278 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2232 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 1.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2230 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2226 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2217 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2215 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201606-0434 | Cisco Prime Network Analysis Module (NAM) before 6.2(1-b) miscalculates IPv6 payload leng… | 2025-04-13T23:41:17.718000Z |
| var-201607-0437 | Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco P… | 2025-04-13T23:41:17.566000Z |
| var-201607-0542 | Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows… | 2025-04-13T23:41:17.536000Z |
| var-201608-0243 | Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a… | 2025-04-13T23:41:17.337000Z |
| var-201609-0305 | Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication f… | 2025-04-13T23:41:17.178000Z |
| var-201609-0391 | Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows… | 2025-04-13T23:41:17.106000Z |
| var-201609-0561 | The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with s… | 2025-04-13T23:41:17.039000Z |
| var-201609-0563 | Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, A… | 2025-04-13T23:41:17.004000Z |
| var-201609-0584 | CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote atta… | 2025-04-13T23:41:16.973000Z |
| var-201610-0210 | Directory traversal vulnerability in Huawei eSight before V300R003C20SPC005 allows remote… | 2025-04-13T23:41:16.935000Z |
| var-201610-0275 | The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.2… | 2025-04-13T23:41:16.874000Z |
| var-201610-0317 | A vulnerability in the configured security policies, including drop email filtering, in C… | 2025-04-13T23:41:16.839000Z |
| var-201610-0338 | Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS … | 2025-04-13T23:41:16.799000Z |
| var-201610-0340 | Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables… | 2025-04-13T23:41:16.763000Z |
| var-201610-0678 | Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11… | 2025-04-13T23:41:16.617000Z |
| var-201611-0168 | Cisco TelePresence endpoints running either CE or TC software contain a vulnerability tha… | 2025-04-13T23:41:16.546000Z |
| var-201611-0321 | The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not prope… | 2025-04-13T23:41:16.487000Z |
| var-201612-0027 | The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15… | 2025-04-13T23:41:16.448000Z |
| var-201612-0365 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 … | 2025-04-13T23:41:16.342000Z |
| var-201402-0383 | Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denia… | 2025-04-13T23:39:46.939000Z |
| var-201404-0083 | Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 a… | 2025-04-13T23:39:46.716000Z |
| var-201404-0501 | The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, 710 patch 029, and… | 2025-04-13T23:39:46.589000Z |
| var-201404-0671 | SAP Print and Output Management has hardcoded credentials, which makes it easier for remo… | 2025-04-13T23:39:46.453000Z |
| var-201405-0015 | Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for Word… | 2025-04-13T23:39:46.411000Z |
| var-201406-0355 | Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary co… | 2025-04-13T23:39:45.884000Z |
| var-201407-0478 | Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X… | 2025-04-13T23:39:45.655000Z |
| var-201407-0648 | Multiple cross-site scripting (XSS) vulnerabilities in pages/3DComplete.php in the WooCom… | 2025-04-13T23:39:41.899000Z |
| var-201408-0031 | Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740_121, 760 befor… | 2025-04-13T23:39:41.864000Z |
| var-201408-0157 | The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users … | 2025-04-13T23:39:41.772000Z |
| var-201408-0346 | QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use w… | 2025-04-13T23:39:41.632000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2022:1911-1 | Security update for hdf5, suse-hpc | 2022-06-02T07:54:26Z | 2022-06-02T07:54:26Z |
| suse-su-2022:1910-1 | Security update for hdf5 | 2022-06-01T15:24:23Z | 2022-06-01T15:24:23Z |
| suse-su-2022:1908-1 | Security update for postgresql14 | 2022-06-01T13:32:16Z | 2022-06-01T13:32:16Z |
| suse-su-2022:1903-1 | Security update for hdf5 | 2022-06-01T09:04:18Z | 2022-06-01T09:04:18Z |
| suse-su-2022:1898-1 | Security update for fribidi | 2022-05-31T16:04:04Z | 2022-05-31T16:04:04Z |
| suse-su-2022:1895-1 | Security update for postgresql13 | 2022-05-31T12:51:46Z | 2022-05-31T12:51:46Z |
| suse-su-2022:1894-1 | Security update for postgresql12 | 2022-05-31T12:49:36Z | 2022-05-31T12:49:36Z |
| suse-su-2022:1616-1 | Security update for bind | 2022-05-31T12:21:04Z | 2022-05-31T12:21:04Z |
| suse-su-2022:1893-1 | Security update for php74 | 2022-05-31T10:52:23Z | 2022-05-31T10:52:23Z |
| suse-su-2022:1892-1 | Security update for dpdk | 2022-05-31T10:32:59Z | 2022-05-31T10:32:59Z |
| suse-su-2022:1891-1 | Security update for librelp | 2022-05-31T10:32:08Z | 2022-05-31T10:32:08Z |
| suse-su-2022:1890-1 | Security update for postgresql10 | 2022-05-31T09:21:37Z | 2022-05-31T09:21:37Z |
| suse-su-2022:1889-1 | Security update for gimp | 2022-05-31T08:52:28Z | 2022-05-31T08:52:28Z |
| suse-su-2022:1888-1 | Security update for helm-mirror | 2022-05-31T08:44:57Z | 2022-05-31T08:44:57Z |
| suse-su-2022:1886-1 | Security update for mailman | 2022-05-31T07:10:14Z | 2022-05-31T07:10:14Z |
| suse-su-2022:1885-1 | Security update for ImageMagick | 2022-05-31T07:08:53Z | 2022-05-31T07:08:53Z |
| suse-su-2022:1884-1 | Security update for openstack-neutron | 2022-05-31T06:55:12Z | 2022-05-31T06:55:12Z |
| suse-ru-2022:1883-1 | Recommended update for pcre2 | 2022-05-30T10:41:56Z | 2022-05-30T10:41:56Z |
| suse-su-2022:1883-1 | Security update for pcre2 | 2022-05-30T10:41:49Z | 2022-05-30T10:41:49Z |
| suse-su-2022:1882-1 | Security update for tiff | 2022-05-30T10:37:56Z | 2022-05-30T10:37:56Z |
| suse-su-2022:1874-1 | Security update for postgresql14 | 2022-05-27T14:59:01Z | 2022-05-27T14:59:01Z |
| suse-su-2022:1873-1 | Security update for pcp | 2022-05-27T13:28:56Z | 2022-05-27T13:28:56Z |
| suse-su-2022:1870-1 | Security update for curl | 2022-05-27T08:03:47Z | 2022-05-27T08:03:47Z |
| suse-su-2022:1869-1 | Security update for postgresql12 | 2022-05-27T08:00:49Z | 2022-05-27T08:00:49Z |
| suse-su-2022:1862-1 | Security update for go1.17 | 2022-05-26T10:41:55Z | 2022-05-26T10:41:55Z |
| suse-su-2022:1861-1 | Security update for cups | 2022-05-26T10:08:15Z | 2022-05-26T10:08:15Z |
| suse-su-2022:1859-1 | Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP3) | 2022-05-26T08:34:01Z | 2022-05-26T08:34:01Z |
| suse-su-2022:1853-1 | Security update for wpa_supplicant | 2022-05-26T07:12:18Z | 2022-05-26T07:12:18Z |
| suse-su-2022:1849-1 | Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3) | 2022-05-25T17:33:44Z | 2022-05-25T17:33:44Z |
| suse-su-2022:1847-1 | Security update for kernel-firmware | 2022-05-25T15:11:41Z | 2022-05-25T15:11:41Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2017:1579-1 | Security update for Mozilla Thunderbird | 2017-06-16T09:03:31Z | 2017-06-16T09:03:31Z |
| opensuse-su-2017:1531-1 | Security update for ffmpeg | 2017-06-11T09:31:47Z | 2017-06-11T09:31:47Z |
| opensuse-su-2017:1532-1 | Security update for ffmpeg | 2017-06-11T09:31:21Z | 2017-06-11T09:31:21Z |
| opensuse-su-2017:1515-1 | Security update for irssi | 2017-06-08T11:11:34Z | 2017-06-08T11:11:34Z |
| opensuse-su-2017:1505-1 | Security update for irssi | 2017-06-08T11:11:34Z | 2017-06-08T11:11:34Z |
| opensuse-su-2017:1502-1 | Security update for chromium | 2017-06-07T16:57:03Z | 2017-06-07T16:57:03Z |
| opensuse-su-2017:1501-1 | Security update for chromium | 2017-06-07T16:57:03Z | 2017-06-07T16:57:03Z |
| opensuse-su-2017:1272-1 | Security update for kauth, kdelibs4 | 2017-05-15T11:40:03Z | 2017-05-15T11:40:03Z |
| opensuse-su-2017:1254-1 | Security update for kauth, kdelibs4 | 2017-05-15T11:40:03Z | 2017-05-15T11:40:03Z |
| opensuse-su-2017:1268-1 | Security update for MozillaThunderbird | 2017-05-15T11:20:05Z | 2017-05-15T11:20:05Z |
| opensuse-su-2017:1194-1 | Security update for Chromium | 2017-05-06T18:38:52Z | 2017-05-06T18:38:52Z |
| opensuse-su-2017:1190-1 | Security update for Chromium | 2017-05-06T18:38:52Z | 2017-05-06T18:38:52Z |
| opensuse-su-2017:1100-1 | Security update for chromium | 2017-04-24T17:04:59Z | 2017-04-24T17:04:59Z |
| opensuse-su-2017:1098-1 | Security update for chromium | 2017-04-24T17:04:59Z | 2017-04-24T17:04:59Z |
| opensuse-su-2017:0961-1 | Security update for ffmpeg | 2017-04-07T09:00:09Z | 2017-04-07T09:00:09Z |
| opensuse-su-2017:0958-1 | Security update for ffmpeg | 2017-04-07T09:00:09Z | 2017-04-07T09:00:09Z |
| opensuse-su-2017:0917-1 | Recommended update for geotiff | 2017-04-04T06:16:31Z | 2017-04-04T06:16:31Z |
| opensuse-su-2017:0916-1 | Recommended update for geotiff | 2017-04-04T06:16:31Z | 2017-04-04T06:16:31Z |
| opensuse-su-2017:0909-1 | Security update for Chromium | 2017-04-01T16:49:09Z | 2017-04-01T16:49:09Z |
| opensuse-su-2017:0908-1 | Security update for Chromium | 2017-04-01T16:49:09Z | 2017-04-01T16:49:09Z |
| opensuse-su-2017:0792-1 | Security update for mbedtls | 2017-03-22T10:02:23Z | 2017-03-22T10:02:23Z |
| opensuse-su-2017:0790-1 | Security update for mbedtls | 2017-03-22T10:02:23Z | 2017-03-22T10:02:23Z |
| opensuse-su-2017:0740-1 | Security update for Chromium | 2017-03-17T20:07:47Z | 2017-03-17T20:07:47Z |
| opensuse-su-2017:0738-1 | Security update for Chromium | 2017-03-17T20:07:47Z | 2017-03-17T20:07:47Z |
| opensuse-su-2017:0739-1 | Security update for irssi | 2017-03-17T19:52:10Z | 2017-03-17T19:52:10Z |
| opensuse-su-2017:0737-1 | Security update for irssi | 2017-03-17T19:52:10Z | 2017-03-17T19:52:10Z |
| opensuse-su-2017:0688-1 | Security update for MozillaThunderbird | 2017-03-14T14:03:02Z | 2017-03-14T14:03:02Z |
| opensuse-su-2017:0687-1 | Security update for MozillaThunderbird | 2017-03-14T14:03:02Z | 2017-03-14T14:03:02Z |
| opensuse-su-2017:0680-1 | Security update for kdelibs4, kio | 2017-03-13T09:55:34Z | 2017-03-13T09:55:34Z |
| opensuse-su-2017:0677-1 | Security update for kdelibs4, kio | 2017-03-13T09:55:34Z | 2017-03-13T09:55:34Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-07522 | Google Android权限提升漏洞(CNVD-2025-07522) | 2025-04-07 | 2025-04-14 |
| cnvd-2025-07521 | Google Android信息泄露漏洞(CNVD-2025-07521) | 2025-04-07 | 2025-04-14 |
| cnvd-2025-07520 | Google Android权限提升漏洞(CNVD-2025-07520) | 2025-04-07 | 2025-04-14 |
| cnvd-2025-07516 | Google Chrome输入验证错误漏洞(CNVD-2025-07516) | 2025-04-08 | 2025-04-14 |
| cnvd-2025-07507 | Adobe Photoshop Desktops堆缓冲区溢出漏洞 | 2025-04-11 | 2025-04-14 |
| cnvd-2025-07506 | Adobe ColdFusion反序列化漏洞 | 2025-04-14 | 2025-04-14 |
| cnvd-2025-07259 | Huawei HarmonyOS image decoding模块读写漏洞 | 2024-12-20 | 2025-04-14 |
| cnvd-2025-07258 | Huawei HarmonyOS UIExtension跨进程页面堆叠漏洞 | 2024-12-20 | 2025-04-14 |
| cnvd-2025-07257 | Huawei HarmonyOS process management模块访问权限不当漏洞 | 2025-03-11 | 2025-04-14 |
| cnvd-2025-07256 | Huawei HarmonyOS lock screen模块权限管理漏洞 | 2025-03-11 | 2025-04-14 |
| cnvd-2025-07255 | Huawei HarmonyOS media library模块权限校验漏洞(CNVD-2025-07255) | 2025-03-11 | 2025-04-14 |
| cnvd-2025-07254 | Huawei HarmonyOS media library模块权限校验漏洞 | 2025-03-11 | 2025-04-14 |
| cnvd-2025-07253 | Huawei HarmonyOS HDC模块访问权限不当漏洞 | 2025-03-11 | 2025-04-14 |
| cnvd-2025-07179 | 深圳市吉祥腾达科技有限公司AC23拒绝服务漏洞 | 2025-04-10 | 2025-04-14 |
| cnvd-2025-07178 | Tenda FH1202访问控制不当漏洞 | 2025-04-10 | 2025-04-14 |
| cnvd-2025-07177 | Tenda AC10栈溢出漏洞 | 2025-04-10 | 2025-04-14 |
| cnvd-2025-07024 | 北京镜舟科技有限公司StarRocks存在未授权访问漏洞 | 2025-02-19 | 2025-04-12 |
| cnvd-2025-06994 | 北京致远互联软件股份有限公司AnalyticsCloud分析云存在任意文件下载漏洞 | 2025-02-19 | 2025-04-12 |
| cnvd-2025-06678 | 天融信科技集团股份有限公司上网行为管理系统存在命令执行漏洞 | 2025-02-24 | 2025-04-12 |
| cnvd-2025-07594 | 深圳市吉祥腾达科技有限公司AC8缓冲区溢出漏洞(CNVD-2025-07594) | 2025-03-27 | 2025-04-11 |
| cnvd-2025-07592 | 深圳市吉祥腾达科技有限公司AC8缓冲区溢出漏洞(CNVD-2025-07592) | 2025-03-28 | 2025-04-11 |
| cnvd-2025-07535 | Tenda AC7缓冲区溢出漏洞 | 2025-03-28 | 2025-04-11 |
| cnvd-2025-07517 | Tenda RX3栈溢出漏洞 | 2025-04-08 | 2025-04-11 |
| cnvd-2025-06945 | StudentServlet-JSP跨站脚本漏洞 | 2025-04-09 | 2025-04-11 |
| cnvd-2025-06944 | PyTorch torch.nn.utils.rnn.unpack_sequence函数缓冲区溢出漏洞 | 2025-04-09 | 2025-04-11 |
| cnvd-2025-06943 | PyTorch torch.nn.utils.rnn.pad_packed_sequence函数缓冲区溢出漏洞 | 2025-04-09 | 2025-04-11 |
| cnvd-2025-06942 | PyTorch torch.lstm_cell函数缓冲区溢出漏洞 | 2025-04-09 | 2025-04-11 |
| cnvd-2025-06941 | PyTorch torch.jit.script函数缓冲区溢出漏洞 | 2025-04-09 | 2025-04-11 |
| cnvd-2025-06939 | Lunary存在未明漏洞(CNVD-2025-06939) | 2025-03-27 | 2025-04-11 |
| cnvd-2025-06938 | Lunary存在未明漏洞(CNVD-2025-06938) | 2025-03-27 | 2025-04-11 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2014-avi-125 | Multiples vulnérabilités dans Asterisk | 2014-03-13T00:00:00.000000 | 2014-03-13T00:00:00.000000 |
| certfr-2014-avi-124 | Vulnérabilité dans Adobe Shockwave Player | 2014-03-13T00:00:00.000000 | 2014-03-13T00:00:00.000000 |
| certfr-2014-avi-123 | Multiples vulnérabilités dans Juniper | 2014-03-13T00:00:00.000000 | 2014-03-13T00:00:00.000000 |
| certfr-2014-avi-122 | Vulnérabilité dans le protocole Microsoft Security Account Manager Remote | 2014-03-12T00:00:00.000000 | 2014-03-12T00:00:00.000000 |
| certfr-2014-avi-121 | Multiples vulnérabilités dans le noyau de Microsoft Windows | 2014-03-12T00:00:00.000000 | 2014-03-12T00:00:00.000000 |
| certfr-2014-avi-120 | Vulnérabilité dans Microsoft Silverlight | 2014-03-12T00:00:00.000000 | 2014-03-12T00:00:00.000000 |
| certfr-2014-avi-119 | Vulnérabilité dans Microsoft DirectShow | 2014-03-12T00:00:00.000000 | 2014-03-12T00:00:00.000000 |
| certfr-2014-avi-118 | Multiples vulnérabilités dans Microsoft Internet Explorer | 2014-03-12T00:00:00.000000 | 2014-03-12T00:00:00.000000 |
| certfr-2014-avi-117 | Multiples vulnérabilités dans VMware vSphere | 2014-03-12T00:00:00.000000 | 2014-03-12T00:00:00.000000 |
| certfr-2014-avi-116 | Multiples vulnérabilités dans les produits Apple | 2014-03-11T00:00:00.000000 | 2014-03-11T00:00:00.000000 |
| certfr-2014-avi-115 | Multiples vulnérabilités dans Adobe Flash | 2014-03-11T00:00:00.000000 | 2014-03-11T00:00:00.000000 |
| certfr-2014-avi-114 | Multiples vulnérabilités dans Google Chrome | 2014-03-11T00:00:00.000000 | 2014-03-11T00:00:00.000000 |
| certfr-2014-avi-113 | Vulnérabilité dans Squid | 2014-03-11T00:00:00.000000 | 2014-03-11T00:00:00.000000 |
| certfr-2014-avi-112 | Multiples vulnérabilités dans Oracle Solaris | 2014-03-10T00:00:00.000000 | 2014-03-10T00:00:00.000000 |
| certfr-2014-avi-111 | Multiples vulnérabilités dans Apache Struts | 2014-03-10T00:00:00.000000 | 2014-03-10T00:00:00.000000 |
| certfr-2014-avi-110 | Multiples vulnérabilités dans Wireshark | 2014-03-10T00:00:00.000000 | 2014-03-10T00:00:00.000000 |
| certfr-2014-avi-109 | Vulnérabilité dans IBM WPAR ftp pour AIX | 2014-03-10T00:00:00.000000 | 2014-03-10T00:00:00.000000 |
| certfr-2014-avi-108 | Vulnérabilité dans Huawei eSpace Meeting | 2014-03-10T00:00:00.000000 | 2014-03-10T00:00:00.000000 |
| certfr-2014-avi-107 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2014-03-07T00:00:00.000000 | 2014-03-07T00:00:00.000000 |
| certfr-2014-avi-104 | Vulnérabilité dans Nginx | 2014-03-06T00:00:00.000000 | 2014-03-07T00:00:00.000000 |
| certfr-2014-avi-106 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2014-03-06T00:00:00.000000 | 2014-03-06T00:00:00.000000 |
| certfr-2014-avi-105 | Multiples vulnérabilités dans Citrix NetScaler | 2014-03-06T00:00:00.000000 | 2014-03-06T00:00:00.000000 |
| certfr-2014-avi-103 | Multiples vulnérabilités dans Puppet | 2014-03-06T00:00:00.000000 | 2014-03-06T00:00:00.000000 |
| certfr-2014-avi-102 | Vulnérabilité dans Cisco Wireless-N VPN | 2014-03-06T00:00:00.000000 | 2014-03-06T00:00:00.000000 |
| certfr-2014-avi-101 | Multiples vulnérabilités dans Cisco Wireless LAN Controller | 2014-03-06T00:00:00.000000 | 2014-03-06T00:00:00.000000 |
| certfr-2014-avi-100 | Multiples vulnérabilités dans Google Chrome | 2014-03-04T00:00:00.000000 | 2014-03-04T00:00:00.000000 |
| certfr-2014-avi-099 | Vulnérabilité dans EMC RSA | 2014-03-03T00:00:00.000000 | 2014-03-03T00:00:00.000000 |
| certfr-2014-avi-098 | Vulnérabilité dans Novell ZENworks | 2014-03-03T00:00:00.000000 | 2014-03-03T00:00:00.000000 |
| certfr-2014-avi-097 | Vulnérabilité dans GnuTLS | 2014-03-03T00:00:00.000000 | 2014-03-03T00:00:00.000000 |
| certfr-2014-avi-096 | Vulnérabilité dans IBM Rational Tester | 2014-02-28T00:00:00.000000 | 2014-02-28T00:00:00.000000 |