Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-52760 |
6.1 (3.1)
|
WordPress MultiSite Clone Duplicator plugin <= 1.5.3 -… |
Globalis |
MultiSite Clone Duplicator |
2025-10-22T14:32:28.248Z | 2026-01-20T14:28:08.789Z |
| CVE-2025-52740 |
8.8 (3.1)
|
WordPress Boldermail Plugin <= 2.4.0 - PHP Object Inje… |
Hernan Villanueva |
Boldermail |
2025-10-22T14:32:23.272Z | 2026-01-20T14:28:08.764Z |
| CVE-2025-52773 |
9.8 (3.1)
|
WordPress HieCOR Payment Gateway plugin plugin <= 1.5.… |
hiecor |
HieCOR Payment Gateway Plugin |
2025-11-06T15:53:57.496Z | 2026-01-20T14:28:08.714Z |
| CVE-2025-52745 |
8.1 (3.1)
|
WordPress Farm Agrico theme <= 1.3.11 - Local File Inc… |
AncoraThemes |
Farm Agrico |
2025-12-18T07:21:44.978Z | 2026-01-20T14:28:08.668Z |
| CVE-2025-52757 |
6.3 (3.1)
|
WordPress SUMO Memberships for WooCommerce plugin <= 7… |
FantasticPlugins |
SUMO Memberships for WooCommerce |
2025-10-22T14:32:27.245Z | 2026-01-20T14:28:08.665Z |
| CVE-2025-52751 |
7.1 (3.1)
|
WordPress Slide Puzzle plugin <= 1.0.0 - Cross Site Sc… |
colome |
Slide Puzzle |
2025-10-22T14:32:24.841Z | 2026-01-20T14:28:08.664Z |
| CVE-2025-52750 |
7.1 (3.1)
|
WordPress Emu2 plugin <= 0.83b - Cross Site Scripting … |
Juergen Schulze |
Emu2 |
2025-10-22T14:32:24.658Z | 2026-01-20T14:28:08.656Z |
| CVE-2025-52763 |
7.1 (3.1)
|
WordPress Nifty Backups plugin <= 1.08 - Cross Site Sc… |
NickDuncan |
Nifty Backups |
2025-10-22T14:32:28.478Z | 2026-01-20T14:28:08.616Z |
| CVE-2025-52754 |
7.1 (3.1)
|
WordPress Sello ChannelConnector plugin <= 1.6.3 - Cro… |
selloio |
Sello ChannelConnector |
2025-10-22T14:32:25.569Z | 2026-01-20T14:28:08.610Z |
| CVE-2025-52758 |
9.1 (3.1)
|
WordPress Zippy plugin <= 1.7.0 - Arbitrary File Uploa… |
Gesundheit Bewegt GmbH |
Zippy |
2025-10-22T14:32:27.961Z | 2026-01-20T14:28:08.584Z |
| CVE-2025-52748 |
7.1 (3.1)
|
WordPress Directory Pro plugin <= 2.5.5 - Cross Site S… |
e-plugins |
Directory Pro |
2025-10-22T14:32:24.265Z | 2026-01-20T14:28:08.584Z |
| CVE-2025-52739 |
7.1 (3.1)
|
WordPress Sala theme <= 1.1.3 - Cross Site Scripting (… |
uxper |
Sala |
2025-12-31T20:10:29.616Z | 2026-01-20T14:28:08.584Z |
| CVE-2025-52756 |
7.4 (3.1)
|
WordPress WP Last Modified Info plugin <= 1.9.2 - Remo… |
Sayan Datta |
WP Last Modified Info |
2025-10-22T14:32:26.710Z | 2026-01-20T14:28:08.525Z |
| CVE-2025-52749 |
7.1 (3.1)
|
WordPress Uji Countdown plugin <= 2.3.3 - Cross Site S… |
Activity Track |
Uji Countdown |
2025-10-22T14:32:24.442Z | 2026-01-20T14:28:08.525Z |
| CVE-2025-52742 |
7.1 (3.1)
|
WordPress Pets Plugin <= 1.4.1 - Cross Site Scripting … |
Igor Benic |
Pets |
2025-10-22T14:32:23.806Z | 2026-01-20T14:28:08.492Z |
| CVE-2025-52736 |
7.1 (3.1)
|
WordPress Finale Lite Plugin <= 2.20.0 - Cross Site Sc… |
Daman Jeet |
Finale Lite |
2025-10-22T14:32:22.566Z | 2026-01-20T14:28:08.492Z |
| CVE-2025-49958 |
7.1 (3.1)
|
WordPress Robokassa payment gateway for Woocommerce pl… |
robokassa |
Robokassa payment gateway for Woocommerce |
2025-10-22T14:32:20.661Z | 2026-01-20T14:28:08.417Z |
| CVE-2025-49962 |
7.1 (3.1)
|
WordPress bbPress Notify plugin <= 2.19.4 - Cross Site… |
useStrict |
bbPress Notify |
2025-10-22T14:32:21.576Z | 2026-01-20T14:28:08.371Z |
| CVE-2025-49961 |
6.3 (3.1)
|
WordPress Breeze Checkout plugin <= 1.4.0 - Broken Acc… |
Breeze Team |
Breeze Checkout |
2025-10-22T14:32:21.376Z | 2026-01-20T14:28:08.365Z |
| CVE-2025-49960 |
6.5 (3.1)
|
WordPress LeadBI Plugin for WordPress plugin <= 1.7 - … |
leadbi |
LeadBI Plugin for WordPress |
2025-10-22T14:32:21.173Z | 2026-01-20T14:28:08.311Z |
| CVE-2025-50053 |
7.1 (3.1)
|
WordPress Blappsta Mobile App Plugin – Your native, mo… |
nebelhorn |
Blappsta Mobile App Plugin – Your native, mobile iPhone App and Android App |
2025-12-31T20:09:03.413Z | 2026-01-20T14:28:08.302Z |
| CVE-2025-49963 |
7.1 (3.1)
|
WordPress Simple Stripe Checkout plugin <= 1.1.28 - Cr… |
growniche |
Simple Stripe Checkout |
2025-10-22T14:32:21.783Z | 2026-01-20T14:28:08.285Z |
| CVE-2025-49992 |
7.1 (3.1)
|
WordPress LearnPress Export Import Plugin <= 4.0.9 - C… |
ThimPress |
LearnPress Export Import |
2025-10-22T14:32:21.965Z | 2026-01-20T14:28:08.282Z |
| CVE-2025-49959 |
7.1 (3.1)
|
WordPress bbPress Move Topics plugin <= 1.1.6 - Cross … |
Pascal Casier |
bbPress Move Topics |
2025-10-22T14:32:20.965Z | 2026-01-20T14:28:08.267Z |
| CVE-2025-52737 |
8.8 (3.1)
|
WordPress WP Store Locator plugin <= 2.2.260 - PHP Obj… |
Tijmen Smit |
WP Store Locator |
2025-10-22T14:32:22.788Z | 2026-01-20T14:28:08.263Z |
| CVE-2025-52738 |
6.5 (3.1)
|
WordPress Wikipedia Preview Plugin <= 1.15.0 - Broken … |
Wikimedia Foundation |
Wikipedia Preview |
2025-10-22T14:32:23.016Z | 2026-01-20T14:28:08.230Z |
| CVE-2025-49946 |
7.1 (3.1)
|
WordPress Auto Login After Registration plugin <= 1.0.… |
Cynob IT Consultancy |
Auto Login After Registration |
2025-10-22T14:32:17.913Z | 2026-01-20T14:28:08.228Z |
| CVE-2025-49938 |
6.5 (3.1)
|
WordPress JetEngine plugin <= 3.7.3 - Cross Site Scrip… |
CrocoBlock |
JetEngine |
2025-10-22T14:32:16.875Z | 2026-01-20T14:28:08.144Z |
| CVE-2025-49943 |
8.1 (3.1)
|
WordPress Femme theme <= 1.3.11 - Local File Inclusion… |
AncoraThemes |
Femme |
2025-12-18T07:21:44.794Z | 2026-01-20T14:28:08.066Z |
| CVE-2025-49955 |
7.1 (3.1)
|
WordPress WP Smart Flexslider Plugin <= 2.5 - Cross Si… |
Rajan Vijayan |
WP Smart Flexslider |
2025-10-22T14:32:20.010Z | 2026-01-20T14:28:07.948Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-62755 |
5.3 (3.1)
|
WordPress GS Portfolio for Envato plugin <= 1.4.2 - Br… |
GS Plugins |
GS Portfolio for Envato |
2025-12-31T15:22:00.836Z | 2026-01-20T14:28:16.089Z |
| CVE-2025-62753 |
7.5 (3.1)
|
WordPress MAS Videos plugin <= 1.3.2 - Local File Incl… |
MadrasThemes |
MAS Videos |
2025-12-30T22:37:03.420Z | 2026-01-20T14:28:15.848Z |
| CVE-2025-62752 |
6.5 (3.1)
|
WordPress Calendar.online / Kalender.digital plugin <=… |
kalender.digital |
Calendar.online / Kalender.digital |
2025-12-31T11:57:50.214Z | 2026-01-20T14:28:15.737Z |
| CVE-2025-62751 |
4.3 (3.1)
|
WordPress Vireo theme <= 1.0.24 - Broken Access Contro… |
Extend Themes |
Vireo |
2025-12-31T16:02:50.502Z | 2026-01-20T14:28:15.653Z |
| CVE-2025-62750 |
5.9 (3.1)
|
WordPress WooCommerce Parcelas plugin <= 1.3.5 - Cross… |
Filipe Seabra |
WooCommerce Parcelas |
2025-12-31T13:32:33.519Z | 2026-01-20T14:28:15.793Z |
| CVE-2025-62749 |
6.5 (3.1)
|
WordPress User Specific Content plugin <= 1.0.6 - Cros… |
Bainternet |
User Specific Content |
2025-12-31T11:59:31.689Z | 2026-01-20T14:28:15.605Z |
| CVE-2025-62748 |
6.5 (3.1)
|
WordPress Web and WooCommerce Addons for WPBakery Buil… |
Genetech Products |
Web and WooCommerce Addons for WPBakery Builder |
2025-12-31T12:02:49.488Z | 2026-01-20T14:28:16.305Z |
| CVE-2025-62747 |
5.3 (3.1)
|
WordPress Featured Image Generator plugin <= 1.3.3 - B… |
Aum Watcharapon |
Featured Image Generator |
2025-12-31T15:33:59.438Z | 2026-01-20T14:28:15.556Z |
| CVE-2025-62746 |
6.5 (3.1)
|
WordPress Featured Video for WordPress – VideographyWP… |
CodeFlavors |
Featured Video for WordPress & VideographyWP |
2025-12-30T16:13:59.784Z | 2026-01-20T14:28:15.635Z |
| CVE-2025-62744 |
6.5 (3.1)
|
WordPress Page Title Splitter plugin <= 2.5.9 - Cross … |
Chris Steman |
Page Title Splitter |
2025-12-31T12:49:47.870Z | 2026-01-20T14:28:15.542Z |
| CVE-2025-62743 |
6.5 (3.1)
|
WordPress MyBookTable Bookstore plugin <= 3.5.5 - Cros… |
zookatron |
MyBookTable Bookstore |
2025-12-31T12:51:39.424Z | 2026-01-20T14:28:15.645Z |
| CVE-2025-62742 |
6.5 (3.1)
|
WordPress Curator.io plugin <= 1.9.5 - Cross Site Scri… |
Curator.io |
Curator.io |
2025-12-31T13:03:08.340Z | 2026-01-20T14:28:15.700Z |
| CVE-2025-62740 |
5.3 (3.1)
|
WordPress WP-CRM System plugin <= 3.4.5 - Broken Acces… |
Mario Peshev |
WP-CRM System |
2025-12-09T14:52:22.982Z | 2026-01-20T14:28:15.621Z |
| CVE-2025-62739 |
8.8 (3.1)
|
WordPress Add Custom Codes plugin <= 4.80 - Cross Site… |
SaifuMak |
Add Custom Codes |
2025-12-09T14:52:22.791Z | 2026-01-20T14:28:15.551Z |
| CVE-2025-62738 |
5.3 (3.1)
|
WordPress Formstack Online Forms plugin <= 2.0.2 - Bro… |
mmattax |
Formstack Online Forms |
2025-12-09T14:52:22.583Z | 2026-01-20T14:28:16.034Z |
| CVE-2025-62737 |
5.3 (3.1)
|
WordPress Image Cleanup plugin <= 1.9.2 - Sensitive Da… |
opicron |
Image Cleanup |
2025-12-09T14:52:22.392Z | 2026-01-20T14:28:15.641Z |
| CVE-2025-62736 |
4.3 (3.1)
|
WordPress Image Cleanup plugin <= 1.9.2 - Broken Acces… |
opicron |
Image Cleanup |
2025-12-09T14:52:22.205Z | 2026-01-20T14:28:15.541Z |
| CVE-2025-62735 |
5.3 (3.1)
|
WordPress User Spam Remover plugin <= 1.1 - Sensitive … |
Joel |
User Spam Remover |
2025-12-09T14:52:22.012Z | 2026-01-20T14:28:15.525Z |
| CVE-2025-62734 |
4.3 (3.1)
|
WordPress Media Library Downloader plugin <= 1.4.0 - C… |
Michael Revellin-Clerc |
Media Library Downloader |
2025-12-09T14:52:21.803Z | 2026-01-20T14:28:15.531Z |
| CVE-2025-62733 |
4.3 (3.1)
|
WordPress Custom Sidebars by ProteusThemes plugin <= 1… |
ProteusThemes |
Custom Sidebars by ProteusThemes |
2025-12-09T14:52:21.585Z | 2026-01-20T14:28:15.669Z |
| CVE-2025-62154 |
4.3 (3.1)
|
WordPress AI Content Writing Assistant (Content Writer… |
Recorp |
AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One |
2025-12-31T15:41:50.974Z | 2026-01-20T14:28:15.491Z |
| CVE-2025-62153 |
8.8 (3.1)
|
WordPress Quick Interest Slider plugin <= 3.1.5 - Brok… |
Graham |
Quick Interest Slider |
2025-12-09T14:52:21.381Z | 2026-01-20T14:28:15.484Z |
| CVE-2025-62152 |
8.8 (3.1)
|
WordPress ConveyThis plugin <= 268.10 - Broken Access … |
ConveyThis |
ConveyThis |
2025-12-09T14:52:21.181Z | 2026-01-20T14:28:15.428Z |
| CVE-2025-62151 |
8.8 (3.1)
|
WordPress Virtuaria PagBank / PagSeguro para Woocommer… |
Virtuaria |
Virtuaria PagBank / PagSeguro para Woocommerce |
2025-12-09T14:52:20.912Z | 2026-01-20T14:28:15.640Z |
| CVE-2025-62150 |
4.3 (3.1)
|
WordPress History Timeline plugin <= 1.0.6 - Broken Ac… |
Themesawesome |
History Timeline |
2025-12-31T15:42:58.777Z | 2026-01-20T14:28:15.376Z |
| CVE-2025-62149 |
5.9 (3.1)
|
WordPress Add Custom Codes plugin <= 4.80 - Cross Site… |
SaifuMak |
Add Custom Codes |
2025-12-31T13:18:40.521Z | 2026-01-20T14:28:15.384Z |
| CVE-2025-62148 |
4.3 (3.1)
|
WordPress Robots.txt rewrite plugin <= 1.6.1 - Cross S… |
Eugen Bobrowski |
Robots.txt rewrite |
2025-12-31T15:45:54.708Z | 2026-01-20T14:28:15.450Z |
| CVE-2025-62147 |
5.3 (3.1)
|
WordPress Realbig plugin <= 1.1.3 - Broken Access Cont… |
Nik Melnik |
Realbig |
2025-12-31T15:01:16.790Z | 2026-01-20T14:28:15.466Z |
| CVE-2025-62146 |
6.5 (3.1)
|
WordPress MX Time Zone Clocks plugin <= 5.1.1 - Cross … |
Maksym Marko |
MX Time Zone Clocks |
2025-12-31T08:47:52.280Z | 2026-01-20T14:28:15.559Z |
| CVE-2025-62145 |
5.3 (3.1)
|
WordPress DMCA Protection Badge plugin <= 2.2.0 - Brok… |
NewClarity |
DMCA Protection Badge |
2025-12-31T15:01:59.749Z | 2026-01-20T14:28:15.330Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-62755 | Unauthenticated Broken Access Control in GS Portfolio for Envato <= 1.4.2 versions. | 2025-12-31T16:15:47.240 | 2026-01-20T15:17:58.377 |
| fkie_cve-2025-62753 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-30T23:15:50.920 | 2026-01-20T15:17:58.280 |
| fkie_cve-2025-62752 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T12:16:18.417 | 2026-01-20T15:17:58.180 |
| fkie_cve-2025-62751 | Missing Authorization vulnerability in Extend Themes Vireo allows Exploiting Incorrectly Configured… | 2025-12-31T16:15:47.040 | 2026-01-20T15:17:58.073 |
| fkie_cve-2025-62750 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T14:15:53.933 | 2026-01-20T15:17:57.970 |
| fkie_cve-2025-62749 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T12:16:18.243 | 2026-01-20T15:17:57.873 |
| fkie_cve-2025-62748 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T12:16:18.097 | 2026-01-20T15:17:57.770 |
| fkie_cve-2025-62747 | Missing Authorization vulnerability in Aum Watcharapon Featured Image Generator allows Exploiting I… | 2025-12-31T16:15:46.800 | 2026-01-20T15:17:57.673 |
| fkie_cve-2025-62746 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T16:15:45.473 | 2026-01-20T15:17:57.573 |
| fkie_cve-2025-62744 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T13:15:42.113 | 2026-01-20T15:17:57.477 |
| fkie_cve-2025-62743 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T13:15:41.960 | 2026-01-20T15:17:57.380 |
| fkie_cve-2025-62742 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T13:15:41.813 | 2026-01-20T15:17:57.283 |
| fkie_cve-2025-62740 | Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting I… | 2025-12-09T16:18:02.890 | 2026-01-20T15:17:57.153 |
| fkie_cve-2025-62739 | Cross-Site Request Forgery (CSRF) vulnerability in SaifuMak Add Custom Codes add-custom-codes allow… | 2025-12-09T16:18:02.753 | 2026-01-20T15:17:57.030 |
| fkie_cve-2025-62738 | Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting I… | 2025-12-09T16:18:02.620 | 2026-01-20T15:17:56.897 |
| fkie_cve-2025-62737 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in opicron… | 2025-12-09T16:18:02.483 | 2026-01-20T15:17:56.773 |
| fkie_cve-2025-62736 | Missing Authorization vulnerability in opicron Image Cleanup image-cleanup allows Exploiting Incorr… | 2025-12-09T16:18:02.357 | 2026-01-20T15:17:56.643 |
| fkie_cve-2025-62735 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Joel Us… | 2025-12-09T16:18:02.223 | 2026-01-20T15:17:56.510 |
| fkie_cve-2025-62734 | Cross-Site Request Forgery (CSRF) vulnerability in Michael Revellin-Clerc Media Library Downloader … | 2025-12-09T16:18:02.087 | 2026-01-20T15:17:56.383 |
| fkie_cve-2025-62733 | Cross-Site Request Forgery (CSRF) vulnerability in ProteusThemes Custom Sidebars by ProteusThemes c… | 2025-12-09T16:18:01.957 | 2026-01-20T15:17:56.257 |
| fkie_cve-2025-62154 | Missing Authorization vulnerability in Recorp AI Content Writing Assistant (Content Writer, ChatGPT… | 2025-12-31T16:15:46.660 | 2026-01-20T15:17:56.153 |
| fkie_cve-2025-62153 | Missing Authorization vulnerability in Graham Quick Interest Slider quick-interest-slider allows Ex… | 2025-12-09T16:18:01.717 | 2026-01-20T15:17:56.023 |
| fkie_cve-2025-62152 | Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting… | 2025-12-09T16:18:01.587 | 2026-01-20T15:17:55.887 |
| fkie_cve-2025-62151 | Missing Authorization vulnerability in Virtuaria Virtuaria PagBank / PagSeguro para Woocommerce vir… | 2025-12-09T16:18:01.453 | 2026-01-20T15:17:55.753 |
| fkie_cve-2025-62150 | Missing Authorization vulnerability in Themesawesome History Timeline allows Exploiting Incorrectly… | 2025-12-31T16:15:46.513 | 2026-01-20T15:17:55.653 |
| fkie_cve-2025-62149 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T14:15:53.787 | 2026-01-20T15:17:55.557 |
| fkie_cve-2025-62148 | Cross-Site Request Forgery (CSRF) vulnerability in Eugen Bobrowski Robots.Txt rewrite allows Cross … | 2025-12-31T16:15:46.360 | 2026-01-20T15:17:55.457 |
| fkie_cve-2025-62147 | Missing Authorization vulnerability in Nik Melnik Realbig allows Exploiting Incorrectly Configured … | 2025-12-31T15:15:53.367 | 2026-01-20T15:17:55.363 |
| fkie_cve-2025-62146 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T09:15:51.307 | 2026-01-20T15:17:55.260 |
| fkie_cve-2025-62145 | Missing Authorization vulnerability in NewClarity DMCA Protection Badge allows Exploiting Incorrect… | 2025-12-31T15:15:53.210 | 2026-01-20T15:17:55.163 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-wrg7-gj8f-p6mh |
8.7 (4.0)
|
Imaster's MEMS Events CRM contains an SQL injection vulnerability in‘keyword’ parameter in ‘/memsde… | 2026-01-12T15:30:42Z | 2026-01-12T15:30:42Z |
| ghsa-qc32-mjp2-qfv5 |
8.7 (4.0)
|
Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projec… | 2026-01-12T15:30:42Z | 2026-01-12T15:30:42Z |
| ghsa-4jj6-9r93-mpjw |
9.3 (4.0)
|
Imaster's MEMS Events CRM contains an SQL injection vulnerability in ‘phone’ parameter in ‘/memsdem… | 2026-01-12T15:30:42Z | 2026-01-12T15:30:42Z |
| ghsa-3gxp-j77p-vmqh |
5.1 (4.0)
|
Imaster's Patient Record Management System contains a stored Cross-Site Scripting (XSS) vulnerabili… | 2026-01-12T15:30:42Z | 2026-01-12T15:30:42Z |
| ghsa-5gw4-7cfm-h82q |
8.8 (3.1)
7.2 (4.0)
|
APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient P… | 2025-12-12T15:30:42Z | 2026-01-12T15:30:35Z |
| ghsa-prwh-7838-xf82 |
9.3 (4.0)
|
XWiki allows SQL injection in query endpoint of REST API with Oracle | 2025-06-12T21:52:50Z | 2026-01-12T14:43:59Z |
| ghsa-gpr9-62pw-pr5w |
5.1 (4.0)
|
Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's eCommerceGo SaaS, consisting of a store… | 2026-01-12T12:30:28Z | 2026-01-12T12:30:28Z |
| ghsa-gc2x-hm2m-2mfm |
5.1 (4.0)
|
Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's eCommerceGo SaaS, consisting of a lack … | 2026-01-12T12:30:28Z | 2026-01-12T12:30:28Z |
| ghsa-xg52-rc56-qm35 |
5.1 (4.0)
|
Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's HRMGo, consisting of a lack of proper v… | 2026-01-12T12:30:27Z | 2026-01-12T12:30:27Z |
| ghsa-vx23-6x2j-vfq4 |
5.1 (4.0)
|
Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's TicketGo, consisting of a lack of prope… | 2026-01-12T12:30:27Z | 2026-01-12T12:30:27Z |
| ghsa-p9mf-x9hh-r538 |
4.3 (3.1)
|
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerab… | 2023-10-13T21:30:21Z | 2026-01-12T12:30:27Z |
| ghsa-grxq-cfv6-jw9w |
7.4 (3.1)
|
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerab… | 2023-10-13T21:30:21Z | 2026-01-12T12:30:27Z |
| ghsa-vfvj-3wmg-p6fj |
8.8 (3.1)
8.7 (4.0)
|
Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowin… | 2026-01-12T09:30:31Z | 2026-01-12T09:30:31Z |
| ghsa-wc34-p4fh-wr9q |
8.8 (3.1)
|
An issue was discovered in Archer Technology RSA Archer 6.11.00204.10014 allowing attackers to exec… | 2025-07-31T21:31:54Z | 2026-01-12T09:30:30Z |
| ghsa-v5x6-vvfr-6v34 |
8.8 (3.1)
8.7 (4.0)
|
Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing … | 2026-01-12T06:30:14Z | 2026-01-12T06:30:14Z |
| ghsa-mqqc-qq8p-5w3r |
5.3 (3.1)
6.9 (4.0)
|
Certain NVR models developed by A-Plus Video Technologies has a Sensitive Data Exposure vulnerabili… | 2026-01-12T06:30:13Z | 2026-01-12T06:30:13Z |
| ghsa-xh5w-g8gq-r3v9 |
8.2 (3.1)
|
Keylime allows users to register new agents by recycling existing UUIDs when using different TPM devices | 2025-11-24T18:31:14Z | 2026-01-12T03:31:07Z |
| ghsa-g582-hp6c-fggw |
7.3 (3.1)
5.5 (4.0)
|
A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is… | 2026-01-12T03:31:07Z | 2026-01-12T03:31:07Z |
| ghsa-77r3-ghgf-32gr |
10.0 (3.1)
|
Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote at… | 2026-01-12T03:31:07Z | 2026-01-12T03:31:07Z |
| ghsa-vh39-cpc6-7p8h |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an u… | 2026-01-12T00:30:25Z | 2026-01-12T00:30:25Z |
| ghsa-5w57-8mrg-hc3h |
4.7 (3.1)
2.0 (4.0)
|
A vulnerability was determined in code-projects Intern Membership Management System 1.0. Impacted i… | 2026-01-12T00:30:25Z | 2026-01-12T00:30:25Z |
| ghsa-p2j4-mcw8-r88g |
|
In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blk_mq_[un]q… | 2026-01-05T12:30:28Z | 2026-01-11T18:30:29Z |
| ghsa-mjw3-rr6r-w9h2 |
|
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper fr… | 2025-12-24T15:30:43Z | 2026-01-11T18:30:29Z |
| ghsa-jvhg-r77c-vccf |
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog->stats a… | 2025-12-24T15:30:43Z | 2026-01-11T18:30:29Z |
| ghsa-fg49-cm53-vpfx |
|
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bound… | 2026-01-05T12:30:28Z | 2026-01-11T18:30:29Z |
| ghsa-99pp-v74j-jmgv |
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when … | 2025-12-24T15:30:44Z | 2026-01-11T18:30:29Z |
| ghsa-96x7-qg22-qw59 |
|
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix peer HE MCS … | 2025-12-24T12:30:30Z | 2026-01-11T18:30:29Z |
| ghsa-8866-wmp5-q7xv |
|
In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error co… | 2026-01-05T12:30:29Z | 2026-01-11T18:30:29Z |
| ghsa-7g54-f344-23m9 |
|
In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i… | 2026-01-05T12:30:28Z | 2026-01-11T18:30:29Z |
| ghsa-28vg-cxp3-45wq |
|
In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Correctly h… | 2026-01-05T12:30:29Z | 2026-01-11T18:30:29Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-27422 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.672445Z |
| gsd-2024-27415 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.668735Z |
| gsd-2024-27434 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:26.666949Z |
| gsd-2024-1879 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:25.217747Z |
| gsd-2024-1876 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been c… | 2024-02-26T06:02:25.200970Z |
| gsd-2024-1880 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:25.179964Z |
| gsd-2024-1877 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been d… | 2024-02-26T06:02:25.084522Z |
| gsd-2024-1875 | A vulnerability was found in SourceCodester Complaint Management System 1.0 and classifie… | 2024-02-26T06:02:24.985660Z |
| gsd-2024-1878 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been r… | 2024-02-26T06:02:24.912448Z |
| gsd-2024-1881 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:02:24.880654Z |
| gsd-2022-48663 | In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: fix NU… | 2024-02-26T06:00:31.625935Z |
| gsd-2022-48659 | In the Linux kernel, the following vulnerability has been resolved: mm/slub: fix to retu… | 2024-02-26T06:00:31.617607Z |
| gsd-2022-48639 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix poss… | 2024-02-26T06:00:31.616077Z |
| gsd-2022-48649 | In the Linux kernel, the following vulnerability has been resolved: mm/slab_common: fix … | 2024-02-26T06:00:31.604685Z |
| gsd-2022-48673 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:00:31.604338Z |
| gsd-2022-48642 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables… | 2024-02-26T06:00:31.599927Z |
| gsd-2022-48665 | In the Linux kernel, the following vulnerability has been resolved: exfat: fix overflow … | 2024-02-26T06:00:31.586392Z |
| gsd-2022-48653 | In the Linux kernel, the following vulnerability has been resolved: ice: Don't double un… | 2024-02-26T06:00:31.578438Z |
| gsd-2022-48666 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a us… | 2024-02-26T06:00:31.576210Z |
| gsd-2022-48651 | In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-b… | 2024-02-26T06:00:31.561594Z |
| gsd-2022-48674 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:00:31.557572Z |
| gsd-2022-48647 | In the Linux kernel, the following vulnerability has been resolved: sfc: fix TX channel … | 2024-02-26T06:00:31.555585Z |
| gsd-2022-48664 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix hang duri… | 2024-02-26T06:00:31.546499Z |
| gsd-2022-48654 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink… | 2024-02-26T06:00:31.529373Z |
| gsd-2022-48641 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables:… | 2024-02-26T06:00:31.528970Z |
| gsd-2022-48633 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix WARN… | 2024-02-26T06:00:31.515698Z |
| gsd-2022-48648 | In the Linux kernel, the following vulnerability has been resolved: sfc: fix null pointe… | 2024-02-26T06:00:31.486925Z |
| gsd-2022-48637 | In the Linux kernel, the following vulnerability has been resolved: bnxt: prevent skb UA… | 2024-02-26T06:00:31.472490Z |
| gsd-2022-48670 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-26T06:00:31.453260Z |
| gsd-2022-48635 | In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite … | 2024-02-26T06:00:31.437647Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-186105 | Malicious code in chalk-stop-indus-module (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186104 | Malicious code in chalk-steganography-europa-spawn (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186103 | Malicious code in chalk-soap-eris-mini-css-extract-plugin (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186102 | Malicious code in chalk-resonance-triton-mineralogy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186101 | Malicious code in chalk-pulsar-native-xerxes (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186100 | Malicious code in chalk-paleontology-quasar-taurus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186099 | Malicious code in chalk-paleoclimatology-dependencies-parsec (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186098 | Malicious code in chalk-mui-neptune-cosmos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186097 | Malicious code in chalk-mira-procyon-schema (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186096 | Malicious code in chalk-interferometry-telesto-ophiuchus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186095 | Malicious code in chalk-cluster-nucleosynthesis-pipe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186094 | Malicious code in chalk-asteroid-await-prettier-stylelint (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186093 | Malicious code in chakra-ui-test-quark-astrophysics (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186092 | Malicious code in chakra-ui-standard-nuxtjs-sass-loader (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186091 | Malicious code in chakra-ui-sadr-yaml-less-loader (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186090 | Malicious code in chakra-ui-ophiuchus-sublimation-readable (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186089 | Malicious code in chakra-ui-levels-mdx-mongoose (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186088 | Malicious code in chakra-ui-fornax-umbriel-wezen (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186087 | Malicious code in chakra-ui-fomalhaut-on-cosmochemistry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186086 | Malicious code in chakra-ui-ethology-biomimicry-superflare (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186085 | Malicious code in chai-tachyon-init-procyon (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186084 | Malicious code in chai-schema-plutology-eclipse (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186083 | Malicious code in chai-prompts-auth0-geckodriver (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186082 | Malicious code in chai-node-sass-biosignature-tardigrade (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186081 | Malicious code in chai-mesosphere-astro-postgres (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186080 | Malicious code in chai-juno-eleventy-hydrogeology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186079 | Malicious code in chai-javascript-pulsar-pyxis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186078 | Malicious code in chai-greatfilter-phoenix-nconf (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186077 | Malicious code in chai-got-pino-commitizen (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-186076 | Malicious code in chai-gatsby-coronalmassejection-nuxtjs (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2023-0657 | Adobe Experience Manager: Mehrere Schwachstellen | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0656 | Lenovo BIOS: Mehrere Schwachstellen | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0653 | Adobe ColdFusion: Mehrere Schwachstellen | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0652 | Adobe Magento: Mehrere Schwachstellen | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0650 | HPE Integrated Lights-Out: Schwachstelle ermöglicht Cross-Site Scripting | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0648 | Lenovo XClarity: Mehrere Schwachstellen | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0646 | Octopus Deploy: Schwachstelle ermöglicht Codeausführung | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0645 | Adobe Photoshop: Schwachstelle ermöglicht Codeausführung | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0642 | Microsoft OneDrive für iOS: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0638 | Microsoft Malware Protection Engine: Schwachstelle ermöglicht Privilegieneskalation | 2023-03-14T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0586 | Fortinet FortiOS: Schwachstelle ermöglicht Manipulation von Dateien | 2023-03-07T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0443 | ownCloud Android App: Schwachstelle ermöglicht Offenlegung von Informationen | 2023-02-21T23:00:00.000+00:00 | 2023-03-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0636 | docker: Mehrere Schwachstellen | 2023-03-13T23:00:00.000+00:00 | 2023-03-13T23:00:00.000+00:00 |
| wid-sec-w-2023-0635 | SAP Patchday März 2023 | 2023-03-13T23:00:00.000+00:00 | 2023-03-13T23:00:00.000+00:00 |
| wid-sec-w-2023-0633 | Google Pixel: Mehrere Schwachstellen | 2023-03-13T23:00:00.000+00:00 | 2023-03-13T23:00:00.000+00:00 |
| wid-sec-w-2023-0631 | McAfee Total Protection: Mehrere Schwachstellen | 2023-03-13T23:00:00.000+00:00 | 2023-03-13T23:00:00.000+00:00 |
| wid-sec-w-2023-0629 | Tenable Security Nessus: Schwachstelle ermöglicht Codeausführung | 2023-03-13T23:00:00.000+00:00 | 2023-03-13T23:00:00.000+00:00 |
| wid-sec-w-2023-0627 | Hashicorp Vault: Schwachstelle ermöglicht Denial of Service | 2023-03-12T23:00:00.000+00:00 | 2023-03-12T23:00:00.000+00:00 |
| wid-sec-w-2023-0626 | Octopus Deploy: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2023-03-12T23:00:00.000+00:00 | 2023-03-12T23:00:00.000+00:00 |
| wid-sec-w-2023-0623 | ImageMagick: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2020-12-02T23:00:00.000+00:00 | 2023-03-12T23:00:00.000+00:00 |
| wid-sec-w-2023-0618 | Ruby on Rails: Schwachstelle ermöglicht Manipulation von Dateien | 2021-08-19T22:00:00.000+00:00 | 2023-03-12T23:00:00.000+00:00 |
| wid-sec-w-2023-0614 | HPE FlexFabric 5700 Switches: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2023-03-09T23:00:00.000+00:00 | 2023-03-09T23:00:00.000+00:00 |
| wid-sec-w-2023-0613 | IBM MQ: Schwachstelle ermöglicht Offenlegung von Informationen | 2023-03-09T23:00:00.000+00:00 | 2023-03-09T23:00:00.000+00:00 |
| wid-sec-w-2023-0610 | Hitachi Energy Relion: Schwachstelle ermöglicht Denial of Service | 2023-03-09T23:00:00.000+00:00 | 2023-03-09T23:00:00.000+00:00 |
| wid-sec-w-2023-0608 | GNU Emacs: Mehrere Schwachstellen ermöglichen Codeausführung | 2023-03-08T23:00:00.000+00:00 | 2023-03-08T23:00:00.000+00:00 |
| wid-sec-w-2023-0607 | memcached: Schwachstelle ermöglicht Offenlegung von Informationen | 2023-03-08T23:00:00.000+00:00 | 2023-03-08T23:00:00.000+00:00 |
| wid-sec-w-2023-0605 | Bitwarden: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2023-03-08T23:00:00.000+00:00 | 2023-03-08T23:00:00.000+00:00 |
| wid-sec-w-2023-0604 | Microsoft GitHub Enterprise: Schwachstelle ermöglicht Codeausführung | 2023-03-08T23:00:00.000+00:00 | 2023-03-08T23:00:00.000+00:00 |
| wid-sec-w-2023-0603 | Drupal: Schwachstelle ermöglicht Denial of Service | 2023-03-08T23:00:00.000+00:00 | 2023-03-08T23:00:00.000+00:00 |
| wid-sec-w-2023-0602 | Dell BIOS: Schwachstelle ermöglicht Denial of Service | 2023-03-08T23:00:00.000+00:00 | 2023-03-08T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:8219 | Red Hat Security Advisory: spice-client-win security update | 2025-05-27T15:16:01+00:00 | 2025-11-21T19:36:12+00:00 |
| rhsa-2025:8201 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2025-05-27T12:05:20+00:00 | 2025-11-21T19:36:11+00:00 |
| rhsa-2025:8195 | Red Hat Security Advisory: mingw-freetype and spice-client-win security update | 2025-05-27T09:32:45+00:00 | 2025-11-21T19:36:10+00:00 |
| rhsa-2025:8194 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-05-27T07:26:50+00:00 | 2025-11-21T19:36:10+00:00 |
| rhsa-2025:8184 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2025-05-27T01:36:13+00:00 | 2025-11-21T19:36:10+00:00 |
| rhsa-2025:8183 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2025-05-27T01:46:49+00:00 | 2025-11-21T19:36:09+00:00 |
| rhsa-2025:8181 | Red Hat Security Advisory: openldap security update | 2025-05-27T00:58:23+00:00 | 2025-11-21T19:36:08+00:00 |
| rhsa-2025:8176 | Red Hat Security Advisory: openldap security update | 2025-05-27T00:29:03+00:00 | 2025-11-21T19:36:08+00:00 |
| rhsa-2025:8147 | Red Hat Security Advisory: AMQ Broker 7.13.0.OPR.1.GA Container Images security update | 2025-05-26T14:48:16+00:00 | 2025-11-21T19:36:08+00:00 |
| rhsa-2025:8140 | Red Hat Security Advisory: libsoup security update | 2025-05-26T11:08:17+00:00 | 2025-11-21T19:36:08+00:00 |
| rhsa-2025:8139 | Red Hat Security Advisory: libsoup security update | 2025-05-26T10:56:57+00:00 | 2025-11-21T19:36:08+00:00 |
| rhsa-2025:8128 | Red Hat Security Advisory: libsoup3 security update | 2025-05-26T07:01:26+00:00 | 2025-11-21T19:36:07+00:00 |
| rhsa-2025:8132 | Red Hat Security Advisory: libsoup security update | 2025-05-26T08:53:02+00:00 | 2025-11-21T19:36:06+00:00 |
| rhsa-2025:8126 | Red Hat Security Advisory: libsoup security update | 2025-05-26T06:45:51+00:00 | 2025-11-21T19:36:05+00:00 |
| rhsa-2025:8125 | Red Hat Security Advisory: firefox security update | 2025-05-26T01:29:01+00:00 | 2025-11-21T19:36:05+00:00 |
| rhsa-2025:8066 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-05-21T08:38:44+00:00 | 2025-11-21T19:36:04+00:00 |
| rhsa-2025:8065 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-05-21T08:28:59+00:00 | 2025-11-21T19:36:04+00:00 |
| rhsa-2025:8064 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-05-21T08:35:09+00:00 | 2025-11-21T19:36:03+00:00 |
| rhsa-2025:8060 | Red Hat Security Advisory: firefox security update | 2025-05-21T06:39:19+00:00 | 2025-11-21T19:36:03+00:00 |
| rhsa-2025:8049 | Red Hat Security Advisory: firefox security update | 2025-05-20T19:02:03+00:00 | 2025-11-21T19:36:02+00:00 |
| rhsa-2025:8046 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-05-20T14:35:58+00:00 | 2025-11-21T19:36:01+00:00 |
| rhsa-2025:8021 | Red Hat Security Advisory: libtasn1 security update | 2025-05-20T01:04:16+00:00 | 2025-11-21T19:36:01+00:00 |
| rhsa-2025:8020 | Red Hat Security Advisory: gnutls security update | 2025-05-20T01:00:16+00:00 | 2025-11-21T19:36:00+00:00 |
| rhsa-2025:7998 | Red Hat Security Advisory: Updated Red Hat OpenShift Dev Spaces 3 container images | 2025-05-19T16:24:24+00:00 | 2025-11-21T19:36:00+00:00 |
| rhsa-2025:7995 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-05-19T18:29:10+00:00 | 2025-11-21T19:36:00+00:00 |
| rhsa-2025:7937 | Red Hat Security Advisory: compat-openssl11 security update | 2025-05-19T08:51:39+00:00 | 2025-11-21T19:35:59+00:00 |
| rhsa-2025:7899 | Red Hat Security Advisory: kernel security update | 2025-05-19T06:19:54+00:00 | 2025-11-21T19:35:58+00:00 |
| rhsa-2025:7898 | Red Hat Security Advisory: kernel security update | 2025-05-19T06:23:54+00:00 | 2025-11-21T19:35:58+00:00 |
| rhsa-2025:7694 | Red Hat Security Advisory: thunderbird security update | 2025-05-15T17:07:30+00:00 | 2025-11-21T19:35:58+00:00 |
| rhsa-2025:7895 | Red Hat Security Advisory: compat-openssl10 security update | 2025-05-19T06:21:29+00:00 | 2025-11-21T19:35:56+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-2307 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2305 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2304 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2301 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2300 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2299 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2298 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2293 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-22890 | curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3 libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. When confusing the tickets a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2278 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2232 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 1.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2230 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2226 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2217 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2215 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2212 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2208 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2203 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2201 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2196 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2194 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2193 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2180 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2179 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2174 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2172 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2171 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2170 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2169 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-2166 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201411-0175 | Elipse E3 3.x and earlier allows remote attackers to cause a denial of service (applicati… | 2025-04-13T23:39:40.854000Z |
| var-201411-0467 | FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firm… | 2025-04-13T23:39:40.648000Z |
| var-201412-0327 | Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere DataPower XC10 appli… | 2025-04-13T23:39:40.503000Z |
| var-201412-0432 | Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X … | 2025-04-13T23:39:40.413000Z |
| var-201412-0495 | Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X … | 2025-04-13T23:39:39.924000Z |
| var-201412-0537 | The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1… | 2025-04-13T23:39:39.889000Z |
| var-201501-0217 | Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote att… | 2025-04-13T23:39:39.749000Z |
| var-201501-0448 | The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows… | 2025-04-13T23:39:39.590000Z |
| var-201502-0122 | The Zone-Based Firewall implementation in Cisco IOS 15.4(2)T3 and earlier allows remote a… | 2025-04-13T23:39:39.435000Z |
| var-201502-0143 | Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows r… | 2025-04-13T23:39:39.401000Z |
| var-201503-0162 | The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS do… | 2025-04-13T23:39:39.125000Z |
| var-201504-0229 | The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensit… | 2025-04-13T23:39:38.901000Z |
| var-201504-0271 | A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), … | 2025-04-13T23:39:38.843000Z |
| var-201505-0183 | The Lights-Out Management (LOM) implementation in Cisco FireSIGHT System Software 5.3.0 o… | 2025-04-13T23:39:38.650000Z |
| var-201505-0246 | Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote… | 2025-04-13T23:39:38.578000Z |
| var-201506-0095 | The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcode… | 2025-04-13T23:39:38.483000Z |
| var-201506-0116 | Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add… | 2025-04-13T23:39:38.448000Z |
| var-201506-0158 | Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface i… | 2025-04-13T23:39:38.410000Z |
| var-201506-0178 | Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Airties RT-21… | 2025-04-13T23:39:38.375000Z |
| var-201507-0089 | The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and Ne… | 2025-04-13T23:39:38.184000Z |
| var-201507-0341 | The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0 before HF2 and ADC … | 2025-04-13T23:39:37.997000Z |
| var-201507-0509 | Cisco Prime Collaboration Assurance 10.0 allows remote attackers to cause a denial of ser… | 2025-04-13T23:39:37.941000Z |
| var-201508-0005 | GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie fo… | 2025-04-13T23:39:37.898000Z |
| var-201508-0152 | The Ad Hoc Reporting feature in GE Healthcare Centricity DMS 4.2 has a password of Never!… | 2025-04-13T23:39:37.837000Z |
| var-201508-0385 | The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 re… | 2025-04-13T23:39:37.625000Z |
| var-201508-0490 | The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appl… | 2025-04-13T23:39:37.595000Z |
| var-201509-0496 | The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attack… | 2025-04-13T23:39:37.441000Z |
| var-201510-0004 | Cisco NX-OS 6.0(2)U6(0.46) on N3K devices allows remote authenticated users to cause a de… | 2025-04-13T23:39:37.401000Z |
| var-201510-0193 | Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm Portal application i… | 2025-04-13T23:39:37.335000Z |
| var-201512-0381 | Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and … | 2025-04-13T23:39:36.991000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2022:1846-1 | Security update for kernel-firmware | 2022-05-25T14:34:28Z | 2022-05-25T14:34:28Z |
| suse-su-2022:1845-1 | Security update for fribidi | 2022-05-25T13:45:14Z | 2022-05-25T13:45:14Z |
| suse-su-2022:1844-1 | Security update for fribidi | 2022-05-25T13:44:53Z | 2022-05-25T13:44:53Z |
| suse-su-2022:1842-1 | Security update for redis | 2022-05-25T12:35:59Z | 2022-05-25T12:35:59Z |
| suse-su-2022:1840-1 | Security update for kernel-firmware | 2022-05-25T09:53:53Z | 2022-05-25T09:53:53Z |
| suse-su-2022:1836-1 | Security update for pcre2 | 2022-05-25T07:28:50Z | 2022-05-25T07:28:50Z |
| suse-su-2022:1835-1 | Security update for postgresql13 | 2022-05-25T04:40:05Z | 2022-05-25T04:40:05Z |
| suse-su-2022:1833-1 | Security update for libxml2 | 2022-05-24T13:14:31Z | 2022-05-24T13:14:31Z |
| suse-su-2022:1832-1 | Security update for openldap2 | 2022-05-24T09:52:57Z | 2022-05-24T09:52:57Z |
| suse-su-2022:1831-1 | Security update for slurm_20_11 | 2022-05-24T09:49:33Z | 2022-05-24T09:49:33Z |
| suse-su-2022:1830-1 | Security update for MozillaFirefox | 2022-05-24T09:27:23Z | 2022-05-24T09:27:23Z |
| suse-su-2022:1829-1 | Security update for go1.18 | 2022-05-24T08:58:14Z | 2022-05-24T08:58:14Z |
| suse-su-2022:1819-1 | Security update for python-requests | 2022-05-23T13:19:36Z | 2022-05-23T13:19:36Z |
| suse-su-2022:1818-1 | Security update for MozillaFirefox | 2022-05-23T13:13:20Z | 2022-05-23T13:13:20Z |
| suse-su-2022:1817-1 | Security update for rsyslog | 2022-05-23T12:58:52Z | 2022-05-23T12:58:52Z |
| suse-su-2022:1815-1 | Security update for slurm_20_11 | 2022-05-23T12:17:04Z | 2022-05-23T12:17:04Z |
| suse-su-2022:1796-1 | Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP3) | 2022-05-23T10:33:38Z | 2022-05-23T10:33:38Z |
| suse-su-2022:1808-1 | Security update for MozillaFirefox | 2022-05-23T09:15:25Z | 2022-05-23T09:15:25Z |
| suse-su-2022:1805-1 | Security update for curl | 2022-05-23T09:06:40Z | 2022-05-23T09:06:40Z |
| suse-su-2022:1804-1 | Security update for postgresql10 | 2022-05-23T09:05:40Z | 2022-05-23T09:05:40Z |
| suse-su-2022:1803-1 | Security update for libarchive | 2022-05-23T09:04:20Z | 2022-05-23T09:04:20Z |
| suse-su-2022:1783-1 | Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP3) | 2022-05-21T14:04:04Z | 2022-05-21T14:04:04Z |
| suse-su-2022:1771-1 | Security update for openldap2 | 2022-05-20T13:01:37Z | 2022-05-20T13:01:37Z |
| suse-su-2022:1768-1 | Security update for php7 | 2022-05-20T10:36:45Z | 2022-05-20T10:36:45Z |
| suse-su-2022:1764-1 | Security update for php7 | 2022-05-20T07:12:35Z | 2022-05-20T07:12:35Z |
| suse-su-2022:1762-1 | Security update for ImageMagick | 2022-05-20T07:11:03Z | 2022-05-20T07:11:03Z |
| suse-su-2022:1760-1 | Security update for unrar | 2022-05-19T16:03:03Z | 2022-05-19T16:03:03Z |
| suse-su-2022:1758-1 | Security update for glib2 | 2022-05-19T15:38:28Z | 2022-05-19T15:38:28Z |
| suse-su-2022:1757-1 | Security update for MozillaFirefox | 2022-05-19T15:30:34Z | 2022-05-19T15:30:34Z |
| suse-su-2022:1755-1 | Security update for php7 | 2022-05-19T14:39:54Z | 2022-05-19T14:39:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2017:0565-1 | Security update of chromium | 2017-02-18T10:40:17Z | 2017-02-18T10:40:17Z |
| opensuse-su-2017:0413-1 | Security update for irssi | 2017-02-07T12:14:55Z | 2017-02-07T12:14:55Z |
| opensuse-su-2017:0405-1 | Security update for libgit2 | 2017-02-06T12:58:42Z | 2017-02-06T12:58:42Z |
| opensuse-su-2017:0362-1 | Security update for nginx | 2017-02-01T21:19:46Z | 2017-02-01T21:19:46Z |
| opensuse-su-2017:0361-1 | Security update for nginx | 2017-02-01T21:19:46Z | 2017-02-01T21:19:46Z |
| opensuse-su-2017:0357-1 | Security update for MozillaThunderbird | 2017-02-01T17:54:52Z | 2017-02-01T17:54:52Z |
| opensuse-su-2017:0354-1 | Security update for MozillaThunderbird | 2017-02-01T17:54:52Z | 2017-02-01T17:54:52Z |
| opensuse-su-2017:0195-1 | Security update for libgit2 | 2017-01-18T13:51:54Z | 2017-01-18T13:51:54Z |
| opensuse-su-2017:0150-1 | Security update for ark | 2017-01-16T14:46:13Z | 2017-01-16T14:46:13Z |
| opensuse-su-2017:0140-1 | Security update for ark | 2017-01-16T14:46:13Z | 2017-01-16T14:46:13Z |
| opensuse-su-2017:0094-1 | Security update for irssi | 2017-01-09T16:14:54Z | 2017-01-09T16:14:54Z |
| opensuse-su-2017:0093-1 | Security update for irssi | 2017-01-09T16:14:54Z | 2017-01-09T16:14:54Z |
| opensuse-su-2017:0035-1 | Security update for kopete | 2017-01-05T13:34:36Z | 2017-01-05T13:34:36Z |
| opensuse-su-2017:0034-1 | Security update for kopete | 2017-01-05T13:34:36Z | 2017-01-05T13:34:36Z |
| opensuse-su-2016:3308-1 | Security update for MozillaThunderbird | 2016-12-30T17:01:32Z | 2016-12-30T17:01:32Z |
| opensuse-su-2016:3307-1 | Security update for MozillaThunderbird | 2016-12-30T17:01:32Z | 2016-12-30T17:01:32Z |
| opensuse-su-2017:0563-1 | Security update for Chromium | 2016-12-16T22:45:25Z | 2016-12-16T22:45:25Z |
| opensuse-su-2016:3019-1 | Security update for MozillaThunderbird | 2016-12-06T09:05:20Z | 2016-12-06T09:05:20Z |
| opensuse-su-2016:2733-1 | Security update for chromium | 2016-11-04T16:43:12Z | 2016-11-04T16:43:12Z |
| opensuse-su-2016:2732-1 | Security update for chromium | 2016-11-04T16:43:12Z | 2016-11-04T16:43:12Z |
| opensuse-su-2016:2597-1 | Security update for Chromium | 2016-10-19T15:50:17Z | 2016-10-19T15:50:17Z |
| opensuse-su-2016:2560-1 | Security update for ffmpeg | 2016-10-18T08:52:34Z | 2016-10-18T08:52:34Z |
| opensuse-su-2016:2556-1 | Security update for ffmpeg | 2016-10-18T08:52:34Z | 2016-10-18T08:52:34Z |
| opensuse-su-2016:2559-1 | Security update for kcoreaddons | 2016-10-18T08:48:46Z | 2016-10-18T08:48:46Z |
| opensuse-su-2016:2558-1 | Security update for kcoreaddons | 2016-10-18T08:48:46Z | 2016-10-18T08:48:46Z |
| opensuse-su-2016:2536-1 | Security update to go1.4 | 2016-10-14T09:45:15Z | 2016-10-14T09:45:15Z |
| opensuse-su-2016:2498-1 | Security update for kde-cli-tools5 | 2016-10-11T13:50:53Z | 2016-10-11T13:50:53Z |
| opensuse-su-2016:2495-1 | Security update for kde-cli-tools5 | 2016-10-11T13:50:53Z | 2016-10-11T13:50:53Z |
| opensuse-su-2016:2485-1 | Security update for MozillaThunderbird | 2016-10-10T13:48:55Z | 2016-10-10T13:48:55Z |
| opensuse-su-2016:2484-1 | Security update for MozillaThunderbird | 2016-10-10T13:48:55Z | 2016-10-10T13:48:55Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-06937 | Lunary存在未明漏洞(CNVD-2025-06937) | 2025-03-27 | 2025-04-11 |
| cnvd-2025-06936 | Lunary存在未明漏洞(CNVD-2025-06936) | 2025-03-27 | 2025-04-11 |
| cnvd-2025-06934 | Lunary存在未明漏洞(CNVD-2025-06934) | 2025-03-27 | 2025-04-11 |
| cnvd-2025-07533 | Tenda FH1202访问控制不当漏洞(CNVD-2025-07533) | 2025-04-07 | 2025-04-10 |
| cnvd-2025-07532 | Tenda FH1202访问控制不当漏洞(CNVD-2025-07532) | 2025-04-07 | 2025-04-10 |
| cnvd-2025-07519 | Tenda AC15 webCgiGetUploadFile存在缓冲区溢出漏洞 | 2025-04-08 | 2025-04-10 |
| cnvd-2025-06940 | Lunary存在未明漏洞(CNVD-2025-06940) | 2025-03-27 | 2025-04-10 |
| cnvd-2025-06933 | Lunary存在未明漏洞 | 2025-03-27 | 2025-04-10 |
| cnvd-2025-06932 | Lunary /api/v1/data-warehouse/bigquery端点访问控制错误漏洞 | 2025-03-27 | 2025-04-10 |
| cnvd-2025-06931 | phpIPAM Device Management部分跨站脚本漏洞 | 2025-03-27 | 2025-04-10 |
| cnvd-2025-06930 | phpIPAM circuits options页面跨站脚本漏洞 | 2025-03-27 | 2025-04-10 |
| cnvd-2025-06929 | phpIPAM跨站脚本漏洞(CNVD-2025-06929) | 2025-04-09 | 2025-04-10 |
| cnvd-2025-06928 | Mattermost授权问题漏洞 | 2025-03-27 | 2025-04-10 |
| cnvd-2025-06927 | Mattermost Mobile Apps拒绝服务漏洞 | 2025-03-28 | 2025-04-10 |
| cnvd-2025-06864 | TOTOLINK CP900L setMacFilterRules函数堆栈溢出漏洞 | 2024-05-30 | 2025-04-10 |
| cnvd-2025-06863 | TOTOLINK CP900L setIpPortFilterRules函数缓冲区溢出漏洞 | 2024-05-30 | 2025-04-10 |
| cnvd-2025-06862 | D-Link DI-8100 ipsec_road_asp函数缓冲区溢出漏洞 | 2025-04-09 | 2025-04-10 |
| cnvd-2025-06861 | D-Link DI-8100 ipsec_net_asp函数缓冲区溢出漏洞 | 2025-04-09 | 2025-04-09 |
| cnvd-2025-06812 | IBM SPSS Statistics加密问题漏洞 | 2025-03-27 | 2025-04-09 |
| cnvd-2025-06811 | IBM Security ReaQta代码问题漏洞 | 2025-03-27 | 2025-04-09 |
| cnvd-2025-06810 | IBM InfoSphere Information Server授权问题漏洞(CNVD-2025-06810) | 2025-03-27 | 2025-04-09 |
| cnvd-2025-06807 | IBM InfoSphere Information Server信息泄露漏洞(CNVD-2025-06807) | 2025-04-03 | 2025-04-09 |
| cnvd-2025-06806 | IBM InfoSphere Information Server信息泄露漏洞(CNVD-2025-06806) | 2025-04-03 | 2025-04-09 |
| cnvd-2025-06655 | IBM Sterling File Gateway信息泄漏漏洞(CNVD-2025-06655) | 2025-03-12 | 2025-04-09 |
| cnvd-2025-06654 | IBM Control Center输入验证错误漏洞(CNVD-2025-06654) | 2025-03-12 | 2025-04-09 |
| cnvd-2025-06646 | IBM Aspera Shares XML外部实体注入漏洞(CNVD-2025-06646) | 2025-03-12 | 2025-04-09 |
| cnvd-2025-06645 | Cisco IOS XR数据伪造问题漏洞 | 2025-03-24 | 2025-04-09 |
| cnvd-2025-06808 | IBM InfoSphere Information Server日志信息泄露漏洞(CNVD-2025-06808) | 2025-04-03 | 2025-04-08 |
| cnvd-2025-06805 | IBM InfoSphere Information Server信息泄露漏洞(CNVD-2025-06805) | 2025-04-03 | 2025-04-08 |
| cnvd-2025-06743 | Cisco HyperFlex HX Data Platform输入验证错误漏洞 | 2023-09-11 | 2025-04-08 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2014-avi-095 | Multiples vulnérabilités dans Apple OS X | 2014-02-28T00:00:00.000000 | 2014-02-28T00:00:00.000000 |
| certfr-2014-avi-094 | Multiples vulnérabilités dans IBM Content Navigator | 2014-02-27T00:00:00.000000 | 2014-02-27T00:00:00.000000 |
| certfr-2014-avi-093 | Vulnérabilité dans Cisco Prime Infrastructure | 2014-02-27T00:00:00.000000 | 2014-02-27T00:00:00.000000 |
| certfr-2014-avi-092 | Multiples vulnérabilités dans Apple Safari | 2014-02-26T00:00:00.000000 | 2014-02-26T00:00:00.000000 |
| certfr-2014-avi-091 | Multiples vulnérabilités dans IBM AIX | 2014-02-26T00:00:00.000000 | 2014-02-26T00:00:00.000000 |
| certfr-2014-avi-090 | Multiples vulnérabilités dans Apple QuickTime | 2014-02-26T00:00:00.000000 | 2014-02-26T00:00:00.000000 |
| certfr-2014-avi-089 | Multiples vulnérabilités dans HP XP P9000 Performance Advisor Software | 2014-02-25T00:00:00.000000 | 2014-02-25T00:00:00.000000 |
| certfr-2014-avi-088 | Vulnérabilité dans McAfee ePolicy Orchestrator | 2014-02-25T00:00:00.000000 | 2014-02-25T00:00:00.000000 |
| certfr-2014-avi-087 | Multiples vulnérabilités dans HP Application Information Optimizer | 2014-02-25T00:00:00.000000 | 2014-02-25T00:00:00.000000 |
| certfr-2014-avi-086 | Vulnérabilité dans Cisco Firewall Services Module | 2014-02-24T00:00:00.000000 | 2014-02-24T00:00:00.000000 |
| certfr-2014-avi-085 | Vulnérabilité dans Cisco Unified Computing System | 2014-02-24T00:00:00.000000 | 2014-02-24T00:00:00.000000 |
| certfr-2014-avi-084 | Multiples vulnérabilités dans Cisco IPS Software | 2014-02-24T00:00:00.000000 | 2014-02-24T00:00:00.000000 |
| certfr-2014-avi-083 | Vulnérabilité dans Cisco Unified SIP Phone 3905 | 2014-02-24T00:00:00.000000 | 2014-02-24T00:00:00.000000 |
| certfr-2014-avi-082 | Multiples vulnérabilités dans HP Service Manager | 2014-02-24T00:00:00.000000 | 2014-02-24T00:00:00.000000 |
| certfr-2014-avi-081 | Vulnérabilité dans les produits Apple | 2014-02-24T00:00:00.000000 | 2014-02-24T00:00:00.000000 |
| certfr-2014-avi-080 | Multiples vulnérabilités dans PostgreSQL | 2014-02-21T00:00:00.000000 | 2014-02-21T00:00:00.000000 |
| certfr-2014-avi-079 | Multiples vulnérabilités dans Google Chrome | 2014-02-21T00:00:00.000000 | 2014-02-21T00:00:00.000000 |
| certfr-2014-avi-078 | Multiples vulnérabilités dans Adobe Flash Player | 2014-02-21T00:00:00.000000 | 2014-02-21T00:00:00.000000 |
| certfr-2014-avi-077 | Multiples vulnérabilités dans Ruby On Rails | 2014-02-19T00:00:00.000000 | 2014-02-19T00:00:00.000000 |
| certfr-2014-avi-076 | Vulnérabilité dans Citrix ShareFile Mobile | 2014-02-19T00:00:00.000000 | 2014-02-19T00:00:00.000000 |
| certfr-2014-avi-075 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2014-02-19T00:00:00.000000 | 2014-02-19T00:00:00.000000 |
| certfr-2014-avi-074 | Vulnérabilité dans Xen | 2014-02-18T00:00:00.000000 | 2014-02-18T00:00:00.000000 |
| certfr-2014-avi-073 | Multiples vulnérabilités dans le noyau Linux de Mandriva | 2014-02-18T00:00:00.000000 | 2014-02-18T00:00:00.000000 |
| certfr-2014-avi-072 | Multiples vulnérabilités dans Symantec Endpoint Protection Manager | 2014-02-17T00:00:00.000000 | 2014-02-17T00:00:00.000000 |
| certfr-2014-avi-071 | Vulnérabilité dans GnuTLS | 2014-02-17T00:00:00.000000 | 2014-02-17T00:00:00.000000 |
| certfr-2014-avi-070 | Vulnérabilité dans phpMyAdmin | 2014-02-17T00:00:00.000000 | 2014-02-17T00:00:00.000000 |
| certfr-2014-avi-069 | Multiples vulnérabilités dans les produits Juniper | 2014-02-13T00:00:00.000000 | 2014-02-13T00:00:00.000000 |
| certfr-2014-avi-068 | Vulnérabilité dans Apple Boot Camp | 2014-02-13T00:00:00.000000 | 2014-02-13T00:00:00.000000 |
| certfr-2014-avi-067 | Multiples vulnérabilités dans Adobe Shockwave Player | 2014-02-12T00:00:00.000000 | 2014-02-12T00:00:00.000000 |
| certfr-2014-avi-066 | Vulnérabilité dans le moteur de script VBScript de Microsoft | 2014-02-12T00:00:00.000000 | 2014-02-12T00:00:00.000000 |