Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-41295
8.5 (4.0)
7.8 (3.1)
OpenClaw < 2026.4.2 - Untrusted Workspace Channel Shad… OpenClaw
 OpenClaw
 2026-04-20T23:08:09.503Z 2026-04-21T13:35:47.883Z
CVE-2026-41294
8.5 (4.0)
8.6 (3.1)
OpenClaw < 2026.3.28 - Environment Variable Injection … OpenClaw
 OpenClaw
 2026-04-20T23:08:08.795Z 2026-04-21T13:04:36.188Z
CVE-2026-40045
5.9 (4.0)
5.7 (3.1)
OpenClaw < 2026.4.2 - Cleartext Credential Transmissio… OpenClaw
 OpenClaw
 2026-04-20T23:08:07.952Z 2026-04-21T13:37:43.951Z
CVE-2026-34082
5.3 (4.0)
Dify has IDOR in deleting someone else's chat conversation langgenius
 dify
 2026-04-20T23:03:18.158Z 2026-04-21T13:36:45.614Z
CVE-2026-5721
4.7 (3.1)
wpDataTables – WordPress Data Table, Dynamic Tables & … wpdatatables
 wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin
 2026-04-20T22:25:26.695Z 2026-04-21T19:49:47.411Z
CVE-2026-6729
5.3 (4.0)
6.3 (3.1)
HKUDS OpenHarness Session Key Collision Privilege Escalation HKUDS
 OpenHarness
 2026-04-20T22:01:38.766Z 2026-04-21T17:39:32.967Z
CVE-2026-0930
2.3 (4.0)
Potential wolfSSHd Buffer out-of-bounds Read on Window… wolfSSL
 wolfSSH
 2026-04-20T21:28:33.227Z 2026-04-21T13:37:15.647Z
CVE-2026-22051
2.3 (4.0)
StorageGRID (formerly StorageGRID Webscale) versi… NETAPP
 StorageGRID (formerly StorageGRID Webscale)
 2026-04-20T21:27:36.822Z 2026-04-21T13:40:46.948Z
CVE-2026-5450
9.8 (3.1)
scanf %mc off-by-one heap buffer overflow The GNU C Library
 glibc
 2026-04-20T20:55:41.170Z 2026-04-21T19:49:53.221Z
CVE-2026-5928
7.5 (3.1)
Static buffer overflow in deprecated nis_local_principal The GNU C Library
 glibc
 2026-04-20T20:37:31.743Z 2026-04-21T19:49:59.071Z
CVE-2026-5358
N/A
REJECTED: CVE-2026-5358 is rejected for two reasons. Firstly it has been discovered that no NIS+ client or server was ever released for any Linux-based OS distributions and as such this makes the API provisional and unused. Secondly it has been discovered that the NIS+ cold start cache (/var/nis/NIS_COLD_START) cannot be bypassed and as such the API can only be called with a trusted server from the pre-populated cache. The use of a trusted server means no trust boundary is crossed and this is therefore considered a normal bug. N/A N/A 2026-04-20T20:37:23.178Z 2026-04-22T13:04:20.656Z
CVE-2026-33626
7.5 (3.1)
LMDeploy Vulnerable to Server-Side Request Forgery (SS… InternLM
 lmdeploy
 2026-04-20T20:29:19.558Z 2026-04-21T19:50:13.326Z
CVE-2026-4852
6.4 (3.1)
Image Source Control Lite – Show Image Credits and Cap… webzunft
 Image Source Control Lite – Show Image Credits and Captions
 2026-04-20T20:26:53.256Z 2026-04-21T13:53:14.507Z
CVE-2026-33432
7.7 (4.0)
Roxy-WI has Pre-Authentication LDAP Injection that Lea… roxy-wi
 roxy-wi
 2026-04-20T20:26:52.217Z 2026-04-21T17:38:09.523Z
CVE-2026-33431
5.7 (4.0)
Roxy-WI Vulnerable to Authenticated Arbitrary File Rea… roxy-wi
 roxy-wi
 2026-04-20T20:24:15.319Z 2026-04-21T13:42:19.802Z
CVE-2026-34403
5.5 (4.0)
Nginx-UI vulnerable to Cross-Site WebSocket Hijacking … 0xJacky
 nginx-ui
 2026-04-20T20:16:47.597Z 2026-04-21T13:36:46.510Z
CVE-2026-33031
8.6 (4.0)
Nginx-UI: Disabled users retain full API access throug… 0xJacky
 nginx-ui
 2026-04-20T20:12:07.905Z 2026-04-21T13:35:20.144Z
CVE-2026-32613
10 (3.1)
Spinnaker vulnerable to RCE via expression parsing due… spinnaker
 spinnaker
 2026-04-20T20:07:24.697Z 2026-04-23T16:30:05.001Z
CVE-2026-32604
10 (3.1)
Spinnaker vulnerable to RCE when using gitrepo artifac… spinnaker
 spinnaker
 2026-04-20T20:00:57.517Z 2026-04-23T16:28:39.326Z
CVE-2026-6249
8.7 (4.0)
8.8 (3.1)
Vvveb CMS 1.0.8 Remote Code Execution via Media Upload Vvveb
 Vvveb CMS
 2026-04-20T19:57:37.655Z 2026-04-21T13:43:17.635Z
CVE-2026-32311
9.3 (4.0)
Command Injection and Docker container escape allows r… reconurge
 flowsint
 2026-04-20T19:56:32.521Z 2026-04-21T13:44:08.776Z
CVE-2026-5478
8.1 (3.1)
Everest Forms <= 3.4.4 - Unauthenticated Arbitrary Fil… wpeverest
 Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder
 2026-04-20T19:27:08.159Z 2026-04-21T13:33:57.569Z
CVE-2026-32135
7.7 (4.0)
NanoMQ has Heap Buffer Overflow in URI Parameter Parsing nanomq
 nanomq
 2026-04-20T19:23:09.704Z 2026-04-21T13:33:14.607Z
CVE-2026-6550
4.7 (3.1)
5.7 (4.0)
Key commitment policy bypass via shared key cache in A… AWS
 AWS Encryption SDK for Python
 2026-04-20T19:20:23.383Z 2026-04-20T19:44:11.685Z
CVE-2026-6257
9.2 (4.0)
9.1 (3.1)
Vvveb CMS v1.0.8 Remote Code Execution via Media Management Vvveb
 Vvveb CMS
 2026-04-20T19:09:45.927Z 2026-04-21T19:50:26.897Z
CVE-2026-6248
8.1 (3.1)
wpForo Forum <= 3.0.5 - Authenticated (Subscriber+) Ar… tomdever
 wpForo Forum
 2026-04-20T18:31:33.290Z 2026-04-21T17:35:30.317Z
CVE-2026-6060
4.5 (3.1)
Possible DoS via SQL Box OTRS AG
 OTRS
 2026-04-20T18:20:01.664Z 2026-04-20T18:48:48.185Z
CVE-2026-41389
6.3 (4.0)
5.8 (3.1)
OpenClaw 2026.4.7 < 2026.4.15 - Arbitrary File Read vi… OpenClaw
 OpenClaw
 2026-04-20T17:48:43.704Z 2026-04-20T18:05:03.103Z
CVE-2026-23753
4.8 (4.0)
4.8 (3.1)
GFI HelpDesk < 4.99.9 Stored XSS via charset Parameter GFI Software
 HelpDesk
 2026-04-20T17:33:59.134Z 2026-04-21T13:31:13.580Z
CVE-2026-23752
4.8 (4.0)
4.8 (3.1)
GFI HelpDesk < 4.99.9 Stored XSS via companyname Parameter GFI Software
 HelpDesk
 2026-04-20T17:33:23.424Z 2026-04-20T18:09:59.603Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-39320
7.5 (3.1)
Signal K Server has an Unauthenticated Regular Express… SignalK
 signalk-server
 2026-04-21T00:07:10.371Z 2026-04-21T19:36:54.787Z
CVE-2026-41331
6.9 (4.0)
5.3 (3.1)
OpenClaw < 2026.3.31 - Resource Consumption via Unauth… OpenClaw
 OpenClaw
 2026-04-20T23:08:17.653Z 2026-04-21T20:27:46.881Z
CVE-2026-41330
2 (4.0)
4.4 (3.1)
OpenClaw < 2026.3.31 - Environment Variable Override v… OpenClaw
 OpenClaw
 2026-04-20T23:08:16.941Z 2026-04-21T13:39:27.598Z
CVE-2026-41329
9 (4.0)
9.9 (3.1)
OpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Co… OpenClaw
 OpenClaw
 2026-04-20T23:08:16.222Z 2026-04-21T19:38:16.140Z
CVE-2026-41303
8.7 (4.0)
8.8 (3.1)
OpenClaw < 2026.3.28 - Authorization Bypass in Discord… OpenClaw
 OpenClaw
 2026-04-20T23:08:15.511Z 2026-04-21T13:35:55.924Z
CVE-2026-41302
4.8 (4.0)
7.6 (3.1)
OpenClaw < 2026.3.31 - Server-Side Request Forgery via… OpenClaw
 OpenClaw
 2026-04-20T23:08:14.782Z 2026-04-21T19:49:35.930Z
CVE-2026-41301
6.9 (4.0)
5.3 (3.1)
OpenClaw 2026.3.22 < 2026.3.31 - Forged Nostr DM Pairi… OpenClaw
 OpenClaw
 2026-04-20T23:08:14.023Z 2026-04-21T13:33:53.554Z
CVE-2026-41300
6.9 (4.0)
6.5 (3.1)
OpenClaw < 2026.3.31 - Attacker-Discovered Endpoint Pr… OpenClaw
 OpenClaw
 2026-04-20T23:08:13.304Z 2026-04-21T13:03:24.309Z
CVE-2026-41299
7.1 (4.0)
7.1 (3.1)
OpenClaw < 2026.3.28 - Client Identity Spoofing in cha… OpenClaw
 OpenClaw
 2026-04-20T23:08:12.586Z 2026-04-21T13:38:25.512Z
CVE-2026-41298
5.3 (4.0)
5.4 (3.1)
OpenClaw < 2026.4.2 - Authorization Bypass in Session … OpenClaw
 OpenClaw
 2026-04-20T23:08:11.787Z 2026-04-21T17:34:23.419Z
CVE-2026-41297
4.8 (4.0)
7.6 (3.1)
OpenClaw < 2026.3.31 - Server-Side Request Forgery via… OpenClaw
 OpenClaw
 2026-04-20T23:08:10.955Z 2026-04-21T13:41:34.057Z
CVE-2026-41296
8.8 (4.0)
8.2 (3.1)
OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race … OpenClaw
 OpenClaw
 2026-04-20T23:08:10.194Z 2026-04-21T19:49:41.570Z
CVE-2026-41295
8.5 (4.0)
7.8 (3.1)
OpenClaw < 2026.4.2 - Untrusted Workspace Channel Shad… OpenClaw
 OpenClaw
 2026-04-20T23:08:09.503Z 2026-04-21T13:35:47.883Z
CVE-2026-41294
8.5 (4.0)
8.6 (3.1)
OpenClaw < 2026.3.28 - Environment Variable Injection … OpenClaw
 OpenClaw
 2026-04-20T23:08:08.795Z 2026-04-21T13:04:36.188Z
CVE-2026-41285
4.3 (3.1)
In OpenBSD through 7.8, the slaacd and rad daemon… OpenBSD
 OpenBSD
 2026-04-20T00:00:00.000Z 2026-04-21T13:27:42.310Z
CVE-2026-40045
5.9 (4.0)
5.7 (3.1)
OpenClaw < 2026.4.2 - Cleartext Credential Transmissio… OpenClaw
 OpenClaw
 2026-04-20T23:08:07.952Z 2026-04-21T13:37:43.951Z
CVE-2026-35588
6.3 (3.1)
Glances has CQL Injection in its Cassandra Export Modu… nicolargo
 glances
 2026-04-20T23:20:34.998Z 2026-04-21T13:35:04.526Z
CVE-2026-35587
7.3 (4.0)
Glances IP Plugin has SSRF via public_api that leads t… nicolargo
 glances
 2026-04-20T23:19:02.908Z 2026-04-22T14:01:47.583Z
CVE-2026-35570
8.4 (3.1)
OpenClaude has Sandbox Bypass via Early-Exit Logic Fla… Gitlawb
 openclaude
 2026-04-20T23:24:08.324Z 2026-04-21T19:49:30.148Z
CVE-2026-34839
7.7 (4.0)
Glances Vulnerable to Cross-Origin Information Disclos… nicolargo
 glances
 2026-04-20T23:09:02.551Z 2026-04-21T19:37:42.399Z
CVE-2026-5721
4.7 (3.1)
wpDataTables – WordPress Data Table, Dynamic Tables & … wpdatatables
 wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin
 2026-04-20T22:25:26.695Z 2026-04-21T19:49:47.411Z
CVE-2026-34082
5.3 (4.0)
Dify has IDOR in deleting someone else's chat conversation langgenius
 dify
 2026-04-20T23:03:18.158Z 2026-04-21T13:36:45.614Z
CVE-2026-6729
5.3 (4.0)
6.3 (3.1)
HKUDS OpenHarness Session Key Collision Privilege Escalation HKUDS
 OpenHarness
 2026-04-20T22:01:38.766Z 2026-04-21T17:39:32.967Z
CVE-2026-29643
7.1 (3.1)
XiangShan (Open-source high-performance RISC-V pr… n/a
 n/a
 2026-04-20T00:00:00.000Z 2026-04-21T19:50:32.463Z
CVE-2026-22051
2.3 (4.0)
StorageGRID (formerly StorageGRID Webscale) versi… NETAPP
 StorageGRID (formerly StorageGRID Webscale)
 2026-04-20T21:27:36.822Z 2026-04-21T13:40:46.948Z
CVE-2026-0930
2.3 (4.0)
Potential wolfSSHd Buffer out-of-bounds Read on Window… wolfSSL
 wolfSSH
 2026-04-20T21:28:33.227Z 2026-04-21T13:37:15.647Z
CVE-2026-5928
7.5 (3.1)
Static buffer overflow in deprecated nis_local_principal The GNU C Library
 glibc
 2026-04-20T20:37:31.743Z 2026-04-21T19:49:59.071Z
CVE-2026-5450
9.8 (3.1)
scanf %mc off-by-one heap buffer overflow The GNU C Library
 glibc
 2026-04-20T20:55:41.170Z 2026-04-21T19:49:53.221Z
CVE-2026-5358
N/A
REJECTED: CVE-2026-5358 is rejected for two reasons. Firstly it has been discovered that no NIS+ client or server was ever released for any Linux-based OS distributions and as such this makes the API provisional and unused. Secondly it has been discovered that the NIS+ cold start cache (/var/nis/NIS_COLD_START) cannot be bypassed and as such the API can only be called with a trusted server from the pre-populated cache. The use of a trusted server means no trust boundary is crossed and this is therefore considered a normal bug. N/A N/A 2026-04-20T20:37:23.178Z 2026-04-22T13:04:20.656Z
CVE-2026-4852
6.4 (3.1)
Image Source Control Lite – Show Image Credits and Cap… webzunft
 Image Source Control Lite – Show Image Credits and Captions
 2026-04-20T20:26:53.256Z 2026-04-21T13:53:14.507Z
ID Description Published Updated
ID Severity Description Published Updated
ghsa-gccw-6jq7-5553
3.7 (3.1)
2.9 (4.0)
A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an… 2026-04-20T06:31:28Z 2026-04-20T06:31:28Z
ghsa-f3q6-69f3-vwch
5.3 (3.1)
5.5 (4.0)
FastChat has a Content Moderation Bypass via Arena Side-by-Side Views 2026-04-20T06:31:28Z 2026-04-23T14:29:57Z
ghsa-crx8-wpv6-jrj2
7.3 (3.1)
5.5 (4.0)
A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects th… 2026-04-20T06:31:28Z 2026-04-20T06:31:28Z
ghsa-5h65-jx66-j7p5
5.3 (3.1)
5.5 (4.0)
FastChat has Denial of Service Through Blocking Event Loop in Model Workers (Incomplete Fix for ff66426) 2026-04-20T06:31:28Z 2026-04-23T14:30:41Z
ghsa-v66p-f7x3-4794
6.3 (3.1)
2.1 (4.0)
A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the funct… 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-rv83-rw8p-jww8
4.3 (3.1)
2.1 (4.0)
A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown functio… 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-pg7r-p32f-3m9r
7.3 (3.1)
5.5 (4.0)
A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451a… 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-mxmx-pwg2-cg2h
3.5 (3.1)
2.0 (4.0)
A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the … 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-mmj2-4xv2-5qh8
5.3 (3.1)
6.9 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for cr… 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-cr24-fv3h-8cjm
7.3 (3.1)
5.5 (4.0)
A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerabilit… 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-9jpj-cph8-w449
4.3 (3.1)
2.1 (4.0)
A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected elemen… 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-8ggf-r3vm-p3jc
7.3 (3.1)
5.5 (4.0)
A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the functio… 2026-04-20T06:31:27Z 2026-04-20T06:31:28Z
ghsa-659x-hm75-hpv7
7.3 (3.1)
5.5 (4.0)
A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the… 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-5f3w-cmwx-c9m9
6.5 (3.1)
6.9 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of C… 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-5842-r2vf-gmxv
7.5 (3.1)
8.7 (4.0)
Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Mana… 2026-04-20T06:31:27Z 2026-04-20T06:31:27Z
ghsa-w7w2-59m3-j62x
6.5 (3.1)
6.9 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An … 2026-04-20T06:31:26Z 2026-04-20T06:31:26Z
ghsa-v94v-gwmf-jhq8
6.1 (3.1)
5.1 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. contain a reflected cross-site scriptin… 2026-04-20T06:31:26Z 2026-04-20T06:31:27Z
ghsa-jwm2-xvrj-2mh2
9.8 (3.1)
9.3 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vu… 2026-04-20T06:31:26Z 2026-04-20T06:31:26Z
ghsa-gj69-pmwp-f535
5.9 (3.1)
8.2 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken… 2026-04-20T06:31:26Z 2026-04-20T06:31:26Z
ghsa-g7hc-x6qw-m35g
6.5 (3.1)
7.1 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive infor… 2026-04-20T06:31:26Z 2026-04-20T06:31:26Z
ghsa-c6qj-q5j5-mvcc
8.8 (3.1)
8.7 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow v… 2026-04-20T06:31:26Z 2026-04-20T06:31:26Z
ghsa-332v-r8r4-hgh6
5.3 (3.1)
6.9 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for cr… 2026-04-20T06:31:26Z 2026-04-20T06:31:26Z
ghsa-23v2-6gx7-7pp6
5.3 (3.1)
6.9 (4.0)
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vu… 2026-04-20T06:31:26Z 2026-04-20T06:31:26Z
ghsa-vvfc-fp59-m92g
7.3 (3.1)
5.5 (4.0)
A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the fun… 2026-04-20T03:34:42Z 2026-04-20T03:34:42Z
ghsa-f674-pjwp-7q42
7.3 (3.1)
5.5 (4.0)
A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f… 2026-04-20T03:34:42Z 2026-04-20T03:34:42Z
ghsa-5jjf-wcvf-923w
2.7 (3.1)
2.0 (4.0)
A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove… 2026-04-20T03:34:42Z 2026-04-20T03:34:42Z
ghsa-qf9c-j447-wpvf
4.3 (3.1)
2.1 (4.0)
A vulnerability was detected in ComfyUI up to 0.13.0. This impacts the function get_model_preview o… 2026-04-20T03:34:41Z 2026-04-20T03:34:41Z
ghsa-f4m3-5vcv-cfg7
3.5 (3.1)
2.0 (4.0)
A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the funct… 2026-04-20T03:34:41Z 2026-04-20T03:34:41Z
ghsa-c9gf-mh8q-hp8p
4.3 (3.1)
2.1 (4.0)
A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_… 2026-04-20T03:34:41Z 2026-04-20T03:34:41Z
ghsa-8rf8-8h6f-fh89
4.3 (3.1)
2.1 (4.0)
A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function creat… 2026-04-20T03:34:41Z 2026-04-20T03:34:41Z
ID Severity Description Package Published Updated
pysec-2022-43053
7.5 (3.1)
Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions… vyper 2022-06-09T09:15:00+00:00 2023-08-02T18:28:00.437362+00:00
pysec-2022-208
django-s3file is a lightweight file upload input for Django and Amazon S3 . In versions p… django-s3file 2022-06-09T04:15:00Z 2022-06-17T16:54:24.425121Z
pysec-2022-43147
9.8 (3.1)
pyanxdns package in PyPI version 0.2 is vulnerable to code execution backdoor. The impact… pyanxdns 2022-06-08T20:15:00Z 2024-11-21T14:22:59.309018Z
pysec-2022-43071
9.8 (3.1)
api-res-py package in PyPI 0.1 is vulnerable to a code execution backdoor in the request … api-res-py 2022-06-08T20:15:00Z 2024-11-25T22:25:53.019921Z
pysec-2022-43056
9.8 (3.1)
The keep for python, as distributed on PyPI, included a code-execution backdoor inserted … keep 2022-06-08T18:15:00+00:00 2023-08-17T03:22:31.636090+00:00
pysec-2022-204
The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument… cookiecutter 2022-06-08T08:15:00Z 2022-06-08T10:35:31.256727Z
pysec-2022-42973
Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vu… flower 2022-06-02T14:15:00Z 2022-10-26T22:48:00Z
pysec-2022-227
Bottle before 0.12.20 mishandles errors during early request binding. bottle 2022-06-02T14:15:00Z 2023-05-25T05:07:00Z
pysec-2022-205
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2… waitress 2022-05-31T23:15:00Z 2022-06-14T20:37:51.457649Z
pysec-2022-43145
9.8 (3.1)
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of… pillow 2022-05-25T12:15:00Z 2024-11-25T18:35:18.357593Z
pysec-2022-203
** DISPUTED ** Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below all… werkzeug 2022-05-25T01:15:00Z 2022-06-07T22:30:02.873111Z
pysec-2022-199
The ctx hosted project on PyPI was taken over via user account compromise and replaced wi… ctx 2022-05-24T17:55:00.000000Z 2022-05-24T17:55:00.000000Z
pysec-2022-202
PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signi… pyjwt 2022-05-24T15:15:00Z 2022-06-07T16:57:16.566102Z
pysec-2022-43154
7.8 (3.1)
WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm. pywasm3 2022-05-20T19:15:00Z 2024-11-25T18:35:18.357593Z
pysec-2022-201
Cross-site Scripting (XSS) - Generic in GitHub repository octoprint/octoprint prior to 1.8.0. octoprint 2022-05-18T14:15:00Z 2022-05-25T22:34:11.424461Z
pysec-2022-200
Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0. octoprint 2022-05-18T14:15:00Z 2022-05-25T22:34:11.363909Z
pysec-2022-185
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. marcador 2022-05-08T20:15:00Z 2022-05-17T18:33:00Z
pysec-2022-182
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (… admesh 2022-05-08T06:15:00Z 2022-05-17T21:40:50.660206Z
pysec-2022-184
Keylime does not enforce that the agent registrar data is the same when the tenant uses i… keylime 2022-05-06T17:15:00Z 2022-05-17T21:40:52.506546Z
pysec-2022-187
TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory con… tkvideoplayer 2022-05-06T00:15:00Z 2022-05-17T21:41:01.217686Z
pysec-2022-42999
** DISPUTED ** In the python-libnmap package through 0.7.2 for Python, remote command exe… python-libnmap 2022-05-04T22:15:00Z 2023-05-04T04:29:28.652969Z
pysec-2022-183
Encode OSS httpx <=1.0.0.beta0 is affected by improper input validation in `httpx.URL`, `… httpx 2022-04-28T14:15:00Z 2022-05-17T21:40:52.405453Z
pysec-2022-43150
7.5 (3.1)
Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used f… pydoris 2022-04-26T16:15:00+00:00 2022-05-06T13:40:00+00:00
pysec-2022-193
flask-session-captcha is a package which allows users to extend Flask by adding an image … flask-session-captcha 2022-04-25T22:15:00Z 2022-05-17T23:28:25.264091Z
pysec-2022-43167
8.8 (3.1)
Selenium Server (Grid) before 4 allows CSRF because it permits non-JSON content types suc… selenium 2022-04-19T03:15:00+00:00 2024-11-21T14:23:01.289420+00:00
pysec-2022-194
PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and … pypdf2 2022-04-18T19:15:00Z 2022-05-17T23:28:27.580433Z
pysec-2022-43153
5.5 (3.1)
Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code.c (called indirect… pywasm3 2022-04-16T16:15:00Z 2024-11-21T14:23:00.113164Z
pysec-2022-192
django-mfa3 is a library that implements multi factor authentication for the django web f… django-mfa3 2022-04-15T19:15:00Z 2022-05-17T23:28:24.608119Z
pysec-2022-198
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In affected… vyper 2022-04-13T22:15:00Z 2022-05-17T23:28:35.566517Z
pysec-2022-197
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Versions of… vyper 2022-04-13T19:15:00Z 2022-05-17T23:28:35.533012Z
ID Description Updated
ID Description Published Updated
mal-2026-2102 Malicious code in storefront-logger (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:12Z
mal-2026-2099 Malicious code in sfx-event-bridge (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:11Z
mal-2026-2098 Malicious code in sd-basket-highlight (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:12Z
mal-2026-2097 Malicious code in puzzle-render-kit (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:10Z
mal-2026-2096 Malicious code in puzzle-asset (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:12Z
mal-2026-2092 Malicious code in pulse-feature-flag (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:09Z
mal-2026-2091 Malicious code in netflixidentity (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:11Z
mal-2026-2090 Malicious code in netflixid (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:10Z
mal-2026-2085 Malicious code in uipagain (npm) 2026-03-23T12:10:52Z 2026-03-27T05:01:26Z
mal-2026-2084 Malicious code in license-utils-kit (PyPI) 2026-03-23T09:41:24Z 2026-04-08T20:19:39Z
mal-2026-2083 Malicious code in anduril-sdk (PyPI) 2026-03-23T08:06:29Z 2026-04-10T15:51:21Z
mal-2026-2082 Malicious code in unhandledrejection1 (npm) 2026-03-22T19:55:35Z 2026-03-23T05:16:31Z
mal-2026-2081 Malicious code in @thiagoemmanuell/unhandledrejection (npm) 2026-03-22T19:19:54Z 2026-03-23T05:16:25Z
mal-2026-2075 Malicious code in @emilgroup/document-sdk-node (npm) 2026-03-22T18:28:27Z 2026-03-26T00:50:43Z
mal-2026-2074 Malicious code in @emilgroup/discount-sdk (npm) 2026-03-22T18:28:07Z 2026-03-26T00:50:43Z
mal-2026-2079 Malicious code in @emilgroup/task-sdk-node (npm) 2026-03-22T18:27:31Z 2026-03-26T00:50:43Z
mal-2026-2076 Malicious code in @emilgroup/document-uploader (npm) 2026-03-22T18:27:17Z 2026-03-26T00:50:43Z
mal-2026-2073 Malicious code in @airtm/uuid-base32 (npm) 2026-03-22T18:26:54Z 2026-03-26T00:50:43Z
mal-2026-2080 Malicious code in cit-playwright-tests (npm) 2026-03-22T18:26:44Z 2026-03-26T00:50:44Z
mal-2026-2078 Malicious code in @emilgroup/task-sdk (npm) 2026-03-22T18:26:09Z 2026-03-26T00:50:43Z
mal-2026-2077 Malicious code in @emilgroup/public-api-sdk-node (npm) 2026-03-22T18:25:50Z 2026-03-26T00:50:43Z
mal-2026-2043 Malicious code in @emilgroup/commission-sdk-node (npm) 2026-03-22T18:23:18Z 2026-03-26T00:50:43Z
mal-2026-2059 Malicious code in @emilgroup/setting-sdk-node (npm) 2026-03-22T18:23:01Z 2026-03-26T00:50:43Z
mal-2026-2040 Malicious code in @emilgroup/changelog-sdk-node (npm) 2026-03-22T18:22:34Z 2026-03-26T00:50:43Z
mal-2026-2060 Malicious code in @emilgroup/tenant-sdk (npm) 2026-03-22T18:22:16Z 2026-03-26T00:50:43Z
mal-2026-2069 Malicious code in eslint-config-service-users (npm) 2026-03-22T18:21:59Z 2026-03-26T00:50:45Z
mal-2026-2064 Malicious code in @opengov/ppf-backend-types (npm) 2026-03-22T18:21:26Z 2026-03-26T00:50:43Z
mal-2026-2047 Malicious code in @emilgroup/docxtemplater-util (npm) 2026-03-22T18:21:12Z 2026-03-26T00:50:43Z
mal-2026-2048 Malicious code in @emilgroup/gdv-sdk (npm) 2026-03-22T18:20:51Z 2026-03-26T00:50:43Z
mal-2026-2063 Malicious code in @opengov/form-utils (npm) 2026-03-22T18:20:39Z 2026-03-26T00:50:43Z
ID Description Published Updated
ID Description Published Updated
wid-sec-w-2025-2407 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-10-26T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2025-2404 AMD “Zen 5” Prozessoren: Schwachstelle gefährdet Vertraulichkeit und Integrität 2025-10-23T22:00:00.000+00:00 2025-12-16T23:00:00.000+00:00
wid-sec-w-2025-2403 Ubiquiti UniFi: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-10-23T22:00:00.000+00:00 2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2402 MongoDB BI Connector ODBC-Treiber: Schwachstelle ermöglicht Privilegieneskalation 2025-10-23T22:00:00.000+00:00 2025-10-26T23:00:00.000+00:00
wid-sec-w-2025-2401 Keycloak: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-10-23T22:00:00.000+00:00 2025-11-13T23:00:00.000+00:00
wid-sec-w-2025-2400 Red Hat Build von Apache Camel für Quarkus: Schwachstelle ermöglicht Offenlegung von Informationen 2025-10-23T22:00:00.000+00:00 2025-10-23T22:00:00.000+00:00
wid-sec-w-2025-2399 IBM App Connect Enterprise: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-10-23T22:00:00.000+00:00 2025-10-26T23:00:00.000+00:00
wid-sec-w-2025-2398 Moxa Switch: Mehrere Schwachstellen 2025-10-23T22:00:00.000+00:00 2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2397 Liferay Portal und DXP: Mehrere Schwachstellen 2025-10-23T22:00:00.000+00:00 2025-10-23T22:00:00.000+00:00
wid-sec-w-2025-2396 Hashicorp Vault: Mehrere Schwachstellen 2025-10-23T22:00:00.000+00:00 2025-11-24T23:00:00.000+00:00
wid-sec-w-2025-2395 Rancher Manager: Mehrere Schwachstellen 2025-10-23T22:00:00.000+00:00 2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2394 Linux Kernel: Mehrere Schwachstellen 2025-10-22T22:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2025-2393 Liferay Portal: Mehrere Schwachstellen 2025-10-22T22:00:00.000+00:00 2025-10-22T22:00:00.000+00:00
wid-sec-w-2025-2392 Internet Systems Consortium BIND: Mehrere Schwachstellen 2025-10-22T22:00:00.000+00:00 2026-01-06T23:00:00.000+00:00
wid-sec-w-2025-2391 OpenBao: Mehrere Schwachstellen 2025-10-22T22:00:00.000+00:00 2025-10-26T23:00:00.000+00:00
wid-sec-w-2025-2390 PowerDNS Recursor: Mehrere Schwachstellen ermöglichen Manipulation von Dateien 2025-10-22T22:00:00.000+00:00 2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2389 FreeBSD Project FreeBSD OS (netinet): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-10-22T22:00:00.000+00:00 2025-10-22T22:00:00.000+00:00
wid-sec-w-2025-2388 MongoDB: Schwachstelle ermöglicht Privilegieneskalation 2025-10-22T22:00:00.000+00:00 2025-10-26T23:00:00.000+00:00
wid-sec-w-2025-2387 Devolutions Server: Mehrere Schwachstellen 2025-10-22T22:00:00.000+00:00 2025-10-22T22:00:00.000+00:00
wid-sec-w-2025-2386 Unbound: Schwachstelle ermöglicht Manipulation von Dateien 2025-10-22T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2385 Drupal Module: Mehrere Schwachstellen 2025-10-22T22:00:00.000+00:00 2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2383 Zoho ManageEngine Endpoint Central: Mehrere Schwachstellen 2025-10-21T22:00:00.000+00:00 2025-10-21T22:00:00.000+00:00
wid-sec-w-2025-2382 Synacor Zimbra: Schwachstelle ermöglicht Manipulation von Dateien 2025-10-21T22:00:00.000+00:00 2025-10-21T22:00:00.000+00:00
wid-sec-w-2025-2381 MediaWiki: Mehrere Schwachstellen 2025-10-21T22:00:00.000+00:00 2025-10-22T22:00:00.000+00:00
wid-sec-w-2025-2380 Xen: Mehrere Schwachstellen 2025-10-21T22:00:00.000+00:00 2026-01-05T23:00:00.000+00:00
wid-sec-w-2025-2379 Dell BIOS: Schwachstelle ermöglicht Manipulation von Daten 2025-10-21T22:00:00.000+00:00 2025-11-24T23:00:00.000+00:00
wid-sec-w-2025-2378 Atlassian Confluence: Schwachstelle ermöglicht Denial of Service 2025-10-21T22:00:00.000+00:00 2025-11-18T23:00:00.000+00:00
wid-sec-w-2025-2377 Atlassian Jira: Schwachstelle ermöglicht Manipulation von Dateien 2025-10-21T22:00:00.000+00:00 2025-10-21T22:00:00.000+00:00
wid-sec-w-2025-2376 GitLab: Mehrere Schwachstellen 2025-10-21T22:00:00.000+00:00 2025-10-28T23:00:00.000+00:00
wid-sec-w-2025-2375 Google Chrome: Schwachstelle ermöglicht nicht spezifizierten Angriff 2025-10-21T22:00:00.000+00:00 2025-11-16T23:00:00.000+00:00
ID Description Published Updated
icsa-25-030-01 Hitachi Energy UNEM 2024-06-11T12:30:00.000000Z 2024-06-11T12:30:00.000000Z
icsa-25-016-07 Hitachi Energy FOX61x Products 2024-06-11T12:30:00.000000Z 2024-06-11T12:30:00.000000Z
icsa-25-016-06 Hitachi Energy FOX61x, FOXCST, and FOXMAN-UN Products 2024-06-11T12:30:00.000000Z 2024-06-11T12:30:00.000000Z
icsa-25-014-01 Hitachi Energy FOXMAN-UN 2024-06-11T12:30:00.000000Z 2024-10-29T13:30:00.000000Z
icsma-24-163-01 MicroDicom DICOM Viewer 2024-06-11T06:00:00.000000Z 2024-06-11T06:00:00.000000Z
icsa-24-163-04 Intrado 911 Emergency Gateway 2024-06-11T06:00:00.000000Z 2024-06-11T06:00:00.000000Z
icsa-24-163-03 AVEVA PI Asset Framework Client 2024-06-11T06:00:00.000000Z 2024-06-11T06:00:00.000000Z
icsa-24-163-02 AVEVA PI Web API 2024-06-11T06:00:00.000000Z 2024-06-11T06:00:00.000000Z
icsa-24-163-01 Rockwell Automation ControlLogix, GuardLogix, and CompactLogix 2024-06-11T06:00:00.000000Z 2024-06-11T06:00:00.000000Z
icsa-25-254-09 Schneider Electric Modicon M340, BMXNOE0100, and BMXNOE0110 2024-06-11T00:00:00.000000Z 2025-08-12T04:00:00.000000Z
icsa-25-107-02 Schneider Electric Sage Series 2024-06-11T00:00:00.000000Z 2024-07-09T00:00:00.000000Z
icsa-24-331-02 Schneider Electric PowerLogic P5 2024-06-11T00:00:00.000000Z 2024-09-10T00:00:00.000000Z
icsa-24-165-13 Siemens SINEC Traffic Analyzer 2024-06-11T00:00:00.000000Z 2025-05-06T06:00:00.000000Z
icsa-24-165-12 Siemens SCALANCE W700 2024-06-11T00:00:00.000000Z 2025-01-14T00:00:00.000000Z
icsa-24-165-11 Siemens SCALANCE XM-400, XR-500 2024-06-11T00:00:00.000000Z 2024-06-11T00:00:00.000000Z
icsa-24-165-10 Siemens SIMATIC and SIPLUS 2024-06-11T00:00:00.000000Z 2024-06-11T00:00:00.000000Z
icsa-24-165-09 Siemens SICAM AK3/BC/TM 2024-06-11T00:00:00.000000Z 2024-06-11T00:00:00.000000Z
icsa-24-165-08 Siemens Teamcenter Visualization and JT2Go 2024-06-11T00:00:00.000000Z 2024-08-13T00:00:00.000000Z
icsa-24-165-07 Siemens PowerSys 2024-06-11T00:00:00.000000Z 2024-06-11T00:00:00.000000Z
icsa-24-165-06 Siemens TIM 1531 IRC 2024-06-11T00:00:00.000000Z 2024-07-09T00:00:00.000000Z
icsa-24-165-05 Siemens SITOP UPS1600 2024-06-11T00:00:00.000000Z 2024-06-11T00:00:00.000000Z
icsa-24-165-04 Siemens ST7 ScadaConnect 2024-06-11T00:00:00.000000Z 2024-06-11T00:00:00.000000Z
icsa-24-165-03 Siemens TIA Administrator 2024-06-11T00:00:00.000000Z 2024-06-11T00:00:00.000000Z
icsa-24-165-02 Siemens SIMATIC S7-200 SMART Devices 2024-06-11T00:00:00.000000Z 2024-06-11T00:00:00.000000Z
icsa-24-165-01 Siemens Mendix Applications 2024-06-11T00:00:00.000000Z 2024-06-11T00:00:00.000000Z
icsa-24-158-04 Johnson Controls Software House iStar Door Controller (Update A) 2024-06-06T06:00:00.000000Z 2025-07-29T06:00:00.000000Z
icsa-24-158-03 Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch 2024-06-06T06:00:00.000000Z 2024-06-06T06:00:00.000000Z
icsa-24-158-02 Emerson Ovation 2024-06-06T06:00:00.000000Z 2024-06-06T06:00:00.000000Z
icsa-24-158-01 Emerson PACSystem and Fanuc 2024-06-06T06:00:00.000000Z 2024-06-06T06:00:00.000000Z
icsa-24-156-01 Uniview NVR301-04S2-P4 (Update A) 2024-06-04T06:00:00.000000Z 2024-09-24T06:00:00.000000Z
ID Description Published Updated
cisco-sa-apache-httpd-pathtrv-lazg68cz Apache HTTP Server Vulnerabilities: October 2021 2021-10-07T16:00:00+00:00 2021-10-07T16:00:00+00:00
cisco-sa-wsa-dos-fmhdkswk Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability 2021-10-06T16:00:00+00:00 2021-10-22T15:18:37+00:00
cisco-sa-ucsi2-command-inject-cgyc8y2r Cisco Intersight Virtual Appliance Command Injection Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-tpce-rmos-mem-dos-rck56tt Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerability 2021-10-06T16:00:00+00:00 2021-10-15T21:03:56+00:00
cisco-sa-ssm-priv-esc-5g35cddj Cisco Smart Software Manager Privilege Escalation Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-sb220-lldp-multivuls-mvrutq8t Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabilities 2021-10-06T16:00:00+00:00 2022-01-13T21:37:56+00:00
cisco-sa-sb-hardcoded-cred-mjcexvx Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-ise-xxe-inj-v4vsjesx Cisco Identity Services Engine XML External Entity Injection Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-ise-priv-esc-uwqprbm3 Cisco Identity Services Engine Privilege Escalation Vulnerability 2021-10-06T16:00:00+00:00 2021-10-11T16:18:56+00:00
cisco-sa-ise-info-disc-pnxtlhdp Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-ipphone-arbfileread-npdte2ow Cisco IP Phone Software Arbitrary File Read Vulnerability 2021-10-06T16:00:00+00:00 2021-10-14T13:57:39+00:00
cisco-sa-esa-url-bypass-sgcfsdrp Cisco Email Security Appliance URL Filtering Bypass Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-dnac-infodisc-kyc6yncs Cisco DNA Center Information Disclosure Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-cvdsd-xss-fvdj6hk Cisco Vision Dynamic Signage Director Reflected Cross-Site Scripting Vulnerability 2021-10-06T16:00:00+00:00 2021-10-15T21:45:49+00:00
cisco-sa-ata19x-multivuln-a4j57f3 Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities 2021-10-06T16:00:00+00:00 2021-10-22T15:03:27+00:00
cisco-sa-anyconnect-lib-hija-cafb7x4q Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-amp-redirect-rq2bu7du Cisco Orbital Open Redirect Vulnerability 2021-10-06T16:00:00+00:00 2021-10-06T16:00:00+00:00
cisco-sa-zbfw-tguguyq Cisco IOS XE Software Protection Against Distributed Denial of Service Attacks Feature Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-zbfw-pp9jfzwl Cisco IOS XE Software Zone-Based Policy Firewall ICMP and UDP Inspection Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-trustsec-dos-7fuxdr2 Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sdwan-maapi-privesc-ksug7qss Cisco IOS XE SD-WAN Software Command Injection Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sdwan-maapi-cmdinjec-znuytuc Cisco SD-WAN Software Command Injection Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sd-wan-josurjcc Cisco SD-WAN vManage Software Cypher Query Language Injection Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sd-wan-gjr5pgom Cisco IOS XE SD-WAN Software Arbitrary File Overwrite Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-sd-wan-fhqh8pkx Cisco SD-WAN Software Information Disclosure Vulnerability 2021-09-22T16:00:00+00:00 2023-06-16T19:11:51+00:00
cisco-sa-sd-wan-credentials-ydyfskzz Cisco SD-WAN vManage Software Disaster Recovery Feature Password Exposure Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-ratenat-pyvla7wm Cisco IOS XE Software Rate Limiting Network Address Translation Denial of Service Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-quewedge-69bshubw Cisco IOS XE Software Interface Queue Wedge Denial of Service Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-lldp-dos-sbnuhsjt Cisco IOS and IOS XE Software Link Layer Discovery Protocol Denial of Service Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
cisco-sa-ioxesdwan-clicmdinj-7byx5k3 Cisco IOS XE SD-WAN Software Command Injection Vulnerability 2021-09-22T16:00:00+00:00 2021-09-22T16:00:00+00:00
ID Description Published Updated
msrc_cve-2025-71234 wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add 2026-02-02T00:00:00.000Z 2026-02-21T04:29:07.000Z
msrc_cve-2025-71233 PCI: endpoint: Avoid creating sub-groups asynchronously 2026-02-02T00:00:00.000Z 2026-03-31T01:37:39.000Z
msrc_cve-2025-71232 scsi: qla2xxx: Free sp in error path to fix system crash 2026-02-02T00:00:00.000Z 2026-03-31T01:39:38.000Z
msrc_cve-2025-71231 crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode 2026-02-02T00:00:00.000Z 2026-02-21T04:28:41.000Z
msrc_cve-2025-71230 hfs: ensure sb->s_fs_info is always cleaned up 2026-02-02T00:00:00.000Z 2026-03-03T01:37:28.000Z
msrc_cve-2025-71229 wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() 2026-02-02T00:00:00.000Z 2026-02-28T01:38:47.000Z
msrc_cve-2025-71228 LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED 2026-02-02T00:00:00.000Z 2026-02-21T04:26:37.000Z
msrc_cve-2025-71227 wifi: mac80211: don't WARN for connections on invalid channels 2026-02-02T00:00:00.000Z 2026-03-31T15:13:44.000Z
msrc_cve-2025-71226 wifi: iwlwifi: Implement settime64 as stub for MVM/MLD PTP 2026-02-02T00:00:00.000Z 2026-02-21T04:27:30.000Z
msrc_cve-2025-71225 md: suspend array while updating raid_disks via sysfs 2026-02-02T00:00:00.000Z 2026-03-31T15:12:38.000Z
msrc_cve-2025-71221 dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue() 2026-02-02T00:00:00.000Z 2026-03-27T01:41:25.000Z
msrc_cve-2025-71202 iommu/sva: invalidate stale IOTLB entries for kernel address space 2026-02-02T00:00:00.000Z 2026-03-31T14:50:40.000Z
msrc_cve-2025-69873 ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. 2026-02-02T00:00:00.000Z 2026-03-03T01:38:55.000Z
msrc_cve-2025-69299 WordPress Oxygen theme <= 6.0.8 - Server Side Request Forgery (SSRF) vulnerability 2026-02-02T00:00:00.000Z 2026-02-24T14:03:49.000Z
msrc_cve-2025-68121 Unexpected session resumption in crypto/tls 2026-02-02T00:00:00.000Z 2026-03-05T01:09:17.000Z
msrc_cve-2025-67733 Valkey Affected by RESP Protocol Injection via Lua error_reply 2026-02-02T00:00:00.000Z 2026-02-26T14:36:30.000Z
msrc_cve-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern 2026-02-02T00:00:00.000Z 2026-03-03T01:38:32.000Z
msrc_cve-2025-61145 libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. 2026-02-02T00:00:00.000Z 2026-03-03T01:38:25.000Z
msrc_cve-2025-61144 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. 2026-02-02T00:00:00.000Z 2026-02-26T14:36:23.000Z
msrc_cve-2025-61143 libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c. 2026-02-02T00:00:00.000Z 2026-02-26T14:36:13.000Z
msrc_cve-2025-11563 wcurl path traversal with percent-encoded slashes 2026-02-02T00:00:00.000Z 2026-03-03T01:38:45.000Z
msrc_cve-2026-24307 M365 Copilot Information Disclosure Vulnerability 2026-01-13T08:00:00.000Z 2026-01-22T08:00:00.000Z
msrc_cve-2026-24306 Azure Front Door Elevation of Privilege Vulnerability 2026-01-13T08:00:00.000Z 2026-01-22T08:00:00.000Z
msrc_cve-2026-24305 Azure Entra ID Elevation of Privilege Vulnerability 2026-01-13T08:00:00.000Z 2026-01-22T08:00:00.000Z
msrc_cve-2026-24304 Azure Resource Manager Elevation of Privilege Vulnerability 2026-01-13T08:00:00.000Z 2026-01-22T08:00:00.000Z
msrc_cve-2026-21524 Azure Data Explorer Information Disclosure Vulnerability 2026-01-13T08:00:00.000Z 2026-01-22T08:00:00.000Z
msrc_cve-2026-21521 Word Copilot Information Disclosure Vulnerability 2026-01-13T08:00:00.000Z 2026-01-22T08:00:00.000Z
msrc_cve-2026-21520 Copilot Studio Information Disclosure Vulnerability 2026-01-13T08:00:00.000Z 2026-01-22T08:00:00.000Z
msrc_cve-2026-21509 Microsoft Office Security Feature Bypass Vulnerability 2026-01-13T08:00:00.000Z 2026-01-29T08:00:00.000Z
msrc_cve-2026-21265 Secure Boot Certificate Expiration Security Feature Bypass Vulnerability 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
opensuse-su-2025:15693-1 java-21-openj9-21.0.9.0-1.1 on GA media 2025-10-31T00:00:00Z 2025-10-31T00:00:00Z
opensuse-su-2025:15692-1 java-1_8_0-openj9-1.8.0.472-1.1 on GA media 2025-10-31T00:00:00Z 2025-10-31T00:00:00Z
opensuse-su-2025:15691-1 java-17-openj9-17.0.17.0-1.1 on GA media 2025-10-31T00:00:00Z 2025-10-31T00:00:00Z
opensuse-su-2025:15690-1 java-11-openj9-11.0.29.0-1.1 on GA media 2025-10-31T00:00:00Z 2025-10-31T00:00:00Z
opensuse-su-2025:15689-1 gomuks-0.3.1-2.1 on GA media 2025-10-31T00:00:00Z 2025-10-31T00:00:00Z
opensuse-su-2025:15688-1 libmozjs-140-0-140.4.0-2.1 on GA media 2025-10-30T00:00:00Z 2025-10-30T00:00:00Z
opensuse-su-2025:15687-1 chromedriver-142.0.7444.59-2.1 on GA media 2025-10-30T00:00:00Z 2025-10-30T00:00:00Z
opensuse-su-2025:15686-1 MozillaFirefox-144.0.2-1.1 on GA media 2025-10-30T00:00:00Z 2025-10-30T00:00:00Z
opensuse-su-2025:15685-1 ImageMagick-7.1.2.8-1.1 on GA media 2025-10-30T00:00:00Z 2025-10-30T00:00:00Z
opensuse-su-2025:20021-1 Security update for MozillaThunderbird 2025-10-29T17:54:20Z 2025-10-29T17:54:20Z
opensuse-su-2025:15684-1 xwayland-24.1.8-4.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:15683-1 xorg-x11-server-21.1.15-7.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:15682-1 libtiff-devel-32bit-4.7.1-3.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:15681-1 strongswan-6.0.3-1.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:15680-1 ongres-scram-3.2-7.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:15679-1 libmozjs-128-0-128.14.0-2.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:15678-1 libmozjs-115-0-115.15.0-6.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:15677-1 kea-3.0.2-1.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:15676-1 dovecot24-2.4.2-1.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:15675-1 coreboot-utils-25.09-2.1 on GA media 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z
opensuse-su-2025:20032-1 Security update for chromium 2025-10-28T06:36:32Z 2025-10-28T06:36:32Z
opensuse-su-2025:15674-1 java-25-openjdk-25.0.1.0-1.1 on GA media 2025-10-28T00:00:00Z 2025-10-28T00:00:00Z
opensuse-su-2025:20031-1 Security update for warewulf4 2025-10-27T09:58:12Z 2025-10-27T09:58:12Z
opensuse-su-2025:20027-1 Security update for chromium 2025-10-27T09:16:17Z 2025-10-27T09:16:17Z
opensuse-su-2025:15673-1 xen-4.20.1_06-1.1 on GA media 2025-10-27T00:00:00Z 2025-10-27T00:00:00Z
opensuse-su-2025:15672-1 libluajit-5_1-2-2.1.20250826-1.1 on GA media 2025-10-27T00:00:00Z 2025-10-27T00:00:00Z
opensuse-su-2025:15671-1 kernel-devel-6.17.5-1.1 on GA media 2025-10-27T00:00:00Z 2025-10-27T00:00:00Z
opensuse-su-2025:15670-1 java-21-openjdk-21.0.9.0-1.1 on GA media 2025-10-27T00:00:00Z 2025-10-27T00:00:00Z
opensuse-su-2025:15669-1 grafana-11.6.7-1.1 on GA media 2025-10-27T00:00:00Z 2025-10-27T00:00:00Z
opensuse-su-2025:15668-1 libunbound8-1.24.1-1.1 on GA media 2025-10-24T00:00:00Z 2025-10-24T00:00:00Z
ID Description Published Updated
ID Description Published Updated
rhsa-2026:2740 Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.0 security release 2026-02-16T18:57:53+00:00 2026-04-14T09:46:20+00:00
rhsa-2026:2741 Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.0 security release 2026-02-16T18:55:18+00:00 2026-04-14T09:46:17+00:00
rhsa-2026:2763 Red Hat Security Advisory: wireshark security update 2026-02-16T18:48:23+00:00 2026-03-18T03:17:59+00:00
rhsa-2026:2761 Red Hat Security Advisory: kernel security update 2026-02-16T18:04:38+00:00 2026-04-01T19:29:26+00:00
rhsa-2026:2759 Red Hat Security Advisory: kernel security update 2026-02-16T17:51:18+00:00 2026-04-01T20:03:05+00:00
rhsa-2026:2762 Red Hat Security Advisory: Red Hat Quay 3.10.18 2026-02-16T17:44:31+00:00 2026-04-14T09:46:18+00:00
rhsa-2026:2760 Red Hat Security Advisory: Satellite 6.18.3 Async Update 2026-02-16T16:52:18+00:00 2026-04-12T14:07:45+00:00
rhsa-2026:2758 Red Hat Security Advisory: resource-agents security update 2026-02-16T16:40:34+00:00 2026-03-24T10:03:11+00:00
rhsa-2026:2753 Red Hat Security Advisory: gnupg2 security update 2026-02-16T16:01:43+00:00 2026-03-18T03:18:21+00:00
rhsa-2026:2754 Red Hat Security Advisory: Red Hat Quay 3.9.18 2026-02-16T15:43:51+00:00 2026-04-14T09:46:17+00:00
rhsa-2026:2719 Red Hat Security Advisory: gnupg2 security update 2026-02-16T14:36:42+00:00 2026-03-18T03:17:58+00:00
rhsa-2026:2736 Red Hat Security Advisory: freerdp security update 2026-02-16T13:12:12+00:00 2026-03-18T03:18:31+00:00
rhsa-2026:2737 Red Hat Security Advisory: Red Hat Ceph Storage 2026-02-16T12:56:05+00:00 2026-04-14T07:58:21+00:00
rhsa-2026:2722 Red Hat Security Advisory: kernel security update 2026-02-16T12:28:13+00:00 2026-04-08T04:27:44+00:00
rhsa-2026:2721 Red Hat Security Advisory: kernel security update 2026-02-16T12:13:02+00:00 2026-04-08T04:27:39+00:00
rhsa-2026:2726 Red Hat Security Advisory: pki-deps:10.6 security update 2026-02-16T12:04:57+00:00 2026-04-13T20:14:25+00:00
rhsa-2026:2720 Red Hat Security Advisory: kernel security update 2026-02-16T12:04:07+00:00 2026-04-08T04:27:26+00:00
rhsa-2026:2728 Red Hat Security Advisory: python-urllib3 security update 2026-02-16T11:56:59+00:00 2026-04-12T14:07:40+00:00
rhsa-2026:2724 Red Hat Security Advisory: pki-deps:10.6 security update 2026-02-16T11:56:58+00:00 2026-04-13T20:14:25+00:00
rhsa-2026:2714 Red Hat Security Advisory: freerdp security update 2026-02-16T11:45:27+00:00 2026-03-18T03:18:19+00:00
rhsa-2026:2718 Red Hat Security Advisory: python-urllib3 security update 2026-02-16T11:40:57+00:00 2026-04-12T14:07:39+00:00
rhsa-2026:2717 Red Hat Security Advisory: python-urllib3 security update 2026-02-16T11:34:12+00:00 2026-04-12T14:07:39+00:00
rhsa-2026:2725 Red Hat Security Advisory: pki-deps:10.6 security update 2026-02-16T11:27:07+00:00 2026-04-13T20:14:25+00:00
rhsa-2026:2723 Red Hat Security Advisory: python-urllib3 security update 2026-02-16T11:26:37+00:00 2026-04-12T14:07:40+00:00
rhsa-2026:2713 Red Hat Security Advisory: python3 security update 2026-02-16T11:10:11+00:00 2026-04-13T20:02:34+00:00
rhsa-2026:2712 Red Hat Security Advisory: resource-agents security update 2026-02-16T10:53:41+00:00 2026-03-24T10:03:10+00:00
rhsa-2026:2711 Red Hat Security Advisory: Red Hat Ceph Storage 8.1 security and bug fix update 2026-02-16T10:49:01+00:00 2026-04-14T07:58:21+00:00
rhsa-2026:2710 Red Hat Security Advisory: python3.12-wheel security update 2026-02-16T10:46:56+00:00 2026-04-10T15:33:19+00:00
rhsa-2026:2709 Red Hat Security Advisory: golang security update 2026-02-16T10:32:31+00:00 2026-04-14T07:58:20+00:00
rhsa-2026:2687 Red Hat Security Advisory: osbuild-composer security update 2026-02-16T10:31:46+00:00 2026-04-10T21:19:29+00:00
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
suse-su-2026:0711-1 Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP4) 2026-02-28T17:33:39Z 2026-02-28T17:33:39Z
suse-su-2026:0710-1 Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5) 2026-02-28T15:33:45Z 2026-02-28T15:33:45Z
suse-su-2026:0707-1 Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5) 2026-02-28T13:03:47Z 2026-02-28T13:03:47Z
suse-su-2026:0703-1 Security update for libsoup 2026-02-28T10:01:49Z 2026-02-28T10:01:49Z
suse-su-2026:0700-1 Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5) 2026-02-28T08:04:45Z 2026-02-28T08:04:45Z
suse-su-2026:0698-1 Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5) 2026-02-28T05:33:34Z 2026-02-28T05:33:34Z
suse-su-2026:0696-1 Security update for the Linux Kernel (Live Patch 65 for SUSE Linux Enterprise 12 SP5) 2026-02-27T19:33:27Z 2026-02-27T19:33:27Z
suse-su-2026:0694-1 Security update for gpg2 2026-02-27T15:14:36Z 2026-02-27T15:14:36Z
suse-su-2026:0693-1 Security update for python311 2026-02-27T15:14:09Z 2026-02-27T15:14:09Z
suse-su-2026:0692-1 Security update for MozillaThunderbird 2026-02-27T15:12:00Z 2026-02-27T15:12:00Z
suse-su-2026:0690-1 Security update for libsoup 2026-02-27T15:11:03Z 2026-02-27T15:11:03Z
suse-su-2026:0689-1 Security update for libsoup 2026-02-27T15:10:48Z 2026-02-27T15:10:48Z
suse-su-2026:0688-1 Security update for the Linux Kernel 2026-02-27T15:09:04Z 2026-02-27T15:09:04Z
suse-su-2026:0687-1 Security update for go1 2026-02-27T15:08:16Z 2026-02-27T15:08:16Z
suse-su-2026:20616-1 Security update for haproxy 2026-02-27T13:16:38Z 2026-02-27T13:16:38Z
suse-su-2026:20620-1 Security update for haproxy 2026-02-27T13:15:05Z 2026-02-27T13:15:05Z
suse-su-2026:20557-1 Security update for haproxy 2026-02-27T13:15:05Z 2026-02-27T13:15:05Z
suse-su-2026:0685-1 Security update for valkey 2026-02-27T11:53:26Z 2026-02-27T11:53:26Z
suse-su-2026:20599-1 Security update for the Linux Kernel 2026-02-27T11:51:02Z 2026-02-27T11:51:02Z
suse-su-2026:20555-1 Security update for the Linux Kernel 2026-02-27T11:51:02Z 2026-02-27T11:51:02Z
suse-su-2026:20611-1 Security update for the initial kernel livepatch 2026-02-27T11:50:22Z 2026-02-27T11:50:22Z
suse-su-2026:20556-1 Security update for the initial kernel livepatch 2026-02-27T11:50:22Z 2026-02-27T11:50:22Z
suse-su-2026:20615-1 Security update for the Linux Kernel 2026-02-27T11:32:45Z 2026-02-27T11:32:45Z
suse-su-2026:0684-1 Security update for gimp 2026-02-27T10:43:59Z 2026-02-27T10:43:59Z
suse-su-2026:0683-1 Security update for freerdp2 2026-02-27T10:42:32Z 2026-02-27T10:42:32Z
suse-su-2026:0680-1 Security update for glibc 2026-02-27T10:17:05Z 2026-02-27T10:17:05Z
suse-su-2026:20551-1 Security update for kubevirt 2026-02-27T08:51:11Z 2026-02-27T08:51:11Z
suse-su-2026:20610-1 Security update for kubevirt 2026-02-27T08:49:48Z 2026-02-27T08:49:48Z
suse-su-2026:0674-1 Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 15 SP7) 2026-02-27T07:04:14Z 2026-02-27T07:04:14Z
suse-su-2026:20550-1 Security update for containerized-data-importer 2026-02-26T16:03:48Z 2026-02-26T16:03:48Z
ID Description Published Updated
alsa-2025:9432 Moderate: iputils security update 2025-06-24T00:00:00Z 2025-06-30T13:12:41Z
alsa-2025:9431 Moderate: libarchive security update 2025-06-24T00:00:00Z 2025-06-30T13:14:41Z
alsa-2025:9430 Moderate: krb5 security update 2025-06-24T00:00:00Z 2025-06-30T13:17:02Z
alsa-2025:9421 Moderate: iputils security update 2025-06-24T00:00:00Z 2025-07-28T08:22:41Z
alsa-2025:9420 Moderate: libarchive security update 2025-06-24T00:00:00Z 2025-06-30T13:41:56Z
alsa-2025:9418 Moderate: krb5 security update 2025-06-24T00:00:00Z 2025-07-28T08:23:55Z
alsa-2025:9396 Important: mod_auth_openidc security update 2025-06-23T00:00:00Z 2025-07-03T08:18:42Z
alsa-2025:9392 Important: tigervnc security update 2025-06-23T00:00:00Z 2025-07-03T08:21:18Z
alsa-2025:9330 Important: perl-YAML-LibYAML security update 2025-06-23T00:00:00Z 2025-07-03T08:23:21Z
alsa-2025:9329 Important: perl-YAML-LibYAML security update 2025-06-23T00:00:00Z 2025-06-30T13:18:36Z
alsa-2025:9328 Important: libblockdev security update 2025-06-23T00:00:00Z 2025-06-30T13:43:40Z
alsa-2025:9327 Important: libblockdev security update 2025-06-23T00:00:00Z 2025-07-03T08:41:41Z
alsa-2025:9318 Important: javapackages-tools:201801 security update 2025-06-23T00:00:00Z 2025-07-03T08:39:03Z
alsa-2025:9317 Moderate: delve security update 2025-06-23T00:00:00Z 2025-06-30T13:45:34Z
alsa-2025:9307 Moderate: freerdp security update 2025-06-23T00:00:00Z 2025-07-28T08:25:45Z
alsa-2025:9306 Important: tigervnc security update 2025-06-23T00:00:00Z 2025-07-03T08:43:03Z
alsa-2025:9305 Important: xorg-x11-server and xorg-x11-server-Xwayland security update 2025-06-23T00:00:00Z 2025-06-30T13:21:56Z
alsa-2025:9304 Important: xorg-x11-server-Xwayland security update 2025-06-23T00:00:00Z 2025-06-30T13:44:38Z
alsa-2025:9303 Important: xorg-x11-server and xorg-x11-server-Xwayland security update 2025-06-23T00:00:00Z 2025-06-30T13:24:43Z
alsa-2025:9302 Moderate: kernel security update 2025-06-23T00:00:00Z 2025-07-03T08:46:04Z
alsa-2025:9190 Important: ipa security update 2025-06-17T00:00:00Z 2025-07-28T08:29:33Z
alsa-2025:9188 Important: idm:DL1 security update 2025-06-17T00:00:00Z 2025-06-30T13:31:41Z
alsa-2025:9184 Important: ipa security update 2025-06-17T00:00:00Z 2025-06-30T13:36:31Z
alsa-2025:9178 Important: kea security update 2025-06-17T00:00:00Z 2025-07-02T07:03:32Z
alsa-2025:9166 Important: apache-commons-beanutils security update 2025-06-17T00:00:00Z 2025-07-02T06:57:20Z
alsa-2025:9165 Important: gimp:2.8 security update 2025-06-17T00:00:00Z 2025-06-30T13:38:58Z
alsa-2025:9162 Important: gimp security update 2025-06-17T00:00:00Z 2025-06-30T13:40:56Z
alsa-2025:9156 Moderate: golang-github-openprinting-ipp-usb security update 2025-06-17T00:00:00Z 2025-07-28T08:38:30Z
alsa-2025:9151 Moderate: gvisor-tap-vsock security update 2025-06-17T00:00:00Z 2025-06-17T12:21:15Z
alsa-2025:9150 Moderate: gvisor-tap-vsock security update 2025-06-17T00:00:00Z 2025-06-17T12:20:05Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
osv-2023-623 Heap-use-after-free in Elf32_free 2023-07-28T14:01:31.646164Z 2023-07-28T14:01:31.646403Z
osv-2023-619 Security exception in java.base/java.util.regex.Pattern$GroupTail.match 2023-07-27T14:00:54.002113Z 2023-07-27T14:00:54.002341Z
osv-2023-618 Security exception in java.base/java.util.regex.Pattern$Loop.match 2023-07-27T14:00:53.785484Z 2023-07-27T14:00:53.785737Z
osv-2023-617 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr 2023-07-27T14:00:51.420632Z 2023-08-04T14:17:57.934642Z
osv-2023-610 Security exception in org.apache.lucene.util.automaton.RegExp.toAutomaton 2023-07-23T14:02:28.957945Z 2023-07-23T14:02:28.958170Z
osv-2023-609 Stack-buffer-overflow in sc_pkcs15_get_lastupdate 2023-07-23T14:02:26.863116Z 2023-07-23T14:02:26.863362Z
osv-2023-606 Heap-buffer-overflow in ZSTD_decompressMultiFrame 2023-07-23T14:01:02.159160Z 2026-04-23T14:18:14.557259Z
osv-2023-605 Heap-use-after-free in Elf64_free 2023-07-23T14:00:51.654724Z 2024-04-01T14:21:09.455014Z
osv-2023-599 Negative-size-param in passDoAction 2023-07-20T14:02:17.227069Z 2023-12-05T14:19:49.798233Z
osv-2023-598 Heap-use-after-free in zval_call_destructor 2023-07-20T14:01:52.569977Z 2023-07-20T14:01:52.570218Z
osv-2023-586 Heap-buffer-overflow in setcos_create_key 2023-07-19T14:00:35.841154Z 2023-07-19T14:00:35.841409Z
osv-2023-581 Heap-buffer-overflow in wwunpack 2023-07-18T14:00:33.759863Z 2023-07-18T14:00:33.760126Z
osv-2023-580 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr 2023-07-17T14:01:47.459416Z 2023-07-17T14:01:47.459668Z
osv-2023-578 Heap-buffer-overflow in cosm_new_file 2023-07-17T14:00:32.356018Z 2023-07-17T14:00:32.356264Z
osv-2023-576 Heap-double-free in sc_pkcs15_free_object_content 2023-07-16T14:02:13.225841Z 2023-07-16T14:02:13.226071Z
osv-2023-573 Negative-size-param in check_content_type_and_change_protocol 2023-07-16T14:01:41.260979Z 2023-07-16T14:01:41.261270Z
osv-2023-566 Heap-buffer-overflow in check_content_type_and_change_protocol 2023-07-14T14:01:52.369317Z 2023-07-14T14:01:52.369590Z
osv-2023-560 Stack-buffer-overflow in sc_pkcs15_get_lastupdate 2023-07-12T14:02:05.479616Z 2023-07-12T14:02:05.479901Z
osv-2023-556 Heap-buffer-overflow in xt_valid_enum_values 2023-07-11T14:00:08.080412Z 2023-07-11T14:00:08.082346Z
osv-2023-555 Heap-buffer-overflow in Gfx::InputStreamer::read_u24 2023-07-10T14:02:24.239473Z 2023-07-10T14:02:24.239720Z
osv-2023-554 Heap-buffer-overflow in OT::CmapSubtable::get_glyph 2023-07-10T14:02:00.983105Z 2023-07-10T14:02:00.983375Z
osv-2023-551 Heap-buffer-overflow in OT::CmapSubtable::collect_unicodes 2023-07-10T14:00:18.751239Z 2023-07-10T14:00:18.751501Z
osv-2023-547 UNKNOWN READ in r_str_ncpy 2023-07-08T14:00:22.061855Z 2023-10-06T14:21:12.777567Z
osv-2023-546 Invalid-free in jpeg_free_large 2023-07-06T14:00:42.657808Z 2023-07-06T14:00:42.658073Z
osv-2023-543 Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept 2023-07-05T14:00:23.802979Z 2023-07-06T14:15:54.844624Z
osv-2023-542 Security exception in net.jsign.appx.Zip64EndOfCentralDirectoryRecord.read 2023-07-03T14:02:09.091932Z 2023-07-03T14:02:09.092172Z
osv-2023-538 Heap-buffer-overflow in Gfx::BooleanDecoder::initialize 2023-07-02T14:01:51.277801Z 2023-07-02T14:01:51.278050Z
osv-2023-536 Heap-buffer-overflow in Assimp::MD5::MD5Parser::ParseHeader 2023-07-02T14:00:19.269762Z 2024-12-19T14:05:46.818834Z
osv-2023-528 Memcpy-param-overlap in pdfi_copy_truetype_font 2023-06-30T14:02:13.031940Z 2023-06-30T14:02:13.032223Z
osv-2023-527 Heap-buffer-overflow in default_get_outline 2023-06-30T14:00:13.481603Z 2023-06-30T14:00:13.481879Z
ID Description Published Updated
rustsec-2020-0013 fake-static allows converting any reference into a `'static` reference 2020-04-24T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0012 Relies on undefined behavior of `char::from_u32_unchecked` 2020-04-24T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0014 Various memory safety issues 2020-04-23T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0011 Library exclusively intended to obfuscate code. 2020-04-23T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0020 `stb_truetype` crate has been deprecated; use `ttf-parser` instead 2020-04-18T12:00:00Z 2020-10-02T01:29:11Z
rustsec-2020-0009 `read_scalar` and `read_scalar_at` allow transmuting values without `unsafe` blocks 2020-04-11T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0146 arr! macro erases lifetimes 2020-04-09T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0007 use-after or double free of allocated memory 2020-03-27T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0006 Flaw in `realloc` allows reading unknown memory 2020-03-24T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0008 Flaw in hyper allows request smuggling by sending a body in GET requests 2020-03-19T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0005 CBox API allows to de-reference raw pointers without `unsafe` code 2020-03-19T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0010 tiberius is unmaintained 2020-02-28T12:00:00Z 2020-10-02T01:29:11Z
rustsec-2020-0147 rulinalg is unmaintained, use nalgebra instead 2020-02-11T12:00:00Z 2021-03-04T13:58:02Z
rustsec-2020-0023 Lifetime boundary for `raw_slice` and `raw_slice_mut` are incorrect 2020-02-11T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0158 slice-deque is unmaintained 2020-02-10T12:00:00Z 2021-11-18T14:04:01Z
rustsec-2020-0144 lzw is unmaintained 2020-02-10T12:00:00Z 2021-02-10T18:27:15Z
rustsec-2020-0169 multi_mut is Unmaintained 2020-02-07T12:00:00Z 2024-12-04T12:55:45Z
rustsec-2020-0162 `tokio-proto` is deprecated/unmaintained 2020-02-06T12:00:00Z 2022-02-07T02:25:36Z
rustsec-2020-0049 Use-after-free in Framed due to lack of pinning 2020-01-30T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0123 Contents of uninitialized memory exposed in DeflateOutput's AsyncRead implementation 2020-01-24T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0062 Improper `Sync` implementation on `FuturesUnordered` in futures-utils can cause data corruption 2020-01-24T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0048 Use-after-free in BodyStream due to lack of pinning 2020-01-24T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0004 sigstack allocation bug can cause memory corruption or leak 2020-01-24T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0156 Observable Discrepancy in libsecp256k1-rs 2020-01-22T12:00:00Z 2021-09-10T16:03:52Z
rustsec-2020-0160 Threshold value is ignored (all shares are n=3) 2020-01-21T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0003 rust_sodium is unmaintained; switch to a modern alternative 2020-01-20T12:00:00Z 2020-10-02T01:29:11Z
rustsec-2020-0002 Parsing a specially crafted message can result in a stack overflow 2020-01-16T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0046 bespoke Cell implementation allows obtaining several mutable references to the same data 2020-01-08T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0045 bespoke Cell implementation allows obtaining several mutable references to the same data 2020-01-08T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0001 Stack overflow when resolving additional records from MX or SRV null targets 2020-01-06T12:00:00Z 2023-06-13T13:10:24Z
ID Description Published Updated
bit-keydb-2025-46686 2025-09-25T08:44:35.725Z 2025-09-25T09:09:38.625Z
bit-django-2025-57833 2025-09-25T08:40:38.586Z 2025-11-06T13:25:46.476Z
bit-django-2025-48432 2025-09-25T08:40:36.630Z 2025-10-16T18:08:44.835Z
bit-django-2025-27556 2025-09-25T08:40:31.995Z 2025-10-06T00:06:00.502Z
bit-golang-2025-47910 CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http 2025-09-24T08:48:08.127Z 2025-09-25T09:09:38.625Z
bit-mongodb-2025-3083 Malformed MongoDB wire protocol messages may cause mongos to crash 2025-09-23T08:46:32.630Z 2025-09-23T09:10:44.834Z
bit-mongodb-2025-3082 User may override a view's collation and gain unauthorized access to underlying data 2025-09-23T08:46:30.283Z 2025-09-23T09:10:44.834Z
bit-mongodb-2025-10059 MongoDB Server router will crash when incorrect lsid is set on a sharded query 2025-09-23T08:46:23.470Z 2025-09-23T09:10:44.834Z
bit-mongodb-2025-0755 MongoDB C Driver bson library may be susceptible to buffer overflow 2025-09-23T08:46:21.341Z 2025-11-06T13:25:46.476Z
bit-mongodb-2024-8654 MongoDB Server may access non-initialized region of memory leading to unexpected behaviour 2025-09-23T08:46:18.972Z 2025-09-23T09:10:44.834Z
bit-mongodb-2024-3372 MongoDB Server may have unexpected application behaviour due to invalid BSON 2025-09-23T08:46:07.044Z 2025-09-23T09:10:44.834Z
bit-golang-2025-47906 Unexpected paths returned from LookPath in os/exec 2025-09-20T08:43:22.590Z 2025-11-06T13:25:46.476Z
bit-mongodb-2025-10061 Malformed $group Query May Cause MongoDB Server to Crash 2025-09-19T09:58:18.588Z 2025-11-14T15:09:14.122Z
bit-mongodb-2025-10060 MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation 2025-09-19T09:58:16.816Z 2025-09-19T10:21:21.758Z
bit-jenkins-2025-59476 2025-09-19T09:57:11.182Z 2025-11-06T13:25:46.476Z
bit-jenkins-2025-59475 2025-09-19T09:57:09.400Z 2025-11-06T13:25:46.476Z
bit-jenkins-2025-59474 2025-09-19T09:57:07.574Z 2025-11-06T13:25:46.476Z
bit-temporal-2023-3485 Insecure Default Authorization in Temporal Server 2025-09-16T11:52:55.067Z 2025-09-16T12:10:06.830Z
bit-gitlab-2025-7337 Allocation of Resources Without Limits or Throttling in GitLab 2025-09-16T09:08:52.685Z 2025-09-16T09:10:21.105Z
bit-gitlab-2025-6769 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab 2025-09-16T09:08:47.176Z 2025-09-16T09:10:21.105Z
bit-gitlab-2025-6454 Server-Side Request Forgery (SSRF) in GitLab 2025-09-16T09:08:45.357Z 2026-01-26T15:09:56.435Z
bit-gitlab-2025-2256 Improper Validation of Specified Quantity in Input in GitLab 2025-09-16T09:07:42.625Z 2025-09-16T09:10:21.105Z
bit-gitlab-2025-1250 Allocation of Resources Without Limits or Throttling in GitLab 2025-09-16T09:07:13.477Z 2025-09-16T09:10:21.105Z
bit-gitlab-2025-10094 Improper Validation of Specified Quantity in Input in GitLab 2025-09-16T09:07:02.268Z 2025-09-16T09:10:21.105Z
bit-prestashop-2024-36626 2025-09-16T08:51:49.628Z 2025-09-16T09:10:21.105Z
bit-mongodb-2025-6710 Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB 2025-09-16T08:47:35.944Z 2025-09-16T09:10:21.105Z
bit-mongodb-2025-6709 Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication 2025-09-16T08:47:34.334Z 2025-09-16T09:10:21.105Z
bit-mongodb-2025-6707 Race condition in privilege cache invalidation cycle 2025-09-16T08:47:32.697Z 2025-09-27T09:09:19.773Z
bit-mongodb-2025-6706 Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server 2025-09-16T08:47:30.842Z 2025-09-16T09:10:21.105Z
bit-prestashop-2025-51586 2025-09-15T05:49:14.417Z 2025-09-15T06:06:53.428Z
ID Description Published Updated
ID Description Published Updated
ID Description Updated
ID Description Published Updated
ID Description Published Updated
certfr-2025-avi-0699 Multiples vulnérabilités dans le noyau Linux de Red Hat 2025-08-14T00:00:00.000000 2025-08-14T00:00:00.000000
certfr-2025-avi-0698 Multiples vulnérabilités dans le noyau Linux de Debian 2025-08-14T00:00:00.000000 2025-08-14T00:00:00.000000
certfr-2025-avi-0697 Multiples vulnérabilités dans le noyau Linux de Debian LTS 2025-08-14T00:00:00.000000 2025-08-14T00:00:00.000000
certfr-2025-avi-0696 Vulnérabilité dans Spring Framework 2025-08-14T00:00:00.000000 2025-08-14T00:00:00.000000
certfr-2025-avi-0695 Multiples vulnérabilités dans les produits Palo Alto Networks 2025-08-14T00:00:00.000000 2025-08-14T00:00:00.000000
certfr-2025-avi-0694 Vulnérabilité dans Apache Tomcat 2025-08-14T00:00:00.000000 2025-08-14T00:00:00.000000
certfr-2025-avi-0693 Multiples vulnérabilités dans VMware Tanzu 2025-08-14T00:00:00.000000 2025-08-14T00:00:00.000000
certfr-2025-avi-0692 Multiples vulnérabilités dans Ruby on Rails 2025-08-14T00:00:00.000000 2025-08-14T00:00:00.000000
certfr-2025-avi-0691 Vulnérabilité dans Nginx 2025-08-14T00:00:00.000000 2025-08-14T00:00:00.000000
certfr-2025-avi-0690 Multiples vulnérabilités dans GitLab 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0689 Multiples vulnérabilités dans les produits Microsoft 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0688 Multiples vulnérabilités dans Microsoft Azure 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0687 Multiples vulnérabilités dans Microsoft Windows 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0686 Multiples vulnérabilités dans Microsoft Office 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0685 Multiples vulnérabilités dans Microsoft Edge 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0684 Multiples vulnérabilités dans les produits Intel 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0683 Multiples vulnérabilités dans les produits Ivanti 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0682 Multiples vulnérabilités dans Liferay 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0681 Multiples vulnérabilités dans Google Chrome 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0680 Multiples vulnérabilités dans les produits FoxIT 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0679 Multiples vulnérabilités dans les produits Fortinet 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0678 Multiples vulnérabilités dans les produits Adobe 2025-08-13T00:00:00.000000 2025-08-13T00:00:00.000000
certfr-2025-avi-0677 Multiples vulnérabilités dans les produits Siemens 2025-08-12T00:00:00.000000 2025-08-12T00:00:00.000000
certfr-2025-avi-0676 Multiples vulnérabilités dans les produits Schneider Electric 2025-08-12T00:00:00.000000 2025-08-12T00:00:00.000000
certfr-2025-avi-0675 Vulnérabilité dans Liferay 2025-08-12T00:00:00.000000 2025-08-12T00:00:00.000000
certfr-2025-avi-0674 Multiples vulnérabilités dans les produits SAP 2025-08-12T00:00:00.000000 2025-08-12T00:00:00.000000
certfr-2025-avi-0673 Vulnérabilité dans Centreon Gorgone 2025-08-12T00:00:00.000000 2025-08-12T00:00:00.000000
certfr-2025-avi-0672 Multiples vulnérabilités dans Liferay 2025-08-11T00:00:00.000000 2025-08-11T00:00:00.000000
certfr-2025-avi-0671 Multiples vulnérabilités dans les produits IBM 2025-08-08T00:00:00.000000 2025-08-08T00:00:00.000000
certfr-2025-avi-0670 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2025-08-08T00:00:00.000000 2025-08-08T00:00:00.000000
ID Description Published Updated
jvndb-2021-000054 Inkdrop vulnerable to OS command injection 2021-06-22T15:06+09:00 2021-06-22T15:06+09:00
jvndb-2021-000053 Hitachi Virtual File Platform vulnerable to OS command injection 2021-06-18T15:45+09:00 2021-06-18T15:45+09:00
jvndb-2021-000052 Hitachi Application Server Help vulnerable cross-site scripting 2021-06-17T15:11+09:00 2021-06-17T15:11+09:00
jvndb-2021-000051 Multiple cross-site scripting vulnerabilities in multiple EC-CUBE plugins provided by EC-CUBE 2021-06-16T16:18+09:00 2021-06-16T16:18+09:00
jvndb-2021-000049 Multiple ETUNA EC-CUBE plugins vulnerable to cross-site scripting 2021-06-15T16:09+09:00 2021-06-16T11:52+09:00
jvndb-2021-000050 Multiple vulnerabilities in GROWI 2021-06-14T15:10+09:00 2021-06-14T15:10+09:00
jvndb-2021-000048 Asken App for Android fails to restrict custom URL schemes properly 2021-06-14T15:10+09:00 2021-06-14T15:10+09:00
jvndb-2021-000047 WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting 2021-06-11T15:24+09:00 2021-06-11T15:24+09:00
jvndb-2021-001756 urllib3 vulnerable to Regular expression Denial-of-Service (ReDoS) 2021-06-08T12:21+09:00 2021-06-08T12:21+09:00
jvndb-2021-000046 ATOM - Smart life App vulnerable to improper server certificate verification 2021-06-03T14:05+09:00 2021-06-03T14:05+09:00
jvndb-2021-000045 goo blog App fails to restrict custom URL schemes properly 2021-06-02T15:46+09:00 2021-06-02T15:46+09:00
jvndb-2021-001575 Multiple vulnerabilities in Buffalo WSR-1166DHP3 and WSR-1166DHP4 routers 2021-06-01T15:18+09:00 2021-06-01T15:18+09:00
jvndb-2021-000044 Zettlr vulnerable to cross-site scripting 2021-05-26T14:50+09:00 2021-06-03T16:21+09:00
jvndb-2021-001506 Hitachi Ops Center Analyzer vulnerability of communication using a certificate not intended by the user 2021-05-25T14:11+09:00 2021-05-25T14:11+09:00
jvndb-2021-000041 The installers of ScanSnap Manager may insecurely load Dynamic Link Libraries 2021-05-21T16:34+09:00 2021-05-21T16:34+09:00
jvndb-2021-000043 Installer of Overwolf may insecurely load Dynamic Link Libraries 2021-05-21T16:07+09:00 2021-05-21T16:07+09:00
jvndb-2021-000042 Multiple cross-site scripting vulnerabilities in multiple PHP Factory products 2021-05-21T15:38+09:00 2021-05-21T15:38+09:00
jvndb-2021-000040 QND vulnerable to privilege escalation 2021-05-21T14:21+09:00 2021-05-21T14:21+09:00
jvndb-2021-000037 mod_auth_openidc vulnerable to denial-of-service (DoS) 2021-05-14T15:35+09:00 2021-05-14T15:35+09:00
jvndb-2021-000038 Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points 2021-05-14T15:26+09:00 2021-05-14T15:26+09:00
jvndb-2021-000039 RFNTPS vulnerable to OS command injection 2021-05-13T16:05+09:00 2021-05-13T16:05+09:00
jvndb-2021-000036 Multiple vulnerabilities in KonaWiki2 2021-05-13T16:05+09:00 2021-05-13T16:05+09:00
jvndb-2021-000035 EC-CUBE vulnerable to cross-site scripting 2021-05-10T18:08+09:00 2021-05-10T18:08+09:00
jvndb-2021-001380 Multiple Buffalo network devices contain hidden functionality 2021-04-28T16:15+09:00 2021-05-07T16:16+09:00
jvndb-2021-001381 Multiple vulnerabilities in Buffalo broadband routers 2021-04-28T16:14+09:00 2021-05-07T16:28+09:00
jvndb-2021-000034 WordPress plugin "WP Fastest Cache" vulnerable to directory traversal 2021-04-27T17:12+09:00 2021-04-27T17:12+09:00
jvndb-2021-000033 Hot Pepper Gourmet App fails to restrict access permissions 2021-04-27T17:10+09:00 2023-03-08T17:02+09:00
jvndb-2021-000909 yappa-ng vulnerable to cross-site scripting 2021-04-22T16:33+09:00 2021-04-22T16:33+09:00
jvndb-2021-001374 Trend Micro Password Manager may insecurely load Dynamic Link Libraries 2021-04-20T12:25+09:00 2021-04-20T12:25+09:00
jvndb-2021-000031 Gurunavi Apps fail to restrict access permissions 2021-04-14T17:22+09:00 2023-03-08T17:02+09:00
ID Description Published Updated
cnvd-2026-10669 MedDream PACS Premium跨站脚本漏洞(CNVD-2026-10669) 2026-01-26 2026-02-11
cnvd-2026-10668 MedDream PACS Premium跨站脚本漏洞(CNVD-2026-10668) 2026-01-26 2026-02-11
cnvd-2026-10660 IBM ApplinX数据伪造问题漏洞 2026-01-26 2026-02-10
cnvd-2026-08328 Tenda AX1806堆栈溢出漏洞(CNVD-2026-08328) 2026-01-26 2026-01-29
cnvd-2026-08327 Tenda AX1803堆栈溢出漏洞 2026-01-26 2026-01-29
cnvd-2026-08326 Tenda AX1806堆栈溢出漏洞 2026-01-26 2026-01-29
cnvd-2026-12368 NVIDIA NSIGHT Graphics操作系统命令注入漏洞 2026-01-23 2026-03-03
cnvd-2026-07240 Google Chrome实现不当漏洞(CNVD-2026-07240) 2026-01-23 2026-01-26
cnvd-2026-05940 GNU InetUtils Telnetd远程认证绕过漏洞 2026-01-22 2026-01-22
cnvd-2026-17159 Microsoft Windows Management Services权限提升漏洞 2026-01-19 2026-04-14
cnvd-2026-17158 Microsoft Windows Tablet Windows User Interface (TWINUI) Subsystem信息泄露漏洞 2026-01-19 2026-04-14
cnvd-2026-17157 Microsoft Windows NTFS代码执行漏洞 2026-01-19 2026-04-14
cnvd-2026-17156 Microsoft Windows NTFS代码执行漏洞(CNVD-2026-17156) 2026-01-19 2026-04-14
cnvd-2026-17155 Microsoft Windows Cloud Files Mini Filter Driver权限提升漏洞 2026-01-19 2026-04-14
cnvd-2026-17154 Microsoft Windows Cloud Files Mini Filter Driver权限提升漏洞(CNVD-2026-17154) 2026-01-19 2026-04-14
cnvd-2026-17153 Microsoft Windows Ancillary Function Driver for WinSock权限提升漏洞 2026-01-19 2026-04-14
cnvd-2026-17152 Microsoft Windows Ancillary Function Driver for WinSock权限提升漏洞(CNVD-2026-17152) 2026-01-19 2026-04-14
cnvd-2026-15251 ZTE MF258K Pro配置缺陷漏洞 2026-01-19 2026-03-26
cnvd-2026-13996 Huawei HarmonyOS备忘录模块权限控制漏洞(CNVD-2026-13996) 2026-01-19 2026-03-18
cnvd-2026-13994 Huawei HarmonyOS多模输入模块双重释放漏洞 2026-01-19 2026-03-18
cnvd-2026-13993 Huawei HarmonyOS视频框架模块多线程条件竞争漏洞 2026-01-19 2026-03-18
cnvd-2026-13992 Huawei HarmonyOS相机框架模块多线程条件竞争漏洞(CNVD-2026-13992) 2026-01-19 2026-03-18
cnvd-2026-13991 Huawei HarmonyOS打印模块权限控制不当漏洞 2026-01-19 2026-03-18
cnvd-2026-13990 Huawei HarmonyOS相机框架模块多线程条件竞争漏洞 2026-01-19 2026-03-18
cnvd-2026-13989 Huawei HarmonyOS备忘录模块权限控制漏洞 2026-01-19 2026-03-18
cnvd-2026-13988 Huawei HarmonyOS热管理模块多线程条件竞争漏洞 2026-01-19 2026-03-18
cnvd-2026-13987 Huawei HarmonyOS卡片框架模块多线程条件竞争漏洞(CNVD-2026-13987) 2026-01-19 2026-03-18
cnvd-2026-13985 Huawei HarmonyOS hiview模块缺少数据校验漏洞 2026-01-19 2026-03-18
cnvd-2026-13984 Huawei HarmonyOS卡片框架模块多线程条件竞争漏洞(CNVD-2026-13984) 2026-01-19 2026-03-18
cnvd-2026-13982 Huawei HarmonyOS卡片框架模块多线程条件竞争漏洞 2026-01-19 2026-03-18
ID Description Published Updated
bdu:2026-00724 Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушител… 23.01.2026 23.01.2026
bdu:2026-00723 Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушител… 23.01.2026 23.01.2026
bdu:2026-00722 Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушител… 23.01.2026 23.01.2026
bdu:2026-00721 Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушител… 23.01.2026 23.01.2026
bdu:2026-00720 Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушител… 23.01.2026 23.01.2026
bdu:2026-00719 Уязвимость компонента REST API агента сканирования RedCheck, позволяющая нарушителю выпол… 23.01.2026 10.02.2026
bdu:2026-00718 Уязвимость компонента moment.js агента скнирования RedCheck, позволяющая нарушителю получ… 23.01.2026 26.01.2026
bdu:2026-00717 Уязвимость компонента moment.js агента сканирования RedCheck, позволяющая нарушителю вызв… 23.01.2026 26.01.2026
bdu:2026-00716 Уязвимость функции spectrum_router() ядра операционной системы Linux, позволяющая нарушит… 23.01.2026 27.01.2026
bdu:2026-00715 Уязвимость функции cffrml_receive() ядра операционной системы Linux, позволяющая нарушите… 23.01.2026 27.01.2026
bdu:2026-00714 Уязвимость функции x86_pmu_stop() ядра операционной системы Linux, позволяющая нарушителю… 23.01.2026 27.01.2026
bdu:2026-00713 Уязвимость функции bnad_get_ethtool_stats() ядра операционной системы Linux, позволяющая … 23.01.2026 27.01.2026
bdu:2026-00712 Уязвимость функции iomap_adjust_read_range() ядра операционной системы Linux, позволяющая… 23.01.2026 27.01.2026
bdu:2026-00711 Уязвимость функции nfsd_create_setattr() ядра операционной системы Linux, позволяющая нар… 23.01.2026 27.01.2026
bdu:2026-00710 Уязвимость функции spectrum_mr() ядра операционной системы Linux, позволяющая нарушителю … 23.01.2026 27.01.2026
bdu:2026-00709 Уязвимость сервера telnetd пакета сетевых программ Inetutils, позволяющая нарушителю обой… 23.01.2026 30.01.2026
bdu:2026-00708 Уязвимость модулей drivers/gpu/drm/xe/xe_exec.c, drivers/gpu/drm/xe/xe_vm.c и include/uap… 23.01.2026 27.01.2026
bdu:2026-00707 Уязвимость функции ac_ioctl() ядра операционной системы Linux, позволяющая нарушителю выз… 23.01.2026 27.01.2026
bdu:2026-00706 Уязвимость веб-интерфейса управления системы обработки вызовов Cisco Unified Communicatio… 23.01.2026 23.01.2026
bdu:2026-00705 Уязвимость функции f2fs_zero_range() ядра операционной системы Linux, позволяющая нарушит… 23.01.2026 27.01.2026
bdu:2026-00704 Уязвимость функции drm_sched_stop() ядра операционной системы Linux, позволяющая нарушите… 23.01.2026 23.01.2026
bdu:2026-00703 Уязвимость компонента Server: Pluggable Auth системы управления базами данных Oracle MySQ… 22.01.2026 22.01.2026
bdu:2026-00702 Уязвимость компонента Server: Optimizer системы управления базами данных Oracle MySQL Ser… 22.01.2026 22.01.2026
bdu:2026-00701 Уязвимость компонента Server: Parser системы управления базами данных Oracle MySQL Server… 22.01.2026 22.01.2026
bdu:2026-00700 Уязвимость компонента Server: Optimizer системы управления базами данных Oracle MySQL Ser… 22.01.2026 22.01.2026
bdu:2026-00699 Уязвимость компонента Server:Thread Pooling системы управления базами данных Oracle MySQL… 22.01.2026 22.01.2026
bdu:2026-00698 Уязвимость инструмента анализа производительности системы NVIDIA NSight Systems программн… 22.01.2026 22.01.2026
bdu:2026-00697 Уязвимость инструмента анализа производительности системы NVIDIA NSight Systems программн… 22.01.2026 22.01.2026
bdu:2026-00696 Уязвимость компонента Supplier Portal приложения Oracle Agile Product Lifecycle Managemen… 22.01.2026 22.01.2026
bdu:2026-00695 Уязвимость компонента RMI программной платформы Oracle Java SE, виртуальных машин Oracle … 22.01.2026 10.02.2026
ID Description Updated
var-200809-0185 Login Window in Apple Mac OS X 10.4.11 does not clear the current password when a user ma… 2026-03-09T22:19:43.940000Z
var-201303-0312 libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.… 2026-03-09T22:19:33.363000Z
var-202106-0345 Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allo… 2026-03-09T22:19:33.160000Z
var-201903-0440 A type confusion issue was addressed with improved memory handling. This issue is fixed i… 2026-03-09T22:19:26.852000Z
var-200703-0030 Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 all… 2026-03-09T22:19:26.790000Z
var-202301-0598 Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider… 2026-03-09T22:19:25.332000Z
var-201210-0063 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … 2026-03-09T22:18:53.760000Z
var-201904-1409 A use after free issue was addressed with improved memory management. This issue affected… 2026-03-09T22:18:47.082000Z
var-202105-1432 The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired… 2026-03-09T22:18:40.984000Z
var-200609-0312 Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to … 2026-03-09T22:18:39.330000Z
var-202110-1684 This issue was addressed with improved checks. This issue is fixed in watchOS 8, macOS Bi… 2026-03-09T22:18:38.176000Z
var-201904-1407 A use after free issue was addressed with improved memory management. This issue affected… 2026-03-09T22:18:36.782000Z
var-201304-0352 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … 2026-03-09T22:18:35.136000Z
var-202103-1001 An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G… 2026-03-09T22:18:34.688000Z
var-201111-0207 The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64… 2026-03-09T22:18:26.875000Z
var-200911-0398 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Int… 2026-03-09T22:17:46.450000Z
var-202206-1157 Incomplete cleanup in specific special register write operations for some Intel(R) Proces… 2026-03-09T22:17:15.468000Z
var-201012-0193 OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_… 2026-03-09T22:17:13.959000Z
var-200102-0001 Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source co… 2026-03-09T22:17:13.635000Z
var-201601-0495 Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x bef… 2026-03-09T22:17:04.787000Z
var-201205-0393 Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow re… 2026-03-09T22:17:04.698000Z
var-202106-1921 A security issue in nginx resolver was identified, which might allow an attacker who is a… 2026-03-09T22:17:03.931000Z
var-200511-0062 The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe so… 2026-03-09T22:16:18.317000Z
var-201912-0496 Multiple memory corruption issues were addressed with improved memory handling. This issu… 2026-03-09T22:16:17.653000Z
var-201504-0361 The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x befor… 2026-03-09T22:16:16.027000Z
var-201302-0247 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … 2026-03-09T22:16:10.032000Z
var-201904-1408 A memory corruption issue was addressed with improved state management. This issue affect… 2026-03-09T22:16:09.594000Z
var-201912-0480 A type confusion issue was addressed with improved memory handling. This issue is fixed i… 2026-03-09T22:16:09.219000Z
var-200810-0004 The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1,… 2026-03-09T22:15:21.078000Z
var-201806-1462 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari be… 2026-03-09T22:15:20.611000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated