Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2000-0156 |
N/A
|
Internet Explorer 4.x and 5.x allows remote web s… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:53.834Z |
| CVE-2000-0161 |
N/A
|
Sample web sites on Microsoft Site Server 3.0 Com… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.192Z |
| CVE-2000-0162 |
N/A
|
The Microsoft virtual machine (VM) in Internet Ex… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:53.926Z |
| CVE-2000-0173 |
N/A
|
Vulnerability in the EELS system in SCO UnixWare … |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:53.928Z |
| CVE-2000-0176 |
N/A
|
The default configuration of Serv-U 2.5d and earl… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.219Z |
| CVE-2000-0177 |
N/A
|
DNSTools CGI applications allow remote attackers … |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.075Z |
| CVE-2000-0187 |
N/A
|
EZShopper 3.0 loadpage.cgi CGI script allows remo… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.114Z |
| CVE-2000-0188 |
N/A
|
EZShopper 3.0 search.cgi CGI script allows remote… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.101Z |
| CVE-2000-0190 |
N/A
|
AOL Instant Messenger (AIM) client allows remote … |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.105Z |
| CVE-2000-0197 |
N/A
|
The Windows NT scheduler uses the drive mapping o… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.210Z |
| CVE-2000-0198 |
N/A
|
Buffer overflow in POP3 and IMAP servers in the M… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.146Z |
| CVE-2000-0199 |
N/A
|
When a new SQL Server is registered in Enterprise… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.118Z |
| CVE-2000-0203 |
N/A
|
The Trend Micro OfficeScan client tmlisten.exe al… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.109Z |
| CVE-2000-0204 |
N/A
|
The Trend Micro OfficeScan client allows remote a… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.122Z |
| CVE-2000-0205 |
N/A
|
Trend Micro OfficeScan allows remote attackers to… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.100Z |
| CVE-2000-0213 |
N/A
|
The Sambar server includes batch files ECHO.BAT a… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.209Z |
| CVE-2000-0214 |
N/A
|
FTP Explorer uses weak encryption for storing the… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.320Z |
| CVE-2000-0216 |
N/A
|
Microsoft email clients in Outlook, Exchange, and… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.073Z |
| CVE-2000-0219 |
N/A
|
Red Hat 6.0 allows local users to gain root acces… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.111Z |
| CVE-2000-0220 |
N/A
|
ZoneAlarm sends sensitive system and network info… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-08T05:05:54.196Z |
| CVE-2000-0170 |
N/A
|
Buffer overflow in the man program in Linux allow… |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:54.100Z |
| CVE-2000-0172 |
N/A
|
The mtr program only uses a seteuid call when att… |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:53.917Z |
| CVE-2000-0178 |
N/A
|
ServerIron switches by Foundry Networks have pred… |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:53.968Z |
| CVE-2000-0182 |
N/A
|
iPlanet Web Server 4.1 allows remote attackers to… |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:54.169Z |
| CVE-2000-0186 |
N/A
|
Buffer overflow in the dump utility in the Linux … |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:54.163Z |
| CVE-2000-0189 |
N/A
|
ColdFusion Server 4.x allows remote attackers to … |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:54.106Z |
| CVE-2000-0194 |
N/A
|
buildxconf in Corel Linux allows local users to m… |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:54.169Z |
| CVE-2000-0196 |
N/A
|
Buffer overflow in mhshow in the Linux nmh packag… |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:54.115Z |
| CVE-2000-0200 |
N/A
|
Buffer overflow in Microsoft Clip Art Gallery all… |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:54.091Z |
| CVE-2000-0201 |
N/A
|
The window.showHelp() method in Internet Explorer… |
n/a |
n/a |
2000-04-10T04:00:00 | 2024-08-08T05:05:54.113Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-0382 |
N/A
|
The screen saver in Windows NT does not verify th… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.882Z |
| CVE-1999-0420 |
N/A
|
umapfs allows local users to gain root privileges… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.240Z |
| CVE-1999-0421 |
N/A
|
During a reboot after an installation of Linux Sl… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:41:44.242Z |
| CVE-1999-0422 |
N/A
|
In some cases, NetBSD 1.3.3 mount allows local us… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.227Z |
| CVE-1999-0462 |
N/A
|
suidperl in Linux Perl does not check the nosuid … |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:44.864Z |
| CVE-1999-0424 |
N/A
|
talkback in Netscape 4.5 allows a local user to o… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.234Z |
| CVE-1999-0425 |
N/A
|
talkback in Netscape 4.5 allows a local user to k… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.872Z |
| CVE-1999-0433 |
N/A
|
XFree86 startx command is vulnerable to a symlink… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.834Z |
| CVE-1999-0482 |
N/A
|
OpenBSD kernel crash through TSS handling, as cau… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.972Z |
| CVE-1999-0428 |
N/A
|
OpenSSL and SSLeay allow remote attackers to reus… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:41:44.712Z |
| CVE-1999-0481 |
N/A
|
Denial of service in "poll" in OpenBSD. |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:45.310Z |
| CVE-1999-1370 |
N/A
|
The setup wizard (ie5setup.exe) for Internet Expl… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:03.262Z |
| CVE-1999-1397 |
N/A
|
Index Server 2.0 on IIS 4.0 stores physical path … |
n/a |
n/a |
2004-09-01T04:00:00 | 2024-08-01T17:11:03.247Z |
| CVE-2000-0153 |
N/A
|
FrontPage Personal Web Server (PWS) allows remote… |
n/a |
n/a |
2000-02-23T05:00:00 | 2024-08-08T05:05:54.063Z |
| CVE-1999-0434 |
N/A
|
XFree86 xfs command is vulnerable to a symlink at… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:45.503Z |
| CVE-1999-1559 |
N/A
|
Xylan OmniSwitch before 3.2.6 allows remote attac… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.559Z |
| CVE-1999-0443 |
N/A
|
Patrol management software allows a remote attack… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:44.635Z |
| CVE-1999-0445 |
N/A
|
In Cisco routers under some versions of IOS 12.0 … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.885Z |
| CVE-1999-0447 |
N/A
|
Local users can gain privileges using the debug u… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.932Z |
| CVE-1999-0467 |
N/A
|
The Webcom CGI Guestbook programs wguest.exe and … |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:45.417Z |
| CVE-1999-0469 |
N/A
|
Internet Explorer 5.0 allows window spoofing, all… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:44.995Z |
| CVE-1999-0480 |
N/A
|
Local attackers can conduct a denial of service i… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:45.414Z |
| CVE-1999-0605 |
N/A
|
An incorrect configuration of the Order Form 1.0 … |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:45.687Z |
| CVE-1999-0606 |
N/A
|
An incorrect configuration of the EZMall 2000 sho… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:45.719Z |
| CVE-1999-0608 |
N/A
|
An incorrect configuration of the PDG Shopping Ca… |
n/a |
n/a |
2001-05-07T04:00:00 | 2024-08-01T16:41:45.711Z |
| CVE-1999-0609 |
N/A
|
An incorrect configuration of the SoftCart CGI pr… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:45.678Z |
| CVE-1999-0610 |
N/A
|
An incorrect configuration of the Webcart CGI pro… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:41:45.691Z |
| CVE-1999-0921 |
N/A
|
BMC Patrol allows any remote attacker to flood it… |
n/a |
n/a |
2002-03-09T05:00:00 | 2024-08-01T16:55:29.280Z |
| CVE-1999-0439 |
N/A
|
Buffer overflow in procmail before version 3.12 a… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:41:44.765Z |
| CVE-1999-0474 |
N/A
|
The ICQ Webserver allows remote attackers to use … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:45.427Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-mh6f-8j2x-4483 |
9.8 (3.1)
|
Critical severity vulnerability that affects event-stream and flatmap-stream | 2018-11-26T23:58:21Z | 2021-09-15T20:08:26Z |
| ghsa-q3jg-4c82-j4xh |
8.1 (3.1)
|
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Pivotal CredHub Service Broker | 2018-11-29T21:30:30Z | 2022-09-14T22:09:19Z |
| ghsa-32w7-9whp-cjp9 |
5.9 (3.1)
8.2 (4.0)
|
Session Fixation in Tryton | 2018-11-29T21:30:56Z | 2024-11-13T22:54:09Z |
| ghsa-7rr7-rcjw-56vj |
6.5 (3.1)
|
Exposure of Sensitive Information to an Unauthorized Actor in activestorage | 2018-12-05T17:17:02Z | 2023-07-05T19:08:30Z |
| ghsa-q2qw-rmrh-vv42 |
7.5 (3.1)
|
Improper Access Control in activejob | 2018-12-05T17:24:27Z | 2023-06-30T19:52:40Z |
| ghsa-vwr2-wj63-86gr |
5.3 (3.1)
|
Path Traversal in simplehttpserver | 2018-12-06T15:49:10Z | 2023-09-12T21:07:28Z |
| ghsa-www2-v7xj-xrc6 |
9.8 (3.1)
9.3 (4.0)
|
Exposure of Sensitive Information to an Unauthorized Actor in urllib3 | 2018-12-12T15:52:07Z | 2024-12-27T18:30:25Z |
| ghsa-cq27-v7xp-c356 |
9.8 (3.1)
9.3 (4.0)
|
Buffer Overflow in pycrypto | 2018-12-14T18:51:38Z | 2024-10-18T21:59:58Z |
| ghsa-894g-6j7q-2hx6 |
6.1 (3.1)
5.3 (4.0)
|
Flask-Admin Cross-site Scripting vulnerability | 2018-12-19T19:23:52Z | 2024-09-20T17:45:11Z |
| ghsa-mxr5-p36v-479m |
9.8 (3.1)
|
Unrestricted Upload of File with Dangerous Type in jquery-file-upload | 2018-12-19T19:24:03Z | 2022-09-14T22:11:51Z |
| ghsa-9fcp-vcq9-9h2h |
8.8 (3.1)
|
OS Command Injection in craftercms:crafter-studio | 2018-12-19T19:24:18Z | 2022-09-14T22:12:13Z |
| ghsa-rmm5-g63h-m6g9 |
9.8 (3.1)
|
Improper Restriction of XML External Entity Reference in pippo-core | 2018-12-19T19:24:39Z | 2024-03-04T22:41:23Z |
| ghsa-5p52-j8pw-j7x5 |
7.5 (3.1)
|
Improper Restriction of XML External Entity Reference in bedework:bw-webdav | 2018-12-19T19:24:52Z | 2024-05-15T06:56:33Z |
| ghsa-8j39-fgfp-vxh8 |
7.5 (3.1)
|
XXL-CONF Path Traversal vulnerability | 2018-12-19T19:25:04Z | 2023-09-11T20:39:33Z |
| ghsa-8r8j-xvfj-36f9 |
9.8 (3.1)
9.3 (4.0)
|
Code injection in ymlref | 2018-12-19T19:25:14Z | 2024-11-19T18:07:18Z |
| ghsa-wg5w-vv93-3f7w |
6.5 (3.1)
|
Moderate severity vulnerability that affects org.apache.oozie:oozie-core | 2018-12-20T22:01:18Z | 2021-09-21T19:44:14Z |
| ghsa-27xw-p8v6-9jjr |
7.4 (3.1)
|
Spring Security vulnerable to Authorization Bypass | 2018-12-20T22:01:31Z | 2024-03-14T21:02:34Z |
| ghsa-p69g-f978-xxv9 |
8.8 (3.1)
8.6 (4.0)
|
Cross-Site Request Forgery (CSRF) in Luigi | 2018-12-20T22:01:39Z | 2024-09-30T16:56:51Z |
| ghsa-mr4x-c4v9-x729 |
6.5 (3.1)
7.1 (4.0)
|
aiohttp-session creates non-expiring sessions | 2018-12-20T22:01:46Z | 2025-03-14T20:26:12Z |
| ghsa-j5rj-g695-342r |
6.1 (3.1)
|
Fat Free CRM vulnerable to Cross-site Scripting | 2018-12-20T22:01:54Z | 2023-08-25T21:22:06Z |
| ghsa-r2pp-x4mm-4999 |
10.0 (3.1)
|
XML External Entity (XXE) vulnerability in neo4j.procedure:apoc | 2018-12-20T22:02:02Z | 2022-09-14T22:20:27Z |
| ghsa-77hp-pfxw-4w63 |
10.0 (3.1)
|
XML External Entity (XXE) vulnerability in codelibs fess | 2018-12-20T22:02:09Z | 2022-09-14T22:20:53Z |
| ghsa-jxm5-5xcw-h57q |
10.0 (3.1)
|
exist-db:exist-core XML External Entity (XXE) vulnerability | 2018-12-20T22:02:17Z | 2022-11-15T16:07:28Z |
| ghsa-2xpp-75vr-22vq |
6.5 (3.1)
|
Improper Restriction of Rendered UI Layers or Frames in Apache nifif | 2018-12-20T22:02:24Z | 2024-03-04T21:34:03Z |
| ghsa-43fp-vwwg-qgv6 |
7.5 (3.1)
|
Apache NiFi Improper Input Validation vulnerability | 2018-12-20T22:02:32Z | 2024-03-04T21:40:53Z |
| ghsa-4qq9-rrq6-48ff |
6.1 (3.1)
|
Cross site scripting in org.apache.nifi:nifi | 2018-12-20T22:02:39Z | 2024-03-04T21:35:23Z |
| ghsa-3jq8-jg75-rqv6 |
7.5 (3.1)
|
Cleartext Transmission of Sensitive Information in Apache nifi | 2018-12-20T22:02:45Z | 2024-03-04T22:06:28Z |
| ghsa-xmvg-w4f9-99r7 |
9.0 (3.1)
|
XML External Entity (XXE) vulnerability in bw-calendar-engine | 2018-12-20T22:02:51Z | 2022-09-14T22:23:07Z |
| ghsa-c289-47qf-rvrr |
6.1 (3.1)
|
Cross Site Scripting (XSS) vulnerability in easymon | 2018-12-21T17:46:03Z | 2022-09-14T22:23:27Z |
| ghsa-hjm9-576q-399p |
9.8 (3.1)
|
Remote Code Execution in esigate-core | 2018-12-21T17:46:23Z | 2022-09-14T22:24:11Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2020-55 |
|
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticate… | keystone | 2020-05-07T00:15:00Z | 2020-09-02T16:15:00Z |
| pysec-2020-56 |
|
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API does… | keystone | 2020-05-07T00:15:00Z | 2020-09-02T16:15:00Z |
| pysec-2020-97 |
|
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows … | qutebrowser | 2020-05-07T21:15:00Z | 2020-09-21T02:15:00Z |
| pysec-2020-1 |
|
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 … | ansible | 2020-05-11T14:15:00Z | 2020-06-13T04:15:00Z |
| pysec-2020-13 |
|
A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7… | ansible | 2020-05-12T18:15:00Z | 2020-05-26T17:38:00Z |
| pysec-2020-208 |
|
An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure tempo… | ansible | 2020-05-15T14:15:00Z | 2021-07-02T02:41:34.927743Z |
| pysec-2020-66 |
|
MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across users in a remote-tra… | misp-maltego | 2020-05-15T18:15:00Z | 2020-05-19T13:38:00Z |
| pysec-2020-107 |
|
** DISPUTED ** scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute comm… | scikit-learn | 2020-05-15T19:15:00Z | 2020-05-19T19:05:00Z |
| pysec-2020-73 |
|
** DISPUTED ** pandas through 1.0.3 can unserialize and execute commands from an untruste… | pandas | 2020-05-15T19:15:00Z | 2020-05-19T19:12:00Z |
| pysec-2020-46 |
|
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `htt… | httplib2 | 2020-05-20T16:15:00Z | 2020-08-19T18:56:00Z |
| pysec-2020-242 |
|
netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues a… | netius | 2020-05-21T15:15:00Z | 2021-11-23T06:07:22.013113Z |
| pysec-2020-239 |
|
meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues a… | meinheld | 2020-05-22T16:15:00Z | 2021-08-27T03:22:06.793758Z |
| pysec-2020-341 |
|
An exploitable vulnerability exists in the configuration-loading functionality of the jw.… | jw.util | 2020-05-22T17:15:00Z | 2022-01-05T02:16:25.743194Z |
| pysec-2020-99 |
|
Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This co… | rsa | 2020-06-01T19:15:00Z | 2020-09-02T16:15:00Z |
| pysec-2020-42 |
|
An issue was discovered in fastecdsa before 2.1.2. When using the NIST P-256 curve in the… | fastecdsa | 2020-06-02T21:15:00Z | 2020-06-03T13:47:00Z |
| pysec-2020-31 |
|
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where … | django | 2020-06-03T14:15:00Z | 2021-01-20T15:15:00Z |
| pysec-2020-32 |
|
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameter… | django | 2020-06-03T14:15:00Z | 2021-01-20T15:15:00Z |
| pysec-2020-228 |
|
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-… | cinder | 2020-06-10T17:15:00Z | 2021-08-27T03:21:56.949334Z |
| pysec-2020-47 |
|
In Indy Node 1.12.2, there is an Uncontrolled Resource Consumption vulnerability. Indy No… | indy-node | 2020-06-11T00:15:00Z | 2020-06-22T16:36:00Z |
| pysec-2020-240 |
|
A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to an… | mistral | 2020-06-15T15:15:00Z | 2021-08-27T03:22:07.520532Z |
| pysec-2020-244 |
|
OMERO.web before 5.6.3 optionally allows sensitive data elements (e.g., a session key) to… | omero-web | 2020-06-17T17:15:00Z | 2021-08-27T03:22:09.833484Z |
| pysec-2020-250 |
|
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json … | rtslib-fb | 2020-06-19T11:15:00Z | 2021-08-27T03:22:19.931800Z |
| pysec-2020-112 |
|
Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py. | tendenci | 2020-06-21T15:15:00Z | 2020-06-26T19:34:00Z |
| pysec-2020-95 |
|
In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configur… | pyspark | 2020-06-23T22:15:00Z | 2021-04-02T12:15:00Z |
| pysec-2020-37 |
|
In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websi… | django-basic-auth-ip-whitelist | 2020-06-24T13:15:00Z | 2020-07-09T14:11:00Z |
| pysec-2020-76 |
|
Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. | pillow | 2020-06-25T19:15:00Z | 2020-08-08T20:15:00Z |
| pysec-2020-77 |
|
In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when re… | pillow | 2020-06-25T19:15:00Z | 2020-07-27T19:15:00Z |
| pysec-2020-78 |
|
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. | pillow | 2020-06-25T19:15:00Z | 2020-07-27T19:15:00Z |
| pysec-2020-79 |
|
In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds rea… | pillow | 2020-06-25T19:15:00Z | 2020-07-27T19:15:00Z |
| pysec-2020-80 |
|
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exi… | pillow | 2020-06-25T19:15:00Z | 2020-07-27T19:15:00Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2022-4180 | Malicious code in klook-node-framework-affiliate (npm) | 2022-06-20T20:09:31Z | 2022-06-20T20:09:31Z |
| mal-2022-4189 | Malicious code in klook-tetris-server (npm) | 2022-06-20T20:09:31Z | 2022-06-20T20:09:31Z |
| mal-2022-4561 | Malicious code in merlin-frontend (npm) | 2022-06-20T20:09:32Z | 2022-06-20T20:09:38Z |
| mal-2022-4562 | Malicious code in merlin-products-fetch (npm) | 2022-06-20T20:09:32Z | 2022-06-20T20:09:33Z |
| mal-2022-5548 | Malicious code in qjwt (npm) | 2022-06-20T20:09:32Z | 2022-06-20T20:09:32Z |
| mal-2022-5549 | Malicious code in qjwtsss (npm) | 2022-06-20T20:09:32Z | 2022-06-20T20:09:33Z |
| mal-2022-6764 | Malicious code in uitk-react-rating (npm) | 2022-06-20T20:09:32Z | 2022-06-20T20:09:33Z |
| mal-2022-1511 | Malicious code in bfs-hello-world (npm) | 2022-06-20T20:09:33Z | 2022-06-20T20:09:34Z |
| mal-2022-542 | Malicious code in @qualtrics-translations/qualtricsdesignsystemui (npm) | 2022-06-20T20:09:33Z | 2022-06-20T20:09:33Z |
| mal-2022-6681 | Malicious code in turbine_helper (npm) | 2022-06-20T20:09:33Z | 2022-06-20T20:09:33Z |
| mal-2022-7293 | Malicious code in xplenty-websitey (npm) | 2022-06-20T20:09:33Z | 2022-06-20T20:09:34Z |
| mal-2022-2284 | Malicious code in custom-script-vanilla-js (npm) | 2022-06-20T20:09:34Z | 2022-06-20T20:09:34Z |
| mal-2022-3984 | Malicious code in itsmerobottt (npm) | 2022-06-20T20:09:34Z | 2022-06-20T20:09:35Z |
| mal-2022-4906 | Malicious code in nodejs-gcloud-pubsub-module (npm) | 2022-06-20T20:09:34Z | 2022-06-20T20:09:34Z |
| mal-2022-5118 | Malicious code in orbit-tracking (npm) | 2022-06-20T20:09:34Z | 2022-06-20T20:09:34Z |
| mal-2022-1636 | Malicious code in body-complex (npm) | 2022-06-20T20:09:35Z | 2022-06-20T20:09:35Z |
| mal-2022-1969 | Malicious code in code-snippet-frontend (npm) | 2022-06-20T20:09:35Z | 2022-06-20T20:09:35Z |
| mal-2022-2287 | Malicious code in custom-url-paging (npm) | 2022-06-20T20:09:35Z | 2022-06-20T20:09:36Z |
| mal-2022-3702 | Malicious code in httpinfrastructure (npm) | 2022-06-20T20:09:35Z | 2022-06-20T20:09:36Z |
| mal-2022-3948 | Malicious code in iotspaces (npm) | 2022-06-20T20:09:35Z | 2022-06-20T20:09:36Z |
| mal-2022-1640 | Malicious code in body-time (npm) | 2022-06-20T20:09:36Z | 2022-06-20T20:09:37Z |
| mal-2022-2166 | Malicious code in constantparam (npm) | 2022-06-20T20:09:36Z | 2022-06-20T20:09:37Z |
| mal-2022-2285 | Malicious code in custom-url (npm) | 2022-06-20T20:09:36Z | 2022-06-20T20:09:37Z |
| mal-2022-2286 | Malicious code in custom-url-moreoptions (npm) | 2022-06-20T20:09:36Z | 2022-06-20T20:09:36Z |
| mal-2022-1638 | Malicious code in body-string (npm) | 2022-06-20T20:09:37Z | 2022-06-20T20:09:37Z |
| mal-2022-1639 | Malicious code in body-string-rest (npm) | 2022-06-20T20:09:37Z | 2022-06-20T20:09:38Z |
| mal-2022-2806 | Malicious code in eslint-config-support (npm) | 2022-06-20T20:09:37Z | 2022-06-20T20:09:38Z |
| mal-2022-4733 | Malicious code in multiple-inheritance-rest (npm) | 2022-06-20T20:09:37Z | 2022-06-20T20:09:37Z |
| mal-2022-1567 | Malicious code in big_11931193 (npm) | 2022-06-20T20:09:38Z | 2022-06-20T20:09:39Z |
| mal-2022-4932 | Malicious code in npm-1193119390 (npm) | 2022-06-20T20:09:38Z | 2022-06-20T20:09:39Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2022-0931 | Red Hat Enterprise Linux (python-lxml): Schwachstelle ermöglicht Cross-Site Scripting | 2021-05-18T22:00:00.000+00:00 | 2024-05-07T22:00:00.000+00:00 |
| wid-sec-w-2023-2459 | Redis: Schwachstelle ermöglicht Codeausführung | 2021-05-18T22:00:00.000+00:00 | 2023-09-27T22:00:00.000+00:00 |
| wid-sec-w-2025-0478 | Red Hat Enterprise Linux (Raptor2): Mehrere Schwachstellen ermöglichen Denial of Service | 2021-05-18T22:00:00.000+00:00 | 2025-11-11T23:00:00.000+00:00 |
| wid-sec-w-2025-1170 | Red Hat Enterprise Linux (Brotli): Schwachstelle ermöglicht Denial of Service | 2021-05-18T22:00:00.000+00:00 | 2025-05-29T22:00:00.000+00:00 |
| wid-sec-w-2023-0456 | Squid: Schwachstelle ermöglicht Denial of Service | 2021-05-19T22:00:00.000+00:00 | 2023-09-27T22:00:00.000+00:00 |
| wid-sec-w-2023-1855 | RPM: Schwachstelle ermöglicht Manipulation von Dateien | 2021-05-19T22:00:00.000+00:00 | 2023-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0101 | mutt: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2021-05-19T22:00:00.000+00:00 | 2025-01-15T23:00:00.000+00:00 |
| wid-sec-w-2022-1813 | Bluetooth: Mehrere Schwachstellen | 2021-05-24T22:00:00.000+00:00 | 2024-09-05T22:00:00.000+00:00 |
| wid-sec-w-2022-2048 | Red Hat OpenShift: Schwachstelle gefährdet Vertraulichkeit, Verfügbarkeit und Integrität | 2021-05-24T22:00:00.000+00:00 | 2025-04-29T22:00:00.000+00:00 |
| wid-sec-w-2022-0463 | NGINX: Schwachstelle ermöglicht Denial of Service | 2021-05-25T22:00:00.000+00:00 | 2024-11-03T23:00:00.000+00:00 |
| wid-sec-w-2022-0873 | cURL und libcurl: Mehrere Schwachstellen | 2021-05-25T22:00:00.000+00:00 | 2025-11-06T23:00:00.000+00:00 |
| wid-sec-w-2022-1751 | GNU libc: Schwachstelle ermöglicht Denial of Service | 2021-05-25T22:00:00.000+00:00 | 2023-12-04T23:00:00.000+00:00 |
| wid-sec-w-2022-1814 | HPE Integrated Lights-Out: Mehrere Schwachstellen | 2021-05-25T22:00:00.000+00:00 | 2022-12-12T23:00:00.000+00:00 |
| wid-sec-w-2022-0210 | ffmpeg: Mehrere Schwachstellen | 2021-05-26T22:00:00.000+00:00 | 2025-03-19T23:00:00.000+00:00 |
| wid-sec-w-2022-0242 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2021-05-26T22:00:00.000+00:00 | 2025-10-01T22:00:00.000+00:00 |
| wid-sec-w-2023-1261 | Internet Systems Consortium DHCP: Schwachstelle ermöglicht Denial of Service | 2021-05-26T22:00:00.000+00:00 | 2023-05-21T22:00:00.000+00:00 |
| wid-sec-w-2024-0698 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2021-05-26T22:00:00.000+00:00 | 2024-06-10T22:00:00.000+00:00 |
| wid-sec-w-2022-0211 | ffmpeg: Mehrere Schwachstellen ermöglichen Denial of Service | 2021-05-27T22:00:00.000+00:00 | 2024-09-03T22:00:00.000+00:00 |
| wid-sec-w-2023-1688 | libvirt: Schwachstelle ermöglicht Offenlegung von Informationen | 2021-05-27T22:00:00.000+00:00 | 2023-07-09T22:00:00.000+00:00 |
| wid-sec-w-2022-0315 | Linux Kernel: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Administratorrechten | 2021-05-30T22:00:00.000+00:00 | 2022-12-07T23:00:00.000+00:00 |
| wid-sec-w-2022-0642 | Squid: Schwachstelle ermöglicht Denial of Service | 2021-05-30T22:00:00.000+00:00 | 2025-11-18T23:00:00.000+00:00 |
| wid-sec-w-2023-1125 | IBM Java: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2021-05-30T22:00:00.000+00:00 | 2023-05-02T22:00:00.000+00:00 |
| wid-sec-w-2023-0011 | ffmpeg: Mehrere Schwachstellen | 2021-06-01T22:00:00.000+00:00 | 2025-04-03T22:00:00.000+00:00 |
| wid-sec-w-2022-0143 | avahi: Schwachstelle ermöglicht Denial of Service | 2021-06-03T22:00:00.000+00:00 | 2024-01-30T23:00:00.000+00:00 |
| wid-sec-w-2023-3219 | ffmpeg: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2021-06-03T22:00:00.000+00:00 | 2023-12-26T23:00:00.000+00:00 |
| wid-sec-w-2022-1355 | Ansible: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode und Offenlegung von Daten | 2021-06-07T22:00:00.000+00:00 | 2025-11-23T23:00:00.000+00:00 |
| wid-sec-w-2024-3588 | Ansible: Schwachstelle ermöglicht Offenlegung von Informationen | 2021-06-07T22:00:00.000+00:00 | 2025-11-23T23:00:00.000+00:00 |
| wid-sec-w-2024-1463 | Intel Prozessoren: Mehrere Schwachstellen | 2021-06-08T22:00:00.000+00:00 | 2024-06-26T22:00:00.000+00:00 |
| wid-sec-w-2022-0438 | Apache HTTP Server: Mehrere Schwachstellen | 2021-06-09T22:00:00.000+00:00 | 2024-05-26T22:00:00.000+00:00 |
| wid-sec-w-2022-1051 | libxml2: Schwachstelle ermöglicht Denial of Service | 2021-06-09T22:00:00.000+00:00 | 2025-06-30T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2007:0009 | Red Hat Security Advisory: flash-plugin security update | 2007-01-09T14:10:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0003 | Red Hat Security Advisory: xorg-x11 security update | 2007-01-10T12:06:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0002 | Red Hat Security Advisory: XFree86 security update | 2007-01-10T14:01:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0017 | Red Hat Security Advisory: Adobe Acrobat Reader security update | 2007-01-11T11:10:00+00:00 | 2025-11-21T17:31:05+00:00 |
| rhsa-2007:0011 | Red Hat Security Advisory: libgsf security update | 2007-01-11T11:27:00+00:00 | 2025-11-21T17:31:03+00:00 |
| rhsa-2007:0013 | Red Hat Security Advisory: kernel security update | 2007-01-17T10:13:00+00:00 | 2025-11-21T17:31:04+00:00 |
| rhsa-2007:0012 | Red Hat Security Advisory: kernel security update | 2007-01-17T10:51:00+00:00 | 2025-11-21T17:31:04+00:00 |
| rhsa-2007:0021 | Red Hat Security Advisory: Adobe Acrobat Reader security update | 2007-01-22T19:40:00+00:00 | 2025-11-21T17:31:09+00:00 |
| rhsa-2007:0072 | Red Hat Security Advisory: IBMJava2 security update | 2007-01-24T00:00:00+00:00 | 2025-11-21T17:31:12+00:00 |
| rhsa-2007:0019 | Red Hat Security Advisory: gtk2 security update | 2007-01-24T16:09:00+00:00 | 2025-11-21T17:31:06+00:00 |
| rhsa-2007:0014 | Red Hat Security Advisory: kernel security update | 2007-01-30T14:22:00+00:00 | 2025-11-21T17:31:05+00:00 |
| rhsa-2007:0022 | Red Hat Security Advisory: squirrelmail security update | 2007-01-31T17:13:00+00:00 | 2025-11-21T17:31:07+00:00 |
| rhsa-2007:0018 | Red Hat Security Advisory: fetchmail security update | 2007-01-31T17:20:00+00:00 | 2025-11-21T17:31:05+00:00 |
| rhsa-2007:0044 | Red Hat Security Advisory: bind security update | 2007-02-06T18:46:00+00:00 | 2025-11-21T17:31:07+00:00 |
| rhsa-2007:0064 | Red Hat Security Advisory: postgresql security update | 2007-02-07T18:10:00+00:00 | 2025-11-21T17:31:10+00:00 |
| rhsa-2007:0067 | Red Hat Security Advisory: postgresql security update | 2007-02-07T18:30:00+00:00 | 2025-11-21T17:31:11+00:00 |
| rhsa-2007:0062 | Red Hat Security Advisory: java-1.4.2-ibm security update | 2007-02-07T19:57:00+00:00 | 2025-11-21T17:31:09+00:00 |
| rhsa-2007:0008 | Red Hat Security Advisory: dbus security update | 2007-02-08T08:39:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0073 | Red Hat Security Advisory: java-1.5.0-ibm security update | 2007-02-09T16:23:00+00:00 | 2025-11-21T17:31:12+00:00 |
| rhsa-2007:0015 | Red Hat Security Advisory: ImageMagick security update | 2007-02-15T16:33:00+00:00 | 2025-11-21T17:31:05+00:00 |
| rhsa-2007:0060 | Red Hat Security Advisory: samba security update | 2007-02-15T19:13:00+00:00 | 2025-11-21T17:31:14+00:00 |
| rhsa-2007:0083 | Red Hat Security Advisory: mysql security update | 2007-02-19T19:41:00+00:00 | 2026-01-06T20:20:29+00:00 |
| rhsa-2007:0076 | Red Hat Security Advisory: php security update | 2007-02-19T21:08:00+00:00 | 2025-11-21T17:31:14+00:00 |
| rhsa-2007:0086 | Red Hat Security Advisory: gnomemeeting security update | 2007-02-20T12:06:00+00:00 | 2025-11-21T17:31:17+00:00 |
| rhsa-2007:0010 | Red Hat Security Advisory: koffice security update | 2007-02-20T16:55:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0081 | Red Hat Security Advisory: php security update | 2007-02-21T12:42:00+00:00 | 2025-11-21T17:31:15+00:00 |
| rhsa-2007:0074 | Red Hat Security Advisory: spamassassin security update | 2007-02-21T18:44:00+00:00 | 2025-11-21T17:31:13+00:00 |
| rhsa-2007:0088 | Red Hat Security Advisory: php security update | 2007-02-22T11:11:00+00:00 | 2025-11-21T17:31:18+00:00 |
| rhsa-2007:0079 | Red Hat Security Advisory: Firefox security update | 2007-02-23T21:06:00+00:00 | 2025-11-21T17:31:15+00:00 |
| rhsa-2007:0077 | Red Hat Security Advisory: seamonkey security update | 2007-02-24T02:41:00+00:00 | 2025-11-21T17:31:14+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-18-333-01 | INVT Electric VT-Designer | 2018-11-29T00:00:00.000000Z | 2018-11-29T00:00:00.000000Z |
| icsa-18-333-02 | ICSA-18-333-02_Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4 | 2018-11-29T00:00:00.000000Z | 2019-01-10T00:00:00.000000Z |
| icsa-18-338-01 | Omron CX-One | 2018-12-04T00:00:00.000000Z | 2018-12-04T00:00:00.000000Z |
| icsa-18-338-02 | SpiderControl SCADA WebServer | 2018-12-04T00:00:00.000000Z | 2018-12-04T00:00:00.000000Z |
| icsa-18-340-01 | GE Proficy GDS | 2018-12-06T00:00:00.000000Z | 2018-12-06T00:00:00.000000Z |
| icsma-18-340-01 | Philips HealthSuite Health Android App | 2018-12-06T00:00:00.000000Z | 2018-12-06T00:00:00.000000Z |
| icsa-18-345-01 | ICSA-18-345-01 McAfee SINAMICS PERFECT HARMONY GH180 | 2018-12-11T00:00:00.000000Z | 2018-12-11T00:00:00.000000Z |
| icsa-18-345-02 | ICSA-18-345-02 Siemens SINUMERIK Controllers (Update A) | 2018-12-11T00:00:00.000000Z | 2019-03-12T00:00:00.000000Z |
| icsa-18-352-05 | Siemens TIM 1531 IRC Modules | 2018-12-11T00:00:00.000000Z | 2020-02-10T00:00:00.000000Z |
| icsa-18-347-01 | Schneider Electric GUIcon Eurotherm | 2018-12-13T00:00:00.000000Z | 2018-12-13T00:00:00.000000Z |
| icsa-18-347-03 | Geutebrück GmbH E2 Series IP Cameras | 2018-12-13T00:00:00.000000Z | 2018-12-13T00:00:00.000000Z |
| icsa-18-347-04 | GE Mark VIe, EX2100e, EX2100e | 2018-12-13T00:00:00.000000Z | 2018-12-13T00:00:00.000000Z |
| icsma-18-347-01 | Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers | 2018-12-13T00:00:00.000000Z | 2018-12-13T00:00:00.000000Z |
| icsa-18-352-01 | ABB GATE-E2 | 2018-12-18T00:00:00.000000Z | 2018-12-18T00:00:00.000000Z |
| icsa-18-352-02 | Advantech WebAccess/SCADA | 2018-12-18T00:00:00.000000Z | 2018-12-18T00:00:00.000000Z |
| icsa-18-352-03 | 3S-Smart Software Solutions GmbH CODESYS Control V3 Products | 2018-12-18T00:00:00.000000Z | 2018-12-18T00:00:00.000000Z |
| icsa-18-352-04 | 3S-Smart Software Solutions GmbH CODESYS V3 Products | 2018-12-18T00:00:00.000000Z | 2018-12-18T00:00:00.000000Z |
| icsa-18-352-06 | ABB CMS-770 | 2018-12-18T00:00:00.000000Z | 2018-12-18T00:00:00.000000Z |
| icsa-18-352-07 | ABB M2M ETHERNET | 2018-12-18T00:00:00.000000Z | 2018-12-18T00:00:00.000000Z |
| icsa-18-354-01 | Horner Automation Cscape | 2018-12-20T00:00:00.000000Z | 2018-12-20T00:00:00.000000Z |
| icsa-18-354-02 | Schneider Electric EcoStruxure | 2018-12-20T00:00:00.000000Z | 2018-12-20T00:00:00.000000Z |
| icsa-19-003-01 | Schneider Electric Pro-face GP-Pro EX | 2019-01-03T00:00:00.000000Z | 2019-01-03T00:00:00.000000Z |
| icsa-19-003-02 | Yokogawa Vnet/IP Open Communication Driver | 2019-01-03T00:00:00.000000Z | 2019-01-03T00:00:00.000000Z |
| icsa-19-003-03 | Hetronic Nova-M | 2019-01-03T00:00:00.000000Z | 2019-01-03T00:00:00.000000Z |
| icsa-19-008-01 | Schneider Electric Zelio Soft 2 | 2019-01-08T00:00:00.000000Z | 2019-01-08T00:00:00.000000Z |
| icsa-19-008-02 | Schneider Electric IIoT Monitor (Update A) | 2019-01-08T00:00:00.000000Z | 2019-01-15T00:00:00.000000Z |
| icsa-19-036-04 | Siemens SIMATIC S7-1500 CPU | 2019-01-08T00:00:00.000000Z | 2020-02-10T00:00:00.000000Z |
| icsa-19-038-01 | ICSA-19-038-01 Siemens SICAM A8000 RTU Series | 2019-01-08T00:00:00.000000Z | 2019-02-12T00:00:00.000000Z |
| icsa-19-038-02 | ICSA-19-038-02 Siemens EN100 Ethernet Module | 2019-01-08T00:00:00.000000Z | 2019-01-08T00:00:00.000000Z |
| icsa-19-043-04 | Siemens SIMATIC S7-300 CPU | 2019-01-08T00:00:00.000000Z | 2020-02-10T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-20191106-spa500-script | Cisco Small Business SPA500 Series IP Phones Local Script Execution Vulnerability | 2019-11-06T16:00:00+00:00 | 2019-11-06T16:00:00+00:00 |
| cisco-sa-20191106-telece-ros-eve | Cisco TelePresence Collaboration Endpoint and RoomOS Audio Eavesdropping Vulnerability | 2019-11-06T16:00:00+00:00 | 2019-11-06T16:00:00+00:00 |
| cisco-sa-20191106-telepres-roomos-dos | Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerabilities | 2019-11-06T16:00:00+00:00 | 2019-11-06T16:00:00+00:00 |
| cisco-sa-20191106-telepres-roomos-privesc | Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Privilege Escalation Vulnerability | 2019-11-06T16:00:00+00:00 | 2019-11-06T16:00:00+00:00 |
| cisco-sa-20191106-wbs-privilege | Cisco Webex Network Recording Admin Page Privilege Escalation Vulnerability | 2019-11-06T16:00:00+00:00 | 2019-11-06T16:00:00+00:00 |
| cisco-sa-20191106-webex-player | Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities | 2019-11-06T16:00:00+00:00 | 2019-11-06T16:00:00+00:00 |
| cisco-sa-20191106-wlc-dos | Cisco Wireless LAN Controller HTTP Parsing Engine Denial of Service Vulnerability | 2019-11-06T16:00:00+00:00 | 2020-05-11T15:58:49+00:00 |
| cisco-sa-20191106-wsa-unauth-devreset | Cisco Web Security Appliance Unauthorized Device Reset Vulnerability | 2019-11-06T16:00:00+00:00 | 2019-11-06T16:00:00+00:00 |
| cisco-sa-20191106-wsa-xss | Cisco Web Security Appliance Management Interface Cross-Site Scripting Vulnerability | 2019-11-06T16:00:00+00:00 | 2019-11-06T16:00:00+00:00 |
| cisco-sa-20191112-asa-ftd-lua-rce | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability | 2019-11-12T13:15:00+00:00 | 2021-01-11T19:14:20+00:00 |
| cisco-sa-20191120-cucm-sql | Cisco Unified Communications Manager SQL Injection Vulnerability | 2019-11-20T16:00:00+00:00 | 2020-02-06T17:00:15+00:00 |
| cisco-sa-20191120-dna-cmd-injection | Cisco DNA Spaces: Connector Command Injection Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-dna-priv-esca | Cisco DNA Spaces: Connector Privilege Escalation Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-dna-sqlinjection | Cisco DNA Spaces: Connector SQL Injection Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-esa-mp3-bypass | Cisco Email Security Appliance MP3 Content Filter Bypass Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-esa-url-bypass | Cisco Email Security Appliance URL Filtering Bypass Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-iosxr-ssh-bypass | Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-23T02:24:36+00:00 |
| cisco-sa-20191120-sbr-rv-infodis | Cisco Small Business Routers RV016, RV042, RV042G, and RV082 Information Disclosure Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-stealth-xss | Cisco Stealthwatch Enterprise Cross-Site Scripting Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-ucdm-xss | Cisco Unified Communications Domain Manager Persistent Cross-Site Scripting Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-unity-exp-comm-inject | Cisco Unity Express Command Injection Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-vman-csrf | Cisco SD-WAN Solution vManage Cross-Site Request Forgery Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-webex-centers-infodis | Cisco WebEx Centers Username Enumeration Information Disclosure Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-11-20T16:00:00+00:00 |
| cisco-sa-20191120-webex-teams-dll | Cisco Webex Teams and Cisco Webex Meetings Client DLL Hijacking Vulnerability | 2019-11-20T16:00:00+00:00 | 2019-12-02T16:36:24+00:00 |
| cisco-sa-20200102-dcnm-auth-bypass | Cisco Data Center Network Manager Authentication Bypass Vulnerabilities | 2020-01-02T16:00:00+00:00 | 2020-01-15T15:58:03+00:00 |
| cisco-sa-20200102-dcnm-comm-inject | Cisco Data Center Network Manager Command Injection Vulnerabilities | 2020-01-02T16:00:00+00:00 | 2020-01-15T15:58:02+00:00 |
| cisco-sa-20200102-dcnm-path-trav | Cisco Data Center Network Manager Path Traversal Vulnerabilities | 2020-01-02T16:00:00+00:00 | 2020-01-15T15:58:01+00:00 |
| cisco-sa-20200102-dcnm-sql-inject | Cisco Data Center Network Manager SQL Injection Vulnerabilities | 2020-01-02T16:00:00+00:00 | 2020-01-15T15:57:59+00:00 |
| cisco-sa-20200102-dcnm-unauth-access | Cisco Data Center Network Manager JBoss EAP Unauthorized Access Vulnerability | 2020-01-02T16:00:00+00:00 | 2020-01-15T15:57:58+00:00 |
| cisco-sa-20200102-dcnm-xml-ext-entity | Cisco Data Center Network Manager XML External Entity Read Access Vulnerability | 2020-01-02T16:00:00+00:00 | 2020-01-15T15:58:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-26937 | encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. | 2021-02-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-27135 | xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence. | 2021-02-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-27212 | In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-27218 | An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform the length would be truncated modulo 2**32 causing unintended length truncation. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-27219 | An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-27367 | Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal. | 2021-02-02T00:00:00.000Z | 2025-10-01T23:11:09.000Z |
| msrc_cve-2021-27378 | An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks a random number generator may be seeded with too little data. | 2021-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2021-27803 | A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code) for an attacker within radio range. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3348 | nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup aka CID-b98e762e3d71. | 2021-02-02T00:00:00.000Z | 2021-02-06T00:00:00.000Z |
| msrc_cve-2020-14372 | A flaw was found in grub2 in versions prior to 2.06 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-17525 | Remote unauthenticated denial-of-service in Subversion mod_authz_svn | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25632 | A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25639 | A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25647 | A flaw was found in grub2 in versions prior to 2.06. During USB device initialization descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27170 | An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27171 | An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory aka CID-10d2bb2e6b1d. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27749 | A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents using a 1kB stack buffer for temporary storage without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload it is possible to overflow the stack buffer corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27779 | A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27827 | A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs potentially causing a denial of service. The highest threat from this vulnerability is to system availability. | 2021-03-02T00:00:00.000Z | 2022-08-06T00:00:00.000Z |
| msrc_cve-2020-35492 | A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example by convincing a user to open a file in an application using cairo or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-03-30T00:00:00.000Z |
| msrc_cve-2020-35508 | A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-35521 | A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c a crafted TIFF file can lead to an abort resulting in denial of service. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-35522 | In LibTIFF there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-35523 | An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-35524 | A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-20197 | There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar objcopy strip ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users) an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. | 2021-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-20225 | A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-20227 | A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability. | 2021-03-02T00:00:00.000Z | 2021-03-27T00:00:00.000Z |
| msrc_cve-2021-20231 | A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-20232 | A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201906-1347 | Youxun Electronic Equipment (Shanghai) Co., Ltd. is a company mainly engaged in network e… | 2022-05-04T09:22:23.935000Z |
| var-201905-1429 | Aviosoft DVD X Player Standard is a DVD player from Aviosoft, USA. Aviosoft DVD X Player… | 2022-05-04T09:22:25.526000Z |
| var-201903-1644 | Kodak Video Cloud MCU Device search function exists SQL Inject holes. Allows an attacker … | 2022-05-04T09:22:28.302000Z |
| var-201811-1130 | TendaAC7 and others are wireless router products of Tenda. Httpd is one of the HTTP serve… | 2022-05-04T09:22:36.485000Z |
| var-201810-1607 | Xiaomi router is a router. There is a code execution vulnerability in the Xiaomi router.… | 2022-05-04T09:22:40.280000Z |
| var-201809-1329 | HP Color LaserJet Pro M252 is a color laser printer manufactured by HP Trading (Shanghai)… | 2022-05-04T09:22:41.598000Z |
| var-201805-1238 | DrayTek is a Taiwanese broadband CPE (client device) manufacturer that manufactures devic… | 2022-05-04T09:22:51.597000Z |
| var-201803-2356 | Zhongkong Taike (Shanghai) Electronic Technology Co., Ltd. is a sales and service organiz… | 2022-05-04T09:22:57.509000Z |
| var-201801-1832 | pelco Sarix Professional is a video camera. A command execution vulnerability exists in … | 2022-05-04T09:23:01.115000Z |
| var-201709-1253 | NETS9 is a multi-satellite reference station receiver. There is a SQL injection vulnerab… | 2022-05-04T09:23:09.947000Z |
| var-201707-1346 | The D-LinkDIR-100 is a small broadband router with integrated firewall capabilities. A cr… | 2022-05-04T09:23:15.511000Z |
| var-201706-1146 | HuaweiY6Pro is a smartphone from China's Huawei company. A memory leak vulnerability exis… | 2022-05-04T09:23:16.850000Z |
| var-201706-1125 | Foscamcamera is a webcam that can push messages to mobile phones and directly implement v… | 2022-05-04T09:23:16.862000Z |
| var-201612-0649 | ZyXELP660HN-Tv2 is a router manufactured by ZyXEL. The ZyXELP660HN-Tv2 router has an unau… | 2022-05-04T09:23:32.173000Z |
| var-201611-0419 | Beijing Yuanwei Software Co., Ltd. Security Isolation Gateway is a multi-network security… | 2022-05-04T09:23:32.544000Z |
| var-201611-0398 | Anke digital camera has weak password, allowing initial password login | 2022-05-04T09:23:32.554000Z |
| var-201610-0722 | AVTECH, founded in 1996, is one of the world's leading manufacturers of CCTV. The main pr… | 2022-05-04T09:23:32.878000Z |
| var-201609-0700 | Automation DCISoft is a dedicated electronic drawing software. Automation DCISoft has a … | 2022-05-04T09:23:33.874000Z |
| var-201608-0493 | Beijing Dingfeng Gold Technology Co., Ltd. library system is widely used in various enter… | 2022-05-04T09:23:34.268000Z |
| var-201606-0550 | The Fixon K2 wireless router is a wireless router for home use. The Fixon K2 wireless ro… | 2022-05-04T09:23:35.031000Z |
| var-201501-0542 | XML external entity vulnerability in the Extended Computer Aided Test Tool (eCATT) in SAP… | 2022-05-04T09:23:49.379000Z |
| var-201409-1260 | Bangxun Wlan AC is a wireless controller product produced by Bangxun Technology Co., Ltd.… | 2022-05-04T09:23:52.380000Z |
| var-201401-0732 | Huawei B593u-12 / T-Mobile HOME NET Router is an LTE wireless router series. Huawei B593u… | 2022-05-04T09:24:04.462000Z |
| var-201310-0801 | HP is the world's leading high-tech provider, offering a full line of notebooks, desktops… | 2022-05-04T09:24:06.155000Z |
| var-201310-0799 | The TP-LINK TL-WDR4300 Router is a wireless router device. The TP-LINK TL-WDR4300 Router … | 2022-05-04T09:24:06.167000Z |
| var-201309-0595 | The NetVanta 3430 is a router device. The NetVanta 3430 has a default user account \"admi… | 2022-05-04T09:24:06.743000Z |
| var-201009-0328 | A vulnerability in the file transfer feature in the JP1/NETM/Remote Control Agent may all… | 2022-05-04T09:24:29.788000Z |
| var-201003-0527 | Orb Networks Orb is a live streaming TV solution. Orb Networks Orb Direct Show filters ha… | 2022-05-04T09:24:32.107000Z |
| var-201001-0326 | Novatel MiFi is a small 3G wifi access device. Novatel MiFi allows users to perform certa… | 2022-05-04T09:24:36.874000Z |
| var-202001-1251 | Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insuff… | 2022-05-04T09:26:12.685000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2013-000103 | Ichitaro series vulnerable to arbitrary code execution | 2013-11-12T14:33+09:00 | 2013-11-15T10:22+09:00 |
| jvndb-2011-003557 | ASP.NET vulnerable to open redirect | 2013-11-15T15:54+09:00 | 2013-11-15T15:54+09:00 |
| jvndb-2013-000104 | EC-CUBE vulnerable to information disclosure | 2013-11-20T15:19+09:00 | 2013-11-22T14:42+09:00 |
| jvndb-2013-000105 | EC-CUBE vulnerable to cross-site scripting | 2013-11-20T15:34+09:00 | 2013-11-22T14:40+09:00 |
| jvndb-2013-000097 | EC-CUBE vulnerable to cross-site request forgery | 2013-11-20T15:40+09:00 | 2013-11-22T14:37+09:00 |
| jvndb-2013-000098 | EC-CUBE information disclosure vulnerability | 2013-11-20T15:48+09:00 | 2013-11-22T14:35+09:00 |
| jvndb-2013-000107 | EC-CUBE vulnerable to cross-site scripting | 2013-11-20T15:56+09:00 | 2013-11-22T13:57+09:00 |
| jvndb-2013-000106 | EC-CUBE information disclosure vulnerability | 2013-11-20T16:14+09:00 | 2013-11-22T14:18+09:00 |
| jvndb-2013-000109 | D-Link DES-3800 Series vulnerable to denial-of-service (DoS) | 2013-11-22T14:50+09:00 | 2013-11-26T16:09+09:00 |
| jvndb-2013-000110 | D-Link DES-3800 Series vulnerable to denial-of-service (DoS) | 2013-11-22T14:51+09:00 | 2013-11-26T16:15+09:00 |
| jvndb-2013-000108 | KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates | 2013-11-22T17:39+09:00 | 2013-11-26T16:02+09:00 |
| jvndb-2013-005262 | Buffer Overflow Vulnerability in the log function of Interstage HTTP Server | 2013-11-28T16:38+09:00 | 2013-12-18T16:16+09:00 |
| jvndb-2013-000112 | TOWN (modified version) vulnerable to directory traversal | 2013-11-29T14:23+09:00 | 2013-12-06T10:38+09:00 |
| jvndb-2013-000113 | Multiple cross-site scripting vulnerabilities in Cybozu Garoon | 2013-12-03T13:37+09:00 | 2013-12-06T10:42+09:00 |
| jvndb-2013-000114 | Cybozu Garoon vulnerable to SQL injection | 2013-12-03T13:45+09:00 | 2013-12-06T10:47+09:00 |
| jvndb-2013-000115 | Cybozu Garoon vulnerable to denial-of-service (DoS) | 2013-12-03T13:46+09:00 | 2013-12-06T10:48+09:00 |
| jvndb-2013-000116 | Cybozu Garoon vulnerable to mail header injection | 2013-12-03T13:49+09:00 | 2013-12-06T10:50+09:00 |
| jvndb-2013-000117 | Cybozu Garoon vulnerable to session fixation | 2013-12-03T13:51+09:00 | 2013-12-06T10:52+09:00 |
| jvndb-2013-000118 | Cybozu Dezie vulnerable to cross-site scripting | 2013-12-10T14:13+09:00 | 2013-12-18T14:51+09:00 |
| jvndb-2013-000119 | Juniper ScreenOS vulnerable to denial-of-service (DoS) | 2013-12-13T12:23+09:00 | 2013-12-18T15:23+09:00 |
| jvndb-2013-000111 | Android OS vulnerable to arbitrary Java method execution | 2013-12-17T13:57+09:00 | 2014-03-05T17:27+09:00 |
| jvndb-2013-000120 | IrfanView vulnerable to buffer overflow | 2013-12-24T15:02+09:00 | 2014-01-07T19:25+09:00 |
| jvndb-2013-000123 | VMware ESX and ESXi may allow access to arbitrary files | 2013-12-24T15:02+09:00 | 2013-12-25T14:01+09:00 |
| jvndb-2013-000124 | Cybozu Garoon vulnerable to SQL injection | 2013-12-25T12:21+09:00 | 2014-01-07T19:22+09:00 |
| jvndb-2013-000125 | Cybozu Garoon Keitai vulnerable to authentication bypass | 2013-12-25T12:22+09:00 | 2014-01-07T16:12+09:00 |
| jvndb-2013-005669 | Xml eXternal Entity Vulnerability in Hitachi Cosminexus | 2013-12-25T19:13+09:00 | 2013-12-25T19:13+09:00 |
| jvndb-2013-000126 | HP Autonomy Ultraseek vulnerable to cross-site scripting | 2013-12-26T12:32+09:00 | 2013-12-26T12:32+09:00 |
| jvndb-2014-000001 | ZIP with Pass vulnerable to directory traversal | 2014-01-10T14:34+09:00 | 2014-01-10T14:34+09:00 |
| jvndb-2014-000002 | tetra filer vulnerable to directory traversal | 2014-01-10T14:41+09:00 | 2014-01-10T14:41+09:00 |
| jvndb-2014-000003 | Security File Manager vulnerable to directory traversal | 2014-01-10T14:42+09:00 | 2014-01-10T14:42+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2016:1985-1 | Security update for the Linux Kernel | 2016-08-08T14:55:45Z | 2016-08-08T14:55:45Z |
| suse-su-2016:1998-1 | Security update for Linux Kernel Live Patch 15 for SLE 12 | 2016-08-09T11:22:34Z | 2016-08-09T11:22:34Z |
| suse-su-2016:1999-1 | Security update for Linux Kernel Live Patch 14 for SLE 12 | 2016-08-09T11:22:54Z | 2016-08-09T11:22:54Z |
| suse-su-2016:2001-1 | Security update for Linux Kernel Live Patch 13 for SLE 12 | 2016-08-09T11:23:09Z | 2016-08-09T11:23:09Z |
| suse-su-2016:2006-1 | Security update for Linux Kernel Live Patch 12 for SLE 12 | 2016-08-09T11:23:24Z | 2016-08-09T11:23:24Z |
| suse-su-2016:2010-1 | Security update for Linux Kernel Live Patch 11 for SLE 12 | 2016-08-09T11:23:39Z | 2016-08-09T11:23:39Z |
| suse-su-2016:1995-1 | Security update for Linux Kernel Live Patch 9 for SLE 12 | 2016-08-09T11:23:52Z | 2016-08-09T11:23:52Z |
| suse-su-2016:2005-1 | Security update for Linux Kernel Live Patch 8 for SLE 12 | 2016-08-09T11:24:17Z | 2016-08-09T11:24:17Z |
| suse-su-2016:2014-1 | Security update for Linux Kernel Live Patch 7 for SLE 12 | 2016-08-09T11:24:33Z | 2016-08-09T11:24:33Z |
| suse-su-2016:2011-1 | Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 | 2016-08-09T11:24:44Z | 2016-08-09T11:24:44Z |
| suse-su-2016:2000-1 | Security update for Linux Kernel Live Patch 4 for SLE 12 SP1 | 2016-08-09T11:24:59Z | 2016-08-09T11:24:59Z |
| suse-su-2016:2003-1 | Security update for Linux Kernel Live Patch 5 for SLE 12 SP1 | 2016-08-09T11:25:14Z | 2016-08-09T11:25:14Z |
| suse-su-2016:2007-1 | Security update for Linux Kernel Live Patch 3 for SLE 12 SP1 | 2016-08-09T11:25:25Z | 2016-08-09T11:25:25Z |
| suse-su-2016:2009-1 | Security update for Linux Kernel Live Patch 2 for SLE 12 SP1 | 2016-08-09T11:25:36Z | 2016-08-09T11:25:36Z |
| suse-su-2016:1994-1 | Security update for Linux Kernel Live Patch 1 for SLE 12 SP1 | 2016-08-09T11:25:53Z | 2016-08-09T11:25:53Z |
| suse-su-2016:2008-1 | Security update for squid | 2016-08-09T11:32:29Z | 2016-08-09T11:32:29Z |
| suse-su-2016:1997-1 | Security update for java-1_7_0-openjdk | 2016-08-09T11:33:08Z | 2016-08-09T11:33:08Z |
| suse-su-2016:2012-1 | Security update for java-1_8_0-openjdk | 2016-08-09T11:33:15Z | 2016-08-09T11:33:15Z |
| suse-su-2016:2013-1 | Security update for php53 | 2016-08-09T11:35:10Z | 2016-08-09T11:35:10Z |
| suse-su-2016:2002-1 | Security update for Linux Kernel Live Patch 10 for SLE 12 | 2016-08-09T11:57:22Z | 2016-08-09T11:57:22Z |
| suse-su-2016:2018-1 | Security update for the Linux Kernel | 2016-08-09T15:23:23Z | 2016-08-09T15:23:23Z |
| suse-su-2016:2019-1 | Security update for rubygem-bson-1_11, rubygem-easy_diff, rubygem-redcarpet, and rubygem-sprockets-2_11 | 2016-08-09T18:27:03Z | 2016-08-09T18:27:03Z |
| suse-su-2016:2021-1 | Security update for sqlite3 | 2016-08-10T07:03:51Z | 2016-08-10T07:03:51Z |
| suse-su-2016:2024-1 | Security update for dhcp | 2016-08-10T11:39:02Z | 2016-08-10T11:39:02Z |
| suse-su-2016:2053-1 | Security update for libvirt | 2016-08-11T17:44:57Z | 2016-08-11T17:44:57Z |
| suse-su-2016:2061-1 | Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nspr and mozilla-nss | 2016-08-12T16:10:10Z | 2016-08-12T16:10:10Z |
| suse-su-2016:2074-1 | Security update for the Linux Kernel | 2016-08-15T10:48:57Z | 2016-08-15T10:48:57Z |
| suse-su-2016:2076-1 | Security update for ImageMagick | 2016-08-15T11:43:57Z | 2016-08-15T11:43:57Z |
| suse-su-2016:2075-1 | Security update for ImageMagick | 2016-08-15T11:45:22Z | 2016-08-15T11:45:22Z |
| suse-su-2016:2080-1 | Security update for php5 | 2016-08-16T07:26:11Z | 2016-08-16T07:26:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2020:0080-1 | Security update for php7 | 2020-01-20T09:15:29Z | 2020-01-20T09:15:29Z |
| opensuse-su-2020:0084-1 | Security update for Mesa | 2020-01-21T11:13:31Z | 2020-01-21T11:13:31Z |
| opensuse-su-2020:0085-1 | Security update for slurm | 2020-01-21T11:13:52Z | 2020-01-21T11:13:52Z |
| opensuse-su-2020:0086-1 | Security update for python3 | 2020-01-21T15:12:01Z | 2020-01-21T15:12:01Z |
| opensuse-su-2020:0087-1 | Security update for tigervnc | 2020-01-21T15:12:09Z | 2020-01-21T15:12:09Z |
| opensuse-su-2020:0089-1 | Security update for fontforge | 2020-01-21T19:10:58Z | 2020-01-21T19:10:58Z |
| opensuse-su-2020:0093-1 | Security update for chromium | 2020-01-22T12:56:39Z | 2020-01-22T12:56:39Z |
| opensuse-su-2020:0094-1 | Security update for MozillaThunderbird | 2020-01-22T12:57:08Z | 2020-01-22T12:57:08Z |
| opensuse-su-2020:0095-1 | Security update for libredwg | 2020-01-22T17:11:24Z | 2020-01-22T17:11:24Z |
| opensuse-su-2020:0096-1 | Security update for libredwg | 2020-01-22T23:11:47Z | 2020-01-22T23:11:47Z |
| opensuse-su-2020:0102-1 | Security update for libssh | 2020-01-25T13:13:49Z | 2020-01-25T13:13:49Z |
| opensuse-su-2020:0103-1 | Security update for arc | 2020-01-25T13:14:05Z | 2020-01-25T13:14:05Z |
| opensuse-su-2020:0105-1 | Security update for libvpx | 2020-01-25T23:14:06Z | 2020-01-25T23:14:06Z |
| opensuse-su-2020:0113-1 | Security update for java-11-openjdk | 2020-01-28T05:12:52Z | 2020-01-28T05:12:52Z |
| opensuse-su-2020:0115-1 | Security update for libredwg | 2020-01-28T09:13:25Z | 2020-01-28T09:13:25Z |
| opensuse-su-2020:0117-1 | Security update for sarg | 2020-01-28T09:13:35Z | 2020-01-28T09:13:35Z |
| opensuse-su-2020:0119-1 | Security update for storeBackup | 2020-01-28T13:11:30Z | 2020-01-28T13:11:30Z |
| opensuse-su-2020:0121-1 | Security update for sarg | 2020-01-28T13:12:30Z | 2020-01-28T13:12:30Z |
| opensuse-su-2020:0122-1 | Security update for samba | 2020-01-28T23:11:37Z | 2020-01-28T23:11:37Z |
| opensuse-su-2020:0123-1 | Security update for git | 2020-01-29T05:11:28Z | 2020-01-29T05:11:28Z |
| opensuse-su-2020:0124-1 | Security update for apt-cacher-ng | 2020-01-29T05:11:41Z | 2020-01-29T05:11:41Z |
| opensuse-su-2020:0137-1 | Security update for mumble | 2020-01-29T16:40:30Z | 2020-01-29T16:40:30Z |
| opensuse-su-2020:0139-1 | Security update for rubygem-excon | 2020-01-29T16:41:25Z | 2020-01-29T16:41:25Z |
| opensuse-su-2020:0140-1 | Security update for sarg | 2020-01-29T16:42:04Z | 2020-01-29T16:42:04Z |
| opensuse-su-2020:0142-1 | Security update for shadowsocks-libev | 2020-01-29T16:47:06Z | 2020-01-29T16:47:06Z |
| opensuse-su-2020:0145-1 | Security update for GraphicsMagick | 2020-01-29T16:49:44Z | 2020-01-29T16:49:44Z |
| opensuse-su-2020:0146-1 | Security update for apt-cacher-ng | 2020-01-29T16:50:27Z | 2020-01-29T16:50:27Z |
| opensuse-su-2020:0147-1 | Security update for java-1_8_0-openjdk | 2020-01-29T17:10:20Z | 2020-01-29T17:10:20Z |
| opensuse-su-2020:0148-1 | Security update for mailman | 2020-01-29T17:10:27Z | 2020-01-29T17:10:27Z |
| opensuse-su-2020:0156-1 | Security update for mailman | 2020-02-03T23:14:43Z | 2020-02-03T23:14:43Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2015-00922 | Cisco Unified IP Phones 9900 Series信息泄露漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00923 | Cisco Unified IP Phones 9900 Series拒绝服务漏洞(CNVD-2015-00923) | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00924 | Libmspack空指针引用拒绝服务漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00925 | Libmspack内存破坏漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00926 | Libmspack 'mspack/mszipd.c'缓冲区溢出漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00927 | MIT krb5 kadmind远程代码执行漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00928 | MIT krb5 kadmind安全绕过漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00936 | NPDS Revolution SQL注入漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00937 | Aruba Networks Instant堆缓冲区溢出漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00938 | puppetlabs-rabbitmq存在漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00939 | ManageEngine Desktop Central跨站请求伪造漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-00940 | ArticleFR 'videouploader.php'任意文件上传漏洞 | 2015-02-05 | 2015-02-06 |
| cnvd-2015-01013 | Cisco Unified Computing System on C-Series Rack Servers跨框架脚本漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01014 | SerVision HVG Video Gateway devices with firmware权限提升漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01015 | My Little Forum存在多个跨站脚本漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01016 | EcommerceMajor存在多个SQL注入漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01017 | AVG Internet Security权限提升漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01018 | BullGuard多个产品存在任意写入权限提升漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01019 | K7 Computing多款产品存在任意写入权限提升漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01020 | Pragyan CMS SQL注入漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01021 | OptimalSite CMS 'display_dialog.php'跨站脚本漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01022 | ownCloud Server身份验证漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01023 | Ansible Tower信息泄露漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01024 | Ansible Tower远程权限提升漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01029 | SnipSnap 'query'参数跨站脚本漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01030 | Adobe Flash Player存在未明内存破坏漏洞(CNVD-2015-01030) | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01034 | ownCloud 'OC_Util::getUrlContent()' 本地信息泄露漏洞 | 2015-02-05 | 2015-02-11 |
| cnvd-2015-01107 | Fortinet FortiAuthenticator权限提升漏洞 | 2015-02-05 | 2015-02-12 |
| cnvd-2015-01108 | Fortinet FortiAuthenticator目录遍历漏洞 | 2015-02-05 | 2015-02-12 |
| cnvd-2015-01109 | Fortinet FortiAuthenticator跨站脚本漏洞 | 2015-02-05 | 2015-02-12 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2004-avi-198 | Multiples vulnérabilités sous IRIX | 2004-06-15T00:00:00.000000 | 2005-01-17T00:00:00.000000 |
| certa-2004-avi-199 | Vulnérabilité de BEA WebLogic | 2004-06-16T00:00:00.000000 | 2004-06-16T00:00:00.000000 |
| certa-2004-avi-200 | Vulnérabilités dans Novell eDirectory et Novell iManager | 2004-06-16T00:00:00.000000 | 2004-06-16T00:00:00.000000 |
| certa-2004-avi-201 | Vulnérabilité de BEA WebLogic | 2004-06-16T00:00:00.000000 | 2004-06-16T00:00:00.000000 |
| certa-2004-avi-202 | Vulnérabilité de Webmin et Usermin | 2004-06-17T00:00:00.000000 | 2004-07-28T00:00:00.000000 |
| certa-2004-avi-203 | Vulnérabilité dans le traitement des paquets BGP par Cisco IOS | 2004-06-17T00:00:00.000000 | 2004-06-17T00:00:00.000000 |
| certa-2004-avi-204 | Multiples vulnérabilités du service ISC DHCP | 2004-06-23T00:00:00.000000 | 2004-06-29T00:00:00.000000 |
| certa-2004-avi-205 | Vulnérabilité de Pure-FTPd | 2004-06-23T00:00:00.000000 | 2004-07-05T00:00:00.000000 |
| certa-2004-avi-206 | Vulnérabilité de Aspell | 2004-06-23T00:00:00.000000 | 2004-12-21T00:00:00.000000 |
| certa-2004-avi-207 | Vulnérabilité du client Lotus Notes | 2004-06-25T00:00:00.000000 | 2004-06-25T00:00:00.000000 |
| certa-2004-avi-208 | Vulnérabilité des commutateurs 3COM SuperStack | 2004-06-25T00:00:00.000000 | 2004-06-25T00:00:00.000000 |
| certa-2004-avi-209 | Vulnérabilités de BEA WebLogic | 2004-06-29T00:00:00.000000 | 2004-06-29T00:00:00.000000 |
| certa-2004-avi-210 | Vulnérabilité du serveur HTTP Apache | 2004-06-29T00:00:00.000000 | 2004-09-08T00:00:00.000000 |
| certa-2004-avi-211 | Vulnérabilité de XFree86 | 2004-06-30T00:00:00.000000 | 2004-07-28T00:00:00.000000 |
| certa-2004-avi-212 | Vulnérabilité dans la bibliothèque libpng | 2004-06-30T00:00:00.000000 | 2004-07-09T00:00:00.000000 |
| certa-2004-avi-213 | Vulnérabilité dans Directory Services de Mac OS X | 2004-07-01T00:00:00.000000 | 2004-07-01T00:00:00.000000 |
| certa-2004-avi-214 | Vulnérabilité sur Novell iChain | 2004-07-01T00:00:00.000000 | 2004-07-01T00:00:00.000000 |
| certa-2004-avi-215 | Vulnérabilité de HP-UX ARPA Transport | 2004-07-01T00:00:00.000000 | 2004-07-01T00:00:00.000000 |
| certa-2004-avi-216 | Vulnérabilité de pavuk | 2004-07-01T00:00:00.000000 | 2004-07-05T00:00:00.000000 |
| certa-2004-avi-217 | Vulnérabilités dans MPlayer | 2004-07-02T00:00:00.000000 | 2004-08-02T00:00:00.000000 |
| certa-2004-avi-218 | Vulnérabilité dans Cisco Collaboration Server | 2004-07-02T00:00:00.000000 | 2004-07-02T00:00:00.000000 |
| certa-2004-avi-219 | Multiples vulnérabilités de rlpr | 2004-07-02T00:00:00.000000 | 2004-07-02T00:00:00.000000 |
| certa-2004-avi-220 | Vulnérabilité dans la gestion d'appels système sous FreeBSD | 2004-07-05T00:00:00.000000 | 2004-07-05T00:00:00.000000 |
| certa-2004-avi-221 | Vulnérabilité de GNATS | 2004-07-05T00:00:00.000000 | 2004-07-05T00:00:00.000000 |
| certa-2004-avi-222 | Vulnérabilité dans le JUNOS de Juniper | 2004-07-06T00:00:00.000000 | 2004-07-06T00:00:00.000000 |
| certa-2004-avi-223 | Vulnérabilité de MySQL | 2004-07-06T00:00:00.000000 | 2004-07-06T00:00:00.000000 |
| certa-2004-avi-224 | Vulnérabilité de netfilter dans les noyaux Linux 2.6 | 2004-07-06T00:00:00.000000 | 2004-07-15T00:00:00.000000 |
| certa-2004-avi-225 | Multiples vulnérabilités du noyau Linux | 2004-07-06T00:00:00.000000 | 2004-07-22T00:00:00.000000 |
| certa-2004-avi-226 | Vulnérabilité de WinGate | 2004-07-06T00:00:00.000000 | 2004-07-06T00:00:00.000000 |
| certa-2004-avi-227 | Vulnérabilité dans les pare-feux NetScreen 5GT | 2004-07-06T00:00:00.000000 | 2004-07-06T00:00:00.000000 |