Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-22852 |
6.8 (4.0)
|
FreeRDP has a heap-buffer-overflow in audin_process_formats |
FreeRDP |
FreeRDP |
2026-01-14T17:45:22.253Z | 2026-01-16T04:55:46.208Z |
| CVE-2026-0421 |
7 (4.0)
6.5 (3.1)
|
A potential vulnerability was reported in the BIO… |
Lenovo |
ThinkPad L13 Gen 6 BIOS |
2026-01-14T22:18:56.115Z | 2026-01-16T04:55:44.710Z |
| CVE-2026-23709 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:07.099Z | |
| CVE-2026-23710 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:06.646Z | |
| CVE-2026-23711 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:06.197Z | |
| CVE-2026-23712 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:05.700Z | |
| CVE-2026-23713 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:05.231Z | |
| CVE-2026-23714 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:04.715Z | |
| CVE-2026-0855 |
8.7 (4.0)
8.8 (3.1)
|
Merit LILIN|IP Camera - OS Command Injection |
Merit LILIN |
P2 |
2026-01-12T06:44:40.227Z | 2026-01-16T02:09:56.328Z |
| CVE-2025-9904 |
5.3 (3.1)
6.9 (4.0)
|
Unallocated memory access vulnerability in print … |
Canon Inc. |
Generic Plus PCL6 Printer Driver |
2025-09-29T00:46:03.660Z | 2026-01-16T00:10:23.476Z |
| CVE-2025-9903 |
5.9 (3.1)
5.9 (4.0)
|
Out-of-bounds write vulnerabilities in print proc… |
Canon Inc. |
Generic Plus PCL6 Printer Driver |
2025-09-29T00:44:55.506Z | 2026-01-16T00:02:54.676Z |
| CVE-2025-7698 |
5.9 (3.1)
5.9 (4.0)
|
Out-of-bounds read vulnerabilities in print proce… |
Canon Inc. |
Generic Plus PCL6 Printer Driver |
2025-09-29T00:47:02.910Z | 2026-01-15T23:59:37.174Z |
| CVE-2026-1012 |
N/A
|
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | N/A | N/A | 2026-01-15T22:55:03.432Z | |
| CVE-2020-36917 |
8.6 (4.0)
7.5 (3.1)
|
iDS6 DSSPro Digital Signage System 6.2 Cleartext Passw… |
Guangzhou Yeroo Tech Co., Ltd. |
iDS6 DSSPro Digital Signage System |
2026-01-06T15:53:23.292Z | 2026-01-15T21:37:30.416Z |
| CVE-2026-23622 |
7.4 (4.0)
|
CSRF Protection Bypass: Sensitive endpoints accept GET… |
alextselegidis |
easyappointments |
2026-01-15T19:28:58.369Z | 2026-01-15T21:34:43.098Z |
| CVE-2025-36934 |
7.4 (3.1)
|
In bigo_worker_thread of private/google-modules/v… |
Google |
Android |
2025-12-11T19:35:47.543Z | 2026-01-15T21:30:04.740Z |
| CVE-2025-70892 |
9.8 (3.1)
|
Phpgurukul Cyber Cafe Management System v1.0 cont… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T21:25:50.687Z |
| CVE-2025-70893 |
8.8 (3.1)
|
A time-based blind SQL Injection vulnerability ex… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T21:22:19.718Z |
| CVE-2026-21918 |
7.5 (3.1)
8.7 (4.0)
|
Junos OS: SRX and MX Series: When TCP packets occur in… |
Juniper Networks |
Junos OS |
2026-01-15T20:27:54.743Z | 2026-01-15T21:13:00.740Z |
| CVE-2026-21917 |
7.5 (3.1)
8.7 (4.0)
|
Junos OS: SRX Series: Specifically malformed SSL packe… |
Juniper Networks |
Junos OS |
2026-01-15T20:27:11.214Z | 2026-01-15T21:12:37.455Z |
| CVE-2026-21907 |
5.9 (3.1)
8.2 (4.0)
|
Junos Space: TLS/SSL server supports use of static key… |
Juniper Networks |
Junos Space |
2026-01-15T20:21:11.010Z | 2026-01-15T21:12:31.198Z |
| CVE-2026-21903 |
6.5 (3.1)
7.1 (4.0)
|
Junos OS: Subscribing to telemetry sensors at scale ca… |
Juniper Networks |
Junos OS |
2026-01-15T20:18:36.767Z | 2026-01-15T21:12:08.631Z |
| CVE-2026-0203 |
6.5 (3.1)
7.1 (4.0)
|
Junos OS: Receipt of a specifically malformed ICMP pac… |
Juniper Networks |
Junos OS |
2026-01-15T20:17:24.552Z | 2026-01-15T21:11:32.119Z |
| CVE-2025-60011 |
5.8 (3.1)
6.9 (4.0)
|
Junos OS and Junos OS Evolved: Optional transitive BGP… |
Juniper Networks |
Junos OS |
2026-01-15T20:16:47.459Z | 2026-01-15T21:10:58.766Z |
| CVE-2025-60007 |
5.5 (3.1)
6.8 (4.0)
|
Junos OS: A specifically crafted 'show chassis' comman… |
Juniper Networks |
Junos OS |
2026-01-15T20:16:22.617Z | 2026-01-15T21:10:13.435Z |
| CVE-2026-1002 |
6.9 (4.0)
|
Eclipse Vert.x Web static handler file access denial |
Eclipse Vert.x |
Eclipse Vert.x |
2026-01-15T20:50:25.642Z | 2026-01-15T21:09:22.172Z |
| CVE-2025-60003 |
7.5 (3.1)
8.7 (4.0)
|
Junos OS and Junos OS Evolved: BGP update with a set o… |
Juniper Networks |
Junos OS |
2026-01-15T20:15:04.828Z | 2026-01-15T21:09:19.309Z |
| CVE-2025-59961 |
5.5 (3.1)
6.8 (4.0)
|
Junos OS and Junos OS Evolved: Unix socket used to con… |
Juniper Networks |
Junos OS |
2026-01-15T20:14:43.508Z | 2026-01-15T21:08:37.387Z |
| CVE-2025-67025 |
6.1 (3.1)
|
Cross Site Scripting vulnerability in Anycomment … |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T21:07:24.240Z |
| CVE-2025-70891 |
6.1 (3.1)
|
A stored cross-site scripting (XSS) vulnerability… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T21:06:05.340Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-49937 |
4.3 (3.1)
|
WordPress Smash Balloon Social Post Feed plugin <= 4.3… |
Syed Balkhi |
Smash Balloon Social Post Feed |
2025-10-22T14:32:16.676Z | 2026-01-20T14:28:07.564Z |
| CVE-2025-49936 |
6.5 (3.1)
|
WordPress WoodMart theme < 8.3.2 - Cross Site Scriptin… |
xtemos |
WoodMart |
2025-10-22T14:32:16.302Z | 2026-01-20T14:28:07.770Z |
| CVE-2025-49935 |
7.4 (3.1)
|
WordPress WoodMart theme < 8.3.2 - Local File Inclusio… |
xtemos |
WoodMart |
2025-10-22T14:32:16.098Z | 2026-01-20T14:28:07.791Z |
| CVE-2025-49934 |
5.4 (3.1)
|
WordPress JetBlocks For Elementor plugin <= 1.3.18 - C… |
CrocoBlock |
JetBlocks For Elementor |
2025-10-22T14:32:15.865Z | 2026-01-20T14:28:07.810Z |
| CVE-2025-49933 |
6.5 (3.1)
|
WordPress JetBlog plugin <= 2.4.4 - Cross Site Scripti… |
CrocoBlock |
JetBlog |
2025-10-22T14:32:15.603Z | 2026-01-20T14:28:07.844Z |
| CVE-2025-49932 |
6.5 (3.1)
|
WordPress JetBlog plugin <= 2.4.4.1 - Cross Site Scrip… |
CrocoBlock |
JetBlog |
2025-10-22T14:32:15.443Z | 2026-01-20T14:28:07.647Z |
| CVE-2025-49931 |
9.3 (3.1)
|
WordPress JetSearch plugin <= 3.5.10 - SQL Injection v… |
CrocoBlock |
JetSearch |
2025-10-22T14:32:15.259Z | 2026-01-20T14:28:07.695Z |
| CVE-2025-49930 |
7.1 (3.1)
|
WordPress JetSearch plugin <= 3.5.10 - Cross Site Scri… |
CrocoBlock |
JetSearch |
2025-10-22T14:32:15.035Z | 2026-01-20T14:28:07.642Z |
| CVE-2025-49929 |
6.5 (3.1)
|
WordPress Ultimate Blocks plugin <= 3.3.6 - Cross Site… |
Ultimate Blocks |
Ultimate Blocks |
2025-10-22T14:32:14.811Z | 2026-01-20T14:28:07.609Z |
| CVE-2025-49928 |
6.5 (3.1)
|
WordPress JetWooBuilder plugin <= 2.1.20 - Cross Site … |
CrocoBlock |
JetWooBuilder |
2025-10-22T14:32:14.597Z | 2026-01-20T14:28:07.500Z |
| CVE-2025-49927 |
6.5 (3.1)
|
WordPress JetWooBuilder plugin <= 2.1.20.1 - Cross Sit… |
CrocoBlock |
JetWooBuilder |
2025-10-22T14:32:14.395Z | 2026-01-20T14:28:07.599Z |
| CVE-2025-49926 |
7.3 (3.1)
|
WordPress Kalium theme <= 3.25 - Arbitrary Code Execut… |
Laborator |
Kalium |
2025-10-22T14:32:14.208Z | 2026-01-20T14:28:07.637Z |
| CVE-2025-49925 |
7.3 (3.1)
|
WordPress WPLMS plugin <= 1.9.9.7 - Broken Access Cont… |
VibeThemes |
WPLMS |
2025-10-22T14:32:14.033Z | 2026-01-20T15:39:46.393Z |
| CVE-2025-49924 |
7.3 (3.1)
|
WordPress Wholesale Suite plugin <= 2.2.4.2 - Privileg… |
Josh Kohlbach |
Wholesale Suite |
2025-10-22T14:32:13.804Z | 2026-01-20T15:39:21.024Z |
| CVE-2025-49923 |
6.1 (3.1)
|
WordPress Seriously Simple Podcasting plugin <= 3.11.1… |
Craig Hewitt |
Seriously Simple Podcasting |
2025-10-22T14:32:13.596Z | 2026-01-20T15:38:59.264Z |
| CVE-2025-49922 |
4.3 (3.1)
|
WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.3 -… |
etruel |
WPeMatico RSS Feed Fetcher |
2025-10-22T14:32:13.367Z | 2026-01-20T15:38:36.695Z |
| CVE-2025-49921 |
7.3 (3.1)
|
WordPress JetReviews plugin <= 3.0.0 - Local File Incl… |
CrocoBlock |
JetReviews |
2025-10-22T14:32:13.059Z | 2026-01-20T15:38:14.568Z |
| CVE-2025-49920 |
5.4 (3.1)
|
WordPress Web Accessibility By accessiBe plugin <= 2.1… |
accessiBe |
Web Accessibility By accessiBe |
2025-10-22T14:32:12.844Z | 2026-01-20T14:28:07.628Z |
| CVE-2025-49919 |
5.8 (3.1)
|
WordPress eRoom plugin <= 1.5.6 - Sensitive Data Expos… |
WPCenter |
eRoom |
2025-12-18T07:21:44.250Z | 2026-01-20T14:28:07.395Z |
| CVE-2025-49918 |
5.9 (3.1)
|
WordPress VikBooking Hotel Booking Engine & PMS plugin… |
e4jvikwp |
VikBooking Hotel Booking Engine & PMS |
2025-12-18T07:21:44.067Z | 2026-01-20T14:28:07.426Z |
| CVE-2025-49917 |
4.4 (3.1)
|
WordPress Icegram Express Pro plugin <= 5.9.5 - Server… |
Icegram |
Icegram Express Pro |
2025-10-22T14:32:12.630Z | 2026-01-20T14:28:07.536Z |
| CVE-2025-49916 |
8.6 (3.1)
|
WordPress MultiVendorX plugin <= 4.2.23 - Broken Acces… |
MultiVendorX |
MultiVendorX |
2025-10-22T14:32:12.420Z | 2026-01-20T14:28:07.416Z |
| CVE-2025-49915 |
9.3 (3.1)
|
WordPress SMS Alert Order Notifications plugin <= 3.8.… |
Cozy Vision |
SMS Alert Order Notifications |
2025-10-22T14:32:12.221Z | 2026-01-20T14:28:07.416Z |
| CVE-2025-49914 |
6.5 (3.1)
|
WordPress Restaurant Menu by MotoPress plugin <= 2.4.7… |
jetmonsters |
Restaurant Menu by MotoPress |
2025-12-18T07:21:43.896Z | 2026-01-20T14:28:07.321Z |
| CVE-2025-49913 |
5.3 (3.1)
|
WordPress CoSchedule plugin <= 3.4.0 - Broken Access C… |
CoSchedule |
CoSchedule |
2025-10-22T14:32:11.977Z | 2026-01-20T14:28:07.305Z |
| CVE-2025-49912 |
5.9 (3.1)
|
WordPress Email Subscription Popup plugin <= 1.2.26 - … |
Nks |
Email Subscription Popup |
2025-10-22T14:32:11.545Z | 2026-01-20T14:28:07.305Z |
| CVE-2025-49911 |
7.1 (3.1)
|
WordPress WooCommerce Vehicle Parts Finder plugin <= 3… |
wpinstinct |
WooCommerce Vehicle Parts Finder |
2025-10-22T14:32:11.293Z | 2026-01-20T14:28:07.298Z |
| CVE-2025-49910 |
8.2 (3.1)
|
WordPress WPGuppy plugin <= 1.1.4 - Broken Access Cont… |
AmentoTech Private Limited |
WPGuppy |
2025-10-22T14:32:11.095Z | 2026-01-20T14:28:07.272Z |
| CVE-2025-49909 |
6.1 (3.1)
|
WordPress Penci Bookmark & Follow plugin < 2.4 - Cross… |
PenciDesign |
Penci Bookmark & Follow |
2025-11-06T15:53:56.279Z | 2026-01-20T14:28:07.191Z |
| CVE-2025-49907 |
4.3 (3.1)
|
WordPress MDTF plugin <= 1.3.3.9 - Broken Access Contr… |
RealMag777 |
MDTF |
2025-10-22T14:32:10.614Z | 2026-01-20T14:28:07.207Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-49928 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:38.850 | 2026-01-20T15:16:42.293 |
| fkie_cve-2025-49927 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:38.723 | 2026-01-20T15:16:42.160 |
| fkie_cve-2025-49926 | Improper Control of Generation of Code ('Code Injection') vulnerability in Laborator Kalium kalium … | 2025-10-22T15:15:38.583 | 2026-01-20T15:16:42.023 |
| fkie_cve-2025-49925 | Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality… | 2025-10-22T15:15:38.460 | 2026-01-20T15:16:41.883 |
| fkie_cve-2025-49924 | Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale… | 2025-10-22T15:15:38.327 | 2026-01-20T15:16:41.753 |
| fkie_cve-2025-49923 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:38.193 | 2026-01-20T15:16:41.587 |
| fkie_cve-2025-49922 | Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploitin… | 2025-10-22T15:15:38.073 | 2026-01-20T15:16:41.450 |
| fkie_cve-2025-49921 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-10-22T15:15:37.943 | 2026-01-20T15:16:41.310 |
| fkie_cve-2025-49920 | Missing Authorization vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Ex… | 2025-10-22T15:15:37.817 | 2026-01-20T15:16:41.180 |
| fkie_cve-2025-49919 | Insertion of Sensitive Information Into Sent Data vulnerability in WPCenter eRoom eroom-zoom-meetin… | 2025-12-18T08:15:52.227 | 2026-01-20T15:16:41.043 |
| fkie_cve-2025-49918 | Insertion of Sensitive Information Into Sent Data vulnerability in e4jvikwp VikBooking Hotel Bookin… | 2025-12-18T08:15:52.083 | 2026-01-20T15:16:40.910 |
| fkie_cve-2025-49917 | Server-Side Request Forgery (SSRF) vulnerability in Icegram Icegram Express Pro email-subscribers-p… | 2025-10-22T15:15:37.693 | 2026-01-20T15:16:40.777 |
| fkie_cve-2025-49916 | Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows… | 2025-10-22T15:15:37.573 | 2026-01-20T15:16:40.640 |
| fkie_cve-2025-49915 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-10-22T15:15:37.440 | 2026-01-20T15:16:40.510 |
| fkie_cve-2025-49914 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in jetmons… | 2025-12-18T08:15:51.957 | 2026-01-20T15:16:40.387 |
| fkie_cve-2025-49913 | Missing Authorization vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Exploit… | 2025-10-22T15:15:37.317 | 2026-01-20T15:16:40.257 |
| fkie_cve-2025-49912 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:37.183 | 2026-01-20T15:16:40.117 |
| fkie_cve-2025-49911 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:37.043 | 2026-01-20T15:16:39.980 |
| fkie_cve-2025-49910 | Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Acces… | 2025-10-22T15:15:36.913 | 2026-01-20T15:16:39.847 |
| fkie_cve-2025-49909 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:54.583 | 2026-01-20T15:16:39.717 |
| fkie_cve-2025-49907 | Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allo… | 2025-10-22T15:15:36.643 | 2026-01-20T15:16:39.447 |
| fkie_cve-2025-49906 | Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionali… | 2025-10-22T15:15:36.503 | 2026-01-20T15:16:39.313 |
| fkie_cve-2025-49905 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:54.430 | 2026-01-20T15:16:39.180 |
| fkie_cve-2025-49904 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:54.243 | 2026-01-20T15:16:39.050 |
| fkie_cve-2025-49903 | Missing Authorization vulnerability in bdthemes ZoloBlocks zoloblocks allows Exploiting Incorrectly… | 2025-10-22T15:15:36.377 | 2026-01-20T15:16:38.917 |
| fkie_cve-2025-49902 | Missing Authorization vulnerability in A WP Life Login Page Customizer – Customizer Login Pag… | 2025-12-18T08:15:51.817 | 2026-01-20T15:16:38.783 |
| fkie_cve-2025-49901 | Authentication Bypass Using an Alternate Path or Channel vulnerability in quantumcloud Simple Link … | 2025-10-22T15:15:36.243 | 2026-01-20T15:16:38.650 |
| fkie_cve-2025-49900 | Incorrect Privilege Assignment vulnerability in bPlugins Advanced scrollbar advanced-scrollbar allo… | 2025-11-06T16:15:54.070 | 2026-01-20T15:16:38.510 |
| fkie_cve-2025-49899 | Missing Authorization vulnerability in jjlemstra Whydonate wp-whydonate allows Accessing Functional… | 2025-10-22T15:15:36.110 | 2026-01-20T15:16:38.370 |
| fkie_cve-2025-49398 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Easy… | 2025-11-06T16:15:53.890 | 2026-01-20T15:16:38.237 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-5rfx-cp42-p624 |
5.9 (3.1)
|
Quarkus REST has potential worker thread starvation when HTTP connection is closed while waiting to write | 2026-01-07T18:09:56Z | 2026-01-07T20:37:40Z |
| ghsa-6fg3-hvw7-2fwq |
7.2 (4.0)
|
Microsoft Playwright MCP Server vulnerable to DNS Rebinding Attack; Allows Attackers Access to All … | 2026-01-07T12:31:25Z | 2026-01-07T20:02:55Z |
| ghsa-rwp9-5g7q-73q3 |
9.3 (4.0)
|
OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware | 2026-01-07T12:31:25Z | 2026-01-07T19:31:31Z |
| ghsa-6rcw-ww3x-xqwm |
5.0 (3.1)
2.3 (4.0)
|
carbone Code Injection vulnerability | 2026-01-07T12:31:19Z | 2026-01-07T19:30:26Z |
| ghsa-5c9g-c5m4-vmrj |
5.3 (4.0)
|
As the service interaction is performed without authentication, an attacker with some knowledge of … | 2026-01-07T18:30:27Z | 2026-01-07T18:30:27Z |
| ghsa-xc37-chcm-mxpf |
5.8 (3.1)
|
Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests … | 2026-01-07T18:30:26Z | 2026-01-07T18:30:26Z |
| ghsa-w48j-gq3h-j3j3 |
6.5 (3.1)
7.1 (4.0)
|
Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP C… | 2026-01-07T18:30:26Z | 2026-01-07T18:30:26Z |
| ghsa-jj3f-4mq7-82wx |
8.9 (4.0)
|
An attacker with the ability to interact through the network and with access credentials, could, th… | 2026-01-07T18:30:26Z | 2026-01-07T18:30:26Z |
| ghsa-hrg8-5gxf-r4xq |
6.8 (4.0)
|
The lack of hardening of the system allows the user used to manage and maintain the charger to cons… | 2026-01-07T18:30:26Z | 2026-01-07T18:30:26Z |
| ghsa-f26c-v5jj-mj89 |
4.9 (3.1)
|
A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco IS… | 2026-01-07T18:30:26Z | 2026-01-07T18:30:26Z |
| ghsa-cmc5-wxfq-2mhc |
8.7 (4.0)
|
An attacker with a network connection could detect credentials in clear text. | 2026-01-07T18:30:26Z | 2026-01-07T18:30:26Z |
| ghsa-9f4w-fmcx-4c8w |
6.8 (3.1)
|
A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code vi… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:26Z |
| ghsa-8852-3pqj-jhpv |
5.3 (3.1)
|
Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that … | 2026-01-07T18:30:26Z | 2026-01-07T18:30:26Z |
| ghsa-85fj-vc95-7wgw |
6.1 (3.1)
|
Cross-site Scripting vulnerability in Devolutions PowerShell Universal.This issue affects Powershel… | 2026-01-07T18:30:26Z | 2026-01-07T18:30:26Z |
| ghsa-77jm-6qr9-xf3j |
7.5 (3.1)
|
@sylphxltd/filesystem-mcp v0.5.8 is an MCP server that provides file content reading functionality.… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:26Z |
| ghsa-44qw-vppw-hwhc |
8.6 (4.0)
|
The absence of permissions control for the user XXX allows the current configuration in the sudoers… | 2026-01-07T18:30:26Z | 2026-01-07T18:30:26Z |
| ghsa-rqwq-xmxw-556r |
7.5 (3.1)
|
OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. U… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-q522-992x-qpmc |
4.9 (3.1)
|
In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able … | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-m9qp-frxf-whqw |
8.8 (3.1)
8.4 (4.0)
|
Incorrect Implementation of Authentication Algorithm vulnerability in ABB WebPro SNMP Card PowerVal… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-h6x6-jmqq-wp3f |
8.2 (4.0)
|
The massive sending of ICMP requests causes a denial of service on one of the boards from the EVCha… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-h38c-m43h-44mc |
6.1 (3.1)
|
A stored Cross-Site Scripting (XSS) vulnerability exists in Perch CMS version 3.2. An authenticated… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-gv42-43rh-4gxv |
6.5 (3.1)
7.1 (4.0)
|
Improper Check for Unusual or Exceptional Conditions vulnerability in ABB WebPro SNMP Card PowerVal… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-gqqp-9725-vwp7 |
9.2 (4.0)
|
An attacker with access to the system's internal network can cause a denial of service on the syste… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-62p9-m62j-p76m |
7.5 (3.1)
|
OpenAirInterface CN5G AMF<=v2.0.1 There is a logical error when processing JSON format requests. Un… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-573w-fmhg-vxq2 |
6.5 (3.1)
|
A command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows at… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-2xw3-m2wf-5r5m |
6.5 (3.1)
|
In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limi… | 2026-01-07T18:30:25Z | 2026-01-07T18:30:25Z |
| ghsa-xxq2-fm9w-xjv8 |
4.9 (3.1)
|
The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 d… | 2026-01-07T12:31:22Z | 2026-01-07T18:30:24Z |
| ghsa-mrfv-m5wm-5w6w |
4.5 (3.1)
|
libsodium has Incomplete List of Disallowed Inputs | 2025-12-31T06:30:18Z | 2026-01-07T18:30:24Z |
| ghsa-xx5j-8788-qwj6 |
7.8 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-… | 2025-08-22T18:31:23Z | 2026-01-07T18:30:22Z |
| ghsa-w76p-w3h3-c35v |
7.8 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment t… | 2025-08-22T18:31:22Z | 2026-01-07T18:30:22Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-27039 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.352810Z |
| gsd-2024-27052 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.352587Z |
| gsd-2024-27083 | Flask-AppBuilder is an application development framework, built on top of Flask. A Cross-… | 2024-02-20T06:02:29.352361Z |
| gsd-2024-27006 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.352115Z |
| gsd-2024-27037 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.351886Z |
| gsd-2024-27113 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.351674Z |
| gsd-2024-27119 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.351459Z |
| gsd-2024-27067 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.351235Z |
| gsd-2024-27035 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.351029Z |
| gsd-2024-27001 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.350792Z |
| gsd-2024-27040 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.350576Z |
| gsd-2024-27020 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.350268Z |
| gsd-2024-27082 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.350063Z |
| gsd-2024-27107 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.349852Z |
| gsd-2024-27068 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.349649Z |
| gsd-2024-27000 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.349443Z |
| gsd-2024-27110 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.349233Z |
| gsd-2024-27007 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.349020Z |
| gsd-2024-27104 | GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Ser… | 2024-02-20T06:02:29.348805Z |
| gsd-2024-27043 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.348588Z |
| gsd-2024-27078 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.348382Z |
| gsd-2024-27100 | Discourse is an open source platform for community discussion. In affected versions the e… | 2024-02-20T06:02:29.348169Z |
| gsd-2024-27044 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.347908Z |
| gsd-2024-27059 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.347644Z |
| gsd-2024-27050 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.347430Z |
| gsd-2024-27069 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.347225Z |
| gsd-2024-27118 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.347007Z |
| gsd-2024-27058 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.346785Z |
| gsd-2024-27101 | SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing se… | 2024-02-20T06:02:29.346087Z |
| gsd-2024-27098 | GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Ser… | 2024-02-20T06:02:29.345881Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-185480 | Malicious code in antd-style-loader-miranda-uninstall (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185479 | Malicious code in antd-playwright-ichnology-technocracy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185478 | Malicious code in antd-node-sass-zenobia-eris (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185477 | Malicious code in antares-thermochronology-parallax-blackhole (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185476 | Malicious code in antares-terser-regulus-gravity (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185475 | Malicious code in antares-superflare-transform-blackhole (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185474 | Malicious code in antares-quasarjet-winston-superflare (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185473 | Malicious code in antares-procyon-xenon-solis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185472 | Malicious code in antares-planckscale-helmet-module (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185471 | Malicious code in antares-parallax-publish-innercore (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185470 | Malicious code in antares-mui-tailwindcss-cross-env (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185469 | Malicious code in antares-luminescence-phoebe-higgs (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185468 | Malicious code in antares-jsonp-charon-europa (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185467 | Malicious code in antares-jasmine-rocket-start (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185466 | Malicious code in antares-iota-mysql-start (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185465 | Malicious code in antares-genomics-grus-planetology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185464 | Malicious code in antares-cluster-ursa-javascript (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185463 | Malicious code in antares-bunyan-apollo-deimos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185462 | Malicious code in antares-aurora-mocha-corvus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185461 | Malicious code in antares-asteroid-quantum-helmet (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185460 | Malicious code in antares-apex-robotics-quito (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185459 | Malicious code in antares-airbnb-cryonics-ionosphere (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185458 | Malicious code in antares-aether-run-script-pino-pretty (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185457 | Malicious code in andromeda-webpack-nodejs-sadr (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185456 | Malicious code in andromeda-impulse-quasarjet-elara (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185455 | Malicious code in andromeda-grus-leda-leda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185454 | Malicious code in analyze-signal-bundle-query-mock (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185453 | Malicious code in analyze-meta-error-chi-serialize (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185452 | Malicious code in analyze-key-simple-long-gamma (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-185451 | Malicious code in analyze-char-fork-theta-kernel (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:11850 | Red Hat Security Advisory: kernel security update | 2025-07-28T08:16:06+00:00 | 2025-11-21T19:20:56+00:00 |
| rhsa-2025:11849 | Red Hat Security Advisory: unbound security update | 2025-07-28T09:02:41+00:00 | 2025-11-21T19:20:56+00:00 |
| rhsa-2025:11797 | Red Hat Security Advisory: firefox security update | 2025-07-28T01:21:50+00:00 | 2025-11-21T19:20:53+00:00 |
| rhsa-2025:11748 | Red Hat Security Advisory: firefox security update | 2025-07-24T15:45:22+00:00 | 2025-11-21T19:20:52+00:00 |
| rhsa-2025:11747 | Red Hat Security Advisory: firefox security update | 2025-07-24T15:21:41+00:00 | 2025-11-21T19:20:51+00:00 |
| rhsa-2025:11645 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 security update | 2025-07-23T15:31:23+00:00 | 2025-11-21T19:20:44+00:00 |
| rhsa-2025:11640 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 security update on RHEL 9 | 2025-07-23T15:25:23+00:00 | 2025-11-21T19:20:44+00:00 |
| rhsa-2025:11639 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 security update on RHEL 8 | 2025-07-23T15:24:23+00:00 | 2025-11-21T19:20:43+00:00 |
| rhsa-2025:11638 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 security update on RHEL 7 | 2025-07-23T15:27:18+00:00 | 2025-11-21T19:20:43+00:00 |
| rhsa-2025:11636 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 for OpenShift image security update | 2025-07-23T15:24:53+00:00 | 2025-11-21T19:20:42+00:00 |
| rhsa-2025:11570 | Red Hat Security Advisory: kernel security update | 2025-07-23T00:30:32+00:00 | 2025-11-21T19:20:39+00:00 |
| rhsa-2025:11418 | Red Hat Security Advisory: gnome-remote-desktop security update | 2025-07-21T06:54:37+00:00 | 2025-11-21T19:20:32+00:00 |
| rhsa-2025:11408 | Red Hat Security Advisory: gnome-remote-desktop security update | 2025-07-21T01:52:09+00:00 | 2025-11-21T19:20:31+00:00 |
| rhsa-2025:11407 | Red Hat Security Advisory: gnome-remote-desktop security update | 2025-07-21T01:30:59+00:00 | 2025-11-21T19:20:31+00:00 |
| rhsa-2025:11406 | Red Hat Security Advisory: gnome-remote-desktop security update | 2025-07-21T01:50:39+00:00 | 2025-11-21T19:20:31+00:00 |
| rhsa-2025:11405 | Red Hat Security Advisory: gnome-remote-desktop security update | 2025-07-21T01:42:14+00:00 | 2025-11-21T19:20:31+00:00 |
| rhsa-2025:11404 | Red Hat Security Advisory: gnome-remote-desktop security update | 2025-07-21T01:21:04+00:00 | 2025-11-21T19:20:30+00:00 |
| rhsa-2025:11403 | Red Hat Security Advisory: gnome-remote-desktop security update | 2025-07-21T01:29:49+00:00 | 2025-11-21T19:20:30+00:00 |
| rhsa-2025:11402 | Red Hat Security Advisory: avahi security update | 2025-07-21T02:20:49+00:00 | 2025-11-21T19:20:30+00:00 |
| rhsa-2025:11382 | Red Hat Security Advisory: tomcat security update | 2025-07-17T11:05:31+00:00 | 2025-11-21T19:20:28+00:00 |
| rhsa-2025:11381 | Red Hat Security Advisory: tomcat security update | 2025-07-17T10:53:55+00:00 | 2025-11-21T19:20:27+00:00 |
| rhsa-2025:11375 | Red Hat Security Advisory: kernel-rt security update | 2025-07-17T09:35:41+00:00 | 2025-11-21T19:20:27+00:00 |
| rhsa-2025:11358 | Red Hat Security Advisory: kernel security update | 2025-07-17T00:20:19+00:00 | 2025-11-21T19:20:24+00:00 |
| rhsa-2025:11339 | Red Hat Security Advisory: cloud-init security update | 2025-07-16T15:43:53+00:00 | 2025-11-21T19:20:24+00:00 |
| rhsa-2025:11337 | Red Hat Security Advisory: cloud-init security update | 2025-07-16T15:37:58+00:00 | 2025-11-21T19:20:24+00:00 |
| rhsa-2025:11335 | Red Hat Security Advisory: tomcat security update | 2025-07-16T15:28:33+00:00 | 2025-11-21T19:20:23+00:00 |
| rhsa-2025:11334 | Red Hat Security Advisory: tomcat security update | 2025-07-16T15:25:28+00:00 | 2025-11-21T19:20:23+00:00 |
| rhsa-2025:11333 | Red Hat Security Advisory: tomcat security update | 2025-07-16T15:30:03+00:00 | 2025-11-21T19:20:22+00:00 |
| rhsa-2025:11332 | Red Hat Security Advisory: tomcat9 security update | 2025-07-16T15:19:33+00:00 | 2025-11-21T19:20:22+00:00 |
| rhsa-2025:11324 | Red Hat Security Advisory: cloud-init security update | 2025-07-16T14:11:48+00:00 | 2025-11-21T19:20:22+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-34689 | Windows CryptoAPI Spoofing Vulnerability | 2022-10-11T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-33645 | Windows TCP/IP Driver Denial of Service Vulnerability | 2022-10-11T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-33635 | Windows GDI+ Remote Code Execution Vulnerability | 2022-10-11T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-33634 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 2022-10-11T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-30198 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 2022-10-11T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-30134 | Microsoft Exchange Server Information Disclosure Vulnerability | 2022-08-09T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-24516 | Microsoft Exchange Server Elevation of Privilege Vulnerability | 2022-08-09T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-24504 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 2022-10-11T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-22035 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 2022-10-11T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-21980 | Microsoft Exchange Server Elevation of Privilege Vulnerability | 2022-08-09T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-21979 | Microsoft Exchange Server Information Disclosure Vulnerability | 2022-08-09T07:00:00.000Z | 2022-10-11T07:00:00.000Z |
| msrc_cve-2022-41850 | roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. | 2022-09-02T00:00:00.000Z | 2022-10-05T00:00:00.000Z |
| msrc_cve-2022-41849 | drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open() aka a race condition between ufx_ops_open and ufx_usb_disconnect. | 2022-09-02T00:00:00.000Z | 2022-10-05T00:00:00.000Z |
| msrc_cve-2022-41848 | drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl aka a race condition between mgslpc_ioctl and mgslpc_detach. | 2022-09-02T00:00:00.000Z | 2022-10-05T00:00:00.000Z |
| msrc_cve-2022-38128 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | 2022-09-02T00:00:00.000Z | 2022-10-01T00:00:00.000Z |
| msrc_cve-2022-38127 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | 2022-09-02T00:00:00.000Z | 2022-10-01T00:00:00.000Z |
| msrc_cve-2022-38126 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | 2022-09-02T00:00:00.000Z | 2022-10-01T00:00:00.000Z |
| msrc_cve-2022-3352 | Use After Free in vim/vim | 2022-09-02T00:00:00.000Z | 2022-10-01T00:00:00.000Z |
| msrc_cve-2022-35252 | When curl is used to retrieve and parse cookies from a HTTP(S) server itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings. | 2022-09-02T00:00:00.000Z | 2022-09-30T00:00:00.000Z |
| msrc_cve-2022-3324 | Stack-based Buffer Overflow in vim/vim | 2022-09-02T00:00:00.000Z | 2022-09-30T00:00:00.000Z |
| msrc_cve-2022-3303 | A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system resulting in a denial of service condition | 2022-09-02T00:00:00.000Z | 2022-09-30T00:00:00.000Z |
| msrc_cve-2022-3297 | Use After Free in vim/vim | 2022-09-02T00:00:00.000Z | 2022-09-29T00:00:00.000Z |
| msrc_cve-2022-3296 | Stack-based Buffer Overflow in vim/vim | 2022-09-02T00:00:00.000Z | 2022-09-29T00:00:00.000Z |
| msrc_cve-2022-3204 | NRDelegation Attack | 2022-09-02T00:00:00.000Z | 2022-09-29T00:00:00.000Z |
| msrc_cve-2021-3782 | An internal reference count is held on the buffer pool incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wl_shm buffer objects or if it can coerce the server to create a large number of external references to the buffer storage. With the reference count overflowing a use-after-free can be constructed on the wl_shm_pool tracking structure where values may be incremented or decremented; it may also be possible to construct a limited oracle to leak 4 bytes of server-side memory to the attacking client at a time. | 2022-09-02T00:00:00.000Z | 2022-09-28T00:00:00.000Z |
| msrc_cve-2022-3278 | NULL Pointer Dereference in vim/vim | 2022-09-02T00:00:00.000Z | 2022-09-27T00:00:00.000Z |
| msrc_cve-2022-3256 | Use After Free in vim/vim | 2022-09-02T00:00:00.000Z | 2022-09-24T00:00:00.000Z |
| msrc_cve-2022-3080 | BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly | 2022-09-02T00:00:00.000Z | 2022-09-24T00:00:00.000Z |
| msrc_cve-2022-34721 | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | 2022-09-13T07:00:00.000Z | 2022-09-23T07:00:00.000Z |
| msrc_cve-2022-34718 | Windows TCP/IP Remote Code Execution Vulnerability | 2022-09-13T07:00:00.000Z | 2022-09-23T07:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201510-0443 | Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices … | 2025-04-13T23:29:31.830000Z |
| var-201510-0442 | Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices … | 2025-04-13T23:29:31.795000Z |
| var-201510-0703 | The process-management implementation in Cisco TelePresence Video Communication Server (V… | 2025-04-13T23:29:31.623000Z |
| var-201511-0007 | The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x b… | 2025-04-13T23:29:31.558000Z |
| var-201511-0217 | Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs supersede tunnel-interfac… | 2025-04-13T23:29:31.383000Z |
| var-201512-0013 | Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7… | 2025-04-13T23:29:31.227000Z |
| var-201512-0391 | Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and U… | 2025-04-13T23:29:31.167000Z |
| var-201512-0517 | Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to … | 2025-04-13T23:29:31.127000Z |
| var-201601-0001 | Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, an… | 2025-04-13T23:29:31.085000Z |
| var-201601-0358 | Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!O… | 2025-04-13T23:29:31Z |
| var-201601-0400 | Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 … | 2025-04-13T23:29:30.965000Z |
| var-201601-0421 | Buffer overflow in the HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-… | 2025-04-13T23:29:30.928000Z |
| var-201602-0056 | Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Contr… | 2025-04-13T23:29:30.684000Z |
| var-201602-0119 | Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer… | 2025-04-13T23:29:30.660000Z |
| var-201603-0028 | The HTTPS inspection engine in the Content Security and Control Security Services Module … | 2025-04-13T23:29:30.572000Z |
| var-201603-0074 | Adobe Flash Player and Adobe AIR Use freed memory (Use-after-free) May allow arbitrary co… | 2025-04-13T23:29:30.537000Z |
| var-201603-0072 | Adobe Flash Player and Adobe AIR Use freed memory (Use-after-free) May allow arbitrary co… | 2025-04-13T23:29:30.503000Z |
| var-201603-0053 | Adobe Flash Player and Adobe AIR Use freed memory (Use-after-free) May allow arbitrary co… | 2025-04-13T23:29:30.468000Z |
| var-201603-0282 | The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS… | 2025-04-13T23:29:30.441000Z |
| var-201604-0105 | The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.… | 2025-04-13T23:29:30.290000Z |
| var-201605-0412 | The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programm… | 2025-04-13T23:29:29.785000Z |
| var-201605-0557 | Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) device… | 2025-04-13T23:29:29.754000Z |
| var-201606-0028 | Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_view.js in Citrix N… | 2025-04-13T23:29:29.688000Z |
| var-201606-0175 | BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow … | 2025-04-13T23:29:29.650000Z |
| var-201606-0280 | Double free vulnerability in Cisco IOS XE 3.15S, 3.16S, and 3.17S allows remote authentic… | 2025-04-13T23:29:29.587000Z |
| var-201606-0429 | Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x befor… | 2025-04-13T23:29:29.522000Z |
| var-201607-0430 | Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote… | 2025-04-13T23:29:28.634000Z |
| var-201607-0451 | Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable Network Manager (EPNM… | 2025-04-13T23:29:28.604000Z |
| var-201608-0068 | Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BW… | 2025-04-13T23:29:28.528000Z |
| var-201608-0173 | mediaserver in Android before 2016-08-05 on Nexus 9 and Pixel C devices allows attackers … | 2025-04-13T23:29:28.490000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2022:0263-1 | Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP1) | 2022-02-01T09:51:36Z | 2022-02-01T09:51:36Z |
| suse-su-2022:0252-1 | Security update for samba | 2022-01-31T15:10:24Z | 2022-01-31T15:10:24Z |
| suse-su-2022:0251-1 | Security update for samba | 2022-01-31T14:31:06Z | 2022-01-31T14:31:06Z |
| suse-su-2022:0241-1 | Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP2) | 2022-01-31T14:11:02Z | 2022-01-31T14:11:02Z |
| suse-su-2022:0237-1 | Security update for the Linux Kernel (Live Patch 25 for SLE 15) | 2022-01-31T09:41:01Z | 2022-01-31T09:41:01Z |
| suse-su-2022:0245-1 | Security update for the Linux Kernel (Live Patch 26 for SLE 15) | 2022-01-31T09:40:54Z | 2022-01-31T09:40:54Z |
| suse-su-2022:0243-1 | Security update for the Linux Kernel (Live Patch 23 for SLE 15) | 2022-01-31T09:39:18Z | 2022-01-31T09:39:18Z |
| suse-su-2022:0242-1 | Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP5) | 2022-01-31T09:36:33Z | 2022-01-31T09:36:33Z |
| suse-su-2022:0239-1 | Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP2) | 2022-01-31T09:36:22Z | 2022-01-31T09:36:22Z |
| suse-su-2022:0238-1 | Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP2) | 2022-01-31T09:36:18Z | 2022-01-31T09:36:18Z |
| suse-su-2022:0246-1 | Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP1) | 2022-01-31T09:36:08Z | 2022-01-31T09:36:08Z |
| suse-su-2022:0234-1 | Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP1) | 2022-01-31T09:35:58Z | 2022-01-31T09:35:58Z |
| suse-su-2022:0226-1 | Security update for log4j12 | 2022-01-28T16:22:45Z | 2022-01-28T16:22:45Z |
| suse-su-2022:0225-1 | Security update for SUSE Manager Server 4.1 | 2022-01-28T14:15:37Z | 2022-01-28T14:15:37Z |
| suse-su-2022:0214-1 | Security update for log4j | 2022-01-27T14:52:33Z | 2022-01-27T14:52:33Z |
| suse-su-2022:0213-1 | Security update for containerd, docker | 2022-01-27T13:49:06Z | 2022-01-27T13:49:06Z |
| suse-su-2022:0212-1 | Security update for log4j | 2022-01-27T13:40:10Z | 2022-01-27T13:40:10Z |
| suse-su-2022:0211-1 | Security update for strongswan | 2022-01-27T13:38:30Z | 2022-01-27T13:38:30Z |
| suse-su-2022:0210-1 | Security update for qemu | 2022-01-27T13:37:16Z | 2022-01-27T13:37:16Z |
| suse-su-2022:0206-1 | Security update for python-numpy | 2022-01-27T08:20:22Z | 2022-01-27T08:20:22Z |
| suse-su-2022:14882-1 | Security update for clamav | 2022-01-26T15:53:34Z | 2022-01-26T15:53:34Z |
| suse-su-2022:0202-1 | Security update for strongswan | 2022-01-26T12:52:41Z | 2022-01-26T12:52:41Z |
| suse-su-2022:14881-1 | Security update for log4j | 2022-01-26T12:51:43Z | 2022-01-26T12:51:43Z |
| suse-su-2022:0200-1 | Security update for rust | 2022-01-26T10:34:40Z | 2022-01-26T10:34:40Z |
| suse-su-2022:0199-1 | Security update for MozillaThunderbird | 2022-01-26T08:36:09Z | 2022-01-26T08:36:09Z |
| suse-su-2022:0198-1 | Security update for the Linux Kernel | 2022-01-26T06:43:26Z | 2022-01-26T06:43:26Z |
| suse-su-2022:0197-1 | Security update for the Linux Kernel | 2022-01-26T06:41:28Z | 2022-01-26T06:41:28Z |
| suse-su-2022:0191-1 | Security update for polkit | 2022-01-25T18:11:23Z | 2022-01-25T18:11:23Z |
| suse-su-2022:0190-1 | Security update for polkit | 2022-01-25T18:10:47Z | 2022-01-25T18:10:47Z |
| suse-su-2022:0189-1 | Security update for polkit | 2022-01-25T18:09:21Z | 2022-01-25T18:09:21Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-03191 | Open5GS拒绝服务漏洞(CNVD-2025-03191) | 2025-02-08 | 2025-02-20 |
| cnvd-2025-03190 | Open5GS存在未明漏洞(CNVD-2025-03190) | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03161 | Open5GS存在未明漏洞(CNVD-2025-03161) | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03154 | Open5GS拒绝服务漏洞(CNVD-2025-03154) | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03148 | Open5GS拒绝服务漏洞(CNVD-2025-03148) | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03141 | Open5GS拒绝服务漏洞(CNVD-2025-03141) | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03134 | Open5GS拒绝服务漏洞(CNVD-2025-03134) | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03129 | Open5GS存在未明漏洞(CNVD-2025-03129) | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03121 | Open5GS存在未明漏洞 | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03109 | Open5GS oai_nas_5gmm_decode函数存在未明漏洞 | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03107 | Open5GS amf_ue_set_suci函数存在未明漏洞 | 2025-02-08 | 2025-02-19 |
| cnvd-2025-03033 | Siemens SiPass integrated第三方组件DotNetZip目录遍历漏洞 | 2025-02-18 | 2025-02-19 |
| cnvd-2025-03819 | 四川迅睿云软件开发有限公司迅睿CMS存在命令执行漏洞 | 2025-01-04 | 2025-02-18 |
| cnvd-2025-03037 | Siemens SIMATIC S7-1200 CPU Family拒绝服务漏洞 | 2025-02-11 | 2025-02-18 |
| cnvd-2025-03036 | Siemens SIMATIC S7-1200 CPU Family拒绝服务漏洞(CNVD-2025-03036) | 2025-02-11 | 2025-02-18 |
| cnvd-2025-03035 | Siemens多款SIMATIC产品Web服务器用户枚举漏洞 | 2025-02-11 | 2025-02-18 |
| cnvd-2025-03034 | Siemens SIPROTEC 5敏感信息明文存储漏洞 | 2025-02-11 | 2025-02-18 |
| cnvd-2025-03032 | IBM Db2拒绝服务漏洞(CNVD-2025-03032) | 2024-01-12 | 2025-02-18 |
| cnvd-2025-03031 | IBM Db2拒绝服务漏洞(CNVD-2025-03031) | 2024-01-12 | 2025-02-18 |
| cnvd-2025-03030 | IBM Db2拒绝服务漏洞(CNVD-2025-03030) | 2024-01-12 | 2025-02-18 |
| cnvd-2025-03029 | IBM Db2拒绝服务漏洞(CNVD-2025-03029) | 2024-01-12 | 2025-02-18 |
| cnvd-2025-03028 | IBM Db2拒绝服务漏洞(CNVD-2025-03028) | 2024-01-12 | 2025-02-18 |
| cnvd-2025-03027 | IBM Db2拒绝服务漏洞(CNVD-2025-03027) | 2024-01-12 | 2025-02-18 |
| cnvd-2025-03026 | IBM Db2代码执行漏洞(CNVD-2025-03026) | 2024-01-12 | 2025-02-18 |
| cnvd-2025-03025 | IBM Maximo Asset Management文件上传漏洞 | 2025-02-06 | 2025-02-18 |
| cnvd-2025-03024 | IBM Concert信息泄露漏洞 | 2025-02-06 | 2025-02-18 |
| cnvd-2025-03023 | IBM Common Licensing信息泄露漏洞 | 2025-02-06 | 2025-02-18 |
| cnvd-2025-03545 | Apache Superset授权问题漏洞(CNVD-2025-03545) | 2024-12-13 | 2025-02-17 |
| cnvd-2025-03544 | Apache Superset信息泄露漏洞(CNVD-2025-03544) | 2024-12-13 | 2025-02-17 |
| cnvd-2025-03543 | Apache Traffic Control SQL注入漏洞 | 2024-12-25 | 2025-02-17 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2013-avi-152 | Multiples vulnérabilités dans Adobe Flash Player | 2013-02-27T00:00:00.000000 | 2013-02-27T00:00:00.000000 |
| certa-2013-avi-151 | Multiples vulnérabilités dans Hitachi Cosminexus | 2013-02-26T00:00:00.000000 | 2013-02-26T00:00:00.000000 |
| certa-2013-avi-150 | Vulnérabilité dans Apache Maven | 2013-02-26T00:00:00.000000 | 2013-02-26T00:00:00.000000 |
| certa-2013-avi-149 | Vulnérabilité dans Drupal | 2013-02-25T00:00:00.000000 | 2013-02-25T00:00:00.000000 |
| certa-2013-avi-148 | Multiples vulnérabilités dans Google Chrome | 2013-02-22T00:00:00.000000 | 2013-02-22T00:00:00.000000 |
| certa-2013-avi-147 | Multiples vulnérabilités dans Mozilla Thunderbird | 2013-02-22T00:00:00.000000 | 2013-02-22T00:00:00.000000 |
| certa-2013-avi-146 | Multiples vulnérabilités dans les produits VMware | 2013-02-22T00:00:00.000000 | 2013-02-22T00:00:00.000000 |
| certa-2013-avi-145 | Multiples vulnérabilités dans Oracle Solaris | 2013-02-21T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| certa-2013-avi-144 | Multiples vulnérabilités dans Mozilla Firefox | 2013-02-21T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| certa-2013-avi-143 | Multiples vulnérabilités dans Apple OS X et Mac OS X | 2013-02-20T00:00:00.000000 | 2013-02-20T00:00:00.000000 |
| certa-2013-avi-142 | Multiples vulnérabilités dans Oracle Java | 2013-02-20T00:00:00.000000 | 2013-02-20T00:00:00.000000 |
| certa-2013-avi-141 | Multiples vulnérabilités dans les produits Hitachi | 2013-02-19T00:00:00.000000 | 2013-02-19T00:00:00.000000 |
| certa-2013-avi-140 | Multiples vulnérabilités dans IBM Data Studio Help System | 2013-02-19T00:00:00.000000 | 2013-02-19T00:00:00.000000 |
| certa-2013-avi-139 | Multiples vulnérabilités dans les produits IBM | 2013-02-19T00:00:00.000000 | 2013-02-19T00:00:00.000000 |
| certa-2013-avi-138 | Multiples vulnérabilités dans IBM InfoSphere DataStage | 2013-02-18T00:00:00.000000 | 2013-02-18T00:00:00.000000 |
| certa-2013-avi-137 | Vulnérabilité dans les systèmes SCADA Siemens CP 1616 et CP 1604 | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-136 | Multiples vulnérabilités dans Google Chrome | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-135 | Multiples vulnérabilités dans Symantec Encryption Desktop | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-134 | Multiples vulnérabilités dans IBM WebSphere Message Broker | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-133 | Multiples vulnérabilités dans Ruby on Rails | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-132 | Vulnérabilité dans Xen | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-131 | Vulnérabilité dans Xen oxenstored | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-130 | Vulnérabilité dans IBM WebSphere | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-129 | Vulnérabilité dans le système SCADA Moxa EDR-G903 | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-128 | Vulnérabilité dans Cisco Unified MeetingPlace | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-127 | Multiples vulnérabilités dans Adobe Flash Player | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-126 | Multiples vulnérabilités dans Google Chrome Adobe Flash Player | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-125 | Multiples vulnérabilités dans Adobe Shockwave Player | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |
| certa-2013-avi-124 | Vulnérabilité dans Microsoft OLE Automation | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |
| certa-2013-avi-123 | Vulnérabilité dans Microsoft CSRSS | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |