Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-22265 |
7.5 (3.1)
|
Roxy-WI has a Command Injection via grep parameter in … |
roxy-wi |
roxy-wi |
2026-01-15T16:27:52.446Z | 2026-01-15T16:46:11.782Z |
| CVE-2021-47775 |
8.4 (4.0)
8.4 (3.1)
|
YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH) |
Litexmedia |
YouTube Video Grabber |
2026-01-15T15:52:13.223Z | 2026-01-15T16:46:04.528Z |
| CVE-2025-66417 |
7.5 (3.1)
|
GLPI has an unauthenticated SQL injection through the… |
glpi-project |
glpi |
2026-01-15T16:25:03.467Z | 2026-01-15T16:45:31.206Z |
| CVE-2025-66292 |
8.1 (3.1)
|
DPanel has an arbitrary file deletion vulnerability in… |
donknap |
dpanel |
2026-01-15T16:19:55.507Z | 2026-01-15T16:44:51.018Z |
| CVE-2025-70308 |
7.5 (3.1)
|
An out-of-bounds read in the GSF demuxer filter c… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:44:15.156Z |
| CVE-2025-70304 |
7.5 (3.1)
|
A buffer overflow in the vobsub_get_subpic_durati… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:43:16.567Z |
| CVE-2025-70310 |
5.5 (3.1)
|
A heap overflow in the vorbis_to_intern() functio… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:43:01.292Z |
| CVE-2021-47776 |
6.9 (4.0)
5.3 (3.1)
|
Umbraco v8.14.1 - 'baseUrl' SSRF |
umbraco |
Umbraco |
2026-01-15T15:52:13.737Z | 2026-01-15T16:40:33.352Z |
| CVE-2021-47777 |
8.8 (4.0)
8.2 (3.1)
|
Build Smart ERP 21.0817 - 'eidValue' SQL Injection (Un… |
Ribccs |
Build Smart ERP |
2026-01-15T15:52:14.242Z | 2026-01-15T16:40:07.115Z |
| CVE-2026-0992 |
2.9 (3.1)
|
Libxml2: libxml2: denial of service via crafted xml catalogs |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-15T14:20:24.934Z | 2026-01-15T16:39:47.982Z |
| CVE-2021-47781 |
6.7 (4.0)
9.8 (3.1)
|
Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial of … |
Cmder |
Cmder Console Emulator |
2026-01-15T15:52:14.687Z | 2026-01-15T16:39:37.145Z |
| CVE-2026-0989 |
3.7 (3.1)
|
Libxml2: unbounded relaxng include recursion leading t… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-15T14:20:23.274Z | 2026-01-15T16:39:34.311Z |
| CVE-2026-0990 |
5.9 (3.1)
|
Libxml2: libxml2: denial of service via uncontrolled r… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-15T14:20:06.515Z | 2026-01-15T16:39:20.891Z |
| CVE-2021-47784 |
6.7 (4.0)
7.5 (3.1)
|
Cyberfox Web Browser 52.9.1 - Denial of Service (PoC) |
Cyberfox |
Cyberfox Web Browser |
2026-01-15T15:52:15.185Z | 2026-01-15T16:39:13.224Z |
| CVE-2026-0897 |
7.1 (4.0)
|
Denial of Service in Keras via Excessive Memory Alloca… |
Google |
Keras |
2026-01-15T14:09:53.603Z | 2026-01-15T16:38:18.772Z |
| CVE-2025-70309 |
5.5 (3.1)
|
A stack overflow in the pcmreframe_flush_packet f… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:38:15.352Z |
| CVE-2026-22914 |
4.3 (3.1)
|
An attacker with limited permissions may still be… |
SICK AG |
TDC-X401GL |
2026-01-15T13:06:19.599Z | 2026-01-15T16:38:01.091Z |
| CVE-2026-22913 |
4.3 (3.1)
|
Improper handling of a URL parameter may allow at… |
SICK AG |
TDC-X401GL |
2026-01-15T13:05:40.925Z | 2026-01-15T16:37:50.866Z |
| CVE-2026-22912 |
4.3 (3.1)
|
Improper validation of a login parameter may allo… |
SICK AG |
TDC-X401GL |
2026-01-15T13:03:15.361Z | 2026-01-15T16:37:41.596Z |
| CVE-2026-22862 |
7.1 (4.0)
|
go-ethereum has a DoS via malicious p2p message |
ethereum |
go-ethereum |
2026-01-13T20:27:10.979Z | 2026-01-15T16:37:30.177Z |
| CVE-2025-37186 |
7.8 (3.1)
|
Local Privilege Escalation Vulnerability in HPE Aruba … |
Hewlett Packard Enterprise (HPE) |
Virtual Intranet Access (VIA) |
2026-01-13T20:16:33.606Z | 2026-01-15T16:37:19.095Z |
| CVE-2025-68698 |
8.7 (4.0)
|
Jervis has an RSA PKCS#1 v1.5 Padding Vulnerability |
samrocketman |
jervis |
2026-01-13T19:16:01.757Z | 2026-01-15T16:37:02.420Z |
| CVE-2021-47799 |
8.5 (4.0)
6.2 (3.1)
|
Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation |
Visual-Tools |
Visual Tools DVR VX16 |
2026-01-15T15:52:15.717Z | 2026-01-15T16:32:06.015Z |
| CVE-2025-20393 |
10 (3.1)
|
Cisco Secure Email Gateway and Cisco Secure Email and … |
Cisco |
Cisco Secure Email |
2025-12-17T16:47:13.128Z | 2026-01-15T16:32:03.740Z |
| CVE-2021-47819 |
9.3 (4.0)
9.8 (3.1)
|
ProjeQtOr Project Management 9.1.4 - Remote Code Execution |
Projeqtor |
ProjeQtOr Project Management |
2026-01-15T15:52:16.218Z | 2026-01-15T16:09:10.470Z |
| CVE-2025-64516 |
7.5 (3.1)
|
GLPI incorrectly authorizes access to documents |
glpi-project |
glpi |
2026-01-15T16:01:03.470Z | 2026-01-15T16:08:18.590Z |
| CVE-2025-67083 |
5.3 (3.1)
|
Directory traversal vulnerability in InvoicePlane… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:08:02.045Z |
| CVE-2024-36856 |
7.5 (3.1)
|
RMQTT Broker 0.4.0 allows remote attackers to cau… |
n/a |
n/a |
2024-06-12T00:00:00.000Z | 2026-01-15T16:06:03.877Z |
| CVE-2025-67246 |
7.3 (3.1)
|
A local information disclosure vulnerability exis… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:02:13.237Z |
| CVE-2025-14770 |
7.5 (3.1)
|
Shipping Rate By Cities <= 2.0.0 - Unauthenticated SQL… |
tridenttechnolabs |
Shipping Rate By Cities |
2026-01-14T06:40:04.700Z | 2026-01-15T16:01:00.558Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-23913 |
N/A
|
Not used | N/A | N/A | 2026-01-20T03:55:07.342Z | |
| CVE-2026-23912 |
N/A
|
Not used | N/A | N/A | 2026-01-20T03:55:07.819Z | |
| CVE-2026-23911 |
N/A
|
Not used | N/A | N/A | 2026-01-20T03:55:08.281Z | |
| CVE-2026-23910 |
N/A
|
Not used | N/A | N/A | 2026-01-20T03:55:08.723Z | |
| CVE-2026-23909 |
N/A
|
Not used | N/A | N/A | 2026-01-20T03:55:09.182Z | |
| CVE-2025-68161 |
6.3 (4.0)
|
Apache Log4j Core: Missing TLS hostname verification i… |
Apache Software Foundation |
Apache Log4j Core |
2025-12-18T20:47:49.123Z | 2026-01-20T00:13:44.911Z |
| CVE-2025-71137 |
N/A
|
octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" |
Linux |
Linux |
2026-01-14T15:07:51.264Z | 2026-02-09T08:35:34.357Z |
| CVE-2025-71136 |
N/A
|
media: adv7842: Avoid possible out-of-bounds array acc… |
Linux |
Linux |
2026-01-14T15:07:50.568Z | 2026-02-09T08:35:32.724Z |
| CVE-2025-71133 |
N/A
|
RDMA/irdma: avoid invalid read in irdma_net_event |
Linux |
Linux |
2026-01-14T15:07:48.524Z | 2026-02-09T08:35:29.446Z |
| CVE-2025-71132 |
N/A
|
smc91x: fix broken irq-context in PREEMPT_RT |
Linux |
Linux |
2026-01-14T15:07:47.860Z | 2026-02-09T08:35:28.371Z |
| CVE-2025-71131 |
N/A
|
crypto: seqiv - Do not use req->iv after crypto_aead_encrypt |
Linux |
Linux |
2026-01-14T15:07:47.194Z | 2026-02-09T08:35:27.322Z |
| CVE-2025-71127 |
N/A
|
wifi: mac80211: Discard Beacon frames to non-broadcast… |
Linux |
Linux |
2026-01-14T15:07:44.218Z | 2026-02-09T08:35:22.963Z |
| CVE-2025-71125 |
N/A
|
tracing: Do not register unsupported perf events |
Linux |
Linux |
2026-01-14T15:06:10.662Z | 2026-02-09T08:35:20.806Z |
| CVE-2025-71123 |
N/A
|
ext4: fix string copying in parse_apply_sb_mount_options() |
Linux |
Linux |
2026-01-14T15:06:09.246Z | 2026-02-09T08:35:18.369Z |
| CVE-2025-71121 |
N/A
|
parisc: Do not reprogram affinitiy on ASP chip |
Linux |
Linux |
2026-01-14T15:06:07.871Z | 2026-02-09T08:35:16.277Z |
| CVE-2025-71120 |
N/A
|
SUNRPC: svcauth_gss: avoid NULL deref on zero length g… |
Linux |
Linux |
2026-01-14T15:06:07.194Z | 2026-02-09T08:35:15.157Z |
| CVE-2025-71118 |
N/A
|
ACPICA: Avoid walking the Namespace if start_node is NULL |
Linux |
Linux |
2026-01-14T15:06:05.861Z | 2026-02-09T08:35:13.020Z |
| CVE-2025-71116 |
N/A
|
libceph: make decode_pool() more resilient against cor… |
Linux |
Linux |
2026-01-14T15:06:04.476Z | 2026-02-09T08:35:10.946Z |
| CVE-2025-71114 |
N/A
|
via_wdt: fix critical boot hang due to unnamed resourc… |
Linux |
Linux |
2026-01-14T15:06:00.848Z | 2026-02-09T08:35:08.836Z |
| CVE-2025-71113 |
N/A
|
crypto: af_alg - zero initialize memory allocated via … |
Linux |
Linux |
2026-01-14T15:05:59.992Z | 2026-02-09T08:35:07.779Z |
| CVE-2025-71112 |
N/A
|
net: hns3: add VLAN id validation before using |
Linux |
Linux |
2026-01-14T15:05:59.308Z | 2026-02-09T08:35:06.680Z |
| CVE-2025-71111 |
N/A
|
hwmon: (w83791d) Convert macros to functions to avoid TOCTOU |
Linux |
Linux |
2026-01-14T15:05:58.649Z | 2026-02-09T08:35:05.517Z |
| CVE-2025-71108 |
N/A
|
usb: typec: ucsi: Handle incorrect num_connectors capability |
Linux |
Linux |
2026-01-14T15:05:56.553Z | 2026-02-09T08:35:02.075Z |
| CVE-2025-71105 |
N/A
|
f2fs: use global inline_xattr_slab instead of per-sb s… |
Linux |
Linux |
2026-01-14T15:05:54.510Z | 2026-02-09T08:34:58.276Z |
| CVE-2025-71104 |
N/A
|
KVM: x86: Fix VM hard lockup after prolonged inactivit… |
Linux |
Linux |
2026-01-14T15:05:53.802Z | 2026-02-09T08:34:57.200Z |
| CVE-2025-71102 |
N/A
|
scs: fix a wrong parameter in __scs_magic |
Linux |
Linux |
2026-01-14T15:05:52.389Z | 2026-02-09T08:34:55.111Z |
| CVE-2025-71098 |
N/A
|
ip6_gre: make ip6gre_header() robust |
Linux |
Linux |
2026-01-13T15:34:57.536Z | 2026-02-09T08:34:50.957Z |
| CVE-2025-71097 |
N/A
|
ipv4: Fix reference count leak when using error routes… |
Linux |
Linux |
2026-01-13T15:34:56.814Z | 2026-02-09T08:34:49.901Z |
| CVE-2025-71096 |
N/A
|
RDMA/core: Check for the presence of LS_NLA_TYPE_DGID … |
Linux |
Linux |
2026-01-13T15:34:56.118Z | 2026-02-09T08:34:48.888Z |
| CVE-2025-71094 |
N/A
|
net: usb: asix: validate PHY address before use |
Linux |
Linux |
2026-01-13T15:34:54.669Z | 2026-02-09T08:34:46.736Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-71093 | In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000_tbi_sh… | 2026-01-13T16:16:09.033 | 2026-01-19T13:16:17.347 |
| fkie_cve-2025-71091 | In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabl… | 2026-01-13T16:16:08.810 | 2026-01-19T13:16:17.250 |
| fkie_cve-2025-71087 | In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in… | 2026-01-13T16:16:08.343 | 2026-01-19T13:16:17.150 |
| fkie_cve-2025-71086 | In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array i… | 2026-01-13T16:16:08.230 | 2026-01-19T13:16:17.053 |
| fkie_cve-2025-71085 | In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_hea… | 2026-01-13T16:16:08.117 | 2026-01-19T13:16:16.953 |
| fkie_cve-2025-71084 | In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multi… | 2026-01-13T16:16:08.007 | 2026-01-19T13:16:16.863 |
| fkie_cve-2025-71083 | In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer de… | 2026-01-13T16:16:07.893 | 2026-01-19T13:16:16.767 |
| fkie_cve-2025-71082 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use o… | 2026-01-13T16:16:07.780 | 2026-01-19T13:16:16.667 |
| fkie_cve-2025-71081 | In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node … | 2026-01-13T16:16:07.660 | 2026-01-19T13:16:16.567 |
| fkie_cve-2025-71079 | In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between… | 2026-01-13T16:16:07.433 | 2026-01-19T13:16:16.467 |
| fkie_cve-2025-71078 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multi… | 2026-01-13T16:16:07.317 | 2026-01-19T13:16:16.363 |
| fkie_cve-2025-71077 | In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR ban… | 2026-01-13T16:16:07.200 | 2026-01-19T13:16:16.267 |
| fkie_cve-2025-71075 | In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-f… | 2026-01-13T16:16:06.977 | 2026-01-19T13:16:16.167 |
| fkie_cve-2025-71069 | In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache … | 2026-01-13T16:16:06.300 | 2026-01-19T13:16:16.067 |
| fkie_cve-2025-71068 | In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rq_pages … | 2026-01-13T16:16:06.187 | 2026-01-19T13:16:15.973 |
| fkie_cve-2025-71066 | In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove … | 2026-01-13T16:16:05.960 | 2026-01-19T13:16:15.863 |
| fkie_cve-2025-71064 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the num_tqps … | 2026-01-13T16:16:05.740 | 2026-01-19T13:16:15.763 |
| fkie_cve-2025-68821 | In the Linux kernel, the following vulnerability has been resolved: fuse: fix readahead reclaim de… | 2026-01-13T16:16:04.440 | 2026-01-19T13:16:15.663 |
| fkie_cve-2025-68820 | In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer … | 2026-01-13T16:16:04.327 | 2026-01-19T13:16:15.563 |
| fkie_cve-2025-68819 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix o… | 2026-01-13T16:16:04.210 | 2026-01-19T13:16:15.467 |
| fkie_cve-2025-68818 | In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: P… | 2026-01-13T16:16:04.097 | 2026-01-19T13:16:15.363 |
| fkie_cve-2025-68816 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fw_tracer, Validate … | 2026-01-13T16:16:03.870 | 2026-01-19T13:16:15.263 |
| fkie_cve-2025-68815 | In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Remove drr cla… | 2026-01-13T16:16:03.757 | 2026-01-19T13:16:15.163 |
| fkie_cve-2025-68814 | In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in… | 2026-01-13T16:16:03.643 | 2026-01-19T13:16:15.057 |
| fkie_cve-2025-68813 | In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref … | 2026-01-13T16:16:03.523 | 2026-01-19T13:16:14.950 |
| fkie_cve-2025-68808 | In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local… | 2026-01-13T16:16:02.967 | 2026-01-19T13:16:14.850 |
| fkie_cve-2025-68804 | In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_ishtp… | 2026-01-13T16:16:02.507 | 2026-01-19T13:16:14.757 |
| fkie_cve-2025-68803 | In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation negl… | 2026-01-13T16:16:02.377 | 2026-01-19T13:16:14.650 |
| fkie_cve-2025-68801 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_router: Fix ne… | 2026-01-13T16:16:02.137 | 2026-01-19T13:16:14.553 |
| fkie_cve-2025-68800 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_mr: Fix use-af… | 2026-01-13T16:16:02.023 | 2026-01-19T13:16:14.453 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-h8c5-64wc-h8mf |
4.3 (3.1)
5.3 (4.0)
|
Improper access checks in M-Files Server before 25.12 allows users to download files through M-File… | 2025-12-18T09:30:24Z | 2026-01-06T21:30:28Z |
| ghsa-3677-xxcr-wjqv |
7.5 (3.1)
|
jose4j is vulnerable to DoS via compressed JWE content | 2025-12-17T18:31:33Z | 2026-01-06T19:46:21Z |
| ghsa-93jc-vqqc-vvvh |
7.2 (3.1)
7.3 (4.0)
|
Signal K Server Vulnerable to Remote Code Execution via Malicious npm Package | 2026-01-02T15:23:39Z | 2026-01-06T18:41:41Z |
| ghsa-h7m2-q9p3-g2rg |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-06T18:31:36Z | 2026-01-06T18:31:36Z |
| ghsa-w3xp-rqx4-ch6m |
9.8 (3.1)
8.7 (4.0)
|
Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID c… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-r93p-73f2-rj5x |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-r36f-vrxf-7jf9 |
9.8 (3.1)
|
An issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-q7w6-6g89-9grw |
7.5 (3.1)
5.3 (4.0)
|
Sony BRAVIA Digital Signage 1.7.8 contains a remote file inclusion vulnerability that allows attack… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-mjf9-xjp8-6cr8 |
7.6 (3.1)
|
Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML External… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-gwgr-2crh-gp64 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-f68h-vq4q-hprr |
7.1 (3.1)
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-cvpp-hjp6-qcpv |
9.8 (3.1)
|
Missing Authorization vulnerability in Sfwebservice InWave Jobs allows Exploiting Incorrectly Confi… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-873q-r7q9-7r4r |
8.8 (3.1)
7.4 (4.0)
|
A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the f… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-6mh8-wgv9-q5c9 |
8.5 (4.0)
|
AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to esc… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-6jhc-g8v7-c2vp |
8.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows Obj… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-6fv6-m6cj-p9fx |
7.1 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-69fq-638v-7cpj |
7.5 (3.1)
|
DwyerOmega Isensix Advanced Remote Monitoring System (ARMS) 1.5.7 allows an attacker to retrieve se… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-5x6p-83v5-82ww |
7.1 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-53pw-9jrj-q8j8 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-3xmp-rp4w-pjgv |
9.8 (3.1)
|
An issue was discovered in NJHYST HY511 POE core before 2.1 and plugins before 0.1. The vulnerabili… | 2026-01-06T18:31:35Z | 2026-01-06T18:31:35Z |
| ghsa-xx55-j824-wmvf |
7.5 (3.1)
6.9 (4.0)
|
Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows unau… | 2026-01-06T18:31:34Z | 2026-01-06T18:31:34Z |
| ghsa-w554-xjrp-3h3g |
4.3 (3.1)
5.1 (4.0)
|
iDS6 DSSPro Digital Signage System 6.2 contains a cross-site request forgery vulnerability that all… | 2026-01-06T18:31:34Z | 2026-01-06T18:31:34Z |
| ghsa-r855-vcgq-f3fh |
8.8 (3.1)
8.7 (4.0)
|
iDS6 DSSPro Digital Signage System 6.2 contains an improper access control vulnerability that allow… | 2026-01-06T18:31:34Z | 2026-01-06T18:31:34Z |
| ghsa-frqw-j5x4-8q93 |
7.5 (3.1)
6.9 (4.0)
|
RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allo… | 2026-01-06T18:31:34Z | 2026-01-06T18:31:34Z |
| ghsa-crvx-wh2g-r65c |
7.5 (3.1)
8.7 (4.0)
|
Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credenti… | 2026-01-06T18:31:34Z | 2026-01-06T18:31:34Z |
| ghsa-c4qf-p2qh-jv7r |
8.8 (3.1)
8.5 (4.0)
|
TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows… | 2026-01-06T18:31:34Z | 2026-01-06T18:31:34Z |
| ghsa-83pw-28qw-xg2h |
7.5 (3.1)
8.6 (4.0)
|
QiHang Media Web Digital Signage 3.0.9 contains a sensitive information disclosure vulnerability th… | 2026-01-06T18:31:34Z | 2026-01-06T18:31:34Z |
| ghsa-73r6-4f43-344g |
7.5 (3.1)
8.6 (4.0)
|
iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability th… | 2026-01-06T18:31:34Z | 2026-01-06T18:31:34Z |
| ghsa-6pwv-84mm-rcfv |
9.8 (3.1)
5.1 (4.0)
|
Plexus anblick Digital Signage Management 3.1.13 contains an open redirect vulnerability in the 'Pa… | 2026-01-06T18:31:33Z | 2026-01-06T18:31:34Z |
| ghsa-53xr-pv5p-mhrg |
8.8 (3.1)
8.7 (4.0)
|
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in … | 2026-01-06T18:31:33Z | 2026-01-06T18:31:34Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-26453 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.237208Z |
| gsd-2024-26509 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.236989Z |
| gsd-2024-26906 | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsy… | 2024-02-20T06:02:29.236747Z |
| gsd-2024-26386 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.236243Z |
| gsd-2024-26608 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix global oo… | 2024-02-20T06:02:29.236010Z |
| gsd-2024-26602 | In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: re… | 2024-02-20T06:02:29.235760Z |
| gsd-2024-26902 | In the Linux kernel, the following vulnerability has been resolved: perf: RISCV: Fix pan… | 2024-02-20T06:02:29.235448Z |
| gsd-2024-26540 | A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimg_li… | 2024-02-20T06:02:29.235115Z |
| gsd-2024-26537 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.234851Z |
| gsd-2024-26875 | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix … | 2024-02-20T06:02:29.234571Z |
| gsd-2024-26594 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech… | 2024-02-20T06:02:29.233915Z |
| gsd-2024-26471 | A reflected cross-site scripting (XSS) vulnerability in zhimengzhe iBarn v1.5 allows atta… | 2024-02-20T06:02:29.233696Z |
| gsd-2024-26757 | In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore rea… | 2024-02-20T06:02:29.233475Z |
| gsd-2024-26851 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntr… | 2024-02-20T06:02:29.232682Z |
| gsd-2024-26420 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.232385Z |
| gsd-2024-26720 | In the Linux kernel, the following vulnerability has been resolved: mm/writeback: fix po… | 2024-02-20T06:02:29.231871Z |
| gsd-2024-26647 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix… | 2024-02-20T06:02:29.230826Z |
| gsd-2024-26770 | In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: … | 2024-02-20T06:02:29.230585Z |
| gsd-2024-26635 | In the Linux kernel, the following vulnerability has been resolved: llc: Drop support fo… | 2024-02-20T06:02:29.230023Z |
| gsd-2024-26753 | In the Linux kernel, the following vulnerability has been resolved: crypto: virtio/akcip… | 2024-02-20T06:02:29.229705Z |
| gsd-2024-26646 | In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi:… | 2024-02-20T06:02:29.229188Z |
| gsd-2024-26719 | In the Linux kernel, the following vulnerability has been resolved: nouveau: offload fen… | 2024-02-20T06:02:29.228667Z |
| gsd-2024-26674 | In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _… | 2024-02-20T06:02:29.228128Z |
| gsd-2024-26693 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: … | 2024-02-20T06:02:29.227872Z |
| gsd-2024-26356 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.227297Z |
| gsd-2024-26867 | In the Linux kernel, the following vulnerability has been resolved: comedi: comedi_8255:… | 2024-02-20T06:02:29.226916Z |
| gsd-2024-26401 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.226645Z |
| gsd-2024-26383 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.226291Z |
| gsd-2024-26444 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.226052Z |
| gsd-2024-26643 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables… | 2024-02-20T06:02:29.225753Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-185165 | Malicious code in sonic-kuoig-timeseywaxa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185164 | Malicious code in sonic-kuoig-timeseyaxa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185163 | Malicious code in sonic-kuoig-timesexa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185162 | Malicious code in sonic-kuloig-timeseyxa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185161 | Malicious code in sonic-kuloig-timeseyaxa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185160 | Malicious code in sonic-kuloig-timeseyawxa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185159 | Malicious code in sonic-kuloig-timeseyawaxa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185158 | Malicious code in sonic-kuloig-timesexa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185157 | Malicious code in sonic-kuloig-timesex (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185156 | Malicious code in sonic-kuloig-timese (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185155 | Malicious code in sonic-kuloig-times (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185154 | Malicious code in sonic-kuloig-time (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185153 | Malicious code in sonic-kuloig-tim (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185152 | Malicious code in sonic-kuloig-ti (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185151 | Malicious code in sonic-kuloig-tgviavuexe (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185150 | Malicious code in sonic-kuloig-tgviavuex (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185149 | Malicious code in sonic-kuloig-tgviavue (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185148 | Malicious code in sonic-kuloig-tgviavu (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185147 | Malicious code in sonic-kuloig-tgviav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185146 | Malicious code in sonic-kuloig-tgvia (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185145 | Malicious code in sonic-kuloig-tgvi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185144 | Malicious code in sonic-kuloig-tgv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185143 | Malicious code in sonic-kuloig-tg (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185142 | Malicious code in sonic-kulig-tgviavuexe (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185141 | Malicious code in sonic-kulig-tgviavue (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185140 | Malicious code in sonic-kulig-tgviave (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185139 | Malicious code in sonic-kulig-tgviae (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185138 | Malicious code in sonic-kulig-tgvia (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185137 | Malicious code in sonic-kulig-tgvi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-185136 | Malicious code in sonic-kulig-tgv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2024:9093 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update | 2024-11-12T08:54:07+00:00 | 2025-11-21T19:15:57+00:00 |
| rhsa-2024:9092 | Red Hat Security Advisory: freerdp security update | 2024-11-12T09:36:13+00:00 | 2025-11-21T19:15:56+00:00 |
| rhsa-2024:9056 | Red Hat Security Advisory: gstreamer1-plugins-base security update | 2024-11-11T09:07:46+00:00 | 2025-11-21T19:15:55+00:00 |
| rhsa-2024:9051 | Red Hat Security Advisory: podman security update | 2024-11-11T01:34:05+00:00 | 2025-11-21T19:15:55+00:00 |
| rhsa-2024:9019 | Red Hat Security Advisory: thunderbird security update | 2024-11-07T15:19:21+00:00 | 2025-11-21T19:15:54+00:00 |
| rhsa-2024:9018 | Red Hat Security Advisory: thunderbird security update | 2024-11-07T15:26:11+00:00 | 2025-11-21T19:15:53+00:00 |
| rhsa-2024:8984 | Red Hat Security Advisory: OpenShift Container Platform 4.17.4 packages and security update | 2024-11-13T04:26:51+00:00 | 2025-11-21T19:15:53+00:00 |
| rhsa-2024:9017 | Red Hat Security Advisory: thunderbird security update | 2024-11-07T15:23:41+00:00 | 2025-11-21T19:15:52+00:00 |
| rhsa-2024:9016 | Red Hat Security Advisory: thunderbird security update | 2024-11-07T15:13:49+00:00 | 2025-11-21T19:15:52+00:00 |
| rhsa-2024:9015 | Red Hat Security Advisory: thunderbird security update | 2024-11-07T15:23:06+00:00 | 2025-11-21T19:15:51+00:00 |
| rhsa-2024:8977 | Red Hat Security Advisory: python39:3.9 security update | 2024-11-07T03:26:46+00:00 | 2025-11-21T19:15:51+00:00 |
| rhsa-2024:8994 | Red Hat Security Advisory: OpenShift Container Platform 4.15.38 packages and security update | 2024-11-13T18:55:53+00:00 | 2025-11-21T19:15:49+00:00 |
| rhsa-2024:8928 | Red Hat Security Advisory: mod_jk security update | 2024-11-06T09:46:34+00:00 | 2025-11-21T19:15:47+00:00 |
| rhsa-2024:8929 | Red Hat Security Advisory: mod_jk security update | 2024-11-06T09:52:04+00:00 | 2025-11-21T19:15:43+00:00 |
| rhsa-2024:8884 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.15 Openshift Jenkins security update | 2024-11-05T11:25:56+00:00 | 2025-11-21T19:15:43+00:00 |
| rhsa-2024:8922 | Red Hat Security Advisory: bzip2 security update | 2024-11-06T00:24:38+00:00 | 2025-11-21T19:15:42+00:00 |
| rhsa-2024:8887 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 Openshift Jenkins security update | 2024-11-05T12:08:31+00:00 | 2025-11-21T19:15:41+00:00 |
| rhsa-2024:8886 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update | 2024-11-05T12:07:46+00:00 | 2025-11-21T19:15:41+00:00 |
| rhsa-2024:8885 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update | 2024-11-05T11:47:26+00:00 | 2025-11-21T19:15:41+00:00 |
| rhsa-2024:8860 | Red Hat Security Advisory: krb5 security update | 2024-11-05T01:54:00+00:00 | 2025-11-21T19:15:37+00:00 |
| rhsa-2024:8859 | Red Hat Security Advisory: xmlrpc-c security update | 2024-11-05T01:47:55+00:00 | 2025-11-21T19:15:37+00:00 |
| rhsa-2024:8838 | Red Hat Security Advisory: python3.11 security update | 2024-11-05T02:55:30+00:00 | 2025-11-21T19:15:35+00:00 |
| rhsa-2024:8836 | Red Hat Security Advisory: python3.12 security update | 2024-11-05T04:12:36+00:00 | 2025-11-21T19:15:34+00:00 |
| rhsa-2024:8831 | Red Hat Security Advisory: bcc security update | 2024-11-05T01:11:15+00:00 | 2025-11-21T19:15:33+00:00 |
| rhsa-2024:8830 | Red Hat Security Advisory: bpftrace security update | 2024-11-05T00:42:00+00:00 | 2025-11-21T19:15:32+00:00 |
| rhsa-2024:8802 | Red Hat Security Advisory: openexr security update | 2024-11-04T12:00:03+00:00 | 2025-11-21T19:15:31+00:00 |
| rhsa-2024:8801 | Red Hat Security Advisory: openexr security update | 2024-11-04T12:09:43+00:00 | 2025-11-21T19:15:30+00:00 |
| rhsa-2024:8800 | Red Hat Security Advisory: openexr security update | 2024-11-04T12:22:33+00:00 | 2025-11-21T19:15:30+00:00 |
| rhsa-2024:8798 | Red Hat Security Advisory: xorg-x11-server and xorg-x11-server-Xwayland security update | 2024-11-04T08:19:43+00:00 | 2025-11-21T19:15:30+00:00 |
| rhsa-2024:8797 | Red Hat Security Advisory: python39:3.9 security update | 2024-11-04T06:00:43+00:00 | 2025-11-21T19:15:29+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-46828 | In libtirpc before 1.3.3rc1 remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can in turn lead to an svc_run infinite loop without accepting new connections. | 2022-07-02T00:00:00.000Z | 2022-08-02T00:00:00.000Z |
| msrc_cve-2021-33656 | When setting font with malicous data by ioctl cmd PIO_FONTkernel will write memory out of bounds. | 2022-07-02T00:00:00.000Z | 2022-07-29T00:00:00.000Z |
| msrc_cve-2022-29113 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | 2022-05-10T08:00:00.000Z | 2022-07-28T07:00:00.000Z |
| msrc_cve-2022-26930 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | 2022-05-10T08:00:00.000Z | 2022-07-28T07:00:00.000Z |
| msrc_cve-2022-2522 | Heap-based Buffer Overflow in vim/vim | 2022-07-02T00:00:00.000Z | 2022-07-28T00:00:00.000Z |
| msrc_cve-2022-2476 | A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6 bp 0x7fff13952fb0 sp 0x7fff1394fca0 T0) ==84257==The signal is caused by a WRITE memory access. ==84257==Hint: address points to the zero page. #0 0x561b47a970c5 in main cli/wvunpack.c:834 #1 0x7efc4f5c0082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #2 0x561b47a945ed in _start (/usr/local/bin/wvunpack+0xa5ed) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV cli/wvunpack.c:834 in main ==84257==ABORTING | 2022-07-02T00:00:00.000Z | 2022-07-27T00:00:00.000Z |
| msrc_cve-2022-30550 | An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user. | 2022-07-02T00:00:00.000Z | 2022-07-26T00:00:00.000Z |
| msrc_cve-2022-24502 | Windows HTML Platforms Security Feature Bypass Vulnerability | 2022-03-08T08:00:00.000Z | 2022-07-25T07:00:00.000Z |
| msrc_cve-2022-32212 | A OS Command Injection vulnerability exists in Node.js versions <14.20.0 <16.20.0 <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks. | 2022-07-02T00:00:00.000Z | 2022-07-22T00:00:00.000Z |
| msrc_cve-2022-35798 | Azure Arc Jumpstart Information Disclosure Vulnerability | 2022-07-12T07:00:00.000Z | 2022-07-21T07:00:00.000Z |
| msrc_cve-2022-2380 | The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. | 2022-07-02T00:00:00.000Z | 2022-07-21T00:00:00.000Z |
| msrc_cve-2022-2343 | Heap-based Buffer Overflow in vim/vim | 2022-07-02T00:00:00.000Z | 2022-07-21T00:00:00.000Z |
| msrc_cve-2021-4135 | A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data. | 2022-07-02T00:00:00.000Z | 2022-07-21T00:00:00.000Z |
| msrc_cve-2022-33744 | Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held resulting in a small race window which can be used by unprivileged guests via PV devices to cause inconsistencies of the rbtree. These inconsistencies can lead to Denial of Service (DoS) of dom0 e.g. by causing crashes or the inability to perform further mappings of other guests' memory pages. | 2022-07-02T00:00:00.000Z | 2022-07-19T00:00:00.000Z |
| msrc_cve-2022-33743 | network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path) a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed. | 2022-07-02T00:00:00.000Z | 2022-07-19T00:00:00.000Z |
| msrc_cve-2022-32205 | A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this or other servers to which the cookies match create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept match and haven't expired. Due to cookie matching rules a server on `foo.example.com` can set cookies that also would match for `bar.example.com` making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method. | 2022-07-02T00:00:00.000Z | 2022-07-19T00:00:00.000Z |
| msrc_cve-2022-2345 | Use After Free in vim/vim | 2022-07-02T00:00:00.000Z | 2022-07-19T00:00:00.000Z |
| msrc_cve-2022-2344 | Heap-based Buffer Overflow in vim/vim | 2022-07-02T00:00:00.000Z | 2022-07-19T00:00:00.000Z |
| msrc_cve-2022-2318 | There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. | 2022-07-02T00:00:00.000Z | 2022-07-19T00:00:00.000Z |
| msrc_cve-2022-1882 | A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system. | 2022-05-02T00:00:00.000Z | 2022-07-19T00:00:00.000Z |
| msrc_cve-2022-22050 | Windows Fax Service Elevation of Privilege Vulnerability | 2022-07-12T07:00:00.000Z | 2022-07-14T07:00:00.000Z |
| msrc_cve-2022-34918 | An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges a different vulnerability than CVE-2022-32250. (The attacker can obtain root access but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. | 2022-07-02T00:00:00.000Z | 2022-07-14T00:00:00.000Z |
| msrc_cve-2022-34903 | GnuPG through 2.3.6 in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g. use of GPGME) are met allows signature forgery via injection into the status line. | 2022-07-02T00:00:00.000Z | 2022-07-14T00:00:00.000Z |
| msrc_cve-2022-2309 | NULL Pointer Dereference in lxml/lxml | 2022-07-02T00:00:00.000Z | 2022-07-13T00:00:00.000Z |
| msrc_cve-2022-2304 | Stack-based Buffer Overflow in vim/vim | 2022-07-02T00:00:00.000Z | 2022-07-13T00:00:00.000Z |
| msrc_cve-2022-2289 | Use After Free in vim/vim | 2022-07-02T00:00:00.000Z | 2022-07-13T00:00:00.000Z |
| msrc_cve-2022-2288 | Out-of-bounds Write in vim/vim | 2022-07-02T00:00:00.000Z | 2022-07-13T00:00:00.000Z |
| msrc_cve-2022-33678 | Azure Site Recovery Remote Code Execution Vulnerability | 2022-07-12T07:00:00.000Z | 2022-07-12T07:00:00.000Z |
| msrc_cve-2022-33677 | Azure Site Recovery Elevation of Privilege Vulnerability | 2022-07-12T07:00:00.000Z | 2022-07-12T07:00:00.000Z |
| msrc_cve-2022-33676 | Azure Site Recovery Remote Code Execution Vulnerability | 2022-07-12T07:00:00.000Z | 2022-07-12T07:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201410-0080 | The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.… | 2025-04-13T23:23:52.772000Z |
| var-201410-1004 | Race condition in the Health and Performance Monitoring (HPM) for ASDM feature in Cisco A… | 2025-04-13T23:23:52.426000Z |
| var-201410-1172 | Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00… | 2025-04-13T23:23:52.240000Z |
| var-201411-0282 | Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A and CC52… | 2025-04-13T23:23:51.858000Z |
| var-201412-0287 | Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attacker… | 2025-04-13T23:23:51.474000Z |
| var-201412-0308 | Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remot… | 2025-04-13T23:23:51.439000Z |
| var-201412-0307 | The API in the Guest Server in Cisco Jabber, when HTML5 is used, allows remote attackers … | 2025-04-13T23:23:51.409000Z |
| var-201412-0497 | An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x be… | 2025-04-13T23:23:51.261000Z |
| var-201501-0219 | The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 devices allows remote att… | 2025-04-13T23:23:47.147000Z |
| var-201502-0063 | The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users … | 2025-04-13T23:23:46.585000Z |
| var-201502-0126 | Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 1.5(.1.131… | 2025-04-13T23:23:46.515000Z |
| var-201502-0147 | Memory leak in the embedded web server in the WebVPN subsystem in Cisco Adaptive Security… | 2025-04-13T23:23:46.485000Z |
| var-201502-0210 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Prime Security Manager (PRSM… | 2025-04-13T23:23:46.396000Z |
| var-201503-0168 | The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows… | 2025-04-13T23:23:46.175000Z |
| var-201504-0277 | Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x … | 2025-04-13T23:23:45.796000Z |
| var-201504-0550 | Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1… | 2025-04-13T23:23:45.544000Z |
| var-201505-0108 | Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL V… | 2025-04-13T23:23:45.249000Z |
| var-201505-0268 | The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV38… | 2025-04-13T23:23:45.215000Z |
| var-201505-0111 | The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV38… | 2025-04-13T23:23:45.177000Z |
| var-201505-0109 | Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Applian… | 2025-04-13T23:23:45.139000Z |
| var-201505-0110 | The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV38… | 2025-04-13T23:23:45.100000Z |
| var-201505-0171 | Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 in Cisco Headend Dig… | 2025-04-13T23:23:45.069000Z |
| var-201505-0192 | The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and… | 2025-04-13T23:23:45.039000Z |
| var-201506-0165 | Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to de… | 2025-04-13T23:23:44.831000Z |
| var-201506-0291 | Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) does not prop… | 2025-04-13T23:23:44.731000Z |
| var-201506-0312 | Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to… | 2025-04-13T23:23:44.696000Z |
| var-201506-0354 | Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows attackers to disco… | 2025-04-13T23:23:44.666000Z |
| var-201507-0499 | The Tomcat throttling feature in Cisco Unified Communications Manager 10.5(1.99995.9) all… | 2025-04-13T23:23:44.436000Z |
| var-201507-0520 | Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary… | 2025-04-13T23:23:44.397000Z |
| var-201508-0100 | Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual … | 2025-04-13T23:23:44.276000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2021:3634-1 | Security update for rubygem-activerecord-5_1 | 2021-11-09T09:51:25Z | 2021-11-09T09:51:25Z |
| suse-su-2021:3621-1 | Security update for SUSE Manager Server 4.1 | 2021-11-05T16:55:44Z | 2021-11-05T16:55:44Z |
| suse-su-2021:3619-1 | Security update for libvirt | 2021-11-05T11:30:11Z | 2021-11-05T11:30:11Z |
| suse-su-2021:3616-1 | Security update for binutils | 2021-11-04T11:29:59Z | 2021-11-04T11:29:59Z |
| suse-su-2021:3614-1 | Security update for qemu | 2021-11-04T11:27:35Z | 2021-11-04T11:27:35Z |
| suse-su-2021:3613-1 | Security update for qemu | 2021-11-04T11:26:25Z | 2021-11-04T11:26:25Z |
| suse-su-2021:3611-1 | Security update for systemd | 2021-11-04T10:14:52Z | 2021-11-04T10:14:52Z |
| suse-su-2021:3605-1 | Security update for qemu | 2021-11-03T13:59:50Z | 2021-11-03T13:59:50Z |
| suse-su-2021:3604-1 | Security update for qemu | 2021-11-03T13:59:29Z | 2021-11-03T13:59:29Z |
| suse-su-2021:3603-1 | Security update for webkit2gtk3 | 2021-11-03T13:58:37Z | 2021-11-03T13:58:37Z |
| suse-su-2021:3602-1 | Security update for tomcat | 2021-11-03T13:57:14Z | 2021-11-03T13:57:14Z |
| suse-su-2021:3593-1 | Security update for binutils | 2021-11-02T09:35:56Z | 2021-11-02T09:35:56Z |
| suse-su-2021:14836-1 | Security update for transfig | 2021-11-02T09:31:35Z | 2021-11-02T09:31:35Z |
| suse-su-2021:3586-1 | Security update for libvirt | 2021-10-29T14:28:53Z | 2021-10-29T14:28:53Z |
| suse-su-2021:3585-1 | Security update for transfig | 2021-10-29T14:28:01Z | 2021-10-29T14:28:01Z |
| suse-su-2021:3584-1 | Security update for transfig | 2021-10-29T14:27:46Z | 2021-10-29T14:27:46Z |
| suse-su-2021:14835-1 | Security update for opensc | 2021-10-29T14:27:42Z | 2021-10-29T14:27:42Z |
| suse-su-2021:3582-1 | Security update for opensc | 2021-10-29T14:26:39Z | 2021-10-29T14:26:39Z |
| suse-su-2021:3575-1 | Security update for qemu | 2021-10-28T16:03:26Z | 2021-10-28T16:03:26Z |
| suse-su-2021:3562-1 | Security update for SUSE Manager Server 4.1 | 2021-10-27T13:34:39Z | 2021-10-27T13:34:39Z |
| suse-su-2021:3561-1 | Security update for SUSE Manager Server 4.2 | 2021-10-27T13:30:01Z | 2021-10-27T13:30:01Z |
| suse-su-2021:3557-1 | Security update for salt | 2021-10-27T13:29:34Z | 2021-10-27T13:29:34Z |
| suse-su-2021:3556-1 | Security update for salt | 2021-10-27T13:29:15Z | 2021-10-27T13:29:15Z |
| suse-su-2021:3555-1 | Security update for salt | 2021-10-27T13:28:43Z | 2021-10-27T13:28:43Z |
| suse-su-2021:14833-1 | Security update for SUSE Manager Client Tools | 2021-10-27T13:28:41Z | 2021-10-27T13:28:41Z |
| suse-su-2021:3553-1 | Security update for Salt | 2021-10-27T13:28:26Z | 2021-10-27T13:28:26Z |
| suse-ru-2021:3551-1 | Recommended update for SUSE Manager 4.2.3 Release Notes | 2021-10-27T13:28:00Z | 2021-10-27T13:28:00Z |
| suse-su-2021:3550-1 | Security update for Salt | 2021-10-27T13:27:40Z | 2021-10-27T13:27:40Z |
| suse-su-2021:3540-1 | Security update for libvirt | 2021-10-27T09:14:21Z | 2021-10-27T09:14:21Z |
| suse-su-2021:3531-1 | Security update for busybox | 2021-10-27T08:08:18Z | 2021-10-27T08:08:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-02011 | WordPress插件EMC2 Alert Boxes跨站脚本漏洞 | 2025-01-10 | 2025-01-26 |
| cnvd-2025-02010 | WordPress插件Email Reminders跨站脚本漏洞 | 2025-01-10 | 2025-01-26 |
| cnvd-2025-02009 | WordPress插件ElementsCSS Addons for Elementor跨站脚本漏洞 | 2025-01-10 | 2025-01-26 |
| cnvd-2025-02008 | WordPress插件Elementor Addons AI Addons信息泄露漏洞 | 2025-01-10 | 2025-01-26 |
| cnvd-2025-02007 | WordPress插件Education LMS跨站脚本漏洞 | 2025-01-10 | 2025-01-26 |
| cnvd-2025-02006 | WordPress插件eDoc Easy Tables SQL注入漏洞 | 2025-01-10 | 2025-01-26 |
| cnvd-2025-02005 | WordPress插件DynamicTags SQL注入漏洞 | 2025-01-10 | 2025-01-26 |
| cnvd-2025-02004 | WordPress插件WPMU Prefill Post SQL注入漏洞 | 2025-01-10 | 2025-01-26 |
| cnvd-2025-01955 | 浙江宇视科技有限公司视频管理平台存在SQL注入漏洞 | 2024-12-11 | 2025-01-25 |
| cnvd-2025-01244 | 厦门天锐科技股份有限公司天锐绿盾审批系统存在文件上传漏洞 | 2024-12-11 | 2025-01-25 |
| cnvd-2025-01235 | 济南卓源软件有限公司JeeSite存在命令执行漏洞 | 2024-12-11 | 2025-01-25 |
| cnvd-2025-02380 | Palo Alto Networks Expedition命令注入漏洞 | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02379 | TOTOLINK A810R命令注入漏洞(CNVD-2025-02379) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02326 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02326) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02325 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02325) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02324 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02324) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02323 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02323) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02322 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02322) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02321 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02321) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02320 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02320) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02319 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02319) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02318 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02318) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02317 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02317) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02316 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02316) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02315 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02315) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02314 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02314) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02313 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02313) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02312 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02312) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02311 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02311) | 2025-01-24 | 2025-01-24 |
| cnvd-2025-02310 | Oracle MySQL Server存在未明漏洞(CNVD-2025-02310) | 2025-01-24 | 2025-01-24 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2012-avi-588 | Vulnérabilité dans AWStats | 2012-10-18T00:00:00.000000 | 2012-10-18T00:00:00.000000 |
| certa-2012-avi-587 | Vulnérabilités dans Oracle Virtualization | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-586 | Multiples vulnérabilités dans Oracle Sun Products Suite | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-585 | Multiples vulnérabilités dans Oracle Financial Services Software | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-584 | Vulnérabilités dans Oracle Industry Applications | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-583 | Vulnérabilités dans Oracle Siebel CRM | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-582 | Multiples vulnérabilités dans Oracle People Soft | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-581 | Multiples vulnérabilités dans Oracle Supply Chain | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-580 | Multiples vulnérabilités dans Oracle E-Business Suite | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-579 | Multiples vulnérabilités dans Oracle MySQL | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-578 | Multiples vulnérabilités dans Oracle Fusion Middleware | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-577 | Multiples vulnérabilités dans Oracle Database Server | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-576 | Multiples vulnérabilités dans Oracle Java | 2012-10-17T00:00:00.000000 | 2012-10-17T00:00:00.000000 |
| certa-2012-avi-575 | Vulnérabilités dans le système SCADA Schneider Electric TAC I/A | 2012-10-16T00:00:00.000000 | 2012-10-16T00:00:00.000000 |
| certa-2012-avi-574 | Vulnérabilité dans le système SCADA Schneider Electric Critical Power and Cooling Services | 2012-10-16T00:00:00.000000 | 2012-10-16T00:00:00.000000 |
| certa-2012-avi-573 | Multiples vulnérabilités dans IBM HTTPSRV | 2012-10-16T00:00:00.000000 | 2012-10-16T00:00:00.000000 |
| certa-2012-avi-572 | Vulnérabilités dans Google Chrome | 2012-10-12T00:00:00.000000 | 2012-10-12T00:00:00.000000 |
| certa-2012-avi-571 | Vulnérabilités dans EMC NetWorker Module | 2012-10-12T00:00:00.000000 | 2012-10-12T00:00:00.000000 |
| certa-2012-avi-570 | Vulnérabilité dans Symantec Ghost | 2012-10-12T00:00:00.000000 | 2012-10-12T00:00:00.000000 |
| certa-2012-avi-569 | Vulnérabilité dans ISC BIND | 2012-10-11T00:00:00.000000 | 2012-10-11T00:00:00.000000 |
| certa-2012-avi-568 | Multiples vulnérabilités dans Cisco WebEx | 2012-10-11T00:00:00.000000 | 2012-10-11T00:00:00.000000 |
| certa-2012-avi-567 | Multiples vulnérabilités dans Cisco Firewall Services Module | 2012-10-11T00:00:00.000000 | 2012-10-11T00:00:00.000000 |
| certa-2012-avi-566 | Vulnérabilités dans HP Secure Web Server | 2012-10-11T00:00:00.000000 | 2012-10-11T00:00:00.000000 |
| certa-2012-avi-565 | Vulnérabilité dans Joomla! | 2012-10-11T00:00:00.000000 | 2012-10-11T00:00:00.000000 |
| certa-2012-avi-564 | Multiples vulnérabilités dans Cisco ASA | 2012-10-11T00:00:00.000000 | 2012-10-11T00:00:00.000000 |
| certa-2012-avi-561 | Multiples vulnérabilités dans les produits Mozilla | 2012-10-10T00:00:00.000000 | 2012-10-11T00:00:00.000000 |
| certa-2012-avi-563 | Multiples vulnérabilités dans Pale Moon | 2012-10-10T00:00:00.000000 | 2012-10-10T00:00:00.000000 |
| certa-2012-avi-562 | Vulnérabilité dans RSA Adaptative Authentication | 2012-10-10T00:00:00.000000 | 2012-10-10T00:00:00.000000 |
| certa-2012-avi-560 | Vulnérabilité dans Microsoft SQL Server | 2012-10-10T00:00:00.000000 | 2012-10-10T00:00:00.000000 |
| certa-2012-avi-559 | Vulnérabilité dans Kerberos de Microsoft | 2012-10-10T00:00:00.000000 | 2012-10-10T00:00:00.000000 |