Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-0960 |
4.7 (3.1)
|
Loop with Unreachable Exit Condition ('Infinite Loop')… |
Wireshark Foundation |
Wireshark |
2026-01-14T20:23:33.849Z | 2026-01-14T21:15:57.975Z |
| CVE-2026-23498 |
7.2 (3.1)
|
Shopware Improper Control of Generation of Code in Twi… |
shopware |
shopware |
2026-01-14T18:31:19.070Z | 2026-01-14T21:15:57.391Z |
| CVE-2026-23497 |
1.3 (4.0)
|
Frappe LMS has a Stored XSS via Unsanitized Image File… |
frappe |
lms |
2026-01-14T18:25:52.052Z | 2026-01-14T21:15:21.105Z |
| CVE-2026-23492 |
8.8 (3.1)
|
Pimcore has a Blind SQL Injection in Admin Search Find… |
pimcore |
pimcore |
2026-01-14T18:21:55.237Z | 2026-01-14T21:14:46.329Z |
| CVE-2026-23477 |
7.7 (3.1)
|
Rocket.Chat Unauthorized Access to OAuth App Details |
RocketChat |
Rocket.Chat |
2026-01-14T18:16:05.178Z | 2026-01-14T21:14:08.081Z |
| CVE-2026-22819 |
5.9 (3.1)
|
Outray has a Race Condition in main/apps/web/src/route… |
akinloluwami |
outray |
2026-01-14T18:04:33.426Z | 2026-01-14T21:13:36.389Z |
| CVE-2026-22859 |
5.6 (4.0)
|
FreeRDP has a heap-buffer-overflow in urb_select_confi… |
FreeRDP |
FreeRDP |
2026-01-14T17:57:37.000Z | 2026-01-14T21:13:02.936Z |
| CVE-2026-22858 |
5.6 (4.0)
|
FreeRDP has a global-buffer-overflow in crypto_base64_decode |
FreeRDP |
FreeRDP |
2026-01-14T17:56:29.729Z | 2026-01-14T21:12:03.734Z |
| CVE-2026-0962 |
5.3 (3.1)
|
Out-of-bounds Write in Wireshark |
Wireshark Foundation |
Wireshark |
2026-01-14T20:23:38.829Z | 2026-01-14T21:11:23.281Z |
| CVE-2026-23550 |
10 (3.1)
|
WordPress Modular DS plugin <= 2.5.1 - Privilege Escal… |
Modular DS |
Modular DS |
2026-01-14T08:44:25.503Z | 2026-01-14T21:09:14.352Z |
| CVE-2026-0961 |
5.5 (3.1)
|
Out-of-bounds Write in Wireshark |
Wireshark Foundation |
Wireshark |
2026-01-14T20:23:48.832Z | 2026-01-14T21:08:38.074Z |
| CVE-2026-22855 |
5.6 (4.0)
|
FreeRDP has a heap-buffer-overflow in smartcard_unpack… |
FreeRDP |
FreeRDP |
2026-01-14T17:50:06.209Z | 2026-01-14T21:06:26.553Z |
| CVE-2025-15486 |
4.4 (3.1)
|
Kunze Law <= 2.1 - Authenticated (Administrator+) Stor… |
kunzemarketing |
Kunze Law |
2026-01-14T05:28:13.753Z | 2026-01-14T21:06:06.315Z |
| CVE-2026-23512 |
8.6 (3.1)
|
SumatraPDF has an Untrusted Search Path in sumatrapdf/… |
sumatrapdfreader |
sumatrapdf |
2026-01-14T20:31:08.724Z | 2026-01-14T21:04:47.478Z |
| CVE-2026-22851 |
6.9 (4.0)
|
FreeRDP RDPGFX ResetGraphics race leads to use-after-f… |
FreeRDP |
FreeRDP |
2026-01-14T17:43:28.114Z | 2026-01-14T21:03:36.764Z |
| CVE-2026-22779 |
6.3 (4.0)
|
BlackSheep ClientSession is vulnerable to CRLF injection |
Neoteroi |
BlackSheep |
2026-01-14T16:49:34.202Z | 2026-01-14T21:01:52.743Z |
| CVE-2026-0734 |
4.4 (3.1)
|
WP Allowed Hosts <= 1.0.8 - Authenticated (Administrat… |
dfieldfl |
WP Allowed Hosts |
2026-01-14T06:40:05.559Z | 2026-01-14T21:01:19.790Z |
| CVE-2026-0813 |
4.4 (3.1)
|
Short Link <= 1.0 - Authenticated (Administrator+) Sto… |
prasannasp |
Short Link |
2026-01-14T06:40:05.955Z | 2026-01-14T20:59:03.055Z |
| CVE-2025-15512 |
5.3 (3.1)
|
Aplazo Payment Gateway <= 1.4.2 - Missing Authorizatio… |
aplazopayment |
Aplazo Payment Gateway |
2026-01-14T06:40:06.342Z | 2026-01-14T20:52:03.376Z |
| CVE-2026-0741 |
4.4 (3.1)
|
Electric Studio Download Counter <= 2.4 - Authenticate… |
electric-studio |
Electric Studio Download Counter |
2026-01-14T06:40:06.713Z | 2026-01-14T20:48:23.806Z |
| CVE-2025-15513 |
5.3 (3.1)
|
Float Payment Gateway <= 1.1.9 - Improper Authorizatio… |
floattechnologies |
Float Payment Gateway |
2026-01-14T06:40:07.126Z | 2026-01-14T20:30:29.106Z |
| CVE-2025-14846 |
4.3 (3.1)
|
SocialChamp with WordPress <= 1.3.3 - Cross-Site Reque… |
socialchampio |
SocialChamp with WordPress |
2026-01-14T06:40:07.548Z | 2026-01-14T20:28:15.355Z |
| CVE-2025-14173 |
5.3 (3.1)
|
Perfit WooCommerce <= 1.0.1 - Missing Authorization to… |
perfitdev |
Perfit WooCommerce |
2026-01-14T06:40:07.972Z | 2026-01-14T20:25:32.624Z |
| CVE-2025-67835 |
6.5 (3.1)
|
Paessler PRTG Network Monitor before 25.4.114 all… |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T20:15:34.007Z |
| CVE-2025-67834 |
5.4 (3.1)
|
Paessler PRTG Network Monitor before 25.4.114 all… |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T20:11:32.702Z |
| CVE-2026-22609 |
8.9 (4.0)
|
Fickling has Static Analysis Bypass via Incomplete Dan… |
trailofbits |
fickling |
2026-01-10T01:35:18.152Z | 2026-01-14T19:51:31.740Z |
| CVE-2025-71021 |
7.5 (3.1)
|
Tenda AX-1806 v1.0.0.1 was discovered to contain … |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T19:43:05.721Z |
| CVE-2025-39906 |
5.5 (3.1)
|
drm/amd/display: remove oem i2c adapter on finish |
Linux |
Linux |
2025-10-01T07:44:29.666Z | 2026-01-14T19:33:14.971Z |
| CVE-2025-39905 |
7 (3.1)
|
net: phylink: add lock for serializing concurrent pl->… |
Linux |
Linux |
2025-10-01T07:44:28.758Z | 2026-01-14T19:33:14.829Z |
| CVE-2025-39904 |
5.5 (3.1)
|
arm64: kexec: initialize kexec_buf struct in load_othe… |
Linux |
Linux |
2025-10-01T07:44:27.739Z | 2026-01-14T19:33:14.694Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-52754 |
7.1 (3.1)
|
WordPress Sello ChannelConnector plugin <= 1.6.3 - Cro… |
selloio |
Sello ChannelConnector |
2025-10-22T14:32:25.569Z | 2026-01-20T14:28:08.610Z |
| CVE-2025-52753 |
7.1 (3.1)
|
WordPress Contact Form by Supsystic plugin <= 1.7.35 -… |
supsystic |
Contact Form by Supsystic |
2025-10-22T14:32:25.219Z | 2026-01-20T14:28:09.147Z |
| CVE-2025-52752 |
6.5 (3.1)
|
WordPress IDonatePro plugin <= 2.1.9 - Sensitive Data … |
ThemeAtelier |
IDonatePro |
2025-10-22T14:32:25.039Z | 2026-01-20T14:28:08.978Z |
| CVE-2025-52751 |
7.1 (3.1)
|
WordPress Slide Puzzle plugin <= 1.0.0 - Cross Site Sc… |
colome |
Slide Puzzle |
2025-10-22T14:32:24.841Z | 2026-01-20T14:28:08.664Z |
| CVE-2025-52750 |
7.1 (3.1)
|
WordPress Emu2 plugin <= 0.83b - Cross Site Scripting … |
Juergen Schulze |
Emu2 |
2025-10-22T14:32:24.658Z | 2026-01-20T14:28:08.656Z |
| CVE-2025-52749 |
7.1 (3.1)
|
WordPress Uji Countdown plugin <= 2.3.3 - Cross Site S… |
Activity Track |
Uji Countdown |
2025-10-22T14:32:24.442Z | 2026-01-20T14:28:08.525Z |
| CVE-2025-52748 |
7.1 (3.1)
|
WordPress Directory Pro plugin <= 2.5.5 - Cross Site S… |
e-plugins |
Directory Pro |
2025-10-22T14:32:24.265Z | 2026-01-20T14:28:08.584Z |
| CVE-2025-52745 |
8.1 (3.1)
|
WordPress Farm Agrico theme <= 1.3.11 - Local File Inc… |
AncoraThemes |
Farm Agrico |
2025-12-18T07:21:44.978Z | 2026-01-20T14:28:08.668Z |
| CVE-2025-52743 |
7.1 (3.1)
|
WordPress oik-privacy-policy Plugin <= 1.4.9 - Cross S… |
bobbingwide |
oik-privacy-policy |
2025-10-22T14:32:24.069Z | 2026-01-20T14:28:08.836Z |
| CVE-2025-52742 |
7.1 (3.1)
|
WordPress Pets Plugin <= 1.4.1 - Cross Site Scripting … |
Igor Benic |
Pets |
2025-10-22T14:32:23.806Z | 2026-01-20T14:28:08.492Z |
| CVE-2025-52740 |
8.8 (3.1)
|
WordPress Boldermail Plugin <= 2.4.0 - PHP Object Inje… |
Hernan Villanueva |
Boldermail |
2025-10-22T14:32:23.272Z | 2026-01-20T14:28:08.764Z |
| CVE-2025-52739 |
7.1 (3.1)
|
WordPress Sala theme <= 1.1.3 - Cross Site Scripting (… |
uxper |
Sala |
2025-12-31T20:10:29.616Z | 2026-01-20T14:28:08.584Z |
| CVE-2025-52738 |
6.5 (3.1)
|
WordPress Wikipedia Preview Plugin <= 1.15.0 - Broken … |
Wikimedia Foundation |
Wikipedia Preview |
2025-10-22T14:32:23.016Z | 2026-01-20T14:28:08.230Z |
| CVE-2025-52737 |
8.8 (3.1)
|
WordPress WP Store Locator plugin <= 2.2.260 - PHP Obj… |
Tijmen Smit |
WP Store Locator |
2025-10-22T14:32:22.788Z | 2026-01-20T14:28:08.263Z |
| CVE-2025-52736 |
7.1 (3.1)
|
WordPress Finale Lite Plugin <= 2.20.0 - Cross Site Sc… |
Daman Jeet |
Finale Lite |
2025-10-22T14:32:22.566Z | 2026-01-20T14:28:08.492Z |
| CVE-2025-50053 |
7.1 (3.1)
|
WordPress Blappsta Mobile App Plugin – Your native, mo… |
nebelhorn |
Blappsta Mobile App Plugin – Your native, mobile iPhone App and Android App |
2025-12-31T20:09:03.413Z | 2026-01-20T14:28:08.302Z |
| CVE-2025-49992 |
7.1 (3.1)
|
WordPress LearnPress Export Import Plugin <= 4.0.9 - C… |
ThimPress |
LearnPress Export Import |
2025-10-22T14:32:21.965Z | 2026-01-20T14:28:08.282Z |
| CVE-2025-49963 |
7.1 (3.1)
|
WordPress Simple Stripe Checkout plugin <= 1.1.28 - Cr… |
growniche |
Simple Stripe Checkout |
2025-10-22T14:32:21.783Z | 2026-01-20T14:28:08.285Z |
| CVE-2025-49962 |
7.1 (3.1)
|
WordPress bbPress Notify plugin <= 2.19.4 - Cross Site… |
useStrict |
bbPress Notify |
2025-10-22T14:32:21.576Z | 2026-01-20T14:28:08.371Z |
| CVE-2025-49961 |
6.3 (3.1)
|
WordPress Breeze Checkout plugin <= 1.4.0 - Broken Acc… |
Breeze Team |
Breeze Checkout |
2025-10-22T14:32:21.376Z | 2026-01-20T14:28:08.365Z |
| CVE-2025-49960 |
6.5 (3.1)
|
WordPress LeadBI Plugin for WordPress plugin <= 1.7 - … |
leadbi |
LeadBI Plugin for WordPress |
2025-10-22T14:32:21.173Z | 2026-01-20T14:28:08.311Z |
| CVE-2025-49959 |
7.1 (3.1)
|
WordPress bbPress Move Topics plugin <= 1.1.6 - Cross … |
Pascal Casier |
bbPress Move Topics |
2025-10-22T14:32:20.965Z | 2026-01-20T14:28:08.267Z |
| CVE-2025-49958 |
7.1 (3.1)
|
WordPress Robokassa payment gateway for Woocommerce pl… |
robokassa |
Robokassa payment gateway for Woocommerce |
2025-10-22T14:32:20.661Z | 2026-01-20T14:28:08.417Z |
| CVE-2025-49957 |
7.1 (3.1)
|
WordPress Email Attachment by Order Status & Products … |
Weboccult Technologies Pvt Ltd |
Email Attachment by Order Status & Products |
2025-10-22T14:32:20.403Z | 2026-01-20T14:28:07.920Z |
| CVE-2025-49956 |
7.1 (3.1)
|
WordPress Fade Slider Plugin <= 2.5 - Cross Site Scrip… |
Anandaraj Balu |
Fade Slider |
2025-10-22T14:32:20.199Z | 2026-01-20T14:28:07.931Z |
| CVE-2025-49955 |
7.1 (3.1)
|
WordPress WP Smart Flexslider Plugin <= 2.5 - Cross Si… |
Rajan Vijayan |
WP Smart Flexslider |
2025-10-22T14:32:20.010Z | 2026-01-20T14:28:07.948Z |
| CVE-2025-49954 |
7.1 (3.1)
|
WordPress WP-Click-Tracker Plugin <= 0.7.3 - Cross Sit… |
mithra62 |
WP-Click-Tracker |
2025-10-22T14:32:19.827Z | 2026-01-20T14:28:07.823Z |
| CVE-2025-49953 |
7.1 (3.1)
|
WordPress ShareBang, Ultimate Social Share Buttons for… |
themeinity |
ShareBang, Ultimate Social Share Buttons for WordPress |
2025-10-22T14:32:19.616Z | 2026-01-20T14:28:07.826Z |
| CVE-2025-49952 |
6.3 (3.1)
|
WordPress Houzez Theme <= 4.1.1 - Insecure Direct Obje… |
favethemes |
Houzez |
2025-10-22T14:32:19.320Z | 2026-01-20T14:28:07.804Z |
| CVE-2025-49951 |
7.1 (3.1)
|
WordPress gAppointments Plugin <= 1.14.1 - Cross Site … |
wpcrunch |
gAppointments |
2025-10-22T14:32:19.132Z | 2026-01-20T14:28:07.591Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-52737 | Deserialization of Untrusted Data vulnerability in Tijmen Smit WP Store Locator wp-store-locator al… | 2025-10-22T15:15:43.837 | 2026-01-20T15:16:47.780 |
| fkie_cve-2025-52736 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:43.713 | 2026-01-20T15:16:47.650 |
| fkie_cve-2025-50053 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T20:15:42.793 | 2026-01-20T15:16:47.220 |
| fkie_cve-2025-49992 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:43.280 | 2026-01-20T15:16:47.090 |
| fkie_cve-2025-49963 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:43.157 | 2026-01-20T15:16:46.960 |
| fkie_cve-2025-49962 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:43.027 | 2026-01-20T15:16:46.830 |
| fkie_cve-2025-49961 | Missing Authorization vulnerability in Breeze Team Breeze Checkout breeze-checkout allows Exploitin… | 2025-10-22T15:15:42.873 | 2026-01-20T15:16:46.700 |
| fkie_cve-2025-49960 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.720 | 2026-01-20T15:16:46.563 |
| fkie_cve-2025-49959 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.567 | 2026-01-20T15:16:46.423 |
| fkie_cve-2025-49958 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.410 | 2026-01-20T15:16:46.290 |
| fkie_cve-2025-49957 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.270 | 2026-01-20T15:16:46.157 |
| fkie_cve-2025-49956 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.140 | 2026-01-20T15:16:46.027 |
| fkie_cve-2025-49955 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.013 | 2026-01-20T15:16:45.900 |
| fkie_cve-2025-49954 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:41.873 | 2026-01-20T15:16:45.767 |
| fkie_cve-2025-49953 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:41.747 | 2026-01-20T15:16:45.630 |
| fkie_cve-2025-49952 | Authorization Bypass Through User-Controlled Key vulnerability in favethemes Houzez houzez allows E… | 2025-10-22T15:15:41.620 | 2026-01-20T15:16:45.503 |
| fkie_cve-2025-49951 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:41.497 | 2026-01-20T15:16:45.370 |
| fkie_cve-2025-49950 | Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows P… | 2025-10-22T15:15:41.373 | 2026-01-20T15:16:45.240 |
| fkie_cve-2025-49949 | Missing Authorization vulnerability in templazee Templazee templazee allows Exploiting Incorrectly … | 2025-10-22T15:15:41.250 | 2026-01-20T15:16:45.100 |
| fkie_cve-2025-49948 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:41.107 | 2026-01-20T15:16:44.963 |
| fkie_cve-2025-49947 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.963 | 2026-01-20T15:16:44.830 |
| fkie_cve-2025-49946 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.840 | 2026-01-20T15:16:44.690 |
| fkie_cve-2025-49945 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.713 | 2026-01-20T15:16:44.560 |
| fkie_cve-2025-49944 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.570 | 2026-01-20T15:16:44.437 |
| fkie_cve-2025-49943 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.620 | 2026-01-20T15:16:44.310 |
| fkie_cve-2025-49942 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.490 | 2026-01-20T15:16:44.177 |
| fkie_cve-2025-49941 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.357 | 2026-01-20T15:16:44.050 |
| fkie_cve-2025-49940 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.420 | 2026-01-20T15:16:43.920 |
| fkie_cve-2025-49939 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.293 | 2026-01-20T15:16:43.790 |
| fkie_cve-2025-49938 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.157 | 2026-01-20T15:16:43.653 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-qc8j-wvjf-7jfj |
8.8 (3.1)
|
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when t… | 2025-09-23T18:30:24Z | 2026-01-06T09:30:29Z |
| ghsa-p5mw-m48c-rc39 |
6.5 (3.1)
|
The Appointment Booking and Scheduling Calendar Plugin – WP Timetics plugin for WordPress is vulner… | 2026-01-06T09:30:29Z | 2026-01-06T09:30:29Z |
| ghsa-c79c-p5w8-9wmc |
5.3 (3.1)
|
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized modificati… | 2026-01-06T09:30:29Z | 2026-01-06T09:30:29Z |
| ghsa-76rq-mr82-f3r3 |
5.4 (3.1)
|
The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vul… | 2026-01-06T09:30:29Z | 2026-01-06T09:30:29Z |
| ghsa-69m7-6xqg-m79v |
4.3 (3.1)
|
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnera… | 2026-01-06T09:30:29Z | 2026-01-06T09:30:29Z |
| ghsa-xm4x-3r5h-vwfr |
8.8 (3.1)
8.7 (4.0)
|
Authentication bypass issue exists in OpenBlocks series versions prior to FW5.0.8, which may allow … | 2026-01-06T09:30:28Z | 2026-01-06T09:30:28Z |
| ghsa-g226-hwqv-xjmg |
6.4 (3.1)
|
The Table Field Add-on for ACF and SCF plugin for WordPress is vulnerable to Stored Cross-Site Scri… | 2026-01-06T09:30:28Z | 2026-01-06T09:30:28Z |
| ghsa-98r3-6xf8-x8r5 |
6.4 (3.1)
|
The Phlox theme for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-caption` H… | 2026-01-06T09:30:28Z | 2026-01-06T09:30:28Z |
| ghsa-69vq-x493-hfcp |
5.3 (3.1)
|
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Information… | 2026-01-06T09:30:28Z | 2026-01-06T09:30:28Z |
| ghsa-67fh-hvmh-rhv8 |
4.9 (3.1)
|
An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an au… | 2023-11-21T12:30:26Z | 2026-01-06T09:30:28Z |
| ghsa-mg8c-3xfc-654p |
9.8 (3.1)
|
The FS Registration Password plugin for WordPress is vulnerable to privilege escalation via account… | 2026-01-06T06:31:28Z | 2026-01-06T06:31:28Z |
| ghsa-j698-78g5-98mv |
5.3 (3.1)
|
The Popupkit plugin for WordPress is vulnerable to arbitrary subscriber data deletion due to missin… | 2026-01-06T06:31:28Z | 2026-01-06T06:31:28Z |
| ghsa-g496-ghvr-j5ch |
6.4 (3.1)
|
The URL Image Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG Fi… | 2026-01-06T06:31:28Z | 2026-01-06T06:31:28Z |
| ghsa-9g62-4vwm-573r |
6.4 (3.1)
|
The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in… | 2026-01-06T06:31:28Z | 2026-01-06T06:31:28Z |
| ghsa-7fc4-wq7j-5wjr |
9.8 (3.1)
|
The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege … | 2026-01-06T06:31:28Z | 2026-01-06T06:31:28Z |
| ghsa-6qr6-x63g-2597 |
7.2 (3.1)
|
The BuddyPress Xprofile Custom Field Types plugin for WordPress is vulnerable to arbitrary file del… | 2026-01-06T06:31:28Z | 2026-01-06T06:31:28Z |
| ghsa-r2mf-gj7h-w7cp |
6.5 (3.1)
|
The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Path T… | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-p4jc-hx56-jqh2 |
6.4 (3.1)
|
The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Stored Cross-Site Scri… | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-m25w-9pgg-vxgv |
|
Rejected reason: Not used | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-j78w-vwvq-w4vf |
|
Rejected reason: Not used | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-j3cg-8qm3-2r3j |
|
Rejected reason: Not used | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-f3j8-26w9-vx4x |
6.5 (3.1)
|
The Page Expire Popup/Redirection for WordPress plugin for WordPress is vulnerable to time-based SQ… | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-97w3-wx69-wx87 |
|
Rejected reason: Not used | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-9677-rfqw-p4m4 |
5.3 (3.1)
|
The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized modif… | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-6c93-64vp-fj9p |
|
Rejected reason: Not used | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-69fx-52xh-r6f9 |
|
Rejected reason: Not used | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-57qr-59m9-6w74 |
4.9 (3.1)
|
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via… | 2026-01-06T06:31:26Z | 2026-01-06T06:31:27Z |
| ghsa-3556-v99j-j522 |
5.3 (3.1)
|
The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, I… | 2026-01-06T06:31:26Z | 2026-01-06T06:31:27Z |
| ghsa-29mv-jj69-j88c |
|
Rejected reason: Not used | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-86xh-gm7c-mpg4 |
6.5 (3.1)
|
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress… | 2026-01-06T06:31:26Z | 2026-01-06T06:31:26Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-26844 | In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING i… | 2024-02-20T06:02:29.165484Z |
| gsd-2024-26873 | In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix … | 2024-02-20T06:02:29.165203Z |
| gsd-2024-26442 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.164919Z |
| gsd-2024-26882 | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make… | 2024-02-20T06:02:29.164569Z |
| gsd-2024-26852 | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid poss… | 2024-02-20T06:02:29.163778Z |
| gsd-2024-26638 | In the Linux kernel, the following vulnerability has been resolved: nbd: always initiali… | 2024-02-20T06:02:29.163488Z |
| gsd-2024-26658 | In the Linux kernel, the following vulnerability has been resolved: bcachefs: grab s_umo… | 2024-02-20T06:02:29.163203Z |
| gsd-2024-26704 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-fre… | 2024-02-20T06:02:29.162639Z |
| gsd-2024-26725 | In the Linux kernel, the following vulnerability has been resolved: dpll: fix possible d… | 2024-02-20T06:02:29.161842Z |
| gsd-2024-26592 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue… | 2024-02-20T06:02:29.161547Z |
| gsd-2024-26619 | In the Linux kernel, the following vulnerability has been resolved: riscv: Fix module lo… | 2024-02-20T06:02:29.161221Z |
| gsd-2024-26639 | In the Linux kernel, the following vulnerability has been resolved: mm, kmsan: fix infin… | 2024-02-20T06:02:29.160153Z |
| gsd-2024-26726 | In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop ex… | 2024-02-20T06:02:29.159869Z |
| gsd-2024-26375 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.159543Z |
| gsd-2024-26863 | In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-valu… | 2024-02-20T06:02:29.159317Z |
| gsd-2024-26569 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.159028Z |
| gsd-2024-26560 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.158739Z |
| gsd-2024-26889 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core:… | 2024-02-20T06:02:29.158401Z |
| gsd-2024-26860 | In the Linux kernel, the following vulnerability has been resolved: dm-integrity: fix a … | 2024-02-20T06:02:29.157549Z |
| gsd-2024-26354 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.157258Z |
| gsd-2024-26448 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.156629Z |
| gsd-2024-26634 | In the Linux kernel, the following vulnerability has been resolved: net: fix removing a … | 2024-02-20T06:02:29.156406Z |
| gsd-2024-26783 | In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug… | 2024-02-20T06:02:29.155868Z |
| gsd-2024-26909 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glin… | 2024-02-20T06:02:29.155577Z |
| gsd-2024-26443 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.155025Z |
| gsd-2024-26636 | In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sen… | 2024-02-20T06:02:29.154661Z |
| gsd-2024-26925 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables… | 2024-02-20T06:02:29.154369Z |
| gsd-2024-26782 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-fr… | 2024-02-20T06:02:29.154078Z |
| gsd-2024-26362 | HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows … | 2024-02-20T06:02:29.153540Z |
| gsd-2024-26743 | In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedr_… | 2024-02-20T06:02:29.153318Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-184987 | Malicious code in sonic-kig-tifuacav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184986 | Malicious code in sonic-kig-tifuaav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184985 | Malicious code in sonic-kig-tifav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184984 | Malicious code in sonic-kig-tiav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184983 | Malicious code in sonic-kig-tav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184982 | Malicious code in sonic-kg-tv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184981 | Malicious code in sonic-kg-tiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184980 | Malicious code in sonic-kg-tifuffacfav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184979 | Malicious code in sonic-kg-tifuaffacfav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184978 | Malicious code in sonic-kg-tifuacfivffacfav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184977 | Malicious code in sonic-kg-tifuacfiffacfav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184976 | Malicious code in sonic-kg-tifuacfffacfav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184975 | Malicious code in sonic-kg-tifuacffacfav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184974 | Malicious code in sonic-kg-tifffacfav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184973 | Malicious code in sonic-kg-tifffacav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184972 | Malicious code in sonic-kg-tifffaav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184971 | Malicious code in sonic-kg-tiffav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184970 | Malicious code in sonic-kg-tifav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184969 | Malicious code in sonic-kg-tiav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184968 | Malicious code in sonic-kat-ihu (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184967 | Malicious code in sonic-kat-ihifu (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184966 | Malicious code in sonic-kat-ihifafu (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184965 | Malicious code in sonic-kat-ih (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184964 | Malicious code in sonic-kat-igh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184963 | Malicious code in sonic-kat-iadavguhafg (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184962 | Malicious code in sonic-kat-iadavghg (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184961 | Malicious code in sonic-kat-iadavghafg (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184960 | Malicious code in sonic-kat-iadavgh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184959 | Malicious code in sonic-kat-iadagh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184958 | Malicious code in sonic-kat-iaagh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2024:6775 | Red Hat Security Advisory: Red Hat OpenStack Platform 18.0 (python-webob) security update | 2024-09-19T11:50:23+00:00 | 2025-11-21T19:12:11+00:00 |
| rhsa-2024:6723 | Red Hat Security Advisory: thunderbird security update | 2024-09-17T11:27:00+00:00 | 2025-11-21T19:12:05+00:00 |
| rhsa-2024:6722 | Red Hat Security Advisory: thunderbird security update | 2024-09-17T11:23:41+00:00 | 2025-11-21T19:12:05+00:00 |
| rhsa-2024:6721 | Red Hat Security Advisory: thunderbird security update | 2024-09-17T11:28:21+00:00 | 2025-11-21T19:12:05+00:00 |
| rhsa-2024:6719 | Red Hat Security Advisory: thunderbird security update | 2024-09-17T11:30:57+00:00 | 2025-11-21T19:12:05+00:00 |
| rhsa-2024:6681 | Red Hat Security Advisory: firefox security update | 2024-09-16T12:19:19+00:00 | 2025-11-21T19:12:04+00:00 |
| rhsa-2024:6720 | Red Hat Security Advisory: thunderbird security update | 2024-09-17T11:26:16+00:00 | 2025-11-21T19:12:03+00:00 |
| rhsa-2024:6705 | Red Hat Security Advisory: OpenShift Container Platform 4.12.66 security update | 2024-09-19T13:25:06+00:00 | 2025-11-21T19:12:03+00:00 |
| rhsa-2024:6691 | Red Hat Security Advisory: OpenShift Container Platform 4.13.50 bug fix and security update | 2024-09-19T00:12:33+00:00 | 2025-11-21T19:12:01+00:00 |
| rhsa-2024:6689 | Red Hat Security Advisory: OpenShift Container Platform 4.14.37 bug fix and security update | 2024-09-19T05:30:40+00:00 | 2025-11-21T19:12:01+00:00 |
| rhsa-2024:6685 | Red Hat Security Advisory: OpenShift Container Platform 4.15.33 bug fix and security update | 2024-09-19T09:30:45+00:00 | 2025-11-21T19:12:01+00:00 |
| rhsa-2024:6684 | Red Hat Security Advisory: thunderbird security update | 2024-09-16T12:20:54+00:00 | 2025-11-21T19:12:00+00:00 |
| rhsa-2024:6683 | Red Hat Security Advisory: thunderbird security update | 2024-09-16T12:24:04+00:00 | 2025-11-21T19:11:59+00:00 |
| rhsa-2024:6682 | Red Hat Security Advisory: firefox security update | 2024-09-16T12:10:34+00:00 | 2025-11-21T19:11:59+00:00 |
| rhsa-2024:6663 | Red Hat Security Advisory: kpatch-patch-4_18_0-305_120_1 and kpatch-patch-4_18_0-305_138_1 security update | 2024-09-12T18:34:41+00:00 | 2025-11-21T19:11:58+00:00 |
| rhsa-2024:6657 | Red Hat Security Advisory: Migration Toolkit for Runtimes security, bug fix and enhancement update | 2024-09-12T15:05:27+00:00 | 2025-11-21T19:11:57+00:00 |
| rhsa-2024:6656 | Red Hat Security Advisory: Migration Toolkit for Runtimes security, bug fix and enhancement update | 2024-09-12T15:45:34+00:00 | 2025-11-21T19:11:56+00:00 |
| rhsa-2024:6595 | Red Hat Security Advisory: java-1.8.0-ibm security update | 2024-09-11T13:38:21+00:00 | 2025-11-21T19:11:54+00:00 |
| rhsa-2024:6576 | Red Hat Security Advisory: redhat-ds:11 security and bug fix update | 2024-09-11T06:38:09+00:00 | 2025-11-21T19:11:52+00:00 |
| rhsa-2024:6569 | Red Hat Security Advisory: 389-ds:1.4 security update | 2024-09-11T00:51:24+00:00 | 2025-11-21T19:11:52+00:00 |
| rhsa-2024:6568 | Red Hat Security Advisory: redhat-ds:11 security and bug fix update | 2024-09-11T00:09:39+00:00 | 2025-11-21T19:11:52+00:00 |
| rhsa-2024:6560 | Red Hat Security Advisory: kpatch-patch-4_18_0-477_43_1 and kpatch-patch-4_18_0-477_67_1 security update | 2024-09-10T18:28:13+00:00 | 2025-11-21T19:11:51+00:00 |
| rhsa-2024:6536 | Red Hat Security Advisory: Red Hat AMQ Streams 2.5.2 release and security update | 2024-09-10T14:19:20+00:00 | 2025-11-21T19:11:49+00:00 |
| rhsa-2024:6529 | Red Hat Security Advisory: dovecot security update | 2024-09-10T11:45:42+00:00 | 2025-11-21T19:11:49+00:00 |
| rhsa-2024:6510 | Red Hat Security Advisory: emacs security update | 2024-09-09T18:33:54+00:00 | 2025-11-21T19:11:49+00:00 |
| rhsa-2024:6487 | Red Hat Security Advisory: MTV 2.6.6 Images | 2024-09-09T10:39:29+00:00 | 2025-11-21T19:11:42+00:00 |
| rhsa-2024:6466 | Red Hat Security Advisory: ghostscript security update | 2024-09-09T01:35:17+00:00 | 2025-11-21T19:11:41+00:00 |
| rhsa-2024:6465 | Red Hat Security Advisory: dovecot security update | 2024-09-09T01:33:17+00:00 | 2025-11-21T19:11:41+00:00 |
| rhsa-2024:6337 | Red Hat Security Advisory: Satellite 6.13.7.2 Security Update | 2024-09-04T14:52:48+00:00 | 2025-11-21T19:11:31+00:00 |
| rhsa-2024:6336 | Red Hat Security Advisory: Satellite 6.14.4.2 Security Update | 2024-09-04T14:52:47+00:00 | 2025-11-21T19:11:31+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-30141 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 2022-06-14T07:00:00.000Z | 2022-06-14T07:00:00.000Z |
| msrc_cve-2022-30136 | Windows Network File System Remote Code Execution Vulnerability | 2022-06-14T07:00:00.000Z | 2022-06-14T07:00:00.000Z |
| msrc_cve-2022-30135 | Windows Media Center Elevation of Privilege Vulnerability | 2022-06-14T07:00:00.000Z | 2022-06-14T07:00:00.000Z |
| msrc_cve-2022-30132 | Windows Container Manager Service Elevation of Privilege Vulnerability | 2022-06-14T07:00:00.000Z | 2022-06-14T07:00:00.000Z |
| msrc_cve-2022-29143 | Microsoft SQL Server Remote Code Execution Vulnerability | 2022-06-14T07:00:00.000Z | 2022-06-14T07:00:00.000Z |
| msrc_cve-2022-29119 | HEVC Video Extensions Remote Code Execution Vulnerability | 2022-06-14T07:00:00.000Z | 2022-06-14T07:00:00.000Z |
| msrc_cve-2022-29111 | HEVC Video Extensions Remote Code Execution Vulnerability | 2022-06-14T07:00:00.000Z | 2022-06-14T07:00:00.000Z |
| msrc_cve-2022-23267 | .NET and Visual Studio Denial of Service Vulnerability | 2022-05-10T08:00:00.000Z | 2022-06-14T07:00:00.000Z |
| msrc_cve-2022-22018 | HEVC Video Extensions Remote Code Execution Vulnerability | 2022-06-14T07:00:00.000Z | 2022-06-14T07:00:00.000Z |
| msrc_cve-2022-30115 | Using its HSTS support curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL. | 2022-06-02T00:00:00.000Z | 2022-06-14T00:00:00.000Z |
| msrc_cve-2022-1786 | A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system. | 2022-05-02T00:00:00.000Z | 2022-06-14T00:00:00.000Z |
| msrc_cve-2022-32250 | net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | 2022-06-02T00:00:00.000Z | 2022-06-12T00:00:00.000Z |
| msrc_cve-2022-27778 | A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`. | 2022-06-02T00:00:00.000Z | 2022-06-12T00:00:00.000Z |
| msrc_cve-2022-1652 | Linux Kernel could allow a local attacker to execute arbitrary code on the system caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. | 2022-05-02T00:00:00.000Z | 2022-06-12T00:00:00.000Z |
| msrc_cve-2022-1215 | A format string vulnerability was found in libinput | 2022-05-02T00:00:00.000Z | 2022-06-11T00:00:00.000Z |
| msrc_cve-2022-22021 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 2022-06-14T07:00:00.000Z | 2022-06-09T07:00:00.000Z |
| msrc_cve-2022-30787 | An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | 2022-05-02T00:00:00.000Z | 2022-06-09T00:00:00.000Z |
| msrc_cve-2022-30789 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22. | 2022-05-02T00:00:00.000Z | 2022-06-08T00:00:00.000Z |
| msrc_cve-2022-30788 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22. | 2022-05-02T00:00:00.000Z | 2022-06-08T00:00:00.000Z |
| msrc_cve-2022-30786 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22. | 2022-05-02T00:00:00.000Z | 2022-06-08T00:00:00.000Z |
| msrc_cve-2022-30785 | A file handle created in fuse_lib_opendir and later used in fuse_lib_readdir enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | 2022-05-02T00:00:00.000Z | 2022-06-08T00:00:00.000Z |
| msrc_cve-2022-30784 | A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22. | 2022-05-02T00:00:00.000Z | 2022-06-08T00:00:00.000Z |
| msrc_cve-2022-30783 | An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. | 2022-05-02T00:00:00.000Z | 2022-06-08T00:00:00.000Z |
| msrc_cve-2022-29217 | Key confusion through non-blocklisted public key formats in PyJWT | 2022-05-02T00:00:00.000Z | 2022-06-08T00:00:00.000Z |
| msrc_cve-2022-1664 | directory traversal for in-place extracts with untrusted v2 and v3 source packages with debian.tar | 2022-05-02T00:00:00.000Z | 2022-06-08T00:00:00.000Z |
| msrc_cve-2022-1348 | A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist it is created with world-readable permission allowing an unprivileged user to lock the state file stopping any rotation. This flaw affects logrotate versions before 3.20.0. | 2022-05-02T00:00:00.000Z | 2022-06-08T00:00:00.000Z |
| msrc_cve-2022-1898 | Use After Free in vim/vim | 2022-05-02T00:00:00.000Z | 2022-06-05T00:00:00.000Z |
| msrc_cve-2022-1851 | Out-of-bounds Read in vim/vim | 2022-05-02T00:00:00.000Z | 2022-06-05T00:00:00.000Z |
| msrc_cve-2021-22570 | Nullptr Dereference in Protobuf | 2022-01-02T00:00:00.000Z | 2022-06-05T00:00:00.000Z |
| msrc_cve-2022-29104 | Windows Print Spooler Elevation of Privilege Vulnerability | 2022-05-10T08:00:00.000Z | 2022-06-03T07:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201612-0359 | A vulnerability in the malicious file detection and blocking features of Cisco Firepower … | 2025-04-13T23:22:18.177000Z |
| var-201612-0485 | A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote a… | 2025-04-13T23:22:18.094000Z |
| var-201604-0329 | The Maxim_smartpa_dev driver in Huawei P8 smartphones with software GRA-TL00 before GRA-T… | 2025-04-13T23:22:17.734000Z |
| var-201403-0130 | The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication fo… | 2025-04-13T23:21:28.597000Z |
| var-201403-0464 | Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents i… | 2025-04-13T23:21:28.501000Z |
| var-201404-0106 | The web management interface on Zyxel P660 devices allows remote attackers to cause a den… | 2025-04-13T23:21:28.205000Z |
| var-201404-0169 | Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is enabled, allows remo… | 2025-04-13T23:21:28.066000Z |
| var-201404-0461 | Cross-site scripting (XSS) vulnerability in the web interface on Huawei Echo Life HG8247 … | 2025-04-13T23:21:27.840000Z |
| var-201404-0566 | Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cis… | 2025-04-13T23:21:27.722000Z |
| var-201404-0565 | Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER)… | 2025-04-13T23:21:27.689000Z |
| var-201404-0567 | Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web page… | 2025-04-13T23:21:27.654000Z |
| var-201404-0568 | Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier … | 2025-04-13T23:21:27.620000Z |
| var-201405-0476 | The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6… | 2025-04-13T23:21:27.315000Z |
| var-201405-0356 | Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconne… | 2025-04-13T23:21:27.278000Z |
| var-201405-0055 | Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multip… | 2025-04-13T23:21:27.239000Z |
| var-201405-0475 | Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multip… | 2025-04-13T23:21:26.824000Z |
| var-201405-0181 | Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in di… | 2025-04-13T23:21:26.659000Z |
| var-201405-0349 | Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does not properly handle… | 2025-04-13T23:21:26.573000Z |
| var-201406-0099 | The PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 routers 1.00 through 3.10, SEIL/X1 r… | 2025-04-13T23:21:26.353000Z |
| var-201406-0309 | The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manag… | 2025-04-13T23:21:26.234000Z |
| var-201407-0012 | Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication … | 2025-04-13T23:21:26.135000Z |
| var-201407-0367 | The web framework in Cisco WebEx Meetings Server does not properly restrict the content o… | 2025-04-13T23:21:25.820000Z |
| var-201407-0388 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Customer Voice Porta… | 2025-04-13T23:21:25.790000Z |
| var-201407-0409 | The SAP Netweaver Business Warehouse component does not properly restrict access to the f… | 2025-04-13T23:21:25.760000Z |
| var-201408-0172 | Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier do… | 2025-04-13T23:21:25.515000Z |
| var-201408-0235 | The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote att… | 2025-04-13T23:21:25.451000Z |
| var-201408-0277 | Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have … | 2025-04-13T23:21:25.330000Z |
| var-201409-0064 | Cisco WebEx Meetings Server (WMS) 2.5 allows remote attackers to trigger the download of … | 2025-04-13T23:21:25.168000Z |
| var-201410-0057 | Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and add… | 2025-04-13T23:21:24.940000Z |
| var-201410-0078 | Untrusted search path vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7… | 2025-04-13T23:21:24.911000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2021:3140-1 | Security update for xen | 2021-09-18T12:37:20Z | 2021-09-18T12:37:20Z |
| suse-su-2021:3125-1 | Security update for gtk-vnc | 2021-09-16T17:49:14Z | 2021-09-16T17:49:14Z |
| suse-su-2021:3124-1 | Security update for transfig | 2021-09-16T17:46:46Z | 2021-09-16T17:46:46Z |
| suse-su-2021:3123-1 | Security update for libcroco | 2021-09-16T17:45:21Z | 2021-09-16T17:45:21Z |
| suse-su-2021:14800-1 | Security update for libcroco | 2021-09-16T17:44:39Z | 2021-09-16T17:44:39Z |
| suse-su-2021:3121-1 | Security update for crmsh | 2021-09-16T17:43:47Z | 2021-09-16T17:43:47Z |
| suse-su-2021:3120-1 | Security update for postgresql13 | 2021-09-16T17:43:29Z | 2021-09-16T17:43:29Z |
| suse-su-2021:3119-1 | Security update for postgresql12 | 2021-09-16T17:43:00Z | 2021-09-16T17:43:00Z |
| suse-su-2021:3117-1 | Security update for Mesa | 2021-09-16T12:08:36Z | 2021-09-16T12:08:36Z |
| suse-ru-2021:3116-1 | Recommended update for mozilla-nspr, mozilla-nss | 2021-09-16T12:07:39Z | 2021-09-16T12:07:39Z |
| suse-ru-2021:3115-1 | Recommended update for mozilla-nspr, mozilla-nss | 2021-09-16T12:05:52Z | 2021-09-16T12:05:52Z |
| suse-su-2021:3073-1 | Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP3) | 2021-09-16T09:19:42Z | 2021-09-16T09:19:42Z |
| suse-su-2021:3044-1 | Security update for ghostscript | 2021-09-15T08:18:20Z | 2021-09-15T08:18:20Z |
| suse-su-2021:3020-1 | Security update for apache2-mod_auth_openidc | 2021-09-13T07:17:22Z | 2021-09-13T07:17:22Z |
| suse-su-2021:3019-1 | Security update for compat-openssl098 | 2021-09-13T07:14:50Z | 2021-09-13T07:14:50Z |
| suse-su-2021:3018-1 | Security update for php7-pear | 2021-09-13T07:14:04Z | 2021-09-13T07:14:04Z |
| suse-su-2021:3017-1 | Security update for wireshark | 2021-09-13T07:13:29Z | 2021-09-13T07:13:29Z |
| suse-su-2021:3008-1 | Security update for mariadb | 2021-09-09T13:22:35Z | 2021-09-09T13:22:35Z |
| suse-su-2021:3007-1 | Security update for java-1_7_0-openjdk | 2021-09-09T13:22:06Z | 2021-09-09T13:22:06Z |
| suse-su-2021:3006-1 | Security update for php74-pear | 2021-09-09T13:21:51Z | 2021-09-09T13:21:51Z |
| suse-su-2021:3005-1 | Security update for libaom | 2021-09-09T13:21:34Z | 2021-09-09T13:21:34Z |
| suse-su-2021:3004-1 | Security update for libtpms | 2021-09-09T13:20:48Z | 2021-09-09T13:20:48Z |
| suse-su-2021:3003-1 | Security update for grilo | 2021-09-09T13:20:32Z | 2021-09-09T13:20:32Z |
| suse-su-2021:2996-1 | Security update for openssl-1_1 | 2021-09-09T12:36:52Z | 2021-09-09T12:36:52Z |
| suse-su-2021:2995-1 | Security update for openssl-1_0_0 | 2021-09-09T12:36:01Z | 2021-09-09T12:36:01Z |
| suse-su-2021:2994-1 | Security update for openssl-1_0_0 | 2021-09-09T12:33:25Z | 2021-09-09T12:33:25Z |
| suse-su-2021:2975-1 | Security update for haproxy | 2021-09-07T19:08:41Z | 2021-09-07T19:08:41Z |
| suse-su-2021:2971-1 | Security update for ntfs-3g_ntfsprogs | 2021-09-07T08:45:33Z | 2021-09-07T08:45:33Z |
| suse-su-2021:2968-1 | Security update for openssl-1_1 | 2021-09-07T07:53:15Z | 2021-09-07T07:53:15Z |
| suse-su-2021:2967-1 | Security update for openssl-1_1 | 2021-09-07T07:52:33Z | 2021-09-07T07:52:33Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-01703 | LightPicture跨站脚本漏洞 | 2025-01-16 | 2025-01-17 |
| cnvd-2025-01702 | Linux kernel存在未明漏洞(CNVD-2025-01702) | 2025-01-16 | 2025-01-17 |
| cnvd-2025-01701 | Huawei HarmonyOS存在未明漏洞(CNVD-2025-01701) | 2025-01-16 | 2025-01-17 |
| cnvd-2025-01700 | D-Link DIR-816 A2 /goform/form2AddVrtsrv.cgi访问控制错误漏洞 | 2025-01-16 | 2025-01-17 |
| cnvd-2025-01699 | D-Link DIR-816 A2 /goform/form2NetSniper.cgi访问控制错误漏洞 | 2025-01-16 | 2025-01-17 |
| cnvd-2025-01698 | Siemens SIMATIC S7-1200 CPU跨站请求伪造漏洞 | 2025-01-14 | 2025-01-17 |
| cnvd-2025-01697 | Siemens SIPROTEC 5文件访问限制不当漏洞 | 2025-01-14 | 2025-01-17 |
| cnvd-2025-01696 | Siemens Industrial Edge Management跨站脚本漏洞 | 2025-01-14 | 2025-01-17 |
| cnvd-2025-01695 | Siemens Siveillance Video摄像机驱动程序信息泄露漏洞 | 2025-01-14 | 2025-01-17 |
| cnvd-2025-01200 | Mozilla Firefox和Firefox ESR信息泄露漏洞(CNVD-2025-0120049) | 2023-12-21 | 2025-01-17 |
| cnvd-2025-01193 | 多款Mozilla产品欺骗漏洞(CNVD-2025-01193) | 2024-03-01 | 2025-01-17 |
| cnvd-2025-01192 | Microsoft Windows Remote Desktop Services远程代码执行漏洞(CNVD-2025-01192) | 2024-12-13 | 2025-01-17 |
| cnvd-2025-01191 | Microsoft Windows Remote Desktop Services远程代码执行漏洞(CNVD-2025-01191) | 2024-12-13 | 2025-01-17 |
| cnvd-2025-01190 | Microsoft Windows Remote Desktop Services远程代码执行漏洞(CNVD-2025-01190) | 2024-12-13 | 2025-01-17 |
| cnvd-2025-01189 | Microsoft Windows Remote Desktop Services远程代码执行漏洞(CNVD-2025-01189) | 2024-12-13 | 2025-01-17 |
| cnvd-2025-01188 | Microsoft Windows Remote Desktop Services远程代码执行漏洞(CNVD-2025-01188) | 2024-12-13 | 2025-01-17 |
| cnvd-2025-01187 | Microsoft Windows Remote Desktop Services远程代码执行漏洞(CNVD-2025-01187) | 2024-12-13 | 2025-01-17 |
| cnvd-2025-01186 | Microsoft Windows Remote Desktop Services远程代码执行漏洞(CNVD-2025-01186) | 2024-12-13 | 2025-01-17 |
| cnvd-2025-01185 | Microsoft Windows Remote Desktop Services远程代码执行漏洞(CNVD-2025-01185) | 2024-12-13 | 2025-01-17 |
| cnvd-2025-00430 | 用友网络科技股份有限公司U8+CRM存在逻辑缺陷漏洞 | 2024-12-03 | 2025-01-17 |
| cnvd-2025-02171 | SonicWALL SonicOS memcpy函数缓冲区溢出漏洞 | 2024-06-28 | 2025-01-16 |
| cnvd-2025-01842 | SonicWALL SMA100加密问题漏洞 | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01839 | Adobe Connect输入验证错误漏洞(CNVD-2025-01839) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01838 | Adobe Connect跨站脚本漏洞(CNVD-2025-01838) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01837 | Adobe Connect跨站脚本漏洞(CNVD-2025-01837) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01836 | Adobe Connect跨站脚本漏洞(CNVD-2025-01836) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01835 | Adobe Connect跨站脚本漏洞(CNVD-2025-01835) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01834 | Adobe Connect跨站脚本漏洞(CNVD-2025-01834) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01833 | Adobe Connect跨站脚本漏洞(CNVD-2025-01833) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01832 | Adobe Connect跨站脚本漏洞(CNVD-2025-01832) | 2024-12-13 | 2025-01-16 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2012-avi-413 | Vulnérabilité dans SIMATIC S7-400 CPU | 2012-08-01T00:00:00.000000 | 2012-08-01T00:00:00.000000 |
| certa-2012-avi-412 | Vulnérabilités dans Django | 2012-08-01T00:00:00.000000 | 2012-08-01T00:00:00.000000 |
| certa-2012-avi-411 | Vulnérabilité dans IBM WebSphere | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-410 | Vulnérabilité dans IBM AIX | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-409 | Vulnérabilité dans Ruby on Rails | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-408 | Vulnérabilités dans Bugzilla | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-407 | Vulnérabilités dans IBM SONAS | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-406 | Vulnérabilités dans ISC DHCP | 2012-07-26T00:00:00.000000 | 2012-07-26T00:00:00.000000 |
| certa-2012-avi-405 | Vulnérabilités dans ISC BIND | 2012-07-26T00:00:00.000000 | 2012-07-26T00:00:00.000000 |
| certa-2012-avi-404 | Multiples vulnérabilités dans Safari | 2012-07-26T00:00:00.000000 | 2012-07-26T00:00:00.000000 |
| certa-2012-avi-403 | Vulnérabilité dans Bash | 2012-07-26T00:00:00.000000 | 2012-07-26T00:00:00.000000 |
| certa-2012-avi-402 | Vulnérabilités dans Siemens SIMATIC STEP et PCS | 2012-07-25T00:00:00.000000 | 2012-07-25T00:00:00.000000 |
| certa-2012-avi-401 | Vulnérabilités dans Wireshark | 2012-07-25T00:00:00.000000 | 2012-07-25T00:00:00.000000 |
| certa-2012-avi-400 | Vulnérabilités dans Red Hat Certificate System v8 | 2012-07-24T00:00:00.000000 | 2012-07-24T00:00:00.000000 |
| certa-2012-avi-399 | Vulnérabilités dans Symantec System Recovery 2011 et Backup Exec System Recovery 2010 | 2012-07-24T00:00:00.000000 | 2012-07-24T00:00:00.000000 |
| certa-2012-avi-398 | Multiples vulnérabilités dans Symantec Web Gateway | 2012-07-24T00:00:00.000000 | 2012-07-24T00:00:00.000000 |
| certa-2012-avi-397 | Vulnérabilité dans PHP | 2012-07-24T00:00:00.000000 | 2012-07-24T00:00:00.000000 |
| certa-2012-avi-396 | Vulnérabilités dans Moodle | 2012-07-20T00:00:00.000000 | 2012-07-20T00:00:00.000000 |
| certa-2012-avi-395 | Vulnérabilités dans HP Network Node Manager i | 2012-07-18T00:00:00.000000 | 2012-07-18T00:00:00.000000 |
| certa-2012-avi-394 | Multiples vulnérabilités dans Mozilla Firefox et Thunderbird | 2012-07-18T00:00:00.000000 | 2012-07-18T00:00:00.000000 |
| certa-2012-avi-393 | Multiples vulnérabilités dans les produits Oracle | 2012-07-18T00:00:00.000000 | 2012-07-18T00:00:00.000000 |
| certa-2012-avi-392 | Vulnérabilité dans libexif | 2012-07-17T00:00:00.000000 | 2012-07-17T00:00:00.000000 |
| certa-2012-avi-391 | Vulnérabilités dans IBM WebSphere | 2012-07-17T00:00:00.000000 | 2012-07-17T00:00:00.000000 |
| certa-2012-avi-305 | Vulnérabilité dans BIND | 2012-06-04T00:00:00.000000 | 2012-07-17T00:00:00.000000 |
| certa-2012-avi-390 | Vulnérabilité dans HP AssetManager | 2012-07-16T00:00:00.000000 | 2012-07-16T00:00:00.000000 |
| certa-2012-avi-389 | Vulnérabilité dans divers produits EMC | 2012-07-13T00:00:00.000000 | 2012-07-13T00:00:00.000000 |
| certa-2012-avi-388 | Vulnérabilité dans GLPI | 2012-07-13T00:00:00.000000 | 2012-07-13T00:00:00.000000 |
| certa-2012-avi-387 | Multiples vulnérabilités dans VMware ESXi | 2012-07-13T00:00:00.000000 | 2012-07-13T00:00:00.000000 |
| certa-2012-avi-385 | Vulnérabilités dans Google Chrome | 2012-07-12T00:00:00.000000 | 2012-07-12T00:00:00.000000 |
| certa-2012-avi-384 | Multiples vulnérabilités dans les produits Cisco TelePresence | 2012-07-12T00:00:00.000000 | 2012-07-12T00:00:00.000000 |