Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-67834 |
5.4 (3.1)
|
Paessler PRTG Network Monitor before 25.4.114 all… |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T20:11:32.702Z |
| CVE-2026-22609 |
8.9 (4.0)
|
Fickling has Static Analysis Bypass via Incomplete Dan… |
trailofbits |
fickling |
2026-01-10T01:35:18.152Z | 2026-01-14T19:51:31.740Z |
| CVE-2025-71021 |
7.5 (3.1)
|
Tenda AX-1806 v1.0.0.1 was discovered to contain … |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T19:43:05.721Z |
| CVE-2025-39906 |
5.5 (3.1)
|
drm/amd/display: remove oem i2c adapter on finish |
Linux |
Linux |
2025-10-01T07:44:29.666Z | 2026-01-14T19:33:14.971Z |
| CVE-2025-39905 |
7 (3.1)
|
net: phylink: add lock for serializing concurrent pl->… |
Linux |
Linux |
2025-10-01T07:44:28.758Z | 2026-01-14T19:33:14.829Z |
| CVE-2025-39904 |
5.5 (3.1)
|
arm64: kexec: initialize kexec_buf struct in load_othe… |
Linux |
Linux |
2025-10-01T07:44:27.739Z | 2026-01-14T19:33:14.694Z |
| CVE-2025-39903 |
5.5 (3.1)
|
of_numa: fix uninitialized memory nodes causing kernel panic |
Linux |
Linux |
2025-10-01T07:42:50.215Z | 2026-01-14T19:33:14.557Z |
| CVE-2025-39901 |
7.1 (3.1)
|
i40e: remove read access to debugfs files |
Linux |
Linux |
2025-10-01T07:42:48.606Z | 2026-01-14T19:33:14.407Z |
| CVE-2025-39900 |
5.5 (3.1)
|
net_sched: gen_estimator: fix est_timer() vs CONFIG_PR… |
Linux |
Linux |
2025-10-01T07:42:47.785Z | 2026-01-14T19:33:14.273Z |
| CVE-2025-39899 |
5.5 (3.1)
|
mm/userfaultfd: fix kmap_local LIFO ordering for CONFI… |
Linux |
Linux |
2025-10-01T07:42:47.100Z | 2026-01-14T19:33:14.117Z |
| CVE-2025-39897 |
5.5 (3.1)
|
net: xilinx: axienet: Add error handling for RX metada… |
Linux |
Linux |
2025-10-01T07:42:45.593Z | 2026-01-14T19:33:13.992Z |
| CVE-2025-39896 |
7.8 (3.1)
|
accel/ivpu: Prevent recovery work from being queued du… |
Linux |
Linux |
2025-10-01T07:42:44.714Z | 2026-01-14T19:33:13.870Z |
| CVE-2025-39895 |
5.5 (3.1)
|
sched: Fix sched_numa_find_nth_cpu() if mask offline |
Linux |
Linux |
2025-10-01T07:42:43.920Z | 2026-01-14T19:33:13.717Z |
| CVE-2025-39893 |
5.5 (3.1)
|
spi: spi-qpic-snand: unregister ECC engine on probe er… |
Linux |
Linux |
2025-10-01T07:42:42.344Z | 2026-01-14T19:33:13.571Z |
| CVE-2025-39892 |
5.5 (3.1)
|
ASoC: soc-core: care NULL dirver name on snd_soc_looku… |
Linux |
Linux |
2025-10-01T07:42:41.643Z | 2026-01-14T19:33:13.444Z |
| CVE-2024-58241 |
5.5 (3.1)
|
Bluetooth: hci_core: Disable works on hci_unregister_dev |
Linux |
Linux |
2025-09-24T11:02:49.948Z | 2026-01-14T19:33:13.304Z |
| CVE-2025-39888 |
7.8 (3.1)
|
fuse: Block access to folio overlimit |
Linux |
Linux |
2025-09-23T06:00:54.156Z | 2026-01-14T19:33:13.183Z |
| CVE-2025-39887 |
5.5 (3.1)
|
tracing/osnoise: Fix null-ptr-deref in bitmap_parselist() |
Linux |
Linux |
2025-09-23T06:00:53.648Z | 2026-01-14T19:33:13.049Z |
| CVE-2025-39886 |
5.5 (3.1)
|
bpf: Tell memcg to use allow_spinning=false path in bp… |
Linux |
Linux |
2025-09-23T06:00:53.120Z | 2026-01-14T19:33:12.924Z |
| CVE-2025-39884 |
4.7 (3.1)
|
btrfs: fix subvolume deletion lockup caused by inodes … |
Linux |
Linux |
2025-09-23T06:00:52.064Z | 2026-01-14T19:33:12.790Z |
| CVE-2025-39882 |
7.8 (3.1)
|
drm/mediatek: fix potential OF node use-after-free |
Linux |
Linux |
2025-09-23T06:00:51.036Z | 2026-01-14T19:33:12.579Z |
| CVE-2025-39879 |
5.5 (3.1)
|
ceph: always call ceph_shift_unused_folios_left() |
Linux |
Linux |
2025-09-23T06:00:49.377Z | 2026-01-14T19:33:12.440Z |
| CVE-2025-39878 |
5.5 (3.1)
|
ceph: fix crash after fscrypt_encrypt_pagecache_blocks… |
Linux |
Linux |
2025-09-23T06:00:48.850Z | 2026-01-14T19:33:12.301Z |
| CVE-2025-39875 |
5.5 (3.1)
|
igb: Fix NULL pointer dereference in ethtool loopback test |
Linux |
Linux |
2025-09-23T06:00:47.198Z | 2026-01-14T19:33:12.155Z |
| CVE-2025-39874 |
5.5 (3.1)
|
macsec: sync features on RTM_NEWLINK |
Linux |
Linux |
2025-09-23T06:00:46.690Z | 2026-01-14T19:33:12.011Z |
| CVE-2025-39868 |
7.8 (3.1)
|
erofs: fix runtime warning on truncate_folio_batch_exc… |
Linux |
Linux |
2025-09-23T06:00:43.308Z | 2026-01-14T19:33:11.858Z |
| CVE-2025-39863 |
7.8 (3.1)
|
wifi: brcmfmac: fix use-after-free when rescheduling b… |
Linux |
Linux |
2025-09-19T15:26:33.069Z | 2026-01-14T19:33:11.612Z |
| CVE-2025-39862 |
7.8 (3.1)
|
wifi: mt76: mt7915: fix list corruption after hardware… |
Linux |
Linux |
2025-09-19T15:26:32.259Z | 2026-01-14T19:33:11.429Z |
| CVE-2025-39861 |
7.8 (3.1)
|
Bluetooth: vhci: Prevent use-after-free by removing de… |
Linux |
Linux |
2025-09-19T15:26:31.519Z | 2026-01-14T19:33:11.242Z |
| CVE-2025-65396 |
6.1 (3.1)
|
A vulnerability in the boot process of Blurams Fl… |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T19:27:50.562Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-49962 |
7.1 (3.1)
|
WordPress bbPress Notify plugin <= 2.19.4 - Cross Site… |
useStrict |
bbPress Notify |
2025-10-22T14:32:21.576Z | 2026-01-20T14:28:08.371Z |
| CVE-2025-49961 |
6.3 (3.1)
|
WordPress Breeze Checkout plugin <= 1.4.0 - Broken Acc… |
Breeze Team |
Breeze Checkout |
2025-10-22T14:32:21.376Z | 2026-01-20T14:28:08.365Z |
| CVE-2025-49960 |
6.5 (3.1)
|
WordPress LeadBI Plugin for WordPress plugin <= 1.7 - … |
leadbi |
LeadBI Plugin for WordPress |
2025-10-22T14:32:21.173Z | 2026-01-20T14:28:08.311Z |
| CVE-2025-49959 |
7.1 (3.1)
|
WordPress bbPress Move Topics plugin <= 1.1.6 - Cross … |
Pascal Casier |
bbPress Move Topics |
2025-10-22T14:32:20.965Z | 2026-01-20T14:28:08.267Z |
| CVE-2025-49958 |
7.1 (3.1)
|
WordPress Robokassa payment gateway for Woocommerce pl… |
robokassa |
Robokassa payment gateway for Woocommerce |
2025-10-22T14:32:20.661Z | 2026-01-20T14:28:08.417Z |
| CVE-2025-49957 |
7.1 (3.1)
|
WordPress Email Attachment by Order Status & Products … |
Weboccult Technologies Pvt Ltd |
Email Attachment by Order Status & Products |
2025-10-22T14:32:20.403Z | 2026-01-20T14:28:07.920Z |
| CVE-2025-49956 |
7.1 (3.1)
|
WordPress Fade Slider Plugin <= 2.5 - Cross Site Scrip… |
Anandaraj Balu |
Fade Slider |
2025-10-22T14:32:20.199Z | 2026-01-20T14:28:07.931Z |
| CVE-2025-49955 |
7.1 (3.1)
|
WordPress WP Smart Flexslider Plugin <= 2.5 - Cross Si… |
Rajan Vijayan |
WP Smart Flexslider |
2025-10-22T14:32:20.010Z | 2026-01-20T14:28:07.948Z |
| CVE-2025-49954 |
7.1 (3.1)
|
WordPress WP-Click-Tracker Plugin <= 0.7.3 - Cross Sit… |
mithra62 |
WP-Click-Tracker |
2025-10-22T14:32:19.827Z | 2026-01-20T14:28:07.823Z |
| CVE-2025-49953 |
7.1 (3.1)
|
WordPress ShareBang, Ultimate Social Share Buttons for… |
themeinity |
ShareBang, Ultimate Social Share Buttons for WordPress |
2025-10-22T14:32:19.616Z | 2026-01-20T14:28:07.826Z |
| CVE-2025-49952 |
6.3 (3.1)
|
WordPress Houzez Theme <= 4.1.1 - Insecure Direct Obje… |
favethemes |
Houzez |
2025-10-22T14:32:19.320Z | 2026-01-20T14:28:07.804Z |
| CVE-2025-49951 |
7.1 (3.1)
|
WordPress gAppointments Plugin <= 1.14.1 - Cross Site … |
wpcrunch |
gAppointments |
2025-10-22T14:32:19.132Z | 2026-01-20T14:28:07.591Z |
| CVE-2025-49950 |
7.3 (3.1)
|
WordPress Official Integration for Billingo Plugin <= … |
billingo |
Official Integration for Billingo |
2025-10-22T14:32:18.932Z | 2026-01-20T14:28:07.828Z |
| CVE-2025-49949 |
5.5 (3.1)
|
WordPress Templazee plugin <= 1.0.2 - Broken Access Co… |
templazee |
Templazee |
2025-10-22T14:32:18.660Z | 2026-01-20T14:28:07.803Z |
| CVE-2025-49948 |
7.1 (3.1)
|
WordPress WP Super Edit plugin <= 2.5.4 - Cross Site S… |
Ahmad Awais |
WP Super Edit |
2025-10-22T14:32:18.319Z | 2026-01-20T14:28:07.687Z |
| CVE-2025-49947 |
7.1 (3.1)
|
WordPress WooCommerce Registration Fields Plugin - Cus… |
extendons |
WooCommerce Registration Fields Plugin - Custom Signup Fields |
2025-10-22T14:32:18.131Z | 2026-01-20T14:28:07.883Z |
| CVE-2025-49946 |
7.1 (3.1)
|
WordPress Auto Login After Registration plugin <= 1.0.… |
Cynob IT Consultancy |
Auto Login After Registration |
2025-10-22T14:32:17.913Z | 2026-01-20T14:28:08.228Z |
| CVE-2025-49945 |
7.1 (3.1)
|
WordPress Shortcode Generator plugin <= 1.1 - Cross Si… |
kylegetson |
Shortcode Generator |
2025-10-22T14:32:17.676Z | 2026-01-20T14:28:07.632Z |
| CVE-2025-49944 |
7.1 (3.1)
|
WordPress WPCode Content Ratio plugin <= 2.0 - Cross S… |
Jonatan Jumbert |
WPCode Content Ratio |
2025-10-22T14:32:17.445Z | 2026-01-20T14:28:07.648Z |
| CVE-2025-49943 |
8.1 (3.1)
|
WordPress Femme theme <= 1.3.11 - Local File Inclusion… |
AncoraThemes |
Femme |
2025-12-18T07:21:44.794Z | 2026-01-20T14:28:08.066Z |
| CVE-2025-49942 |
8.1 (3.1)
|
WordPress Gardis theme <= 1.2.13 - Local File Inclusio… |
AncoraThemes |
Gardis |
2025-12-18T07:21:44.617Z | 2026-01-20T14:28:07.580Z |
| CVE-2025-49941 |
8.1 (3.1)
|
WordPress GlamChic theme <= 1.0.11 - Local File Inclus… |
AncoraThemes |
GlamChic |
2025-12-18T07:21:44.421Z | 2026-01-20T14:28:07.677Z |
| CVE-2025-49940 |
6.5 (3.1)
|
WordPress Fusion Builder plugin <= 3.13.2 - Cross Site… |
ThemeFusion |
Fusion Builder |
2025-10-22T14:32:17.247Z | 2026-01-20T14:28:07.835Z |
| CVE-2025-49939 |
6.5 (3.1)
|
WordPress JetElements For Elementor plugin <= 2.7.8 - … |
CrocoBlock |
JetElements For Elementor |
2025-10-22T14:32:17.061Z | 2026-01-20T14:28:07.611Z |
| CVE-2025-49938 |
6.5 (3.1)
|
WordPress JetEngine plugin <= 3.7.3 - Cross Site Scrip… |
CrocoBlock |
JetEngine |
2025-10-22T14:32:16.875Z | 2026-01-20T14:28:08.144Z |
| CVE-2025-49937 |
4.3 (3.1)
|
WordPress Smash Balloon Social Post Feed plugin <= 4.3… |
Syed Balkhi |
Smash Balloon Social Post Feed |
2025-10-22T14:32:16.676Z | 2026-01-20T14:28:07.564Z |
| CVE-2025-49936 |
6.5 (3.1)
|
WordPress WoodMart theme < 8.3.2 - Cross Site Scriptin… |
xtemos |
WoodMart |
2025-10-22T14:32:16.302Z | 2026-01-20T14:28:07.770Z |
| CVE-2025-49935 |
7.4 (3.1)
|
WordPress WoodMart theme < 8.3.2 - Local File Inclusio… |
xtemos |
WoodMart |
2025-10-22T14:32:16.098Z | 2026-01-20T14:28:07.791Z |
| CVE-2025-49934 |
5.4 (3.1)
|
WordPress JetBlocks For Elementor plugin <= 1.3.18 - C… |
CrocoBlock |
JetBlocks For Elementor |
2025-10-22T14:32:15.865Z | 2026-01-20T14:28:07.810Z |
| CVE-2025-49933 |
6.5 (3.1)
|
WordPress JetBlog plugin <= 2.4.4 - Cross Site Scripti… |
CrocoBlock |
JetBlog |
2025-10-22T14:32:15.603Z | 2026-01-20T14:28:07.844Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-49962 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:43.027 | 2026-01-20T15:16:46.830 |
| fkie_cve-2025-49961 | Missing Authorization vulnerability in Breeze Team Breeze Checkout breeze-checkout allows Exploitin… | 2025-10-22T15:15:42.873 | 2026-01-20T15:16:46.700 |
| fkie_cve-2025-49960 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.720 | 2026-01-20T15:16:46.563 |
| fkie_cve-2025-49959 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.567 | 2026-01-20T15:16:46.423 |
| fkie_cve-2025-49958 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.410 | 2026-01-20T15:16:46.290 |
| fkie_cve-2025-49957 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.270 | 2026-01-20T15:16:46.157 |
| fkie_cve-2025-49956 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.140 | 2026-01-20T15:16:46.027 |
| fkie_cve-2025-49955 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:42.013 | 2026-01-20T15:16:45.900 |
| fkie_cve-2025-49954 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:41.873 | 2026-01-20T15:16:45.767 |
| fkie_cve-2025-49953 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:41.747 | 2026-01-20T15:16:45.630 |
| fkie_cve-2025-49952 | Authorization Bypass Through User-Controlled Key vulnerability in favethemes Houzez houzez allows E… | 2025-10-22T15:15:41.620 | 2026-01-20T15:16:45.503 |
| fkie_cve-2025-49951 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:41.497 | 2026-01-20T15:16:45.370 |
| fkie_cve-2025-49950 | Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows P… | 2025-10-22T15:15:41.373 | 2026-01-20T15:16:45.240 |
| fkie_cve-2025-49949 | Missing Authorization vulnerability in templazee Templazee templazee allows Exploiting Incorrectly … | 2025-10-22T15:15:41.250 | 2026-01-20T15:16:45.100 |
| fkie_cve-2025-49948 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:41.107 | 2026-01-20T15:16:44.963 |
| fkie_cve-2025-49947 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.963 | 2026-01-20T15:16:44.830 |
| fkie_cve-2025-49946 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.840 | 2026-01-20T15:16:44.690 |
| fkie_cve-2025-49945 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.713 | 2026-01-20T15:16:44.560 |
| fkie_cve-2025-49944 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.570 | 2026-01-20T15:16:44.437 |
| fkie_cve-2025-49943 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.620 | 2026-01-20T15:16:44.310 |
| fkie_cve-2025-49942 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.490 | 2026-01-20T15:16:44.177 |
| fkie_cve-2025-49941 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.357 | 2026-01-20T15:16:44.050 |
| fkie_cve-2025-49940 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.420 | 2026-01-20T15:16:43.920 |
| fkie_cve-2025-49939 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.293 | 2026-01-20T15:16:43.790 |
| fkie_cve-2025-49938 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.157 | 2026-01-20T15:16:43.653 |
| fkie_cve-2025-49937 | Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-f… | 2025-10-22T15:15:40.023 | 2026-01-20T15:16:43.517 |
| fkie_cve-2025-49936 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:39.883 | 2026-01-20T15:16:43.383 |
| fkie_cve-2025-49935 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-10-22T15:15:39.750 | 2026-01-20T15:16:43.250 |
| fkie_cve-2025-49934 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:39.617 | 2026-01-20T15:16:43.120 |
| fkie_cve-2025-49933 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:39.477 | 2026-01-20T15:16:42.987 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-3556-v99j-j522 |
5.3 (3.1)
|
The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, I… | 2026-01-06T06:31:26Z | 2026-01-06T06:31:27Z |
| ghsa-29mv-jj69-j88c |
|
Rejected reason: Not used | 2026-01-06T06:31:27Z | 2026-01-06T06:31:27Z |
| ghsa-86xh-gm7c-mpg4 |
6.5 (3.1)
|
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress… | 2026-01-06T06:31:26Z | 2026-01-06T06:31:26Z |
| ghsa-54pm-phpw-phg8 |
6.5 (3.1)
|
The CBX Bookmark & Favorite plugin for WordPress is vulnerable to generic SQL Injection via the ‘or… | 2026-01-06T06:31:26Z | 2026-01-06T06:31:26Z |
| ghsa-643w-m4mx-5pvw |
7.3 (3.1)
|
The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeove… | 2026-01-06T03:31:32Z | 2026-01-06T03:31:32Z |
| ghsa-hcg2-h235-rfjm |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was detected in code-projects Online Music Site 1.0. Affected by this issue is some… | 2026-01-06T00:30:24Z | 2026-01-06T00:30:24Z |
| ghsa-xv48-qfxm-rc53 |
5.1 (3.1)
|
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 133… | 2026-01-05T21:30:32Z | 2026-01-06T00:30:22Z |
| ghsa-rx3f-2wfj-p6wv |
4.3 (3.1)
|
PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be … | 2026-01-05T18:30:23Z | 2026-01-06T00:30:22Z |
| ghsa-gwm6-pqm9-27rp |
5.4 (3.1)
|
An issue in realme Internet browser v.45.13.4.1 allows a remote attacker to execute arbitrary code … | 2026-01-05T18:30:23Z | 2026-01-06T00:30:22Z |
| ghsa-cx4j-69qv-4cwj |
8.4 (3.1)
|
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Ha… | 2026-01-05T21:30:32Z | 2026-01-06T00:30:22Z |
| ghsa-668h-3f4c-v8mw |
7.5 (3.1)
|
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980… | 2026-01-05T21:30:32Z | 2026-01-06T00:30:22Z |
| ghsa-3222-mcx9-476q |
8.4 (3.1)
|
An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 158… | 2026-01-05T21:30:32Z | 2026-01-06T00:30:22Z |
| ghsa-wcvq-gwcq-gwhf |
7.8 (3.1)
|
An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a… | 2026-01-05T18:30:22Z | 2026-01-06T00:30:21Z |
| ghsa-r5f8-6g75-8gj8 |
7.1 (3.1)
|
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 980… | 2026-01-05T18:30:22Z | 2026-01-06T00:30:21Z |
| ghsa-vp8w-wj4m-3r7j |
5.5 (4.0)
|
evershop allows unauthenticated attackers to force server to initiate HTTP request via "GET /images" API | 2026-01-05T21:30:33Z | 2026-01-05T23:15:41Z |
| ghsa-m2q5-xhqg-92r2 |
7.5 (3.1)
7.7 (4.0)
|
evershop allows unauthenticated attackers to exhaust application server's resources via "GET /images" API | 2026-01-05T21:30:33Z | 2026-01-05T23:15:20Z |
| ghsa-jqmr-2pg9-vfx7 |
6.5 (3.1)
|
Apache SIS has Improper Restriction of XML External Entity Reference vulnerability | 2026-01-05T15:32:15Z | 2026-01-05T23:14:54Z |
| ghsa-x4m5-4cw8-vc44 |
6.0 (4.0)
|
axios-cache-interceptor Vulnerable to Cache Poisoning via Ignored HTTP Vary Header | 2025-12-30T15:37:55Z | 2026-01-05T22:35:17Z |
| ghsa-frgf-8jr5-j2jv |
5.3 (3.1)
|
memory leak flaw was found in ruby-magick | 2023-10-30T21:33:39Z | 2026-01-05T22:34:45Z |
| ghsa-p572-p2rj-q5f4 |
2.7 (3.1)
|
Umbraco Forms components vulnerable to Stored Cross-site Scripting | 2024-05-28T20:40:31Z | 2026-01-05T22:34:36Z |
| ghsa-w597-vxph-w9x8 |
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in … | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-qv45-76wr-jp6v |
6.2 (3.1)
|
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 133… | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-m7wf-qw73-q2jx |
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in … | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-fccg-qv5q-xphc |
5.4 (3.1)
|
Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote … | 2026-01-05T18:30:22Z | 2026-01-05T21:30:32Z |
| ghsa-983p-jmqx-rvjq |
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in … | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-96x6-h7gp-phwp |
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in … | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-6gh2-xjvw-7rh4 |
6.5 (3.1)
|
Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF) h… | 2026-01-05T18:30:22Z | 2026-01-05T21:30:32Z |
| ghsa-2hc9-cc65-xwj8 |
7.5 (3.1)
|
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulat… | 2026-01-05T18:30:22Z | 2026-01-05T21:30:32Z |
| ghsa-xwhh-qff2-j7fx |
4.9 (3.1)
1.2 (4.0)
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-05T21:30:31Z |
| ghsa-xmww-pq7x-5g2c |
4.9 (3.1)
4.6 (4.0)
|
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versi… | 2026-01-02T15:30:31Z | 2026-01-05T21:30:31Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-26944 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.153029Z |
| gsd-2024-26517 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.152808Z |
| gsd-2024-26583 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race betwee… | 2024-02-20T06:02:29.152526Z |
| gsd-2024-26829 | In the Linux kernel, the following vulnerability has been resolved: media: ir_toy: fix a… | 2024-02-20T06:02:29.152250Z |
| gsd-2024-26821 | In the Linux kernel, the following vulnerability has been resolved: fs: relax mount_seta… | 2024-02-20T06:02:29.151967Z |
| gsd-2024-26539 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.151669Z |
| gsd-2024-26903 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: F… | 2024-02-20T06:02:29.151074Z |
| gsd-2024-26984 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.150493Z |
| gsd-2024-26447 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.149938Z |
| gsd-2024-26433 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.149337Z |
| gsd-2024-26587 | In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don'… | 2024-02-20T06:02:29.149057Z |
| gsd-2024-26451 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.148785Z |
| gsd-2024-26915 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH… | 2024-02-20T06:02:29.148265Z |
| gsd-2024-26452 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.147605Z |
| gsd-2024-26826 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-i… | 2024-02-20T06:02:29.147071Z |
| gsd-2024-26686 | In the Linux kernel, the following vulnerability has been resolved: fs/proc: do_task_sta… | 2024-02-20T06:02:29.146559Z |
| gsd-2024-26670 | In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix AR… | 2024-02-20T06:02:29.146023Z |
| gsd-2024-26514 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.145460Z |
| gsd-2024-26412 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.145246Z |
| gsd-2024-26969 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.144980Z |
| gsd-2024-26983 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.144129Z |
| gsd-2024-26575 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.143855Z |
| gsd-2024-26666 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix … | 2024-02-20T06:02:29.143572Z |
| gsd-2024-26779 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix … | 2024-02-20T06:02:29.143341Z |
| gsd-2024-26926 | In the Linux kernel, the following vulnerability has been resolved: binder: check offset… | 2024-02-20T06:02:29.143051Z |
| gsd-2024-26513 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.142772Z |
| gsd-2024-26874 | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix a … | 2024-02-20T06:02:29.142542Z |
| gsd-2024-26546 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.142235Z |
| gsd-2024-26689 | In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-af… | 2024-02-20T06:02:29.141966Z |
| gsd-2024-26403 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.141681Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-184957 | Malicious code in sonic-kas-fagufa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184956 | Malicious code in sonic-kas-fagiufugafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184955 | Malicious code in sonic-kas-fagiufgafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184954 | Malicious code in sonic-kas-fagiuffa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184953 | Malicious code in sonic-kas-fagiufaugafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184952 | Malicious code in sonic-kas-fagiufagugafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184951 | Malicious code in sonic-kas-fagiufafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184950 | Malicious code in sonic-kas-fagfa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184949 | Malicious code in sonic-kas-faga (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184948 | Malicious code in sonic-kas-fag (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184947 | Malicious code in sonic-kas-ahagji (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184946 | Malicious code in sonic-kas-ahagauji (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184945 | Malicious code in sonic-kas-ahagaji (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184944 | Malicious code in sonic-kas-ahagafujihujafdha (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184943 | Malicious code in sonic-kas-ahagafujihuajafdha (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184942 | Malicious code in sonic-kas-ahagafujihjafdha (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184941 | Malicious code in sonic-kas-ahagafujiha (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184940 | Malicious code in sonic-kas-ahagafujifdha (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184939 | Malicious code in sonic-kas-ahagafujidha (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184938 | Malicious code in sonic-kas-ahagafujiafdha (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184937 | Malicious code in sonic-kas-ahagafuji (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184936 | Malicious code in sonic-kas-agi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184935 | Malicious code in sonic-kas-ag (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184934 | Malicious code in sonic-kas-aagi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184933 | Malicious code in sonic-kaos-fgahigyafao (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184932 | Malicious code in sonic-kaos-fgahigyafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184931 | Malicious code in sonic-kaos-fgahgyafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184930 | Malicious code in sonic-kaos-fgahgfa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184929 | Malicious code in sonic-kaos-fgahgafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184928 | Malicious code in sonic-kaos-fgahfa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2024:6335 | Red Hat Security Advisory: Satellite 6.15.3.1 Security Update | 2024-09-04T14:48:12+00:00 | 2025-11-21T19:11:31+00:00 |
| rhsa-2024:6313 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_52_1 and kpatch-patch-5_14_0-284_79_1 security update | 2024-09-04T11:23:37+00:00 | 2025-11-21T19:11:30+00:00 |
| rhsa-2024:6274 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.3.0 operator/operand containers | 2024-09-04T05:38:21+00:00 | 2025-11-21T19:11:28+00:00 |
| rhsa-2024:6242 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1 and kpatch-patch-5_14_0-427_31_1 security update | 2024-09-03T18:51:49+00:00 | 2025-11-21T19:11:26+00:00 |
| rhsa-2024:6203 | Red Hat Security Advisory: emacs security update | 2024-09-03T16:11:53+00:00 | 2025-11-21T19:11:21+00:00 |
| rhsa-2024:6197 | Red Hat Security Advisory: ghostscript security update | 2024-09-03T10:32:32+00:00 | 2025-11-21T19:11:20+00:00 |
| rhsa-2024:6179 | Red Hat Security Advisory: python3.11 security update | 2024-09-03T20:00:50+00:00 | 2025-11-21T19:11:17+00:00 |
| rhsa-2024:6153 | Red Hat Security Advisory: 389-ds-base security update | 2024-09-03T05:34:09+00:00 | 2025-11-21T19:11:14+00:00 |
| rhsa-2024:6146 | Red Hat Security Advisory: python3.12 security update | 2024-09-03T02:28:11+00:00 | 2025-11-21T19:11:13+00:00 |
| rhsa-2024:6095 | Red Hat Security Advisory: security update Logging for Red Hat OpenShift - 5.9.6 | 2024-09-11T13:22:49+00:00 | 2025-11-21T19:11:06+00:00 |
| rhsa-2024:6033 | Red Hat Security Advisory: openldap security update | 2024-08-29T12:15:26+00:00 | 2025-11-21T19:11:06+00:00 |
| rhsa-2024:6030 | Red Hat Security Advisory: python3 security update | 2024-08-29T11:56:00+00:00 | 2025-11-21T19:11:05+00:00 |
| rhsa-2024:5982 | Red Hat Security Advisory: linux-firmware security update | 2024-08-29T00:16:18+00:00 | 2025-11-21T19:10:57+00:00 |
| rhsa-2024:5980 | Red Hat Security Advisory: linux-firmware security update | 2024-08-29T00:10:13+00:00 | 2025-11-21T19:10:56+00:00 |
| rhsa-2024:5978 | Red Hat Security Advisory: linux-firmware security update | 2024-08-29T00:18:58+00:00 | 2025-11-21T19:10:55+00:00 |
| rhsa-2024:5941 | Red Hat Security Advisory: libvpx security update | 2024-08-28T15:50:23+00:00 | 2025-11-21T19:10:52+00:00 |
| rhsa-2024:5930 | Red Hat Security Advisory: bind security update | 2024-08-28T11:37:56+00:00 | 2025-11-21T19:10:51+00:00 |
| rhsa-2024:5908 | Red Hat Security Advisory: bind security update | 2024-08-27T18:48:14+00:00 | 2025-11-21T19:10:47+00:00 |
| rhsa-2024:5907 | Red Hat Security Advisory: bind and bind-dyndb-ldap security update | 2024-08-27T18:24:09+00:00 | 2025-11-21T19:10:46+00:00 |
| rhsa-2024:5871 | Red Hat Security Advisory: bind security update | 2024-08-26T18:17:18+00:00 | 2025-11-21T19:10:46+00:00 |
| rhsa-2024:5906 | Red Hat Security Advisory: squid security update | 2024-08-27T18:31:54+00:00 | 2025-11-21T19:10:45+00:00 |
| rhsa-2024:5894 | Red Hat Security Advisory: bind security update | 2024-08-27T11:28:10+00:00 | 2025-11-21T19:10:44+00:00 |
| rhsa-2024:5886 | Red Hat Security Advisory: libreoffice security update | 2024-08-27T08:59:55+00:00 | 2025-11-21T19:10:44+00:00 |
| rhsa-2024:5883 | Red Hat Security Advisory: linux-firmware security update | 2024-08-27T07:40:50+00:00 | 2025-11-21T19:10:42+00:00 |
| rhsa-2024:5838 | Red Hat Security Advisory: bind security update | 2024-08-26T08:21:30+00:00 | 2025-11-21T19:10:41+00:00 |
| rhsa-2024:5815 | Red Hat Security Advisory: nodejs:20 security update | 2024-08-26T08:12:15+00:00 | 2025-11-21T19:10:36+00:00 |
| rhsa-2024:5813 | Red Hat Security Advisory: bind and bind-dyndb-ldap security update | 2024-08-26T08:09:45+00:00 | 2025-11-21T19:10:34+00:00 |
| rhsa-2024:5749 | Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.16.1 product release | 2024-08-22T06:34:25+00:00 | 2025-11-21T19:10:32+00:00 |
| rhsa-2024:5745 | Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.15.3 product release | 2024-08-22T04:58:09+00:00 | 2025-11-21T19:10:31+00:00 |
| rhsa-2024:5690 | Red Hat Security Advisory: 389-ds:1.4 security update | 2024-08-21T11:58:16+00:00 | 2025-11-21T19:10:28+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-1886 | Heap-based Buffer Overflow in vim/vim | 2022-05-02T00:00:00.000Z | 2022-06-03T00:00:00.000Z |
| msrc_cve-2022-30065 | A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. | 2022-05-02T00:00:00.000Z | 2022-06-02T00:00:00.000Z |
| msrc_cve-2022-29162 | Incorrect Default Permissions in runc | 2022-05-02T00:00:00.000Z | 2022-06-02T00:00:00.000Z |
| msrc_cve-2022-1734 | A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. | 2022-05-02T00:00:00.000Z | 2022-06-02T00:00:00.000Z |
| msrc_cve-2021-3733 | There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability. | 2022-03-02T00:00:00.000Z | 2022-06-02T00:00:00.000Z |
| msrc_cve-2022-30128 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2022-05-10T08:00:00.000Z | 2022-05-31T07:00:00.000Z |
| msrc_cve-2022-30127 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2022-05-10T08:00:00.000Z | 2022-05-31T07:00:00.000Z |
| msrc_cve-2022-26905 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2022-05-10T08:00:00.000Z | 2022-05-31T07:00:00.000Z |
| msrc_cve-2022-31624 | MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex the held lock lock_bigbuffer is not released correctly which allows local users to trigger a denial of service due to the deadlock. | 2022-05-02T00:00:00.000Z | 2022-05-28T00:00:00.000Z |
| msrc_cve-2022-31623 | MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc when an error occurs (i.e. going to the err label) while executing the method create_worker_threads the held lock thd->ctrl_mutex is not released correctly which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects. | 2022-05-02T00:00:00.000Z | 2022-05-28T00:00:00.000Z |
| msrc_cve-2022-31622 | MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads the held lock is not released correctly which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects. | 2022-05-02T00:00:00.000Z | 2022-05-28T00:00:00.000Z |
| msrc_cve-2022-31621 | MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open the held lock is not released correctly which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects. | 2022-05-02T00:00:00.000Z | 2022-05-28T00:00:00.000Z |
| msrc_cve-2022-1796 | Use After Free in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-27T00:00:00.000Z |
| msrc_cve-2022-1785 | Out-of-bounds Write in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-27T00:00:00.000Z |
| msrc_cve-2022-1771 | Uncontrolled Recursion in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-27T00:00:00.000Z |
| msrc_cve-2022-1769 | Buffer Over-read in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-27T00:00:00.000Z |
| msrc_cve-2022-1735 | Classic Buffer Overflow in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-27T00:00:00.000Z |
| msrc_cve-2022-1733 | Heap-based Buffer Overflow in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-27T00:00:00.000Z |
| msrc_cve-2009-1890 | The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3 when a reverse proxy is configured does not properly handle an amount of streamed data that exceeds the Content-Length value which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests. | 2009-07-02T00:00:00.000Z | 2022-05-27T00:00:00.000Z |
| msrc_cve-2022-1587 | An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. | 2022-05-02T00:00:00.000Z | 2022-05-26T00:00:00.000Z |
| msrc_cve-2022-1586 | An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. | 2022-05-02T00:00:00.000Z | 2022-05-26T00:00:00.000Z |
| msrc_cve-2022-1674 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-24T00:00:00.000Z |
| msrc_cve-2022-29105 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | 2022-05-10T08:00:00.000Z | 2022-05-23T07:00:00.000Z |
| msrc_cve-2022-28739 | There is a buffer over-read in Ruby before 2.6.10 2.7.x before 2.7.6 3.x before 3.0.4 and 3.1.x before 3.1.2. It occurs in String-to-Float conversion including Kernel#Float and String#to_f. | 2022-05-02T00:00:00.000Z | 2022-05-20T00:00:00.000Z |
| msrc_cve-2022-24903 | Buffer overflow in TCP syslog server (receiver) components in rsyslog | 2022-05-02T00:00:00.000Z | 2022-05-19T00:00:00.000Z |
| msrc_cve-2022-1623 | LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit b4e79bfa. | 2022-05-02T00:00:00.000Z | 2022-05-19T00:00:00.000Z |
| msrc_cve-2022-1622 | LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit b4e79bfa. | 2022-05-02T00:00:00.000Z | 2022-05-19T00:00:00.000Z |
| msrc_cve-2022-1616 | Use after free in append_command in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-19T00:00:00.000Z |
| msrc_cve-2022-30295 | uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2. | 2022-05-02T00:00:00.000Z | 2022-05-17T00:00:00.000Z |
| msrc_cve-2022-1629 | Buffer Over-read in function find_next_quote in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-17T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201410-1002 | The IKE implementation in the VPN component in Cisco ASA Software 9.1 before 9.1(5.1) all… | 2025-04-13T23:21:24.768000Z |
| var-201410-1086 | Multiple SQL injection vulnerabilities in the All In One WP Security & Firewall plugin be… | 2025-04-13T23:21:24.616000Z |
| var-201410-1107 | Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12… | 2025-04-13T23:21:24.583000Z |
| var-201410-1359 | Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Ro… | 2025-04-13T23:21:24.263000Z |
| var-201411-0255 | Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Converge… | 2025-04-13T23:21:23.980000Z |
| var-201411-0401 | Cross-site request forgery (CSRF) vulnerability in the administrative web interface in th… | 2025-04-13T23:21:20.376000Z |
| var-201411-0402 | The Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and bef… | 2025-04-13T23:21:20.337000Z |
| var-201411-0400 | The network-diagnostics administration interface in the Cisco RV router firmware on RV220… | 2025-04-13T23:21:20.290000Z |
| var-201412-0304 | Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (B… | 2025-04-13T23:21:19.523000Z |
| var-201412-0493 | Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X … | 2025-04-13T23:21:19.356000Z |
| var-201412-0535 | Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in… | 2025-04-13T23:21:19.250000Z |
| var-201501-0215 | Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ)… | 2025-04-13T23:21:19.061000Z |
| var-201501-0383 | IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) before … | 2025-04-13T23:21:18.923000Z |
| var-201502-0120 | The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collabora… | 2025-04-13T23:21:18.687000Z |
| var-201502-0141 | Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementat… | 2025-04-13T23:21:18.651000Z |
| var-201502-0142 | Race condition in the Common Classification Engine (CCE) in the Measurement, Aggregation,… | 2025-04-13T23:21:18.616000Z |
| var-201502-0204 | CRLF injection vulnerability in export.cfg in the web-based administrative console for Si… | 2025-04-13T23:21:18.523000Z |
| var-201503-0118 | Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows re… | 2025-04-13T23:21:18.284000Z |
| var-201503-0160 | Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Modu… | 2025-04-13T23:21:18.252000Z |
| var-201503-0182 | Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of s… | 2025-04-13T23:21:18.217000Z |
| var-201503-0181 | Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to caus… | 2025-04-13T23:21:18.181000Z |
| var-201503-0180 | Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of s… | 2025-04-13T23:21:18.146000Z |
| var-201504-0294 | The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1… | 2025-04-13T23:21:17.767000Z |
| var-201504-0291 | The DNS implementation in Cisco Adaptive Security Appliance (ASA) Software 7.2 before 7.2… | 2025-04-13T23:21:17.735000Z |
| var-201504-0292 | The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.28), … | 2025-04-13T23:21:17.703000Z |
| var-201504-0378 | The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows remote attackers to … | 2025-04-13T23:21:17.585000Z |
| var-201505-0144 | HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows rem… | 2025-04-13T23:21:17.408000Z |
| var-201505-0186 | The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance… | 2025-04-13T23:21:17.347000Z |
| var-201506-0161 | Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers… | 2025-04-13T23:21:17.116000Z |
| var-201506-0182 | Cross-site scripting (XSS) vulnerability in Synology DiskStation Manager (DSM) before 5.2… | 2025-04-13T23:21:17.083000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2021:2966-1 | Security update for openssl-1_1 | 2021-09-07T07:49:34Z | 2021-09-07T07:49:34Z |
| suse-su-2021:2965-1 | Security update for ntfs-3g_ntfsprogs | 2021-09-07T07:48:15Z | 2021-09-07T07:48:15Z |
| suse-su-2021:2958-1 | Security update for xerces-c | 2021-09-06T08:34:41Z | 2021-09-06T08:34:41Z |
| suse-su-2021:2957-1 | Security update for xen | 2021-09-06T08:34:19Z | 2021-09-06T08:34:19Z |
| suse-su-2021:2955-1 | Security update for xen | 2021-09-03T12:45:10Z | 2021-09-03T12:45:10Z |
| suse-su-2021:2954-1 | Security update for apache2 | 2021-09-03T12:43:52Z | 2021-09-03T12:43:52Z |
| suse-su-2021:2953-1 | Security update for nodejs10 | 2021-09-03T12:41:19Z | 2021-09-03T12:41:19Z |
| suse-su-2021:2952-1 | Security update for java-11-openjdk | 2021-09-03T12:39:49Z | 2021-09-03T12:39:49Z |
| suse-su-2021:2944-1 | Security update for xerces-c | 2021-09-03T07:27:48Z | 2021-09-03T07:27:48Z |
| suse-su-2021:2943-1 | Security update for xen | 2021-09-03T07:26:23Z | 2021-09-03T07:26:23Z |
| suse-su-2021:2941-1 | Security update for sssd | 2021-09-03T07:23:51Z | 2021-09-03T07:23:51Z |
| suse-su-2021:2940-1 | Security update for python39 | 2021-09-03T07:22:28Z | 2021-09-03T07:22:28Z |
| suse-su-2021:2939-1 | Security update for mariadb | 2021-09-03T07:20:58Z | 2021-09-03T07:20:58Z |
| suse-su-2021:2937-1 | Security update for libesmtp | 2021-09-03T07:19:27Z | 2021-09-03T07:19:27Z |
| suse-su-2021:2930-1 | Security update for file | 2021-09-02T12:48:52Z | 2021-09-02T12:48:52Z |
| suse-su-2021:2929-1 | Security update for ffmpeg | 2021-09-02T12:46:19Z | 2021-09-02T12:46:19Z |
| suse-su-2021:2928-1 | Security update for rubygem-addressable | 2021-09-02T12:43:51Z | 2021-09-02T12:43:51Z |
| suse-su-2021:2927-1 | Security update for rubygem-addressable | 2021-09-02T12:42:43Z | 2021-09-02T12:42:43Z |
| suse-su-2021:2926-1 | Security update for php72 | 2021-09-02T12:41:36Z | 2021-09-02T12:41:36Z |
| suse-su-2021:2925-1 | Security update for xen | 2021-09-02T12:40:10Z | 2021-09-02T12:40:10Z |
| suse-su-2021:2924-1 | Security update for xen | 2021-09-02T08:12:49Z | 2021-09-02T08:12:49Z |
| suse-su-2021:2923-1 | Security update for xen | 2021-09-02T08:11:36Z | 2021-09-02T08:11:36Z |
| suse-su-2021:2922-1 | Security update for xen | 2021-09-02T08:10:22Z | 2021-09-02T08:10:22Z |
| suse-su-2021:2920-1 | Security update for xerces-c | 2021-09-02T08:07:41Z | 2021-09-02T08:07:41Z |
| suse-su-2021:2919-1 | Security update for ffmpeg | 2021-09-02T08:05:11Z | 2021-09-02T08:05:11Z |
| suse-su-2021:2918-1 | Security update for apache2 | 2021-09-02T08:02:42Z | 2021-09-02T08:02:42Z |
| suse-su-2021:2917-1 | Security update for libesmtp | 2021-09-02T08:00:48Z | 2021-09-02T08:00:48Z |
| suse-su-2021:2916-1 | Security update for gstreamer-plugins-good | 2021-09-02T07:58:22Z | 2021-09-02T07:58:22Z |
| suse-su-2021:2915-1 | Security update for gstreamer-plugins-good | 2021-09-02T07:57:02Z | 2021-09-02T07:57:02Z |
| suse-su-2021:2914-1 | Security update for rubygem-puma | 2021-09-02T07:55:21Z | 2021-09-02T07:55:21Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-01831 | Adobe After Effects缓冲区溢出漏洞(CNVD-2025-01831) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01830 | Adobe Premiere Pro堆栈溢出漏洞 | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01708 | Foxit PDF Reader权限提升漏洞(CNVD-2025-01708) | 2025-01-07 | 2025-01-16 |
| cnvd-2025-01694 | Ffmpeg资源管理错误漏洞(CNVD-2025-01694) | 2023-03-31 | 2025-01-16 |
| cnvd-2025-01693 | Ffmpeg load_input_picture缓冲区溢出漏洞 | 2024-07-05 | 2025-01-16 |
| cnvd-2025-01691 | SonicWALL SonicOS IPSec VPN缓冲区溢出漏洞 | 2024-07-24 | 2025-01-16 |
| cnvd-2025-01690 | Ffmpeg整数溢出漏洞(CNVD-2025-01690) | 2022-05-07 | 2025-01-16 |
| cnvd-2025-01689 | FFmpeg缓冲区溢出漏洞(CNVD-2025-01689) | 2024-08-09 | 2025-01-16 |
| cnvd-2025-01687 | FFmpeg存在未明漏洞(CNVD-2025-01687) | 2024-12-06 | 2025-01-16 |
| cnvd-2025-01686 | FFmpeg存在未明漏洞(CNVD-2025-01686) | 2024-12-06 | 2025-01-16 |
| cnvd-2025-01685 | FFmpeg存在未明漏洞(CNVD-2025-01685) | 2024-12-06 | 2025-01-16 |
| cnvd-2025-01682 | Google Android存在未明漏洞(CNVD-2025-01682) | 2025-01-03 | 2025-01-16 |
| cnvd-2025-01670 | Ffmpeg信息泄露漏洞 | 2025-01-10 | 2025-01-16 |
| cnvd-2025-01669 | Ffmpeg存在未明漏洞(CNVD-2025-01669) | 2025-01-10 | 2025-01-16 |
| cnvd-2025-01668 | SonicWall SonicOS堆栈溢出漏洞 | 2025-01-10 | 2025-01-16 |
| cnvd-2025-01664 | Google Android存在未明漏洞(CNVD-2025-01664) | 2025-01-10 | 2025-01-16 |
| cnvd-2025-01663 | SonicWall SonicOS存在未明漏洞(CNVD-2025-01663) | 2025-01-10 | 2025-01-16 |
| cnvd-2025-01662 | SonicWall SonicOS存在未明漏洞(CNVD-2025-01662) | 2025-01-10 | 2025-01-16 |
| cnvd-2025-01661 | SonicWall SonicOS存在未明漏洞(CNVD-2025-01661) | 2025-01-10 | 2025-01-16 |
| cnvd-2025-01660 | SonicWALL SonicOS存在未明漏洞(CNVD-2025-01660) | 2025-01-13 | 2025-01-16 |
| cnvd-2025-01659 | Siemens Mendix LDAP注入漏洞 | 2025-01-14 | 2025-01-16 |
| cnvd-2025-01607 | emlog /admin/article.php参数image跨站脚本漏洞 | 2025-01-13 | 2025-01-16 |
| cnvd-2025-01606 | huawei HarmonyOS权限许可和访问控制问题漏洞 | 2025-01-15 | 2025-01-16 |
| cnvd-2025-01605 | Huawei HarmonyOS信息泄露漏洞(CNVD-2025-01605) | 2025-01-15 | 2025-01-16 |
| cnvd-2025-01184 | Microsoft Windows Remote Desktop Services远程代码执行漏洞 | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01183 | Microsoft Windows Remote Desktop Gateway(RD Gateway)拒绝服务漏洞 | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01182 | Adobe Experience Manager跨站脚本漏洞(CNVD-2025-01182) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01181 | Adobe Experience Manager跨站脚本漏洞(CNVD-2025-01181) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01180 | Adobe Experience Manager跨站脚本漏洞(CNVD-2025-01180) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01179 | Adobe Experience Manager跨站脚本漏洞(CNVD-2025-01179) | 2024-12-13 | 2025-01-16 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2012-avi-383 | Vulnérabilité dans Microsoft Office pour Mac | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-382 | Vulnérabilité dans Microsoft SharePoint | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-381 | Vulnérabilité dans le protocole de chiffrement TLS | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-380 | Vulnérabilité dans l'interpréteur de commande Windows | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-379 | Vulnérabilités dans des pilotes du noyau Windows | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-378 | Vulnérabilité dans Microsoft Data Access Components | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-377 | Vulnérabilités dans Microsoft Internet Explorer | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-376 | Vulnérabilité Microsoft Visual Basic pour Applications | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-375 | Vulnérabilité dans Microsoft XML Core Services | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-374 | Vulnérabilités dans HP Operations Agent | 2012-07-11T00:00:00.000000 | 2012-07-11T00:00:00.000000 |
| certa-2012-avi-386 | Vulnérabilité dans Libpng | 2012-07-10T00:00:00.000000 | 2012-07-10T00:00:00.000000 |
| certa-2012-avi-373 | Vulnérabilités dans VLC | 2012-07-10T00:00:00.000000 | 2012-07-10T00:00:00.000000 |
| certa-2012-avi-372 | Vulnérabilité dans eZ Publish eZOE | 2012-07-10T00:00:00.000000 | 2012-07-10T00:00:00.000000 |
| certa-2012-avi-371 | Vulnérabilités dans Asterisk | 2012-07-09T00:00:00.000000 | 2012-07-09T00:00:00.000000 |
| certa-2012-avi-370 | Vulnérabilité dans Pidgin | 2012-07-09T00:00:00.000000 | 2012-07-09T00:00:00.000000 |
| certa-2012-avi-369 | Vulnérabilité dans HP ProtectTools Enterprise | 2012-07-06T00:00:00.000000 | 2012-07-06T00:00:00.000000 |
| certa-2012-avi-368 | Vulnérabilité dans RSA Access Manager | 2012-07-05T00:00:00.000000 | 2012-07-05T00:00:00.000000 |
| certa-2012-avi-367 | Vulnérabilité dans TYPO3 | 2012-07-05T00:00:00.000000 | 2012-07-05T00:00:00.000000 |
| certa-2012-avi-366 | Vulnérabilité dans SPIP | 2012-07-04T00:00:00.000000 | 2012-07-04T00:00:00.000000 |
| certa-2012-avi-365 | Vulnérabilité dans Avaya IP Office Customer Call Reporter | 2012-07-04T00:00:00.000000 | 2012-07-04T00:00:00.000000 |
| certa-2012-avi-364 | Vulnérabilité dans HP-UX | 2012-07-04T00:00:00.000000 | 2012-07-04T00:00:00.000000 |
| certa-2012-avi-344 | Vulnérabilités dans Joomla! | 2012-06-20T00:00:00.000000 | 2012-07-04T00:00:00.000000 |
| certa-2012-avi-363 | Vulnérabilité dans Novell GroupWise | 2012-07-03T00:00:00.000000 | 2012-07-03T00:00:00.000000 |
| certa-2012-avi-362 | Vulnérabilité dans Network Node Manager i | 2012-07-02T00:00:00.000000 | 2012-07-02T00:00:00.000000 |
| certa-2012-avi-361 | Multiples vulnérabilités dans WordPress | 2012-07-02T00:00:00.000000 | 2012-07-02T00:00:00.000000 |
| certa-2012-avi-360 | Multiples vulnérabilités dans IBM Support Assistant | 2012-07-02T00:00:00.000000 | 2012-07-02T00:00:00.000000 |
| certa-2012-avi-359 | Vulnérabilité dans des imprimantes HP Photosmart | 2012-06-29T00:00:00.000000 | 2012-06-29T00:00:00.000000 |
| certa-2012-avi-358 | Multiples vulnérabilités dans HP System Management Homepage | 2012-06-29T00:00:00.000000 | 2012-06-29T00:00:00.000000 |
| certa-2012-avi-357 | Multiples vulnérabilités dans IBM Rational ClearQuest | 2012-06-29T00:00:00.000000 | 2012-06-29T00:00:00.000000 |
| certa-2012-avi-356 | Multiples vulnérabilités dans Cisco WebEx Player | 2012-06-28T00:00:00.000000 | 2012-06-28T00:00:00.000000 |