Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-15513 |
5.3 (3.1)
|
Float Payment Gateway <= 1.1.9 - Improper Authorizatio… |
floattechnologies |
Float Payment Gateway |
2026-01-14T06:40:07.126Z | 2026-01-14T20:30:29.106Z |
| CVE-2025-14846 |
4.3 (3.1)
|
SocialChamp with WordPress <= 1.3.3 - Cross-Site Reque… |
socialchampio |
SocialChamp with WordPress |
2026-01-14T06:40:07.548Z | 2026-01-14T20:28:15.355Z |
| CVE-2025-14173 |
5.3 (3.1)
|
Perfit WooCommerce <= 1.0.1 - Missing Authorization to… |
perfitdev |
Perfit WooCommerce |
2026-01-14T06:40:07.972Z | 2026-01-14T20:25:32.624Z |
| CVE-2025-67835 |
6.5 (3.1)
|
Paessler PRTG Network Monitor before 25.4.114 all… |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T20:15:34.007Z |
| CVE-2025-67834 |
5.4 (3.1)
|
Paessler PRTG Network Monitor before 25.4.114 all… |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T20:11:32.702Z |
| CVE-2026-22609 |
8.9 (4.0)
|
Fickling has Static Analysis Bypass via Incomplete Dan… |
trailofbits |
fickling |
2026-01-10T01:35:18.152Z | 2026-01-14T19:51:31.740Z |
| CVE-2025-71021 |
7.5 (3.1)
|
Tenda AX-1806 v1.0.0.1 was discovered to contain … |
n/a |
n/a |
2026-01-14T00:00:00.000Z | 2026-01-14T19:43:05.721Z |
| CVE-2025-39906 |
5.5 (3.1)
|
drm/amd/display: remove oem i2c adapter on finish |
Linux |
Linux |
2025-10-01T07:44:29.666Z | 2026-01-14T19:33:14.971Z |
| CVE-2025-39905 |
7 (3.1)
|
net: phylink: add lock for serializing concurrent pl->… |
Linux |
Linux |
2025-10-01T07:44:28.758Z | 2026-01-14T19:33:14.829Z |
| CVE-2025-39904 |
5.5 (3.1)
|
arm64: kexec: initialize kexec_buf struct in load_othe… |
Linux |
Linux |
2025-10-01T07:44:27.739Z | 2026-01-14T19:33:14.694Z |
| CVE-2025-39903 |
5.5 (3.1)
|
of_numa: fix uninitialized memory nodes causing kernel panic |
Linux |
Linux |
2025-10-01T07:42:50.215Z | 2026-01-14T19:33:14.557Z |
| CVE-2025-39901 |
7.1 (3.1)
|
i40e: remove read access to debugfs files |
Linux |
Linux |
2025-10-01T07:42:48.606Z | 2026-01-14T19:33:14.407Z |
| CVE-2025-39900 |
5.5 (3.1)
|
net_sched: gen_estimator: fix est_timer() vs CONFIG_PR… |
Linux |
Linux |
2025-10-01T07:42:47.785Z | 2026-01-14T19:33:14.273Z |
| CVE-2025-39899 |
5.5 (3.1)
|
mm/userfaultfd: fix kmap_local LIFO ordering for CONFI… |
Linux |
Linux |
2025-10-01T07:42:47.100Z | 2026-01-14T19:33:14.117Z |
| CVE-2025-39897 |
5.5 (3.1)
|
net: xilinx: axienet: Add error handling for RX metada… |
Linux |
Linux |
2025-10-01T07:42:45.593Z | 2026-01-14T19:33:13.992Z |
| CVE-2025-39896 |
7.8 (3.1)
|
accel/ivpu: Prevent recovery work from being queued du… |
Linux |
Linux |
2025-10-01T07:42:44.714Z | 2026-01-14T19:33:13.870Z |
| CVE-2025-39895 |
5.5 (3.1)
|
sched: Fix sched_numa_find_nth_cpu() if mask offline |
Linux |
Linux |
2025-10-01T07:42:43.920Z | 2026-01-14T19:33:13.717Z |
| CVE-2025-39893 |
5.5 (3.1)
|
spi: spi-qpic-snand: unregister ECC engine on probe er… |
Linux |
Linux |
2025-10-01T07:42:42.344Z | 2026-01-14T19:33:13.571Z |
| CVE-2025-39892 |
5.5 (3.1)
|
ASoC: soc-core: care NULL dirver name on snd_soc_looku… |
Linux |
Linux |
2025-10-01T07:42:41.643Z | 2026-01-14T19:33:13.444Z |
| CVE-2024-58241 |
5.5 (3.1)
|
Bluetooth: hci_core: Disable works on hci_unregister_dev |
Linux |
Linux |
2025-09-24T11:02:49.948Z | 2026-01-14T19:33:13.304Z |
| CVE-2025-39888 |
7.8 (3.1)
|
fuse: Block access to folio overlimit |
Linux |
Linux |
2025-09-23T06:00:54.156Z | 2026-01-14T19:33:13.183Z |
| CVE-2025-39887 |
5.5 (3.1)
|
tracing/osnoise: Fix null-ptr-deref in bitmap_parselist() |
Linux |
Linux |
2025-09-23T06:00:53.648Z | 2026-01-14T19:33:13.049Z |
| CVE-2025-39886 |
5.5 (3.1)
|
bpf: Tell memcg to use allow_spinning=false path in bp… |
Linux |
Linux |
2025-09-23T06:00:53.120Z | 2026-01-14T19:33:12.924Z |
| CVE-2025-39884 |
4.7 (3.1)
|
btrfs: fix subvolume deletion lockup caused by inodes … |
Linux |
Linux |
2025-09-23T06:00:52.064Z | 2026-01-14T19:33:12.790Z |
| CVE-2025-39882 |
7.8 (3.1)
|
drm/mediatek: fix potential OF node use-after-free |
Linux |
Linux |
2025-09-23T06:00:51.036Z | 2026-01-14T19:33:12.579Z |
| CVE-2025-39879 |
5.5 (3.1)
|
ceph: always call ceph_shift_unused_folios_left() |
Linux |
Linux |
2025-09-23T06:00:49.377Z | 2026-01-14T19:33:12.440Z |
| CVE-2025-39878 |
5.5 (3.1)
|
ceph: fix crash after fscrypt_encrypt_pagecache_blocks… |
Linux |
Linux |
2025-09-23T06:00:48.850Z | 2026-01-14T19:33:12.301Z |
| CVE-2025-39875 |
5.5 (3.1)
|
igb: Fix NULL pointer dereference in ethtool loopback test |
Linux |
Linux |
2025-09-23T06:00:47.198Z | 2026-01-14T19:33:12.155Z |
| CVE-2025-39874 |
5.5 (3.1)
|
macsec: sync features on RTM_NEWLINK |
Linux |
Linux |
2025-09-23T06:00:46.690Z | 2026-01-14T19:33:12.011Z |
| CVE-2025-39868 |
7.8 (3.1)
|
erofs: fix runtime warning on truncate_folio_batch_exc… |
Linux |
Linux |
2025-09-23T06:00:43.308Z | 2026-01-14T19:33:11.858Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-49943 |
8.1 (3.1)
|
WordPress Femme theme <= 1.3.11 - Local File Inclusion… |
AncoraThemes |
Femme |
2025-12-18T07:21:44.794Z | 2026-01-20T14:28:08.066Z |
| CVE-2025-49942 |
8.1 (3.1)
|
WordPress Gardis theme <= 1.2.13 - Local File Inclusio… |
AncoraThemes |
Gardis |
2025-12-18T07:21:44.617Z | 2026-01-20T14:28:07.580Z |
| CVE-2025-49941 |
8.1 (3.1)
|
WordPress GlamChic theme <= 1.0.11 - Local File Inclus… |
AncoraThemes |
GlamChic |
2025-12-18T07:21:44.421Z | 2026-01-20T14:28:07.677Z |
| CVE-2025-49940 |
6.5 (3.1)
|
WordPress Fusion Builder plugin <= 3.13.2 - Cross Site… |
ThemeFusion |
Fusion Builder |
2025-10-22T14:32:17.247Z | 2026-01-20T14:28:07.835Z |
| CVE-2025-49939 |
6.5 (3.1)
|
WordPress JetElements For Elementor plugin <= 2.7.8 - … |
CrocoBlock |
JetElements For Elementor |
2025-10-22T14:32:17.061Z | 2026-01-20T14:28:07.611Z |
| CVE-2025-49938 |
6.5 (3.1)
|
WordPress JetEngine plugin <= 3.7.3 - Cross Site Scrip… |
CrocoBlock |
JetEngine |
2025-10-22T14:32:16.875Z | 2026-01-20T14:28:08.144Z |
| CVE-2025-49937 |
4.3 (3.1)
|
WordPress Smash Balloon Social Post Feed plugin <= 4.3… |
Syed Balkhi |
Smash Balloon Social Post Feed |
2025-10-22T14:32:16.676Z | 2026-01-20T14:28:07.564Z |
| CVE-2025-49936 |
6.5 (3.1)
|
WordPress WoodMart theme < 8.3.2 - Cross Site Scriptin… |
xtemos |
WoodMart |
2025-10-22T14:32:16.302Z | 2026-01-20T14:28:07.770Z |
| CVE-2025-49935 |
7.4 (3.1)
|
WordPress WoodMart theme < 8.3.2 - Local File Inclusio… |
xtemos |
WoodMart |
2025-10-22T14:32:16.098Z | 2026-01-20T14:28:07.791Z |
| CVE-2025-49934 |
5.4 (3.1)
|
WordPress JetBlocks For Elementor plugin <= 1.3.18 - C… |
CrocoBlock |
JetBlocks For Elementor |
2025-10-22T14:32:15.865Z | 2026-01-20T14:28:07.810Z |
| CVE-2025-49933 |
6.5 (3.1)
|
WordPress JetBlog plugin <= 2.4.4 - Cross Site Scripti… |
CrocoBlock |
JetBlog |
2025-10-22T14:32:15.603Z | 2026-01-20T14:28:07.844Z |
| CVE-2025-49932 |
6.5 (3.1)
|
WordPress JetBlog plugin <= 2.4.4.1 - Cross Site Scrip… |
CrocoBlock |
JetBlog |
2025-10-22T14:32:15.443Z | 2026-01-20T14:28:07.647Z |
| CVE-2025-49931 |
9.3 (3.1)
|
WordPress JetSearch plugin <= 3.5.10 - SQL Injection v… |
CrocoBlock |
JetSearch |
2025-10-22T14:32:15.259Z | 2026-01-20T14:28:07.695Z |
| CVE-2025-49930 |
7.1 (3.1)
|
WordPress JetSearch plugin <= 3.5.10 - Cross Site Scri… |
CrocoBlock |
JetSearch |
2025-10-22T14:32:15.035Z | 2026-01-20T14:28:07.642Z |
| CVE-2025-49929 |
6.5 (3.1)
|
WordPress Ultimate Blocks plugin <= 3.3.6 - Cross Site… |
Ultimate Blocks |
Ultimate Blocks |
2025-10-22T14:32:14.811Z | 2026-01-20T14:28:07.609Z |
| CVE-2025-49928 |
6.5 (3.1)
|
WordPress JetWooBuilder plugin <= 2.1.20 - Cross Site … |
CrocoBlock |
JetWooBuilder |
2025-10-22T14:32:14.597Z | 2026-01-20T14:28:07.500Z |
| CVE-2025-49927 |
6.5 (3.1)
|
WordPress JetWooBuilder plugin <= 2.1.20.1 - Cross Sit… |
CrocoBlock |
JetWooBuilder |
2025-10-22T14:32:14.395Z | 2026-01-20T14:28:07.599Z |
| CVE-2025-49926 |
7.3 (3.1)
|
WordPress Kalium theme <= 3.25 - Arbitrary Code Execut… |
Laborator |
Kalium |
2025-10-22T14:32:14.208Z | 2026-01-20T14:28:07.637Z |
| CVE-2025-49925 |
7.3 (3.1)
|
WordPress WPLMS plugin <= 1.9.9.7 - Broken Access Cont… |
VibeThemes |
WPLMS |
2025-10-22T14:32:14.033Z | 2026-01-20T15:39:46.393Z |
| CVE-2025-49924 |
7.3 (3.1)
|
WordPress Wholesale Suite plugin <= 2.2.4.2 - Privileg… |
Josh Kohlbach |
Wholesale Suite |
2025-10-22T14:32:13.804Z | 2026-01-20T15:39:21.024Z |
| CVE-2025-49923 |
6.1 (3.1)
|
WordPress Seriously Simple Podcasting plugin <= 3.11.1… |
Craig Hewitt |
Seriously Simple Podcasting |
2025-10-22T14:32:13.596Z | 2026-01-20T15:38:59.264Z |
| CVE-2025-49922 |
4.3 (3.1)
|
WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.3 -… |
etruel |
WPeMatico RSS Feed Fetcher |
2025-10-22T14:32:13.367Z | 2026-01-20T15:38:36.695Z |
| CVE-2025-49921 |
7.3 (3.1)
|
WordPress JetReviews plugin <= 3.0.0 - Local File Incl… |
CrocoBlock |
JetReviews |
2025-10-22T14:32:13.059Z | 2026-01-20T15:38:14.568Z |
| CVE-2025-49920 |
5.4 (3.1)
|
WordPress Web Accessibility By accessiBe plugin <= 2.1… |
accessiBe |
Web Accessibility By accessiBe |
2025-10-22T14:32:12.844Z | 2026-01-20T14:28:07.628Z |
| CVE-2025-49919 |
5.8 (3.1)
|
WordPress eRoom plugin <= 1.5.6 - Sensitive Data Expos… |
WPCenter |
eRoom |
2025-12-18T07:21:44.250Z | 2026-01-20T14:28:07.395Z |
| CVE-2025-49918 |
5.9 (3.1)
|
WordPress VikBooking Hotel Booking Engine & PMS plugin… |
e4jvikwp |
VikBooking Hotel Booking Engine & PMS |
2025-12-18T07:21:44.067Z | 2026-01-20T14:28:07.426Z |
| CVE-2025-49917 |
4.4 (3.1)
|
WordPress Icegram Express Pro plugin <= 5.9.5 - Server… |
Icegram |
Icegram Express Pro |
2025-10-22T14:32:12.630Z | 2026-01-20T14:28:07.536Z |
| CVE-2025-49916 |
8.6 (3.1)
|
WordPress MultiVendorX plugin <= 4.2.23 - Broken Acces… |
MultiVendorX |
MultiVendorX |
2025-10-22T14:32:12.420Z | 2026-01-20T14:28:07.416Z |
| CVE-2025-49915 |
9.3 (3.1)
|
WordPress SMS Alert Order Notifications plugin <= 3.8.… |
Cozy Vision |
SMS Alert Order Notifications |
2025-10-22T14:32:12.221Z | 2026-01-20T14:28:07.416Z |
| CVE-2025-49914 |
6.5 (3.1)
|
WordPress Restaurant Menu by MotoPress plugin <= 2.4.7… |
jetmonsters |
Restaurant Menu by MotoPress |
2025-12-18T07:21:43.896Z | 2026-01-20T14:28:07.321Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-49943 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.620 | 2026-01-20T15:16:44.310 |
| fkie_cve-2025-49942 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.490 | 2026-01-20T15:16:44.177 |
| fkie_cve-2025-49941 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.357 | 2026-01-20T15:16:44.050 |
| fkie_cve-2025-49940 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.420 | 2026-01-20T15:16:43.920 |
| fkie_cve-2025-49939 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.293 | 2026-01-20T15:16:43.790 |
| fkie_cve-2025-49938 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:40.157 | 2026-01-20T15:16:43.653 |
| fkie_cve-2025-49937 | Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-f… | 2025-10-22T15:15:40.023 | 2026-01-20T15:16:43.517 |
| fkie_cve-2025-49936 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:39.883 | 2026-01-20T15:16:43.383 |
| fkie_cve-2025-49935 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-10-22T15:15:39.750 | 2026-01-20T15:16:43.250 |
| fkie_cve-2025-49934 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:39.617 | 2026-01-20T15:16:43.120 |
| fkie_cve-2025-49933 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:39.477 | 2026-01-20T15:16:42.987 |
| fkie_cve-2025-49932 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:39.350 | 2026-01-20T15:16:42.857 |
| fkie_cve-2025-49931 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-10-22T15:15:39.227 | 2026-01-20T15:16:42.723 |
| fkie_cve-2025-49930 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:39.103 | 2026-01-20T15:16:42.583 |
| fkie_cve-2025-49929 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:38.970 | 2026-01-20T15:16:42.430 |
| fkie_cve-2025-49928 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:38.850 | 2026-01-20T15:16:42.293 |
| fkie_cve-2025-49927 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:38.723 | 2026-01-20T15:16:42.160 |
| fkie_cve-2025-49926 | Improper Control of Generation of Code ('Code Injection') vulnerability in Laborator Kalium kalium … | 2025-10-22T15:15:38.583 | 2026-01-20T15:16:42.023 |
| fkie_cve-2025-49925 | Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality… | 2025-10-22T15:15:38.460 | 2026-01-20T15:16:41.883 |
| fkie_cve-2025-49924 | Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale… | 2025-10-22T15:15:38.327 | 2026-01-20T15:16:41.753 |
| fkie_cve-2025-49923 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:38.193 | 2026-01-20T15:16:41.587 |
| fkie_cve-2025-49922 | Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploitin… | 2025-10-22T15:15:38.073 | 2026-01-20T15:16:41.450 |
| fkie_cve-2025-49921 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-10-22T15:15:37.943 | 2026-01-20T15:16:41.310 |
| fkie_cve-2025-49920 | Missing Authorization vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Ex… | 2025-10-22T15:15:37.817 | 2026-01-20T15:16:41.180 |
| fkie_cve-2025-49919 | Insertion of Sensitive Information Into Sent Data vulnerability in WPCenter eRoom eroom-zoom-meetin… | 2025-12-18T08:15:52.227 | 2026-01-20T15:16:41.043 |
| fkie_cve-2025-49918 | Insertion of Sensitive Information Into Sent Data vulnerability in e4jvikwp VikBooking Hotel Bookin… | 2025-12-18T08:15:52.083 | 2026-01-20T15:16:40.910 |
| fkie_cve-2025-49917 | Server-Side Request Forgery (SSRF) vulnerability in Icegram Icegram Express Pro email-subscribers-p… | 2025-10-22T15:15:37.693 | 2026-01-20T15:16:40.777 |
| fkie_cve-2025-49916 | Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows… | 2025-10-22T15:15:37.573 | 2026-01-20T15:16:40.640 |
| fkie_cve-2025-49915 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-10-22T15:15:37.440 | 2026-01-20T15:16:40.510 |
| fkie_cve-2025-49914 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in jetmons… | 2025-12-18T08:15:51.957 | 2026-01-20T15:16:40.387 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-x4m5-4cw8-vc44 |
6.0 (4.0)
|
axios-cache-interceptor Vulnerable to Cache Poisoning via Ignored HTTP Vary Header | 2025-12-30T15:37:55Z | 2026-01-05T22:35:17Z |
| ghsa-frgf-8jr5-j2jv |
5.3 (3.1)
|
memory leak flaw was found in ruby-magick | 2023-10-30T21:33:39Z | 2026-01-05T22:34:45Z |
| ghsa-p572-p2rj-q5f4 |
2.7 (3.1)
|
Umbraco Forms components vulnerable to Stored Cross-site Scripting | 2024-05-28T20:40:31Z | 2026-01-05T22:34:36Z |
| ghsa-w597-vxph-w9x8 |
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in … | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-qv45-76wr-jp6v |
6.2 (3.1)
|
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 133… | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-m7wf-qw73-q2jx |
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in … | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-fccg-qv5q-xphc |
5.4 (3.1)
|
Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote … | 2026-01-05T18:30:22Z | 2026-01-05T21:30:32Z |
| ghsa-983p-jmqx-rvjq |
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in … | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-96x6-h7gp-phwp |
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in … | 2026-01-05T21:30:32Z | 2026-01-05T21:30:32Z |
| ghsa-6gh2-xjvw-7rh4 |
6.5 (3.1)
|
Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF) h… | 2026-01-05T18:30:22Z | 2026-01-05T21:30:32Z |
| ghsa-2hc9-cc65-xwj8 |
7.5 (3.1)
|
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulat… | 2026-01-05T18:30:22Z | 2026-01-05T21:30:32Z |
| ghsa-xwhh-qff2-j7fx |
4.9 (3.1)
1.2 (4.0)
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-05T21:30:31Z |
| ghsa-xmww-pq7x-5g2c |
4.9 (3.1)
4.6 (4.0)
|
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versi… | 2026-01-02T15:30:31Z | 2026-01-05T21:30:31Z |
| ghsa-xj99-2m32-jhvv |
4.9 (3.1)
4.6 (4.0)
|
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versi… | 2026-01-02T15:30:31Z | 2026-01-05T21:30:31Z |
| ghsa-qrcf-84cj-mgmg |
4.9 (3.1)
4.6 (4.0)
|
An allocation of resources without limits or throttling vulnerability has been reported to affect s… | 2026-01-02T15:30:31Z | 2026-01-05T21:30:31Z |
| ghsa-mxg8-m2xm-j829 |
7.5 (3.1)
|
An authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 202… | 2026-01-02T18:30:55Z | 2026-01-05T21:30:31Z |
| ghsa-mwv4-qf7c-vfg5 |
6.1 (3.1)
2.2 (4.0)
|
A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. The remote attacker… | 2026-01-02T15:30:31Z | 2026-01-05T21:30:31Z |
| ghsa-m9jj-wqc5-fm74 |
4.9 (3.1)
4.6 (4.0)
|
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versi… | 2026-01-02T15:30:31Z | 2026-01-05T21:30:31Z |
| ghsa-98j3-hjh2-q3pv |
6.5 (3.1)
1.3 (4.0)
|
An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacke… | 2026-01-02T18:30:29Z | 2026-01-05T21:30:31Z |
| ghsa-55qw-5v38-gj45 |
6.5 (3.1)
1.2 (4.0)
|
A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker ga… | 2026-01-02T18:30:30Z | 2026-01-05T21:30:31Z |
| ghsa-4cjq-q46g-r27r |
6.5 (3.1)
1.2 (4.0)
|
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions.… | 2026-01-02T15:30:31Z | 2026-01-05T21:30:31Z |
| ghsa-x2j2-pg6r-pp2q |
4.9 (3.1)
1.2 (4.0)
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:30Z | 2026-01-05T21:30:30Z |
| ghsa-wmhh-c8hm-26vq |
4.9 (3.1)
1.2 (4.0)
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-05T21:30:30Z |
| ghsa-vj5w-qq78-7xg8 |
6.5 (3.1)
1.3 (4.0)
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-05T21:30:30Z |
| ghsa-p666-ch8g-wp7w |
6.5 (3.1)
1.2 (4.0)
|
A use of externally-controlled format string vulnerability has been reported to affect several QNAP… | 2026-01-02T15:30:31Z | 2026-01-05T21:30:30Z |
| ghsa-57jg-xfph-7vqg |
4.9 (3.1)
1.2 (4.0)
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-05T21:30:30Z |
| ghsa-38g5-822j-7rr9 |
4.9 (3.1)
1.2 (4.0)
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-05T21:30:30Z |
| ghsa-wxwx-rghm-5hm2 |
4.9 (3.1)
1.2 (4.0)
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:30Z | 2026-01-05T21:30:29Z |
| ghsa-qhch-48gg-2f55 |
8.1 (3.1)
1.3 (4.0)
|
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions.… | 2026-01-02T15:30:31Z | 2026-01-05T21:30:29Z |
| ghsa-pfp4-c2jf-cxcx |
4.9 (3.1)
1.2 (4.0)
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:30Z | 2026-01-05T21:30:29Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-26942 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.141351Z |
| gsd-2024-26764 | In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kio… | 2024-02-20T06:02:29.141137Z |
| gsd-2024-26445 | flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the c… | 2024-02-20T06:02:29.140871Z |
| gsd-2024-26665 | In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of … | 2024-02-20T06:02:29.140598Z |
| gsd-2024-26978 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.139989Z |
| gsd-2024-26353 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.139474Z |
| gsd-2024-26894 | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor_idle… | 2024-02-20T06:02:29.139260Z |
| gsd-2024-26492 | An issue in Online Diagnostic Lab Management System 1.0 allows a remote attacker to gain … | 2024-02-20T06:02:29.138988Z |
| gsd-2024-26724 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DPLL, Fix … | 2024-02-20T06:02:29.138517Z |
| gsd-2024-26655 | In the Linux kernel, the following vulnerability has been resolved: Fix memory leak in p… | 2024-02-20T06:02:29.137898Z |
| gsd-2024-26337 | swftools v0.9.2 was discovered to contain a segmentation violation via the function s_fon… | 2024-02-20T06:02:29.137360Z |
| gsd-2024-26886 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_blueto… | 2024-02-20T06:02:29.136851Z |
| gsd-2024-26483 | An arbitrary file upload vulnerability in the Profile Image module of Kirby CMS v4.1.0 al… | 2024-02-20T06:02:29.136279Z |
| gsd-2024-26465 | A DOM based cross-site scripting (XSS) vulnerability in the component /beep/Beep.Instrume… | 2024-02-20T06:02:29.135939Z |
| gsd-2024-26950 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.135599Z |
| gsd-2024-26813 | In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Creat… | 2024-02-20T06:02:29.135073Z |
| gsd-2024-26462 | Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. | 2024-02-20T06:02:29.134230Z |
| gsd-2024-26568 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.133951Z |
| gsd-2024-26343 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.133684Z |
| gsd-2024-26390 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.133475Z |
| gsd-2024-26367 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.132952Z |
| gsd-2024-26706 | In the Linux kernel, the following vulnerability has been resolved: parisc: Fix random d… | 2024-02-20T06:02:29.132735Z |
| gsd-2024-26446 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.132463Z |
| gsd-2024-26477 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.132183Z |
| gsd-2024-26392 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.131319Z |
| gsd-2024-26613 | In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix UBSAN: … | 2024-02-20T06:02:29.130775Z |
| gsd-2024-26682 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: impr… | 2024-02-20T06:02:29.130490Z |
| gsd-2024-26816 | In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore … | 2024-02-20T06:02:29.129615Z |
| gsd-2024-26476 | An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a… | 2024-02-20T06:02:29.129274Z |
| gsd-2024-26418 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:29.128743Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-184927 | Malicious code in sonic-kaos-fgaha (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184926 | Malicious code in sonic-kaos-fgaa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184925 | Malicious code in sonic-kaos-fga (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184924 | Malicious code in sonic-kaos-fagiugafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184923 | Malicious code in sonic-kaos-fagiufgafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184922 | Malicious code in sonic-kaos-fagiufagugafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184921 | Malicious code in sonic-kaos-fagiufaggafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184920 | Malicious code in sonic-kaos-fagigafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184919 | Malicious code in sonic-kaos-fagiafa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184918 | Malicious code in sonic-kaos-fagfa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184917 | Malicious code in sonic-kaos-faga (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184916 | Malicious code in sonic-kaos-fag (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184915 | Malicious code in sonic-kaos-fa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184914 | Malicious code in sonic-kag-tvb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184913 | Malicious code in sonic-kag-tgvcb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184912 | Malicious code in sonic-kag-tgvb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184911 | Malicious code in sonic-kag-tgivcb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184910 | Malicious code in sonic-jos-afisigafoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184909 | Malicious code in sonic-jos-afisigafifafoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184908 | Malicious code in sonic-jos-afisigafifaafoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184907 | Malicious code in sonic-jos-afisigaffafoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184906 | Malicious code in sonic-jos-afisigafafoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184905 | Malicious code in sonic-jos-afisigaafoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184904 | Malicious code in sonic-jos-afisgafoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184903 | Malicious code in sonic-jos-afigafoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184902 | Malicious code in sonic-jos-afifoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184901 | Malicious code in sonic-jos-afiafoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184900 | Malicious code in sonic-jos-afia (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184899 | Malicious code in sonic-jos-affoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184898 | Malicious code in sonic-jos-afafiofijhah (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2024:5654 | Red Hat Security Advisory: curl security update | 2024-08-20T18:20:58+00:00 | 2025-11-21T19:10:27+00:00 |
| rhsa-2024:5689 | Red Hat Security Advisory: python3.9 security update | 2024-08-21T11:33:21+00:00 | 2025-11-21T19:10:26+00:00 |
| rhsa-2024:5655 | Red Hat Security Advisory: bind security update | 2024-08-20T18:16:33+00:00 | 2025-11-21T19:10:23+00:00 |
| rhsa-2024:5644 | Red Hat Security Advisory: cups security update | 2024-08-20T16:14:28+00:00 | 2025-11-21T19:10:21+00:00 |
| rhsa-2024:5640 | Red Hat Security Advisory: linux-firmware security update | 2024-08-20T16:12:23+00:00 | 2025-11-21T19:10:20+00:00 |
| rhsa-2024:5623 | Red Hat Security Advisory: edk2 security update | 2024-08-20T15:52:43+00:00 | 2025-11-21T19:10:15+00:00 |
| rhsa-2024:5608 | Red Hat Security Advisory: libreoffice security update | 2024-08-20T11:30:17+00:00 | 2025-11-21T19:10:11+00:00 |
| rhsa-2024:5607 | Red Hat Security Advisory: libreoffice security update | 2024-08-20T11:26:42+00:00 | 2025-11-21T19:10:11+00:00 |
| rhsa-2024:5601 | Red Hat Security Advisory: libreoffice security update | 2024-08-21T08:28:15+00:00 | 2025-11-21T19:10:11+00:00 |
| rhsa-2024:5599 | Red Hat Security Advisory: libreoffice security update | 2024-08-20T09:55:27+00:00 | 2025-11-21T19:10:07+00:00 |
| rhsa-2024:5598 | Red Hat Security Advisory: libreoffice security update | 2024-08-20T09:59:12+00:00 | 2025-11-21T19:10:06+00:00 |
| rhsa-2024:5584 | Red Hat Security Advisory: libreoffice security update | 2024-08-19T18:32:55+00:00 | 2025-11-21T19:10:06+00:00 |
| rhsa-2024:5583 | Red Hat Security Advisory: libreoffice security update | 2024-08-19T18:52:25+00:00 | 2025-11-21T19:10:05+00:00 |
| rhsa-2024:5582 | Red Hat Security Advisory: kpatch-patch-4_18_0-372_87_1 and kpatch-patch-4_18_0-372_91_1 security update | 2024-08-19T18:26:55+00:00 | 2025-11-21T19:10:04+00:00 |
| rhsa-2024:5535 | Red Hat Security Advisory: python3.9 security update | 2024-08-19T02:36:41+00:00 | 2025-11-21T19:10:02+00:00 |
| rhsa-2024:5529 | Red Hat Security Advisory: curl security update | 2024-08-19T02:49:29+00:00 | 2025-11-21T19:10:00+00:00 |
| rhsa-2024:5528 | Red Hat Security Advisory: thunderbird security update | 2024-08-19T01:48:44+00:00 | 2025-11-21T19:09:59+00:00 |
| rhsa-2024:5527 | Red Hat Security Advisory: thunderbird security update | 2024-08-19T02:06:49+00:00 | 2025-11-21T19:09:58+00:00 |
| rhsa-2024:5525 | Red Hat Security Advisory: bind9.16 security update | 2024-08-19T01:48:44+00:00 | 2025-11-21T19:09:57+00:00 |
| rhsa-2024:5524 | Red Hat Security Advisory: bind security update | 2024-08-19T05:12:06+00:00 | 2025-11-21T19:09:56+00:00 |
| rhsa-2024:5523 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1 security update | 2024-08-19T01:48:43+00:00 | 2025-11-21T19:09:56+00:00 |
| rhsa-2024:5521 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_48_1 and kpatch-patch-5_14_0-284_52_1 security update | 2024-08-19T01:48:43+00:00 | 2025-11-21T19:09:54+00:00 |
| rhsa-2024:5519 | Red Hat Security Advisory: kpatch-patch-4_18_0-305_120_1 security update | 2024-08-19T01:48:42+00:00 | 2025-11-21T19:09:54+00:00 |
| rhsa-2024:5453 | Red Hat Security Advisory: Fence Agents Remediation 0.4.1 - Security update | 2024-08-15T08:10:14+00:00 | 2025-11-21T19:09:48+00:00 |
| rhsa-2024:5418 | Red Hat Security Advisory: bind9.16 security update | 2024-08-15T01:57:20+00:00 | 2025-11-21T19:09:41+00:00 |
| rhsa-2024:5405 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.15 OpenShift Jenkins security update | 2024-08-14T15:47:29+00:00 | 2025-11-21T19:09:41+00:00 |
| rhsa-2024:5411 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 OpenShift Jenkins security update | 2024-08-14T17:42:14+00:00 | 2025-11-21T19:09:39+00:00 |
| rhsa-2024:5402 | Red Hat Security Advisory: thunderbird security update | 2024-08-14T15:04:39+00:00 | 2025-11-21T19:09:39+00:00 |
| rhsa-2024:5410 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 OpenShift Jenkins security update | 2024-08-14T17:42:05+00:00 | 2025-11-21T19:09:38+00:00 |
| rhsa-2024:5406 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update | 2024-08-14T16:14:19+00:00 | 2025-11-21T19:09:37+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-1621 | Heap buffer overflow in vim_strncpy find_word in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-17T00:00:00.000Z |
| msrc_cve-2022-1620 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-17T00:00:00.000Z |
| msrc_cve-2022-1619 | Heap-based Buffer Overflow in function cmdline_erase_chars in vim/vim | 2022-05-02T00:00:00.000Z | 2022-05-17T00:00:00.000Z |
| msrc_cve-2022-24522 | Skype Extension for Chrome Information Disclosure Vulnerability | 2022-03-08T08:00:00.000Z | 2022-05-16T07:00:00.000Z |
| msrc_cve-2022-27456 | MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc. | 2022-04-02T00:00:00.000Z | 2022-05-14T00:00:00.000Z |
| msrc_cve-2022-27384 | An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | 2022-04-02T00:00:00.000Z | 2022-05-14T00:00:00.000Z |
| msrc_cve-2022-27383 | MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit which is exploited via specially crafted SQL statements. | 2022-04-02T00:00:00.000Z | 2022-05-14T00:00:00.000Z |
| msrc_cve-2022-27381 | An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | 2022-04-02T00:00:00.000Z | 2022-05-14T00:00:00.000Z |
| msrc_cve-2022-27380 | An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | 2022-04-02T00:00:00.000Z | 2022-05-14T00:00:00.000Z |
| msrc_cve-2022-27379 | An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | 2022-04-02T00:00:00.000Z | 2022-05-14T00:00:00.000Z |
| msrc_cve-2022-27377 | MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup() which is exploited via specially crafted SQL statements. | 2022-04-02T00:00:00.000Z | 2022-05-14T00:00:00.000Z |
| msrc_cve-2022-27376 | MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg which is exploited via specially crafted SQL statements. | 2022-04-02T00:00:00.000Z | 2022-05-14T00:00:00.000Z |
| msrc_cve-2022-24769 | Default inheritable capabilities for linux container should be empty | 2022-03-02T00:00:00.000Z | 2022-05-14T00:00:00.000Z |
| msrc_cve-2022-30138 | Windows Print Spooler Elevation of Privilege Vulnerability | 2022-05-10T08:00:00.000Z | 2022-05-13T07:00:00.000Z |
| msrc_cve-2022-29155 | In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2 a SQL injection vulnerability exists in the experimental back-sql backend to slapd via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed due to a lack of proper escaping. | 2022-05-02T00:00:00.000Z | 2022-05-13T00:00:00.000Z |
| msrc_cve-2022-21427 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-04-02T00:00:00.000Z | 2022-05-13T00:00:00.000Z |
| msrc_cve-2022-20796 | ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022 | 2022-05-02T00:00:00.000Z | 2022-05-13T00:00:00.000Z |
| msrc_cve-2022-20785 | ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: April 2022 | 2022-05-02T00:00:00.000Z | 2022-05-13T00:00:00.000Z |
| msrc_cve-2022-20771 | ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022 | 2022-05-02T00:00:00.000Z | 2022-05-13T00:00:00.000Z |
| msrc_cve-2022-20770 | ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022 | 2022-05-02T00:00:00.000Z | 2022-05-13T00:00:00.000Z |
| msrc_cve-2022-1353 | A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local unprivileged user to gain access to kernel memory leading to a system crash or a leak of internal kernel information. | 2022-04-02T00:00:00.000Z | 2022-05-12T00:00:00.000Z |
| msrc_cve-2022-1227 | A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem leading to information disclosure or denial of service. | 2022-04-02T00:00:00.000Z | 2022-05-12T00:00:00.000Z |
| msrc_cve-2022-1195 | A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. | 2022-04-02T00:00:00.000Z | 2022-05-12T00:00:00.000Z |
| msrc_cve-2022-1048 | A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. | 2022-04-02T00:00:00.000Z | 2022-05-12T00:00:00.000Z |
| msrc_cve-2022-1015 | A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue. | 2022-04-02T00:00:00.000Z | 2022-05-12T00:00:00.000Z |
| msrc_cve-2022-26915 | Windows Secure Channel Denial of Service Vulnerability | 2022-04-12T08:00:00.000Z | 2022-05-11T07:00:00.000Z |
| msrc_cve-2022-29968 | An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. | 2022-05-02T00:00:00.000Z | 2022-05-11T00:00:00.000Z |
| msrc_cve-2022-29869 | cifs-utils through 6.14 with verbose logging can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. | 2022-04-02T00:00:00.000Z | 2022-05-11T00:00:00.000Z |
| msrc_cve-2022-29824 | In libxml2 before 2.9.14 several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted multi-gigabyte XML file. Other software using libxml2's buffer functions for example libxslt through 1.1.35 is affected as well. | 2022-05-02T00:00:00.000Z | 2022-05-11T00:00:00.000Z |
| msrc_cve-2022-29582 | In the Linux kernel before 5.17.3 fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however the race condition perhaps can only be exploited infrequently. | 2022-04-02T00:00:00.000Z | 2022-05-11T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201506-0308 | Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows r… | 2025-04-13T23:21:16.968000Z |
| var-201506-0329 | SAP Afaria does not properly restrict access to unspecified functionality, which allows r… | 2025-04-13T23:21:16.930000Z |
| var-201507-0369 | mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.… | 2025-04-13T23:21:16.698000Z |
| var-201507-0516 | The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Securi… | 2025-04-13T23:21:16.633000Z |
| var-201508-0594 | Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interfa… | 2025-04-13T23:21:15.677000Z |
| var-201509-0012 | Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cau… | 2025-04-13T23:21:15.643000Z |
| var-201509-0201 | Cross-site scripting (XSS) vulnerability in the "Create download task via file upload" fe… | 2025-04-13T23:21:15.612000Z |
| var-201509-0205 | Cross-site scripting (XSS) vulnerability in the "Create download task via URL" feature in… | 2025-04-13T23:21:15.585000Z |
| var-201509-0264 | The Remote Agent component in Schneider Electric InduSoft Web Studio before 8.0 allows re… | 2025-04-13T23:21:15.539000Z |
| var-201510-0009 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows l… | 2025-04-13T23:21:15.327000Z |
| var-201510-0406 | Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive informatio… | 2025-04-13T23:21:14.917000Z |
| var-201510-0704 | Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x before 2.2.6 allows lo… | 2025-04-13T23:21:14.804000Z |
| var-201511-0029 | Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler … | 2025-04-13T23:21:14.740000Z |
| var-201511-0028 | The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gat… | 2025-04-13T23:21:14.710000Z |
| var-201511-0030 | The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetSc… | 2025-04-13T23:21:14.680000Z |
| var-201511-0051 | CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 def… | 2025-04-13T23:21:14.647000Z |
| var-201511-0049 | CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authenti… | 2025-04-13T23:21:14.615000Z |
| var-201511-0052 | CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers … | 2025-04-13T23:21:14.582000Z |
| var-201511-0050 | CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabeti… | 2025-04-13T23:21:14.550000Z |
| var-201511-0216 | Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP inte… | 2025-04-13T23:21:14.451000Z |
| var-201512-0014 | Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earl… | 2025-04-13T23:21:14.257000Z |
| var-201512-0079 | Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N dev… | 2025-04-13T23:21:14.218000Z |
| var-201502-0157 | The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h… | 2025-04-13T23:21:13.946000Z |
| var-201512-0390 | Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows … | 2025-04-13T23:21:13.915000Z |
| var-201512-0515 | Corega CG-WLBARGS devices allow remote attackers to perform administrative operations via… | 2025-04-13T23:21:13.877000Z |
| var-201512-0516 | Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers t… | 2025-04-13T23:21:13.842000Z |
| var-201512-0513 | Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devices with firmware be… | 2025-04-13T23:21:13.806000Z |
| var-201601-0042 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Expre… | 2025-04-13T23:21:13.707000Z |
| var-201601-0399 | Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 devices with firmwar… | 2025-04-13T23:21:09.933000Z |
| var-201601-0461 | The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to ob… | 2025-04-13T23:21:09.896000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2021:2913-1 | Security update for openexr | 2021-09-02T07:53:43Z | 2021-09-02T07:53:43Z |
| suse-su-2021:2912-1 | Security update for apache2-mod_auth_mellon | 2021-09-02T07:51:07Z | 2021-09-02T07:51:07Z |
| suse-su-2021:2892-1 | Security update for dovecot23 | 2021-08-31T14:38:31Z | 2021-08-31T14:38:31Z |
| suse-su-2021:2891-1 | Security update for dovecot23 | 2021-08-31T14:37:58Z | 2021-08-31T14:37:58Z |
| suse-su-2021:2890-1 | Security update for dovecot23 | 2021-08-31T14:37:09Z | 2021-08-31T14:37:09Z |
| suse-su-2021:2877-1 | Security update for mysql-connector-java | 2021-08-30T13:56:16Z | 2021-08-30T13:56:16Z |
| suse-su-2021:2876-1 | Security update for bind | 2021-08-30T13:55:38Z | 2021-08-30T13:55:38Z |
| suse-su-2021:2875-1 | Security update for nodejs12 | 2021-08-30T13:55:02Z | 2021-08-30T13:55:02Z |
| suse-su-2021:2874-1 | Security update for MozillaThunderbird | 2021-08-30T13:54:37Z | 2021-08-30T13:54:37Z |
| suse-su-2021:2873-1 | Security update for sssd | 2021-08-30T13:54:19Z | 2021-08-30T13:54:19Z |
| suse-su-2021:2862-1 | Security update for spectre-meltdown-checker | 2021-08-27T12:41:34Z | 2021-08-27T12:41:34Z |
| suse-su-2021:2861-1 | Security update for spectre-meltdown-checker | 2021-08-27T12:41:15Z | 2021-08-27T12:41:15Z |
| suse-su-2021:2858-1 | Security update for qemu | 2021-08-27T09:59:37Z | 2021-08-27T09:59:37Z |
| suse-su-2021:2857-1 | Security update for 389-ds | 2021-08-27T09:59:01Z | 2021-08-27T09:59:01Z |
| suse-su-2021:2852-1 | Security update for compat-openssl098 | 2021-08-27T05:21:56Z | 2021-08-27T05:21:56Z |
| suse-su-2021:2848-1 | Security update for aspell | 2021-08-25T15:22:54Z | 2021-08-25T15:22:54Z |
| suse-su-2021:14793-1 | Security update for libesmtp | 2021-08-25T15:21:25Z | 2021-08-25T15:21:25Z |
| suse-su-2021:2846-1 | Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) | 2021-08-25T15:15:54Z | 2021-08-25T15:15:54Z |
| suse-su-2021:2842-1 | Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) | 2021-08-25T15:15:40Z | 2021-08-25T15:15:40Z |
| suse-su-2021:2838-1 | Security update for jetty-minimal | 2021-08-25T10:34:13Z | 2021-08-25T10:34:13Z |
| suse-su-2021:2837-1 | Security update for mariadb | 2021-08-25T10:32:25Z | 2021-08-25T10:32:25Z |
| suse-su-2021:2835-1 | Security update for mariadb | 2021-08-25T10:30:44Z | 2021-08-25T10:30:44Z |
| suse-su-2021:2834-1 | Security update for unrar | 2021-08-25T10:26:54Z | 2021-08-25T10:26:54Z |
| suse-su-2021:2833-1 | Security update for openssl-1_1 | 2021-08-24T14:21:30Z | 2021-08-24T14:21:30Z |
| suse-su-2021:14792-1 | Security update for openssl1 | 2021-08-24T14:21:14Z | 2021-08-24T14:21:14Z |
| suse-su-2021:2831-1 | Security update for openssl-1_1 | 2021-08-24T14:21:00Z | 2021-08-24T14:21:00Z |
| suse-su-2021:2830-1 | Security update for openssl-1_1 | 2021-08-24T14:20:41Z | 2021-08-24T14:20:41Z |
| suse-su-2021:2829-1 | Security update for openssl-1_1 | 2021-08-24T14:19:58Z | 2021-08-24T14:19:58Z |
| suse-su-2021:14791-1 | Security update for openssl | 2021-08-24T14:19:16Z | 2021-08-24T14:19:16Z |
| suse-su-2021:2827-1 | Security update for openssl-1_0_0 | 2021-08-24T14:16:30Z | 2021-08-24T14:16:30Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-01178 | Adobe Experience Manager跨站脚本漏洞(CNVD-2025-01178) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01177 | Adobe Experience Manager跨站脚本漏洞(CNVD-2025-01177) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01176 | Adobe Experience Manager跨站脚本漏洞(CNVD-2025-01176) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01175 | Adobe Experience Manager跨站脚本漏洞(CNVD-2025-01175) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01174 | Adobe Experience Manager跨站脚本漏洞(CNVD-2025-01174) | 2024-12-13 | 2025-01-16 |
| cnvd-2025-01173 | Adobe Experience Manager访问控制不当漏洞(CNVD-2025-01173) | 2024-12-13 | 2025-01-16 |
| cnvd-2024-49595 | 上海上讯信息技术股份有限公司运维管理审计系统存在命令执行漏洞(CNVD-C-2024-941497) | 2024-12-02 | 2025-01-16 |
| cnvd-2025-02170 | Linksys E1000缓冲区溢出漏洞 | 2024-03-21 | 2025-01-15 |
| cnvd-2025-02169 | Linksys E5600命令注入漏洞 | 2024-05-09 | 2025-01-15 |
| cnvd-2025-02168 | LINKSYS EA7500缓冲区溢出漏洞 | 2024-05-11 | 2025-01-15 |
| cnvd-2025-02167 | Linksys E5600命令注入漏洞 | 2024-05-11 | 2025-01-15 |
| cnvd-2025-02166 | Linksys E7350 apcli_cancel_wps命令注入漏洞 | 2025-01-13 | 2025-01-15 |
| cnvd-2025-01840 | Linksys E7350 reset_wifi命令注入漏洞 | 2025-01-13 | 2025-01-15 |
| cnvd-2025-01828 | Google Android setSkipPrompt方法权限提升漏洞 | 2025-01-07 | 2025-01-15 |
| cnvd-2025-01827 | Google Android resizeToAtLeast权限提升漏洞 | 2025-01-07 | 2025-01-15 |
| cnvd-2025-01826 | Google Android skia_alloc_func越界写漏洞 | 2025-01-07 | 2025-01-15 |
| cnvd-2025-01824 | Google Android lwis_ioctl.c堆缓冲区溢出漏洞 | 2025-01-10 | 2025-01-15 |
| cnvd-2025-01712 | Linksys WRT54GL缓冲区溢出漏洞 | 2023-01-11 | 2025-01-15 |
| cnvd-2025-01711 | Linksys E2000命令注入漏洞 | 2023-05-25 | 2025-01-15 |
| cnvd-2025-01707 | FFmpeg整数溢出漏洞(CNVD-2025-01707) | 2025-01-07 | 2025-01-15 |
| cnvd-2025-01706 | Emlog Pro跨站脚本漏洞(CNVD-2025-01706) | 2025-01-10 | 2025-01-15 |
| cnvd-2025-01705 | Huawei HarmonyOS身份验证模块访问控制漏洞 | 2025-01-13 | 2025-01-15 |
| cnvd-2025-01692 | Linksys WRT54G缓冲区溢出漏洞 | 2024-07-24 | 2025-01-15 |
| cnvd-2025-01688 | Mattermost资源消耗型漏洞 | 2024-09-29 | 2025-01-15 |
| cnvd-2025-01684 | Google Pixel存在未明漏洞(CNVD-2025-01684) | 2025-01-03 | 2025-01-15 |
| cnvd-2025-01683 | Google Pixel存在未明漏洞(CNVD-2025-01683) | 2025-01-03 | 2025-01-15 |
| cnvd-2025-01681 | Linux kernel存在未明漏洞(CNVD-2025-01681) | 2025-01-03 | 2025-01-15 |
| cnvd-2025-01680 | Linux kernel存在未明漏洞(CNVD-2025-01680) | 2025-01-03 | 2025-01-15 |
| cnvd-2025-01679 | Linux kernel存在未明漏洞(CNVD-2025-01679) | 2025-01-03 | 2025-01-15 |
| cnvd-2025-01678 | Linux kernel存在未明漏洞(CNVD-2025-01678) | 2025-01-03 | 2025-01-15 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2012-avi-355 | Multiples vulnérabilités dans Symantec Message Filter | 2012-06-28T00:00:00.000000 | 2012-06-28T00:00:00.000000 |
| certa-2012-avi-354 | Vulnérabilité dans IMP | 2012-06-27T00:00:00.000000 | 2012-06-27T00:00:00.000000 |
| certa-2012-avi-353 | Vulnérabilité dans AIX | 2012-06-27T00:00:00.000000 | 2012-06-27T00:00:00.000000 |
| certa-2012-avi-352 | Multiples vulnérabilités dans Google Chrome | 2012-06-27T00:00:00.000000 | 2012-06-27T00:00:00.000000 |
| certa-2012-avi-351 | Multiples vulnérabilités dans IBM Lotus Expeditor | 2012-06-25T00:00:00.000000 | 2012-06-25T00:00:00.000000 |
| certa-2012-avi-350 | Vulnérabilité dans IBM AIX | 2012-06-22T00:00:00.000000 | 2012-06-22T00:00:00.000000 |
| certa-2012-avi-349 | Vulnérabilités dans IBM System Storage DS Storage Manager | 2012-06-22T00:00:00.000000 | 2012-06-22T00:00:00.000000 |
| certa-2012-avi-347 | Vulnérabilité dans Cisco ASA 5500 et Cisco Catalyst 6500 | 2012-06-21T00:00:00.000000 | 2012-06-21T00:00:00.000000 |
| certa-2012-avi-346 | Vulnérabilité dans Cisco Application Control Engine | 2012-06-21T00:00:00.000000 | 2012-06-21T00:00:00.000000 |
| certa-2012-avi-345 | Multiples vulnérabilités dans Cisco AnyConnect Secure Mobility Client | 2012-06-21T00:00:00.000000 | 2012-06-21T00:00:00.000000 |
| certa-2012-avi-348 | Vulnérabilité dans F5 BIG-IP | 2012-06-20T00:00:00.000000 | 2012-06-20T00:00:00.000000 |
| certa-2012-avi-343 | Vulnérabilités dans Libtiff | 2012-06-20T00:00:00.000000 | 2012-06-20T00:00:00.000000 |
| certa-2012-avi-342 | Vulnérabilité dans IBM Lotus Notes | 2012-06-19T00:00:00.000000 | 2012-06-19T00:00:00.000000 |
| certa-2012-avi-341 | Multiples vulnérabilités dans PHP | 2012-06-19T00:00:00.000000 | 2012-06-19T00:00:00.000000 |
| certa-2012-avi-340 | Vulnérabilité dans des produits Mozilla | 2012-06-19T00:00:00.000000 | 2012-06-19T00:00:00.000000 |
| certa-2012-avi-339 | Vulnérabilité dans Symantec LiveUpdate Administrator | 2012-06-19T00:00:00.000000 | 2012-06-19T00:00:00.000000 |
| certa-2012-avi-338 | Multiples vulnérabilités dans Opera | 2012-06-19T00:00:00.000000 | 2012-06-19T00:00:00.000000 |
| certa-2012-avi-337 | Vulnérabilité dans Asterisk | 2012-06-18T00:00:00.000000 | 2012-06-18T00:00:00.000000 |
| certa-2012-avi-336 | Vulnérabilités dans SPIP | 2012-06-15T00:00:00.000000 | 2012-06-15T00:00:00.000000 |
| certa-2012-avi-335 | Vulnérabilité dans HP OpenVMS | 2012-06-15T00:00:00.000000 | 2012-06-15T00:00:00.000000 |
| certa-2012-avi-334 | Vulnérabilité dans FreeBSD | 2012-06-15T00:00:00.000000 | 2012-06-15T00:00:00.000000 |
| certa-2012-avi-333 | Vulnérabilités dans VMware | 2012-06-14T00:00:00.000000 | 2012-06-14T00:00:00.000000 |
| certa-2012-avi-332 | Multiples vulnérabilités dans Mac OS X | 2012-06-14T00:00:00.000000 | 2012-06-14T00:00:00.000000 |
| certa-2012-avi-331 | Multiples vulnérabilités dans Oracle Java | 2012-06-14T00:00:00.000000 | 2012-06-14T00:00:00.000000 |
| certa-2012-avi-330 | Vulnérabilité dans HP Server Automation | 2012-06-13T00:00:00.000000 | 2012-06-13T00:00:00.000000 |
| certa-2012-avi-329 | Vulnérabilités dans iTunes | 2012-06-13T00:00:00.000000 | 2012-06-13T00:00:00.000000 |
| certa-2012-avi-328 | Vulnérabilités dans Xen | 2012-06-13T00:00:00.000000 | 2012-06-13T00:00:00.000000 |
| certa-2012-avi-327 | Vulnérabilité dans Microsoft XML Core Services | 2012-06-13T00:00:00.000000 | 2012-06-13T00:00:00.000000 |
| certa-2012-avi-326 | Vulnérabilités dans le noyau Windows | 2012-06-13T00:00:00.000000 | 2012-06-13T00:00:00.000000 |
| certa-2012-avi-325 | Multiples vulnérabilités dans le noyau Windows (win32k.sys) | 2012-06-13T00:00:00.000000 | 2012-06-13T00:00:00.000000 |