Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-1021 |
9.3 (4.0)
9.8 (3.1)
|
Gotac|Police Statistics Database System - Arbitrary Fi… |
Gotac |
Police Statistics Database System |
2026-01-16T03:08:42.422Z | 2026-01-16T14:41:29.042Z |
| CVE-2026-1000 |
6.5 (3.1)
|
MailerLite - WooCommerce integration <= 3.1.3 - Missin… |
mailerlite |
MailerLite – WooCommerce integration |
2026-01-16T04:44:35.744Z | 2026-01-16T14:38:41.237Z |
| CVE-2026-0615 |
7.3 (3.1)
|
CVE-2026-0615 |
TheLibrarian |
TheLibrarian.io |
2026-01-16T12:47:27.747Z | 2026-01-16T14:38:37.462Z |
| CVE-2025-68707 |
8.8 (3.1)
|
An authentication bypass vulnerability in the Ton… |
n/a |
n/a |
2026-01-13T00:00:00.000Z | 2026-01-16T14:36:10.227Z |
| CVE-2022-50911 |
N/A
|
This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. | N/A | N/A | 2026-01-13T22:51:50.943Z | 2026-01-16T14:31:21.289Z |
| CVE-2025-15104 |
6.9 (4.0)
|
Nu Html Checker (validator.nu) - Restriction bypass vu… |
The Nu Html Checker |
The Nu Html Checker |
2026-01-16T14:00:16.643Z | 2026-01-16T14:30:55.715Z |
| CVE-2025-14384 |
4.3 (3.1)
|
All in One SEO – Powerful SEO Plugin to Boost SEO Rank… |
smub |
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic |
2026-01-16T04:44:36.103Z | 2026-01-16T14:10:21.442Z |
| CVE-2026-0858 |
6.1 (3.1)
|
Versions of the package net.sourceforge.plantuml:… |
n/a |
net.sourceforge.plantuml:plantuml |
2026-01-16T05:00:06.808Z | 2026-01-16T14:10:00.485Z |
| CVE-2025-14435 |
6.8 (3.1)
|
Application-Level DoS via infinite re-render loop in u… |
Mattermost |
Mattermost |
2026-01-16T11:25:35.817Z | 2026-01-16T14:09:00.429Z |
| CVE-2025-14510 |
8.1 (3.1)
9.2 (4.0)
|
ABB Ability OPTIMAX Authentication Bypass in Single-Sign On |
ABB |
ABB Ability OPTIMAX |
2026-01-16T13:02:30.774Z | 2026-01-16T14:08:21.597Z |
| CVE-2026-23769 |
6.5 (3.1)
|
lucy-xss-filter before commit e5826c0 allows an a… |
NAVER |
lucy-xss-filter |
2026-01-16T05:23:56.494Z | 2026-01-16T14:05:51.238Z |
| CVE-2026-1022 |
8.7 (4.0)
7.5 (3.1)
|
Gotac|Statistics Database System - Arbitrary File Read |
Gotac |
Statistics Database System |
2026-01-16T03:33:46.923Z | 2026-01-16T14:04:31.040Z |
| CVE-2026-1023 |
8.7 (4.0)
7.5 (3.1)
|
Gotac|Statistics Database System - Missing Authentication |
Gotac |
Statistics Database System |
2026-01-16T03:43:02.419Z | 2026-01-16T14:04:01.712Z |
| CVE-2025-14982 |
4.3 (3.1)
|
Booking Calendar <= 10.14.11 - Missing Authorization t… |
wpdevelop |
Booking Calendar |
2026-01-16T04:44:33.474Z | 2026-01-16T14:03:32.703Z |
| CVE-2026-0823 |
N/A
|
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | N/A | N/A | 2026-01-16T14:03:21.731Z | |
| CVE-2025-15527 |
4.3 (3.1)
|
WP Recipe Maker <= 10.2.2 - Insecure Direct Object Ref… |
brechtvds |
WP Recipe Maker |
2026-01-16T04:44:33.994Z | 2026-01-16T14:02:58.723Z |
| CVE-2025-15526 |
5.3 (3.1)
|
Fancy Product Designer | WooCommerce WordPress <= 6.4.… |
radykal |
Fancy Product Designer |
2026-01-16T04:44:34.337Z | 2026-01-16T14:02:37.573Z |
| CVE-2025-12641 |
6.5 (3.1)
|
Awesome Support – WordPress HelpDesk & Support Plugin … |
awesomesupport |
Awesome Support – WordPress HelpDesk & Support Plugin |
2026-01-16T04:44:34.683Z | 2026-01-16T14:02:11.686Z |
| CVE-2025-12957 |
8.8 (3.1)
|
All-in-One Video Gallery <= 4.5.7 - Authenticated (Aut… |
plugins360 |
All-in-One Video Gallery |
2026-01-16T04:44:35.026Z | 2026-01-16T14:01:40.735Z |
| CVE-2026-0975 |
7.8 (3.1)
|
DIAView - Command Injection Vulnerability |
Delta Electronics |
DIAView |
2026-01-16T06:01:59.903Z | 2026-01-16T14:00:54.208Z |
| CVE-2026-0916 |
6.4 (3.1)
|
Related Posts by Taxonomy <= 2.7.6 - Authenticated (Co… |
keesiemeijer |
Related Posts by Taxonomy |
2026-01-16T06:43:19.795Z | 2026-01-16T13:59:41.136Z |
| CVE-2026-0942 |
5.3 (3.1)
|
Rede Itaú for WooCommerce — Payment PIX, Credit Card a… |
linknacional |
Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit |
2026-01-16T06:43:20.555Z | 2026-01-16T13:58:49.102Z |
| CVE-2026-0939 |
5.3 (3.1)
|
Rede Itaú for WooCommerce — Payment PIX, Credit Card a… |
linknacional |
Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit |
2026-01-16T06:43:20.971Z | 2026-01-16T13:57:52.515Z |
| CVE-2025-14853 |
4.3 (3.1)
|
LEAV Last Email Address Validator <= 1.7.1 - Cross-Sit… |
smings |
LEAV Last Email Address Validator |
2026-01-16T06:43:21.401Z | 2026-01-16T13:56:51.236Z |
| CVE-2025-14793 |
5 (3.1)
|
DK PDF – WordPress PDF Generator <= 2.3.0 - Authentica… |
torstenbulk |
DK PDF – WordPress PDF Generator |
2026-01-16T06:43:21.806Z | 2026-01-16T13:51:11.988Z |
| CVE-2026-1003 |
4.3 (3.1)
|
GetGenie – AI Content Writer with Keyword Research & S… |
roxnor |
GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools |
2026-01-16T07:23:09.127Z | 2026-01-16T13:50:30.935Z |
| CVE-2025-14375 |
6.1 (3.1)
|
RSS Aggregator – RSS Import, News Feeds, Feed to Post,… |
rebelcode |
RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging |
2026-01-16T07:23:09.745Z | 2026-01-16T13:48:29.591Z |
| CVE-2024-1132 |
8.1 (3.1)
|
Keycloak: path transversal in redirection validation |
|
|
2024-04-17T13:21:19.130Z | 2026-01-16T13:47:13.836Z |
| CVE-2026-20759 |
8.8 (3.0)
8.7 (4.0)
|
OS Command Injection vulnerability exists in mult… |
TOA Corporation |
Multiple Network Cameras TRIFORA 3 series |
2026-01-16T08:16:45.444Z | 2026-01-16T13:45:56.900Z |
| CVE-2026-20894 |
4.8 (3.0)
4.8 (4.0)
|
Cross-site scripting vulnerability exists in mult… |
TOA Corporation |
Multiple Network Cameras TRIFORA 3 series |
2026-01-16T08:16:57.696Z | 2026-01-16T13:45:31.792Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-53232 |
5.8 (3.1)
|
WordPress WP Gmail SMTP plugin <= 1.0.7 - Sensitive Da… |
inkthemes |
WP Gmail SMTP |
2025-10-22T14:32:29.356Z | 2026-01-20T14:28:09.018Z |
| CVE-2025-53229 |
7.1 (3.1)
|
WordPress RockON DJ theme <= 3.3 - Reflected Cross Sit… |
kamleshyadav |
RockON DJ |
2025-10-22T14:32:29.122Z | 2026-01-20T14:28:08.975Z |
| CVE-2025-53218 |
5.8 (3.1)
|
WordPress AppExperts plugin <= 1.4.5 - Sensitive Data … |
Saad Iqbal |
AppExperts |
2025-10-22T14:32:28.882Z | 2026-01-20T14:28:09.009Z |
| CVE-2025-53214 |
9.1 (3.1)
|
WordPress Sertifier Certificate & Badge Maker plugin <… |
sertifier |
Sertifier Certificate & Badge Maker |
2025-11-06T15:53:58.037Z | 2026-01-20T14:28:09.163Z |
| CVE-2025-52835 |
9.6 (3.1)
|
WordPress WING WordPress Migrator plugin <= 1.1.9 - Cr… |
ConoHa by GMO |
WING WordPress Migrator |
2025-12-30T16:48:13.719Z | 2026-01-20T14:28:08.992Z |
| CVE-2025-52773 |
9.8 (3.1)
|
WordPress HieCOR Payment Gateway plugin plugin <= 1.5.… |
hiecor |
HieCOR Payment Gateway Plugin |
2025-11-06T15:53:57.496Z | 2026-01-20T14:28:08.714Z |
| CVE-2025-52770 |
7.1 (3.1)
|
WordPress Hello Followers plugin <= 2.5 - Cross Site S… |
appscreo |
Hello Followers |
2025-10-22T14:32:28.679Z | 2026-01-20T14:28:08.839Z |
| CVE-2025-52768 |
8.1 (3.1)
|
WordPress Faith & Hope theme <= 2.13.0 - Local File In… |
AncoraThemes |
Faith & Hope |
2025-12-18T07:21:45.204Z | 2026-01-20T14:28:08.823Z |
| CVE-2025-52764 |
6.1 (3.1)
|
WordPress flexoslider plugin <= 1.0004 - Cross Site Sc… |
marielav |
flexoslider |
2025-11-06T15:53:56.937Z | 2026-01-20T14:28:09.106Z |
| CVE-2025-52763 |
7.1 (3.1)
|
WordPress Nifty Backups plugin <= 1.08 - Cross Site Sc… |
NickDuncan |
Nifty Backups |
2025-10-22T14:32:28.478Z | 2026-01-20T14:28:08.616Z |
| CVE-2025-52760 |
6.1 (3.1)
|
WordPress MultiSite Clone Duplicator plugin <= 1.5.3 -… |
Globalis |
MultiSite Clone Duplicator |
2025-10-22T14:32:28.248Z | 2026-01-20T14:28:08.789Z |
| CVE-2025-52758 |
9.1 (3.1)
|
WordPress Zippy plugin <= 1.7.0 - Arbitrary File Uploa… |
Gesundheit Bewegt GmbH |
Zippy |
2025-10-22T14:32:27.961Z | 2026-01-20T14:28:08.584Z |
| CVE-2025-52757 |
6.3 (3.1)
|
WordPress SUMO Memberships for WooCommerce plugin <= 7… |
FantasticPlugins |
SUMO Memberships for WooCommerce |
2025-10-22T14:32:27.245Z | 2026-01-20T14:28:08.665Z |
| CVE-2025-52756 |
7.4 (3.1)
|
WordPress WP Last Modified Info plugin <= 1.9.2 - Remo… |
Sayan Datta |
WP Last Modified Info |
2025-10-22T14:32:26.710Z | 2026-01-20T14:28:08.525Z |
| CVE-2025-52755 |
7.1 (3.1)
|
WordPress Child Themes plugin <= 1.0.1 - Cross Site Sc… |
Chris Taylor |
Child Themes |
2025-10-22T14:32:26.093Z | 2026-01-20T14:28:08.903Z |
| CVE-2025-52754 |
7.1 (3.1)
|
WordPress Sello ChannelConnector plugin <= 1.6.3 - Cro… |
selloio |
Sello ChannelConnector |
2025-10-22T14:32:25.569Z | 2026-01-20T14:28:08.610Z |
| CVE-2025-52753 |
7.1 (3.1)
|
WordPress Contact Form by Supsystic plugin <= 1.7.35 -… |
supsystic |
Contact Form by Supsystic |
2025-10-22T14:32:25.219Z | 2026-01-20T14:28:09.147Z |
| CVE-2025-52752 |
6.5 (3.1)
|
WordPress IDonatePro plugin <= 2.1.9 - Sensitive Data … |
ThemeAtelier |
IDonatePro |
2025-10-22T14:32:25.039Z | 2026-01-20T14:28:08.978Z |
| CVE-2025-52751 |
7.1 (3.1)
|
WordPress Slide Puzzle plugin <= 1.0.0 - Cross Site Sc… |
colome |
Slide Puzzle |
2025-10-22T14:32:24.841Z | 2026-01-20T14:28:08.664Z |
| CVE-2025-52750 |
7.1 (3.1)
|
WordPress Emu2 plugin <= 0.83b - Cross Site Scripting … |
Juergen Schulze |
Emu2 |
2025-10-22T14:32:24.658Z | 2026-01-20T14:28:08.656Z |
| CVE-2025-52749 |
7.1 (3.1)
|
WordPress Uji Countdown plugin <= 2.3.3 - Cross Site S… |
Activity Track |
Uji Countdown |
2025-10-22T14:32:24.442Z | 2026-01-20T14:28:08.525Z |
| CVE-2025-52748 |
7.1 (3.1)
|
WordPress Directory Pro plugin <= 2.5.5 - Cross Site S… |
e-plugins |
Directory Pro |
2025-10-22T14:32:24.265Z | 2026-01-20T14:28:08.584Z |
| CVE-2025-52745 |
8.1 (3.1)
|
WordPress Farm Agrico theme <= 1.3.11 - Local File Inc… |
AncoraThemes |
Farm Agrico |
2025-12-18T07:21:44.978Z | 2026-01-20T14:28:08.668Z |
| CVE-2025-52743 |
7.1 (3.1)
|
WordPress oik-privacy-policy Plugin <= 1.4.9 - Cross S… |
bobbingwide |
oik-privacy-policy |
2025-10-22T14:32:24.069Z | 2026-01-20T14:28:08.836Z |
| CVE-2025-52742 |
7.1 (3.1)
|
WordPress Pets Plugin <= 1.4.1 - Cross Site Scripting … |
Igor Benic |
Pets |
2025-10-22T14:32:23.806Z | 2026-01-20T14:28:08.492Z |
| CVE-2025-52740 |
8.8 (3.1)
|
WordPress Boldermail Plugin <= 2.4.0 - PHP Object Inje… |
Hernan Villanueva |
Boldermail |
2025-10-22T14:32:23.272Z | 2026-01-20T14:28:08.764Z |
| CVE-2025-52739 |
7.1 (3.1)
|
WordPress Sala theme <= 1.1.3 - Cross Site Scripting (… |
uxper |
Sala |
2025-12-31T20:10:29.616Z | 2026-01-20T14:28:08.584Z |
| CVE-2025-52738 |
6.5 (3.1)
|
WordPress Wikipedia Preview Plugin <= 1.15.0 - Broken … |
Wikimedia Foundation |
Wikipedia Preview |
2025-10-22T14:32:23.016Z | 2026-01-20T14:28:08.230Z |
| CVE-2025-52737 |
8.8 (3.1)
|
WordPress WP Store Locator plugin <= 2.2.260 - PHP Obj… |
Tijmen Smit |
WP Store Locator |
2025-10-22T14:32:22.788Z | 2026-01-20T14:28:08.263Z |
| CVE-2025-52736 |
7.1 (3.1)
|
WordPress Finale Lite Plugin <= 2.20.0 - Cross Site Sc… |
Daman Jeet |
Finale Lite |
2025-10-22T14:32:22.566Z | 2026-01-20T14:28:08.492Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-53232 | Insertion of Sensitive Information Into Sent Data vulnerability in inkthemes WP Gmail SMTP wp-gmail… | 2025-10-22T15:15:48.277 | 2026-01-20T15:16:51.580 |
| fkie_cve-2025-53229 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:48.157 | 2026-01-20T15:16:51.437 |
| fkie_cve-2025-53218 | Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts… | 2025-10-22T15:15:48.020 | 2026-01-20T15:16:51.307 |
| fkie_cve-2025-53214 | Missing Authorization vulnerability in sertifier Sertifier Certificate & Badge Maker sertifier-cert… | 2025-11-06T16:15:55.110 | 2026-01-20T15:16:51.177 |
| fkie_cve-2025-52835 | Cross-Site Request Forgery (CSRF) vulnerability in ConoHa by GMO WING WordPress Migrator allows Upl… | 2025-12-30T17:15:42.203 | 2026-01-20T15:16:51.067 |
| fkie_cve-2025-52773 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-11-06T16:15:54.933 | 2026-01-20T15:16:50.937 |
| fkie_cve-2025-52770 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:46.197 | 2026-01-20T15:16:50.807 |
| fkie_cve-2025-52768 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.903 | 2026-01-20T15:16:50.677 |
| fkie_cve-2025-52764 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:54.760 | 2026-01-20T15:16:50.547 |
| fkie_cve-2025-52763 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:46.063 | 2026-01-20T15:16:50.410 |
| fkie_cve-2025-52760 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:45.937 | 2026-01-20T15:16:50.283 |
| fkie_cve-2025-52758 | Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy zippy… | 2025-10-22T15:15:45.813 | 2026-01-20T15:16:50.147 |
| fkie_cve-2025-52757 | Missing Authorization vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomember… | 2025-10-22T15:15:45.687 | 2026-01-20T15:16:50.013 |
| fkie_cve-2025-52756 | Improper Control of Generation of Code ('Code Injection') vulnerability in Sayan Datta WP Last Modi… | 2025-10-22T15:15:45.563 | 2026-01-20T15:16:49.877 |
| fkie_cve-2025-52755 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:45.440 | 2026-01-20T15:16:49.743 |
| fkie_cve-2025-52754 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:45.313 | 2026-01-20T15:16:49.610 |
| fkie_cve-2025-52753 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:45.190 | 2026-01-20T15:16:49.493 |
| fkie_cve-2025-52752 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeAt… | 2025-10-22T15:15:45.070 | 2026-01-20T15:16:49.360 |
| fkie_cve-2025-52751 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:44.947 | 2026-01-20T15:16:49.233 |
| fkie_cve-2025-52750 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:44.827 | 2026-01-20T15:16:49.107 |
| fkie_cve-2025-52749 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:44.710 | 2026-01-20T15:16:48.973 |
| fkie_cve-2025-52748 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:44.593 | 2026-01-20T15:16:48.840 |
| fkie_cve-2025-52745 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:52.750 | 2026-01-20T15:16:48.703 |
| fkie_cve-2025-52743 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:44.467 | 2026-01-20T15:16:48.567 |
| fkie_cve-2025-52742 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:44.340 | 2026-01-20T15:16:48.430 |
| fkie_cve-2025-52740 | Deserialization of Untrusted Data vulnerability in Hernan Villanueva Boldermail boldermail allows O… | 2025-10-22T15:15:44.087 | 2026-01-20T15:16:48.147 |
| fkie_cve-2025-52739 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T20:15:42.937 | 2026-01-20T15:16:48.043 |
| fkie_cve-2025-52738 | Missing Authorization vulnerability in Wikimedia Foundation Wikipedia Preview wikipedia-preview all… | 2025-10-22T15:15:43.960 | 2026-01-20T15:16:47.913 |
| fkie_cve-2025-52737 | Deserialization of Untrusted Data vulnerability in Tijmen Smit WP Store Locator wp-store-locator al… | 2025-10-22T15:15:43.837 | 2026-01-20T15:16:47.780 |
| fkie_cve-2025-52736 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:43.713 | 2026-01-20T15:16:47.650 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-24cx-vf27-7gv3 |
6.1 (3.1)
|
The Logo Slider WordPress plugin before 4.9.0 does not validate and escape some of its slider opti… | 2026-01-02T06:30:26Z | 2026-01-03T00:31:25Z |
| ghsa-f43r-cc68-gpx4 |
7.1 (3.1)
|
External Control of File Name or Path in Langflow | 2025-12-19T22:53:13Z | 2026-01-03T00:28:22Z |
| ghsa-v627-69v2-xx37 |
7.1 (3.1)
|
`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary r… | 2024-03-05T16:20:07Z | 2026-01-03T00:04:20Z |
| ghsa-jmr4-p576-v565 |
5.4 (4.0)
|
listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover | 2026-01-02T23:04:15Z | 2026-01-02T23:04:15Z |
| ghsa-2267-xqcf-gw2m |
8.6 (4.0)
|
FacturaScripts is Vulnerable to Stored Cross-Site Scripting (XSS) via XML File Upload | 2025-12-30T20:52:21Z | 2026-01-02T22:51:51Z |
| ghsa-x5rw-qvvp-5cgm |
7.1 (3.1)
|
Bagisto has IDOR in Customer Order Reorder Functionality | 2026-01-02T22:50:47Z | 2026-01-02T22:50:47Z |
| ghsa-9hvg-qw5q-wqwp |
7.3 (4.0)
|
Bagisto SSTI vulnerability in type parameter can lead to RCE | 2026-01-02T21:56:00Z | 2026-01-02T21:56:00Z |
| ghsa-c7qp-pc4p-62xw |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function … | 2026-01-02T21:30:29Z | 2026-01-02T21:30:29Z |
| ghsa-28rq-cfhw-3x7j |
4.3 (3.1)
2.1 (4.0)
|
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b467… | 2026-01-02T21:30:29Z | 2026-01-02T21:30:29Z |
| ghsa-c97g-77hh-hcrq |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown func… | 2026-01-02T21:30:28Z | 2026-01-02T21:30:28Z |
| ghsa-w789-3q45-984r |
5.9 (3.1)
|
In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can… | 2025-12-28T00:30:23Z | 2026-01-02T21:30:27Z |
| ghsa-g3fh-r5q2-x687 |
5.5 (3.1)
|
An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allow… | 2025-12-29T18:30:55Z | 2026-01-02T21:30:27Z |
| ghsa-whf2-qv4m-gwqh |
9.1 (3.1)
8.4 (4.0)
|
In AzeoTech DAQFactory release 20.7 (Build 2555), an Out-of-bounds Read vulnerability can be exploi… | 2025-12-11T21:31:33Z | 2026-01-02T21:30:26Z |
| ghsa-v7vg-99h9-jhcw |
9.8 (3.1)
8.4 (4.0)
|
In AzeoTech DAQFactory release 20.7 (Build 2555), an Out-of-bounds Write vulnerability can be explo… | 2025-12-11T21:31:33Z | 2026-01-02T21:30:26Z |
| ghsa-3325-4gjp-wgf5 |
9.8 (3.1)
8.4 (4.0)
|
In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of Uninitialized Pointer vulnerability … | 2025-12-11T21:31:33Z | 2026-01-02T21:30:26Z |
| ghsa-hv2x-9wmr-25wf |
7.8 (3.1)
7.3 (4.0)
|
In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of Resource Using Incompatible Type vul… | 2025-12-11T21:31:33Z | 2026-01-02T21:30:25Z |
| ghsa-c33c-jmqp-phx6 |
7.8 (3.1)
7.3 (4.0)
|
In AzeoTech DAQFactory release 20.7 (Build 2555), a Use After Free vulnerability can be exploited t… | 2025-12-11T21:31:33Z | 2026-01-02T21:30:25Z |
| ghsa-5w6w-f988-6v84 |
9.8 (3.1)
9.3 (4.0)
|
Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient.c… | 2025-12-10T21:31:37Z | 2026-01-02T21:30:25Z |
| ghsa-xg5j-69w2-9h88 |
6.5 (3.1)
|
The پلاگین پرداخت دلخواه WordPress plugin through 2.9.8 does not have CSRF check in place when rese… | 2024-07-30T06:30:37Z | 2026-01-02T21:30:21Z |
| ghsa-cxm3-2c37-cc6h |
7.5 (3.1)
5.9 (4.0)
|
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine… | 2024-06-24T09:30:52Z | 2026-01-02T21:30:21Z |
| ghsa-8328-q9mx-pp5j |
8.2 (3.1)
6.0 (4.0)
|
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive… | 2024-06-24T09:30:53Z | 2026-01-02T21:30:21Z |
| ghsa-7pcp-vq94-mvr5 |
8.8 (3.1)
5.7 (4.0)
|
A session fixation vulnerability in Bludit allows an attacker to bypass the server's authentication… | 2024-06-24T09:30:52Z | 2026-01-02T21:30:21Z |
| ghsa-37f5-2pjr-46xw |
8.1 (3.1)
8.9 (4.0)
|
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the AP… | 2024-06-24T09:30:52Z | 2026-01-02T21:30:21Z |
| ghsa-2xxr-prx9-m533 |
8.8 (3.1)
8.9 (4.0)
|
A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute… | 2024-06-24T09:30:52Z | 2026-01-02T21:30:21Z |
| ghsa-528q-4pgm-wvg2 |
1.3 (4.0)
|
Reflected XSS in go-httpbin due to unrestricted client control over Content-Type | 2025-03-21T22:29:47Z | 2026-01-02T20:32:35Z |
| ghsa-p4f6-h8jj-vfvf |
1.3 (4.0)
|
Duplicate Advisory: Reflected XSS in go-httpbin due to unrestricted client control over Content-Type | 2026-01-02T15:30:29Z | 2026-01-02T20:32:24Z |
| ghsa-vpj6-gh53-xhr4 |
4.7 (3.1)
2.0 (4.0)
|
A security vulnerability has been detected in code-projects Content Management System 1.0. Impacted… | 2026-01-02T18:30:55Z | 2026-01-02T18:30:55Z |
| ghsa-r6cx-vw2q-5gqg |
7.1 (3.1)
|
In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device to… | 2026-01-02T18:30:55Z | 2026-01-02T18:30:55Z |
| ghsa-ph9c-hmx7-whr8 |
5.0 (3.1)
|
In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token ca… | 2026-01-02T18:30:55Z | 2026-01-02T18:30:55Z |
| ghsa-pcv5-57xj-mpf8 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:55Z | 2026-01-02T18:30:55Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-1618 | A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, whi… | 2024-02-20T06:02:27.764404Z |
| gsd-2024-1641 | The Accordion plugin for WordPress is vulnerable to unauthorized access of data and modif… | 2024-02-20T06:02:27.758860Z |
| gsd-2024-1619 | Kaspersky has fixed a security issue in the Kaspersky Security 8.0 for Linux Mail Server.… | 2024-02-20T06:02:27.755457Z |
| gsd-2024-1616 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:27.750515Z |
| gsd-2024-1627 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-20T06:02:27.747578Z |
| gsd-2024-1625 | An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary a… | 2024-02-20T06:02:27.745734Z |
| gsd-2024-1650 | The Categorify plugin for WordPress is vulnerable to unauthorized modification of data du… | 2024-02-20T06:02:27.739434Z |
| gsd-2024-1651 | Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is pos… | 2024-02-20T06:02:27.734047Z |
| gsd-2024-1647 | Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtain arbitrary local … | 2024-02-20T06:02:27.707530Z |
| gsd-2022-48625 | Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus ther… | 2024-02-20T06:00:33.101865Z |
| gsd-2020-36774 | plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishan… | 2024-02-19T06:02:38.394477Z |
| gsd-2024-26310 | Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnera… | 2024-02-19T06:02:27.460329Z |
| gsd-2024-26322 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.458669Z |
| gsd-2024-26320 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.452215Z |
| gsd-2024-26309 | Archer Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a sensitive information disc… | 2024-02-19T06:02:27.446441Z |
| gsd-2024-26319 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.444422Z |
| gsd-2024-26314 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.435646Z |
| gsd-2024-26324 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.434098Z |
| gsd-2024-26311 | Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) contains a reflected XSS vulnerabilit… | 2024-02-19T06:02:27.427067Z |
| gsd-2024-26321 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.420642Z |
| gsd-2024-26326 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.420210Z |
| gsd-2024-26313 | Archer Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a stored cross-site scriptin… | 2024-02-19T06:02:27.419840Z |
| gsd-2024-26318 | Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return U… | 2024-02-19T06:02:27.418623Z |
| gsd-2024-26329 | Chilkat before v9.5.0.98, allows attackers to obtain sensitive information via predictabl… | 2024-02-19T06:02:27.412916Z |
| gsd-2024-26328 | An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c … | 2024-02-19T06:02:27.407421Z |
| gsd-2024-26323 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.403629Z |
| gsd-2024-26325 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.403198Z |
| gsd-2024-26317 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.402383Z |
| gsd-2024-26327 | An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c … | 2024-02-19T06:02:27.396013Z |
| gsd-2024-26315 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-19T06:02:27.390964Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-184689 | Malicious code in olobc-uyg-ugooffahi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184688 | Malicious code in olobc-uyg-ugoofahi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184687 | Malicious code in olobc-uyg-ugohi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184686 | Malicious code in olobc-uyg-ugofahi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184685 | Malicious code in olobc-uyg-ugiid (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184684 | Malicious code in olobc-uyg-ugiaid (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184683 | Malicious code in olobc-uyg-ugiafidh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184682 | Malicious code in olobc-uyg-ugiafaiduh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184681 | Malicious code in olobc-uyg-ugiafaidauh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184680 | Malicious code in olobc-uyg-ugiafaidabiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184679 | Malicious code in olobc-uyg-ugiafaidabaiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184678 | Malicious code in olobc-uyg-ugiafaidabafiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184677 | Malicious code in olobc-uyg-ugi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184676 | Malicious code in olobc-uyg-ughi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184675 | Malicious code in oliobc-uyg-uig (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184674 | Malicious code in oliobc-uyg-ugiafdabafiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184673 | Malicious code in oliobc-uyg-ugiafaidabafiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184672 | Malicious code in oliobc-uyg-ugiafabafiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184671 | Malicious code in oliobc-uyg-ugh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184670 | Malicious code in oliobc-uyg-ugaih (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184669 | Malicious code in oliobc-uyg-ugah (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184668 | Malicious code in oliobc-uyg-ugafiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184667 | Malicious code in oliobc-uyg-ugafih (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184666 | Malicious code in oliobc-uyg-ugafafiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184665 | Malicious code in oliobc-uyg-ugafabfiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184664 | Malicious code in oliobc-uyg-ugafabafiuh (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184663 | Malicious code in oliobc-uyg-ug (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184662 | Malicious code in oliobc-uyg-afuig (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184661 | Malicious code in oliobc-uyg-afayafuyicig (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184660 | Malicious code in oliobc-uyg-afayafuyauicig (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2024:4070 | Red Hat Security Advisory: Red Hat Certificate System 10.4 for RHEL 8 security and bug fix update | 2024-06-24T15:52:13+00:00 | 2025-11-21T19:04:26+00:00 |
| rhsa-2024:4063 | Red Hat Security Advisory: thunderbird security update | 2024-06-24T10:53:18+00:00 | 2025-11-21T19:04:26+00:00 |
| rhsa-2024:4058 | Red Hat Security Advisory: python3.11 security update | 2024-06-24T04:52:01+00:00 | 2025-11-21T19:04:26+00:00 |
| rhsa-2024:4054 | Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-gunicorn) security update | 2024-06-24T01:08:31+00:00 | 2025-11-21T19:04:24+00:00 |
| rhsa-2024:4053 | Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 security update | 2024-06-24T01:08:33+00:00 | 2025-11-21T19:04:24+00:00 |
| rhsa-2024:4052 | Red Hat Security Advisory: dnsmasq security update | 2024-06-23T22:52:31+00:00 | 2025-11-21T19:04:24+00:00 |
| rhsa-2024:4051 | Red Hat Security Advisory: pki-core security update | 2024-06-23T22:50:20+00:00 | 2025-11-21T19:04:24+00:00 |
| rhsa-2024:4050 | Red Hat Security Advisory: libreswan security update | 2024-06-23T22:38:25+00:00 | 2025-11-21T19:04:22+00:00 |
| rhsa-2024:4036 | Red Hat Security Advisory: thunderbird security update | 2024-06-20T17:29:43+00:00 | 2025-11-21T19:04:22+00:00 |
| rhsa-2024:4035 | Red Hat Security Advisory: ovn-2021 security update | 2024-06-20T16:25:16+00:00 | 2025-11-21T19:04:22+00:00 |
| rhsa-2024:4018 | Red Hat Security Advisory: thunderbird security update | 2024-06-20T10:36:15+00:00 | 2025-11-21T19:04:20+00:00 |
| rhsa-2024:4016 | Red Hat Security Advisory: thunderbird security update | 2024-06-20T08:23:39+00:00 | 2025-11-21T19:04:20+00:00 |
| rhsa-2024:4015 | Red Hat Security Advisory: thunderbird security update | 2024-06-20T06:52:39+00:00 | 2025-11-21T19:04:20+00:00 |
| rhsa-2024:4014 | Red Hat Security Advisory: ghostscript security update | 2024-06-20T06:19:54+00:00 | 2025-11-21T19:04:20+00:00 |
| rhsa-2024:4008 | Red Hat Security Advisory: OpenShift Container Platform 4.12.60 packages and security update | 2024-06-27T02:28:36+00:00 | 2025-11-21T19:04:19+00:00 |
| rhsa-2024:4004 | Red Hat Security Advisory: thunderbird security update | 2024-06-20T05:52:04+00:00 | 2025-11-21T19:04:18+00:00 |
| rhsa-2024:4003 | Red Hat Security Advisory: thunderbird security update | 2024-06-20T05:42:44+00:00 | 2025-11-21T19:04:18+00:00 |
| rhsa-2024:4002 | Red Hat Security Advisory: thunderbird security update | 2024-06-20T06:02:39+00:00 | 2025-11-21T19:04:18+00:00 |
| rhsa-2024:4001 | Red Hat Security Advisory: thunderbird security update | 2024-06-20T05:29:29+00:00 | 2025-11-21T19:04:17+00:00 |
| rhsa-2024:4000 | Red Hat Security Advisory: ghostscript security update | 2024-06-20T06:00:54+00:00 | 2025-11-21T19:04:17+00:00 |
| rhsa-2024:3999 | Red Hat Security Advisory: ghostscript security update | 2024-06-20T05:56:54+00:00 | 2025-11-21T19:04:17+00:00 |
| rhsa-2024:3998 | Red Hat Security Advisory: curl security update | 2024-06-20T06:15:44+00:00 | 2025-11-21T19:04:16+00:00 |
| rhsa-2024:3980 | Red Hat Security Advisory: flatpak security update | 2024-06-18T11:08:55+00:00 | 2025-11-21T19:04:16+00:00 |
| rhsa-2024:3979 | Red Hat Security Advisory: flatpak security update | 2024-06-18T10:20:24+00:00 | 2025-11-21T19:04:15+00:00 |
| rhsa-2024:3972 | Red Hat Security Advisory: firefox security update | 2024-06-18T06:22:08+00:00 | 2025-11-21T19:04:15+00:00 |
| rhsa-2024:3970 | Red Hat Security Advisory: flatpak security update | 2024-06-18T01:17:32+00:00 | 2025-11-21T19:04:15+00:00 |
| rhsa-2024:3963 | Red Hat Security Advisory: flatpak security update | 2024-06-17T16:20:21+00:00 | 2025-11-21T19:04:15+00:00 |
| rhsa-2024:3969 | Red Hat Security Advisory: flatpak security update | 2024-06-18T00:57:52+00:00 | 2025-11-21T19:04:14+00:00 |
| rhsa-2024:3962 | Red Hat Security Advisory: flatpak security update | 2024-06-17T16:44:51+00:00 | 2025-11-21T19:04:14+00:00 |
| rhsa-2024:3961 | Red Hat Security Advisory: flatpak security update | 2024-06-17T16:44:26+00:00 | 2025-11-21T19:04:13+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-26790 | Windows Print Spooler Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-26789 | Windows Print Spooler Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-26787 | Windows Print Spooler Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-26786 | Windows Print Spooler Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24549 | Windows AppX Package Manager Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24548 | Microsoft Defender Denial of Service Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24545 | Windows Kerberos Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24544 | Windows Kerberos Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24541 | Windows Server Service Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24540 | Windows ALPC Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24539 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24538 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24537 | Windows Hyper-V Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24536 | Windows DNS Server Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24534 | Win32 Stream Enumeration Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24533 | Remote Desktop Protocol Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24521 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24496 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24493 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24492 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24491 | Windows Network File System Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24490 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24489 | Cluster Client Failover (CCF) Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24488 | Windows Desktop Bridge Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24487 | Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24486 | Windows Kerberos Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24485 | Win32 File Enumeration Remote Code Execution Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24484 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24481 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| msrc_cve-2022-24479 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-12T08:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201610-0059 | Johnson & Johnson Animas OneTouch Ping devices mishandle acknowledgements, which makes it… | 2025-04-13T23:17:51.274000Z |
| var-201610-0160 | Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, wh… | 2025-04-13T23:17:51.241000Z |
| var-201610-0162 | Johnson & Johnson Animas OneTouch Ping devices allow remote attackers to bypass authentic… | 2025-04-13T23:17:51.208000Z |
| var-201610-0161 | Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, w… | 2025-04-13T23:17:51.175000Z |
| var-201610-0225 | A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 t… | 2025-04-13T23:17:50.961000Z |
| var-201610-0227 | Intel Integrated Performance Primitives (aka IPP) Cryptography before 9.0.4 makes it easi… | 2025-04-13T23:17:50.932000Z |
| var-201610-0269 | Cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribution Suite Service M… | 2025-04-13T23:17:50.898000Z |
| var-201610-0290 | A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an una… | 2025-04-13T23:17:50.866000Z |
| var-201610-0311 | The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s mi… | 2025-04-13T23:17:50.835000Z |
| var-201610-0374 | Ruckus Wireless H500 web management interface CSRF. An attacker could exploit the vulnera… | 2025-04-13T23:17:50.717000Z |
| var-201611-0153 | An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016… | 2025-04-13T23:17:50.432000Z |
| var-201611-0174 | A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication M… | 2025-04-13T23:17:50.402000Z |
| var-201612-0004 | HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keybo… | 2025-04-13T23:17:50.259000Z |
| var-201612-0151 | Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and b… | 2025-04-13T23:17:50.153000Z |
| var-201612-0361 | A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow… | 2025-04-13T23:17:49.974000Z |
| var-201404-0102 | Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 through 5.4.0 allow remote att… | 2025-04-13T23:17:40.611000Z |
| var-202405-3469 | Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability v… | 2025-04-13T23:17:33.590000Z |
| var-202411-0632 | Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function '… | 2025-04-13T23:17:01.167000Z |
| var-201403-0045 | Cross-site scripting (XSS) vulnerability in the Brother MFC-9970CDW printer with firmware… | 2025-04-13T23:14:54.907000Z |
| var-201403-0065 | Multiple cross-site scripting (XSS) vulnerabilities in the Brother MFC-9970CDW printer wi… | 2025-04-13T23:14:54.868000Z |
| var-201403-0046 | Multiple cross-site scripting (XSS) vulnerabilities in the Brother MFC-9970CDW printer wi… | 2025-04-13T23:14:54.793000Z |
| var-201404-0048 | Directory traversal vulnerability in device-linux.c in the router advertisement daemon (r… | 2025-04-13T23:14:53.938000Z |
| var-201403-0146 | Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x… | 2025-04-13T23:14:53.450000Z |
| var-201403-0149 | Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler Application Delivery … | 2025-04-13T23:14:53.421000Z |
| var-201403-0145 | Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 a… | 2025-04-13T23:14:53.392000Z |
| var-201403-0151 | Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in C… | 2025-04-13T23:14:53.361000Z |
| var-201403-0150 | Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before… | 2025-04-13T23:14:53.330000Z |
| var-201403-0148 | Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x… | 2025-04-13T23:14:53.301000Z |
| var-201403-0147 | Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before… | 2025-04-13T23:14:53.272000Z |
| var-201403-0311 | The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices with firmware befo… | 2025-04-13T23:14:53.197000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2021:2213-1 | Security update for qemu | 2021-06-30T13:59:24Z | 2021-06-30T13:59:24Z |
| suse-su-2021:2212-1 | Security update for qemu | 2021-06-30T13:59:10Z | 2021-06-30T13:59:10Z |
| suse-su-2021:2211-1 | Security update for dbus-1 | 2021-06-30T13:58:18Z | 2021-06-30T13:58:18Z |
| suse-su-2021:2208-1 | Security update for the Linux Kernel | 2021-06-30T07:49:49Z | 2021-06-30T07:49:49Z |
| suse-su-2021:2202-1 | Security update for the Linux Kernel | 2021-06-29T11:11:24Z | 2021-06-29T11:11:24Z |
| suse-su-2021:2198-1 | Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) | 2021-06-29T08:59:01Z | 2021-06-29T08:59:01Z |
| suse-su-2021:2196-1 | Security update for lua53 | 2021-06-29T07:41:54Z | 2021-06-29T07:41:54Z |
| suse-su-2021:2195-1 | Security update for python-urllib3, python-requests | 2021-06-28T16:59:12Z | 2021-06-28T16:59:12Z |
| suse-ru-2021:2194-1 | Recommended update for the Azure and AWS SDKs | 2021-06-28T16:58:14Z | 2021-06-28T16:58:14Z |
| suse-su-2021:2186-1 | Security update for go1.16 | 2021-06-28T16:23:28Z | 2021-06-28T16:23:28Z |
| suse-su-2021:2184-1 | Security update for the Linux Kernel | 2021-06-28T16:23:03Z | 2021-06-28T16:23:03Z |
| suse-su-2021:2180-1 | Security update for libsolv | 2021-06-28T15:40:47Z | 2021-06-28T15:40:47Z |
| suse-su-2021:2177-1 | Security update for arpwatch | 2021-06-28T13:48:09Z | 2021-06-28T13:48:09Z |
| suse-su-2021:14759-1 | Security update for arpwatch | 2021-06-28T13:47:09Z | 2021-06-28T13:47:09Z |
| suse-su-2021:2175-1 | Security update for arpwatch | 2021-06-28T13:46:27Z | 2021-06-28T13:46:27Z |
| suse-su-2021:14758-1 | Security update for microcode_ctl | 2021-06-28T13:03:33Z | 2021-06-28T13:03:33Z |
| suse-su-2021:2164-1 | Security update for zziplib | 2021-06-25T16:04:04Z | 2021-06-25T16:04:04Z |
| suse-su-2021:2163-1 | Security update for bouncycastle | 2021-06-25T16:03:55Z | 2021-06-25T16:03:55Z |
| suse-su-2021:2161-1 | Security update for ovmf | 2021-06-25T07:40:58Z | 2021-06-25T07:40:58Z |
| suse-su-2021:2159-1 | Security update for openexr | 2021-06-24T13:42:07Z | 2021-06-24T13:42:07Z |
| suse-su-2021:2158-1 | Security update for openexr | 2021-06-24T13:41:44Z | 2021-06-24T13:41:44Z |
| suse-su-2021:2157-1 | Security update for libgcrypt | 2021-06-24T13:40:49Z | 2021-06-24T13:40:49Z |
| suse-su-2021:2156-1 | Security update for libgcrypt | 2021-06-24T13:39:48Z | 2021-06-24T13:39:48Z |
| suse-su-2021:2155-1 | Security update for libgcrypt | 2021-06-24T13:38:33Z | 2021-06-24T13:38:33Z |
| suse-su-2021:2153-1 | Security update for gupnp | 2021-06-24T09:00:40Z | 2021-06-24T09:00:40Z |
| suse-su-2021:2152-1 | Security update for ovmf | 2021-06-24T09:00:05Z | 2021-06-24T09:00:05Z |
| suse-su-2021:2151-1 | Security update for ovmf | 2021-06-24T08:59:48Z | 2021-06-24T08:59:48Z |
| suse-su-2021:2147-1 | Security update for freeradius-server | 2021-06-23T15:56:03Z | 2021-06-23T15:56:03Z |
| suse-su-2021:2145-1 | Security update for libsolv | 2021-06-23T14:51:08Z | 2021-06-23T14:51:08Z |
| suse-su-2021:2143-1 | Security update for libnettle | 2021-06-23T14:27:54Z | 2021-06-23T14:27:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2024-49499 | TOTOLINK AC1200 setWizardCfg函数缓冲区溢出漏洞 | 2024-09-20 | 2024-12-26 |
| cnvd-2024-47668 | 深圳市蓝凌软件股份有限公司蓝凌EKP存在SQL注入漏洞 | 2024-11-11 | 2024-12-26 |
| cnvd-2024-47664 | 畅捷通信息技术股份有限公司畅捷通T+存在命令执行漏洞 | 2024-11-11 | 2024-12-26 |
| cnvd-2024-49642 | TP-LINK VN020缓冲区溢出漏洞 | 2024-12-13 | 2024-12-25 |
| cnvd-2024-49641 | ClassCMS代码注入漏洞 | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49625 | SAP NetWeaver Administrator服务端请求伪造漏洞 | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49624 | SAP HCM Approve Timesheets授权问题漏洞 | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49620 | Dell RecoverPoint for Virtual Machines OS命令注入漏洞 | 2024-12-19 | 2024-12-25 |
| cnvd-2024-49619 | Dell RecoverPoint for Virtual Machines加密问题漏洞 | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49618 | Dell RecoverPoint for Virtual Machines访问控制错误漏洞 | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49617 | Dell RecoverPoint for Virtual Machines命令注入漏洞 | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49616 | Dell RecoverPoint for Virtual Machines信任管理问题漏洞 | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49615 | Dell ThinOS命令注入漏洞(CNVD-2024-49615) | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49614 | Dell Avamar SQL注入漏洞(CNVD-2024-49614) | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49216 | Microsoft Excel资源管理错误漏洞 | 2024-12-13 | 2024-12-25 |
| cnvd-2024-49215 | Microsoft Defender输入验证错误漏洞 | 2024-12-13 | 2024-12-25 |
| cnvd-2024-49214 | Microsoft Office远程代码执行漏洞(CNVD-2024-49214) | 2024-12-13 | 2024-12-25 |
| cnvd-2024-49213 | Microsoft Windows Defender授权问题漏洞 | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49212 | Microsoft Update Catalog反序列化漏洞 | 2024-12-20 | 2024-12-25 |
| cnvd-2024-49211 | Linux kernel存在未明漏洞(CNVD-2024-4921122) | 2024-12-24 | 2024-12-25 |
| cnvd-2024-49210 | Linux kernel存在未明漏洞(CNVD-2024-4921023) | 2024-12-24 | 2024-12-25 |
| cnvd-2024-49209 | Linux kernel存在未明漏洞(CNVD-2024-4920924) | 2024-12-24 | 2024-12-25 |
| cnvd-2024-49208 | Linux kernel存在未明漏洞(CNVD-2024-4920825) | 2024-12-24 | 2024-12-25 |
| cnvd-2024-49207 | Linux kernel存在未明漏洞(CNVD-2024-4920726) | 2024-12-24 | 2024-12-25 |
| cnvd-2024-49205 | Craft CMS未经身份验证远程代码执行漏洞 | 2024-12-25 | 2024-12-25 |
| cnvd-2024-49175 | IBM Concert信任管理问题漏洞(CNVD-2024-49175) | 2024-11-07 | 2024-12-24 |
| cnvd-2024-49174 | IBM Security Verify Access Appliance硬编码漏洞 | 2024-12-03 | 2024-12-24 |
| cnvd-2024-49173 | IBM Jazz Foundation跨站脚本漏洞(CNVD-2024-49173) | 2024-12-04 | 2024-12-24 |
| cnvd-2024-49172 | IBM Data Virtualization Manager代码执行漏洞 | 2024-12-06 | 2024-12-24 |
| cnvd-2024-49171 | IBM Cognos Controller文件上传漏洞(CNVD-2024-49171) | 2024-12-06 | 2024-12-24 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2012-avi-119 | Vulnérabilités dans Symantec Entreprise Vault | 2012-03-07T00:00:00.000000 | 2012-03-07T00:00:00.000000 |
| certa-2012-avi-118 | Vulnérabilités dans MantisBT | 2012-03-07T00:00:00.000000 | 2012-03-07T00:00:00.000000 |
| certa-2012-avi-094 | Vulnérabilité dans libxml2 | 2012-02-23T00:00:00.000000 | 2012-03-07T00:00:00.000000 |
| certa-2012-avi-028 | Vulnérabilité dans OpenSSL | 2012-01-20T00:00:00.000000 | 2012-03-07T00:00:00.000000 |
| certa-2011-avi-013 | Vulnérabilité dans sudo | 2011-01-14T00:00:00.000000 | 2012-03-07T00:00:00.000000 |
| certa-2012-avi-117 | Vulnérabilité dans Novell ZENworks | 2012-03-06T00:00:00.000000 | 2012-03-06T00:00:00.000000 |
| certa-2012-avi-116 | Vulnérabilité dans phpCAS | 2012-03-06T00:00:00.000000 | 2012-03-06T00:00:00.000000 |
| certa-2012-avi-114 | Vulnérabilités dans Google Chrome | 2012-03-06T00:00:00.000000 | 2012-03-06T00:00:00.000000 |
| certa-2012-avi-113 | Vulnérabilité dans Ruby on Rails | 2012-03-05T00:00:00.000000 | 2012-03-05T00:00:00.000000 |
| certa-2012-avi-112 | Vulnérabilité dans StoneGate | 2012-03-05T00:00:00.000000 | 2012-03-05T00:00:00.000000 |
| certa-2012-avi-091 | Vulnérabilité dans libvorbis | 2012-02-20T00:00:00.000000 | 2012-03-05T00:00:00.000000 |
| certa-2011-avi-465 | Vulnérabilité dans stunnel | 2011-08-23T00:00:00.000000 | 2012-03-05T00:00:00.000000 |
| certa-2012-avi-111 | Vulnérabilité dans Novell GroupWise | 2012-03-02T00:00:00.000000 | 2012-03-02T00:00:00.000000 |
| certa-2012-avi-110 | Vulnérabilités dans Dotclear | 2012-03-02T00:00:00.000000 | 2012-03-02T00:00:00.000000 |
| certa-2012-avi-109 | Vulnérabilités dans Cisco TelePresence Video Communication Server | 2012-03-01T00:00:00.000000 | 2012-03-01T00:00:00.000000 |
| certa-2012-avi-108 | Multiples vulnérabilités dans Cisco Unity Connection | 2012-03-01T00:00:00.000000 | 2012-03-01T00:00:00.000000 |
| certa-2012-avi-107 | Multiples vulnérabilités dans Cisco Wireless LAN Controllers | 2012-03-01T00:00:00.000000 | 2012-03-01T00:00:00.000000 |
| certa-2012-avi-106 | Vulnérabilités dans Cisco Unified Communications Manager | 2012-03-01T00:00:00.000000 | 2012-03-01T00:00:00.000000 |
| certa-2012-avi-105 | Vulnérabilité dans Cisco Cius | 2012-03-01T00:00:00.000000 | 2012-03-01T00:00:00.000000 |
| certa-2012-avi-104 | Multiples vulnérabilités dans JP1/Cm2/Network Node Manager i | 2012-03-01T00:00:00.000000 | 2012-03-01T00:00:00.000000 |
| certa-2012-avi-103 | Vulnérabilité dans IBM Personal Communications | 2012-02-29T00:00:00.000000 | 2012-02-29T00:00:00.000000 |
| certa-2012-avi-102 | Vulnérabilités dans Avaya CMS | 2012-02-29T00:00:00.000000 | 2012-02-29T00:00:00.000000 |
| certa-2012-avi-101 | Multiples vulnérabilités dans PostgreSQL | 2012-02-28T00:00:00.000000 | 2012-02-28T00:00:00.000000 |
| certa-2012-avi-100 | Vulnérabilité dans IBM AIX | 2012-02-28T00:00:00.000000 | 2012-02-28T00:00:00.000000 |
| certa-2012-avi-099 | Vulnérabilité dans Samba | 2012-02-24T00:00:00.000000 | 2012-02-24T00:00:00.000000 |
| certa-2012-avi-098 | Vulnérabilité de CVS | 2012-02-24T00:00:00.000000 | 2012-02-24T00:00:00.000000 |
| certa-2012-avi-097 | Vulnérabilité dans Python | 2012-02-24T00:00:00.000000 | 2012-02-24T00:00:00.000000 |
| certa-2012-avi-096 | Multiples vulnérabilités dans CISCO SRP 500 Series | 2012-02-24T00:00:00.000000 | 2012-02-24T00:00:00.000000 |
| certa-2012-avi-095 | Vulnérabilité dans Bugzilla | 2012-02-23T00:00:00.000000 | 2012-02-23T00:00:00.000000 |
| certa-2012-avi-093 | Vulnérabilité dans phpMyAdmin | 2012-02-23T00:00:00.000000 | 2012-02-23T00:00:00.000000 |