Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-14844 |
8.2 (3.1)
|
Membership Plugin – Restrict Content <= 3.2.16 - Missi… |
stellarwp |
Membership Plugin – Restrict Content |
2026-01-16T09:23:46.932Z | 2026-01-16T12:50:27.771Z |
| CVE-2025-14082 |
2.7 (3.1)
|
Keycloak-services: keycloak admin rest api: improper a… |
Red Hat |
Red Hat Build of Keycloak |
2025-12-10T09:04:51.343Z | 2026-01-16T05:00:13.717Z |
| CVE-2025-54957 |
9.8 (3.1)
|
An issue was discovered in Dolby UDC 4.5 through … |
n/a |
n/a |
2025-10-20T00:00:00.000Z | 2026-01-16T04:55:56.169Z |
| CVE-2026-21908 |
7.1 (3.1)
7.5 (4.0)
|
Junos OS and Junos OS Evolved: Use after free vulnerab… |
Juniper Networks |
Junos OS |
2026-01-15T20:21:41.576Z | 2026-01-16T04:55:55.090Z |
| CVE-2026-20076 |
4.8 (3.1)
|
Cisco Identity Services Engine Stored Cross-Site Scrip… |
Cisco |
Cisco Identity Services Engine Software |
2026-01-15T16:32:03.744Z | 2026-01-16T04:55:53.964Z |
| CVE-2026-20047 |
4.8 (3.1)
|
Cisco Identity Services Engine Cross-Site Scripting Vu… |
Cisco |
Cisco Identity Services Engine Software |
2026-01-15T16:32:15.578Z | 2026-01-16T04:55:52.838Z |
| CVE-2025-61973 |
8.8 (3.1)
|
A local privilege escalation vulnerability exists… |
Epic Games |
Epic Games Store |
2026-01-15T15:19:48.838Z | 2026-01-16T04:55:51.730Z |
| CVE-2026-22857 |
6.8 (4.0)
|
FreeRDP has a heap-use-after-free in irp_thread_func |
FreeRDP |
FreeRDP |
2026-01-14T17:53:54.193Z | 2026-01-16T04:55:50.669Z |
| CVE-2026-22856 |
6.8 (4.0)
|
FreeRDP has a heap-use-after-free in create_irp_thread |
FreeRDP |
FreeRDP |
2026-01-14T17:53:04.756Z | 2026-01-16T04:55:49.425Z |
| CVE-2026-22854 |
6.8 (4.0)
|
FreeRDP has a heap-buffer-overflow in drive_process_irp_read |
FreeRDP |
FreeRDP |
2026-01-14T17:47:49.588Z | 2026-01-16T04:55:48.360Z |
| CVE-2026-22853 |
6.8 (4.0)
|
FreeRDP has a heap-buffer-overflow in ndr_read_uint8Array |
FreeRDP |
FreeRDP |
2026-01-14T17:46:50.159Z | 2026-01-16T04:55:47.314Z |
| CVE-2026-22852 |
6.8 (4.0)
|
FreeRDP has a heap-buffer-overflow in audin_process_formats |
FreeRDP |
FreeRDP |
2026-01-14T17:45:22.253Z | 2026-01-16T04:55:46.208Z |
| CVE-2026-0421 |
7 (4.0)
6.5 (3.1)
|
A potential vulnerability was reported in the BIO… |
Lenovo |
ThinkPad L13 Gen 6 BIOS |
2026-01-14T22:18:56.115Z | 2026-01-16T04:55:44.710Z |
| CVE-2026-23709 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:07.099Z | |
| CVE-2026-23710 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:06.646Z | |
| CVE-2026-23711 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:06.197Z | |
| CVE-2026-23712 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:05.700Z | |
| CVE-2026-23713 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:05.231Z | |
| CVE-2026-23714 |
N/A
|
Not used | N/A | N/A | 2026-01-16T03:55:04.715Z | |
| CVE-2026-0855 |
8.7 (4.0)
8.8 (3.1)
|
Merit LILIN|IP Camera - OS Command Injection |
Merit LILIN |
P2 |
2026-01-12T06:44:40.227Z | 2026-01-16T02:09:56.328Z |
| CVE-2025-9904 |
5.3 (3.1)
6.9 (4.0)
|
Unallocated memory access vulnerability in print … |
Canon Inc. |
Generic Plus PCL6 Printer Driver |
2025-09-29T00:46:03.660Z | 2026-01-16T00:10:23.476Z |
| CVE-2025-9903 |
5.9 (3.1)
5.9 (4.0)
|
Out-of-bounds write vulnerabilities in print proc… |
Canon Inc. |
Generic Plus PCL6 Printer Driver |
2025-09-29T00:44:55.506Z | 2026-01-16T00:02:54.676Z |
| CVE-2025-7698 |
5.9 (3.1)
5.9 (4.0)
|
Out-of-bounds read vulnerabilities in print proce… |
Canon Inc. |
Generic Plus PCL6 Printer Driver |
2025-09-29T00:47:02.910Z | 2026-01-15T23:59:37.174Z |
| CVE-2026-1012 |
N/A
|
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | N/A | N/A | 2026-01-15T22:55:03.432Z | |
| CVE-2020-36917 |
8.6 (4.0)
7.5 (3.1)
|
iDS6 DSSPro Digital Signage System 6.2 Cleartext Passw… |
Guangzhou Yeroo Tech Co., Ltd. |
iDS6 DSSPro Digital Signage System |
2026-01-06T15:53:23.292Z | 2026-01-15T21:37:30.416Z |
| CVE-2026-23622 |
7.4 (4.0)
|
CSRF Protection Bypass: Sensitive endpoints accept GET… |
alextselegidis |
easyappointments |
2026-01-15T19:28:58.369Z | 2026-01-15T21:34:43.098Z |
| CVE-2025-36934 |
7.4 (3.1)
|
In bigo_worker_thread of private/google-modules/v… |
Google |
Android |
2025-12-11T19:35:47.543Z | 2026-01-15T21:30:04.740Z |
| CVE-2025-70892 |
9.8 (3.1)
|
Phpgurukul Cyber Cafe Management System v1.0 cont… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T21:25:50.687Z |
| CVE-2025-70893 |
8.8 (3.1)
|
A time-based blind SQL Injection vulnerability ex… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T21:22:19.718Z |
| CVE-2026-21918 |
7.5 (3.1)
8.7 (4.0)
|
Junos OS: SRX and MX Series: When TCP packets occur in… |
Juniper Networks |
Junos OS |
2026-01-15T20:27:54.743Z | 2026-01-15T21:13:00.740Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-54004 |
2.6 (3.1)
|
WordPress WCFM – Frontend Manager for WooCommerce plug… |
WC Lovers |
WCFM – Frontend Manager for WooCommerce |
2025-12-16T08:12:45.704Z | 2026-02-05T16:27:50.467Z |
| CVE-2025-53586 |
9.8 (3.1)
|
WordPress WeMusic Theme <= 1.9.1 - PHP Object Injectio… |
NooTheme |
WeMusic |
2025-11-06T15:54:13.387Z | 2026-01-20T14:28:09.916Z |
| CVE-2025-53585 |
7.1 (3.1)
|
WordPress WeMusic theme <= 1.9.1 - Cross Site Scriptin… |
NooTheme |
WeMusic |
2025-11-06T15:54:12.787Z | 2026-01-20T14:28:10.097Z |
| CVE-2025-53574 |
6.1 (3.1)
|
WordPress Doliconnect Plugin <= 9.3.2 - Cross Site Scr… |
ptibogxiv |
Doliconnect |
2025-11-06T15:54:11.607Z | 2026-01-20T14:28:09.876Z |
| CVE-2025-53573 |
7.1 (3.1)
|
WordPress Epic Review Plugin <= 1.0.2 - Cross Site Scr… |
jegtheme |
Epic Review |
2025-11-06T15:54:10.426Z | 2026-01-20T14:28:09.871Z |
| CVE-2025-53453 |
8.2 (3.1)
|
WordPress Hygia theme <= 1.16 - Local File Inclusion v… |
axiomthemes |
Hygia |
2025-12-18T07:21:49.127Z | 2026-02-03T16:05:11.528Z |
| CVE-2025-53449 |
8.1 (3.1)
|
WordPress Convex theme <= 1.11 - Local File Inclusion … |
axiomthemes |
Convex |
2025-12-18T07:21:48.947Z | 2026-01-20T14:28:09.907Z |
| CVE-2025-53448 |
8.1 (3.1)
|
WordPress Rally theme <= 1.1 - Local File Inclusion vu… |
axiomthemes |
Rally |
2025-12-18T07:21:48.769Z | 2026-01-20T14:28:09.880Z |
| CVE-2025-53447 |
8.1 (3.1)
|
WordPress Assembly theme <= 1.1 - Local File Inclusion… |
axiomthemes |
Assembly |
2025-12-18T07:21:48.588Z | 2026-01-20T14:28:09.843Z |
| CVE-2025-53446 |
8.1 (3.1)
|
WordPress Beautique theme <= 1.5 - Local File Inclusio… |
axiomthemes |
Beautique |
2025-12-18T07:21:48.403Z | 2026-01-20T14:28:09.895Z |
| CVE-2025-53445 |
8.1 (3.1)
|
WordPress Catwalk theme <= 1.4 - Local File Inclusion … |
axiomthemes |
Catwalk |
2025-12-18T07:21:48.218Z | 2026-01-20T14:28:09.892Z |
| CVE-2025-53443 |
8.1 (3.1)
|
WordPress Smash theme <= 1.7 - Local File Inclusion vu… |
axiomthemes |
Smash |
2025-12-18T07:21:48.033Z | 2026-01-20T14:28:09.805Z |
| CVE-2025-53442 |
8.1 (3.1)
|
WordPress Rentic theme <= 1.1 - Local File Inclusion v… |
axiomthemes |
Rentic |
2025-12-18T07:21:47.842Z | 2026-01-20T14:28:09.727Z |
| CVE-2025-53441 |
8.1 (3.1)
|
WordPress Greeny theme <= 2.6 - Local File Inclusion v… |
axiomthemes |
Greeny |
2025-12-18T07:21:47.651Z | 2026-01-20T14:28:09.749Z |
| CVE-2025-53439 |
8.1 (3.1)
|
WordPress Harper theme <= 1.13 - Local File Inclusion … |
axiomthemes |
Harper |
2025-12-18T07:21:47.455Z | 2026-01-20T14:28:09.777Z |
| CVE-2025-53438 |
8.1 (3.1)
|
WordPress FitLine theme <= 1.6 - Local File Inclusion … |
axiomthemes |
FitLine |
2025-12-18T07:21:47.228Z | 2026-01-20T14:28:09.672Z |
| CVE-2025-53437 |
8.1 (3.1)
|
WordPress Greenorganic theme <= 2.45 - Local File Incl… |
ApusTheme |
Greenorganic |
2025-12-18T07:21:47.030Z | 2026-01-20T14:28:09.573Z |
| CVE-2025-53436 |
8.1 (3.1)
|
WordPress Monki theme <= 2.0.4 - Local File Inclusion … |
BZOTheme |
Monki |
2025-12-18T07:21:46.801Z | 2026-01-20T14:28:09.817Z |
| CVE-2025-53435 |
8.1 (3.1)
|
WordPress Plan My Day theme <= 1.1.13 - Local File Inc… |
axiomthemes |
Plan My Day |
2025-12-18T07:21:46.620Z | 2026-01-20T14:28:09.726Z |
| CVE-2025-53434 |
8.1 (3.1)
|
WordPress ChildHope theme <= 1.1.8 - Local File Inclus… |
AncoraThemes |
ChildHope |
2025-12-18T07:21:46.434Z | 2026-01-20T14:28:09.778Z |
| CVE-2025-53433 |
9.8 (3.1)
|
WordPress EasyEat theme <= 1.9.0 - Local File Inclusio… |
AncoraThemes |
EasyEat |
2025-12-18T07:21:46.182Z | 2026-01-20T14:28:09.496Z |
| CVE-2025-53432 |
8.1 (3.1)
|
WordPress Echo theme <= 1.15.0 - Local File Inclusion … |
AncoraThemes |
Echo |
2025-12-18T07:21:45.954Z | 2026-01-20T14:28:09.429Z |
| CVE-2025-53431 |
8.1 (3.1)
|
WordPress Emberlyn theme <= 1.3.1 - Local File Inclusi… |
AncoraThemes |
Emberlyn |
2025-12-18T07:21:45.771Z | 2026-01-20T14:28:09.478Z |
| CVE-2025-53430 |
8.1 (3.1)
|
WordPress Etta theme <= 1.14.0 - Local File Inclusion … |
AncoraThemes |
Etta |
2025-12-18T07:21:45.581Z | 2026-01-20T14:28:09.469Z |
| CVE-2025-53429 |
8.1 (3.1)
|
WordPress Exit Game theme <= 1.4.3 - Local File Inclus… |
AncoraThemes |
Exit Game |
2025-12-18T07:21:45.401Z | 2026-01-20T14:28:09.431Z |
| CVE-2025-53428 |
8.8 (3.1)
|
WordPress Simple User Registration plugin <= 6.4 - Pri… |
N-Media |
Simple User Registration |
2025-10-22T14:32:34.204Z | 2026-01-20T14:28:09.496Z |
| CVE-2025-53426 |
7.1 (3.1)
|
WordPress Likert Survey Master plugin <= 0.8.0.1 - Cro… |
Bob |
Likert Survey Master |
2025-10-22T14:32:33.768Z | 2026-01-20T14:28:09.406Z |
| CVE-2025-53425 |
7.6 (3.1)
|
WordPress Dokan plugin <= 4.1.2 - Privilege Escalation… |
Dokan, Inc. |
Dokan |
2025-10-22T14:32:33.573Z | 2026-01-20T14:28:09.366Z |
| CVE-2025-53424 |
6.5 (3.1)
|
WordPress WooCommerce Orders & Customers Exporter plug… |
vanquish |
WooCommerce Orders & Customers Exporter |
2025-10-22T14:32:33.353Z | 2026-01-20T14:28:09.399Z |
| CVE-2025-53423 |
7.1 (3.1)
|
WordPress Triss theme <= 2.6 - Cross Site Scripting (X… |
designthemes |
Triss |
2025-10-22T14:32:33.165Z | 2026-01-20T14:28:09.403Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-53453 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.530 | 2026-01-20T15:16:58.333 |
| fkie_cve-2025-53449 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.403 | 2026-01-20T15:16:58.197 |
| fkie_cve-2025-53448 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.270 | 2026-01-20T15:16:58.050 |
| fkie_cve-2025-53447 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.140 | 2026-01-20T15:16:57.907 |
| fkie_cve-2025-53446 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.017 | 2026-01-20T15:16:57.767 |
| fkie_cve-2025-53445 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.887 | 2026-01-20T15:16:57.630 |
| fkie_cve-2025-53443 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.760 | 2026-01-20T15:16:57.477 |
| fkie_cve-2025-53442 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.633 | 2026-01-20T15:16:57.340 |
| fkie_cve-2025-53441 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.507 | 2026-01-20T15:16:57.200 |
| fkie_cve-2025-53439 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.380 | 2026-01-20T15:16:57.043 |
| fkie_cve-2025-53438 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.247 | 2026-01-20T15:16:56.883 |
| fkie_cve-2025-53437 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.117 | 2026-01-20T15:16:56.737 |
| fkie_cve-2025-53436 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.983 | 2026-01-20T15:16:56.403 |
| fkie_cve-2025-53435 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.853 | 2026-01-20T15:16:56.263 |
| fkie_cve-2025-53434 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.710 | 2026-01-20T15:16:56.130 |
| fkie_cve-2025-53433 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.563 | 2026-01-20T15:16:55.997 |
| fkie_cve-2025-53432 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.440 | 2026-01-20T15:16:55.870 |
| fkie_cve-2025-53431 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.303 | 2026-01-20T15:16:55.740 |
| fkie_cve-2025-53430 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.183 | 2026-01-20T15:16:55.607 |
| fkie_cve-2025-53429 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.050 | 2026-01-20T15:16:55.473 |
| fkie_cve-2025-53428 | Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration al… | 2025-10-22T15:15:51.323 | 2026-01-20T15:16:55.340 |
| fkie_cve-2025-53426 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:50.993 | 2026-01-20T15:16:55.060 |
| fkie_cve-2025-53425 | Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escal… | 2025-10-22T15:15:50.863 | 2026-01-20T15:16:54.927 |
| fkie_cve-2025-53424 | Missing Authorization vulnerability in vanquish WooCommerce Orders & Customers Exporter woocommerce… | 2025-10-22T15:15:50.727 | 2026-01-20T15:16:54.797 |
| fkie_cve-2025-53423 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:49.700 | 2026-01-20T15:16:54.663 |
| fkie_cve-2025-53422 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:49.563 | 2026-01-20T15:16:54.520 |
| fkie_cve-2025-53421 | Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrect… | 2025-10-22T15:15:49.437 | 2026-01-20T15:16:54.387 |
| fkie_cve-2025-53420 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:49.310 | 2026-01-20T15:16:54.240 |
| fkie_cve-2025-53352 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:49.183 | 2026-01-20T15:16:54.100 |
| fkie_cve-2025-53351 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:49.057 | 2026-01-20T15:16:53.963 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-gpmm-h5qv-gcpf |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability has been found in Seeyon Zhiyuan OA Web Application System up to 20251223. This aff… | 2026-01-05T00:30:16Z | 2026-01-05T00:30:16Z |
| ghsa-8fc9-vxf4-v7wm |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was found in code-projects Online Product Reservation System 1.0. This affects an u… | 2026-01-04T15:30:21Z | 2026-01-04T15:30:21Z |
| ghsa-x9w7-fj93-8rc4 |
4.7 (3.1)
2.0 (4.0)
|
A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the… | 2026-01-04T12:30:21Z | 2026-01-04T12:30:21Z |
| ghsa-g4c4-3wvv-75rq |
6.3 (3.1)
2.1 (4.0)
|
A flaw has been found in code-projects Online Product Reservation System 1.0. Affected by this vuln… | 2026-01-04T12:30:21Z | 2026-01-04T12:30:21Z |
| ghsa-g3px-2f97-p7gh |
4.7 (3.1)
2.0 (4.0)
|
A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of … | 2026-01-04T12:30:21Z | 2026-01-04T12:30:21Z |
| ghsa-5pq5-xxph-mrwm |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability has been found in code-projects Online Product Reservation System 1.0. Affected by … | 2026-01-04T12:30:21Z | 2026-01-04T12:30:21Z |
| ghsa-57vq-6p22-fhvx |
4.9 (3.1)
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-01-04T12:30:21Z | 2026-01-04T12:30:21Z |
| ghsa-v45g-9jff-2vqr |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an… | 2026-01-04T09:30:26Z | 2026-01-04T09:30:26Z |
| ghsa-823v-5fjj-p7fm |
7.3 (3.1)
5.5 (4.0)
|
A security vulnerability has been detected in code-projects Online Product Reservation System 1.0. … | 2026-01-04T06:30:26Z | 2026-01-04T06:30:26Z |
| ghsa-p3fv-jq23-qg6f |
6.3 (3.1)
2.1 (4.0)
|
A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. … | 2026-01-04T03:30:27Z | 2026-01-04T03:30:27Z |
| ghsa-qv6w-cq5f-xpvw |
5.3 (3.1)
6.9 (4.0)
|
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnera… | 2026-01-04T00:30:17Z | 2026-01-04T00:30:17Z |
| ghsa-5f5h-xp93-w647 |
6.5 (3.1)
6.9 (4.0)
|
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains a broken access control vulnerabi… | 2026-01-04T00:30:17Z | 2026-01-04T00:30:17Z |
| ghsa-c4mg-vhq3-hwc2 |
7.3 (3.1)
6.9 (4.0)
|
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an improper access control vulner… | 2026-01-04T00:30:16Z | 2026-01-04T00:30:16Z |
| ghsa-9w9c-6cc9-mc59 |
6.9 (4.0)
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:33Z | 2026-01-04T00:30:16Z |
| ghsa-752h-56c7-7mr2 |
6.5 (3.1)
6.9 (4.0)
|
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authentication bypass vulnerab… | 2026-01-04T00:30:16Z | 2026-01-04T00:30:16Z |
| ghsa-4v2m-wc8x-hcjv |
7.3 (3.1)
6.9 (4.0)
|
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerabi… | 2026-01-04T00:30:16Z | 2026-01-04T00:30:16Z |
| ghsa-472g-2pwf-qm99 |
5.3 (3.1)
6.9 (4.0)
|
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnera… | 2026-01-04T00:30:16Z | 2026-01-04T00:30:16Z |
| ghsa-wvmf-999m-w27j |
9.1 (3.1)
6.9 (4.0)
|
Genymobile/scrcpy versions up to and including 3.3.3 and prior to commit 3e40b24 contain a global b… | 2025-12-19T00:31:41Z | 2026-01-03T21:30:26Z |
| ghsa-rcf9-vp22-qqr4 |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-q99j-frr5-3c8c |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-jxwc-j45q-67x2 |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-h5g2-f397-gc23 |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-cpj2-6jmp-955v |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-9xc5-pgjp-9mcj |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-3x46-6xw6-vv9h |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-3pj2-6fqg-5xxm |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-24x2-jv4m-57w2 |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-96xq-9m54-h7p4 |
9.4 (4.0)
|
A vulnerability in Nuvation Energy nCloud VPN Service allowed Network Boundary Bridging.This issue … | 2026-01-03T03:30:25Z | 2026-01-03T03:30:25Z |
| ghsa-9fpm-5f3v-gxp2 |
8.7 (4.0)
|
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerab… | 2026-01-03T03:30:24Z | 2026-01-03T03:30:24Z |
| ghsa-2mwc-h2mg-v6p8 |
5.2 (4.0)
|
Bagisto has HTML Filter Bypass that Enables Stored XSS | 2026-01-02T21:16:23Z | 2026-01-03T00:32:58Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-26280 | Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops … | 2024-02-16T06:02:27.284756Z |
| gsd-2024-26267 | In Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions, and Liferay DXP… | 2024-02-16T06:02:27.282855Z |
| gsd-2024-26281 | Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed … | 2024-02-16T06:02:27.282553Z |
| gsd-2024-26270 | The Account Settings page in Liferay Portal 7.4.3.76 through 7.4.3.99, and Liferay DXP 20… | 2024-02-16T06:02:27.280205Z |
| gsd-2024-26272 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:27.277539Z |
| gsd-2024-26273 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:27.271062Z |
| gsd-2024-26269 | Cross-site scripting (XSS) vulnerability in the Frontend JS module's portlet.js in Lifera… | 2024-02-16T06:02:27.267449Z |
| gsd-2024-26268 | User enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupp… | 2024-02-16T06:02:27.263034Z |
| gsd-2024-26283 | An attacker could have executed unauthorized scripts on top origin sites using a JavaScri… | 2024-02-16T06:02:27.262365Z |
| gsd-2024-26282 | Using an AMP url with a canonical element, an attacker could have executed JavaScript fro… | 2024-02-16T06:02:27.257973Z |
| gsd-2024-26278 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:27.251698Z |
| gsd-2024-26266 | Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.2.0 throug… | 2024-02-16T06:02:27.250004Z |
| gsd-2024-26265 | The Image Uploader module in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported… | 2024-02-16T06:02:27.246216Z |
| gsd-2024-26276 | A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.254), Paraso… | 2024-02-16T06:02:27.245581Z |
| gsd-2024-26271 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:27.243986Z |
| gsd-2024-26286 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:27.241788Z |
| gsd-2024-26285 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:27.238121Z |
| gsd-2024-26284 | Utilizing a 302 redirect, an attacker could have conducted a Universal Cross-Site Scripti… | 2024-02-16T06:02:27.235459Z |
| gsd-2024-26279 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:27.234226Z |
| gsd-2024-1573 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:26.060159Z |
| gsd-2024-1537 | The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerc… | 2024-02-16T06:02:26.045148Z |
| gsd-2024-1541 | The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vu… | 2024-02-16T06:02:26.042236Z |
| gsd-2024-1542 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:26.041434Z |
| gsd-2024-1554 | The `fetch()` API and navigation incorrectly shared the same cache, as the cache key did … | 2024-02-16T06:02:26.032318Z |
| gsd-2024-1561 | An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint impr… | 2024-02-16T06:02:26.030848Z |
| gsd-2024-1524 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:25.997544Z |
| gsd-2024-1548 | A website could have obscured the fullscreen notification by using a dropdown select inpu… | 2024-02-16T06:02:25.990731Z |
| gsd-2024-1566 | The Redirects plugin for WordPress is vulnerable to unauthorized modification of data due… | 2024-02-16T06:02:25.989554Z |
| gsd-2024-1559 | The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via th… | 2024-02-16T06:02:25.987278Z |
| gsd-2024-1530 | A vulnerability, which was classified as critical, has been found in ECshop 4.1.8. Affect… | 2024-02-16T06:02:25.980786Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-184621 | Malicious code in odasv-knu-bofvn (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184620 | Malicious code in odasv-knu-bobn (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184619 | Malicious code in odasv-knu-boban (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184618 | Malicious code in odasv-knu-bobacuvolavafin (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184617 | Malicious code in odasv-knu-bobacuvolafin (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184616 | Malicious code in odasv-knu-bobacuvoafin (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184615 | Malicious code in odasv-knu-bobacuofin (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184614 | Malicious code in odasv-knu-bobacuoafin (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184613 | Malicious code in odasv-knu-bobacon (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184612 | Malicious code in odasv-knu-bobacoin (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184611 | Malicious code in odasv-knu-bobacofin (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184610 | Malicious code in odasv-knu-bobacn (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184609 | Malicious code in odasv-knlu-bofvn (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184608 | Malicious code in odasv-knilu-bofvn (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184607 | Malicious code in odasv-knilu-bofvaun (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184606 | Malicious code in odasv-knilu-bofavauun (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184605 | Malicious code in odasv-knilu-bofavaunun (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184604 | Malicious code in odasv-knilu-bofavaunuffn (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184603 | Malicious code in odasv-knilu-bofavaunuffkain (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184602 | Malicious code in odasv-knilu-bofavaunuffin (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184601 | Malicious code in odasv-knilu-bofavaunuffain (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184600 | Malicious code in odasv-knilu-bofavaun (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184599 | Malicious code in odasv-kiuu-bon (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184598 | Malicious code in odasv-kiuu-bofaufni (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184597 | Malicious code in odasv-kiuu-bofauffsni (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184596 | Malicious code in odasv-kiuu-bofani (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184595 | Malicious code in odasv-kiuu-bofan (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184594 | Malicious code in odasv-kiuu-bofafni (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184593 | Malicious code in odasv-kiuu-bo (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184592 | Malicious code in odasv-kiuu-bio (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2024:3567 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.9 security update on RHEL 8 | 2024-06-03T19:48:57+00:00 | 2025-11-21T19:03:28+00:00 |
| rhsa-2024:3566 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.9 security update on RHEL 7 | 2024-06-03T19:48:58+00:00 | 2025-11-21T19:03:28+00:00 |
| rhsa-2024:3553 | Red Hat Security Advisory: nodejs : security update | 2024-06-03T15:49:02+00:00 | 2025-11-21T19:03:26+00:00 |
| rhsa-2024:3545 | Red Hat Security Advisory: nodejs security update | 2024-06-03T18:38:00+00:00 | 2025-11-21T19:03:24+00:00 |
| rhsa-2024:3544 | Red Hat Security Advisory: nodejs:18 security update | 2024-06-03T18:39:01+00:00 | 2025-11-21T19:03:24+00:00 |
| rhsa-2024:3497 | Red Hat Security Advisory: edk2 security update | 2024-05-30T13:02:49+00:00 | 2025-11-21T19:03:24+00:00 |
| rhsa-2024:3513 | Red Hat Security Advisory: less security update | 2024-05-30T14:41:50+00:00 | 2025-11-21T19:03:20+00:00 |
| rhsa-2024:3501 | Red Hat Security Advisory: nghttp2 security update | 2024-05-30T13:08:16+00:00 | 2025-11-21T19:03:20+00:00 |
| rhsa-2024:3496 | Red Hat Security Advisory: OpenShift Container Platform 4.13.43 security update | 2024-06-05T12:13:06+00:00 | 2025-11-21T19:03:20+00:00 |
| rhsa-2024:3486 | Red Hat Security Advisory: gdisk security update | 2024-05-30T06:00:17+00:00 | 2025-11-21T19:03:19+00:00 |
| rhsa-2024:3475 | Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.5 security update | 2024-05-29T17:45:14+00:00 | 2025-11-21T19:03:17+00:00 |
| rhsa-2024:3472 | Red Hat Security Advisory: rh-nodejs14 security update | 2024-05-29T15:40:36+00:00 | 2025-11-21T19:03:16+00:00 |
| rhsa-2024:3462 | Red Hat Security Advisory: kernel security and bug fix update | 2024-05-29T08:25:01+00:00 | 2025-11-21T19:03:12+00:00 |
| rhsa-2024:3461 | Red Hat Security Advisory: kernel security and bug fix update | 2024-05-29T08:56:06+00:00 | 2025-11-21T19:03:12+00:00 |
| rhsa-2024:3460 | Red Hat Security Advisory: kernel-rt security and bug fix update | 2024-05-29T08:15:06+00:00 | 2025-11-21T19:03:12+00:00 |
| rhsa-2024:3426 | Red Hat Security Advisory: varnish:6 security update | 2024-05-28T14:33:18+00:00 | 2025-11-21T19:03:12+00:00 |
| rhsa-2024:3433 | Red Hat Security Advisory: protobuf security update | 2024-05-28T14:30:52+00:00 | 2025-11-21T19:03:11+00:00 |
| rhsa-2024:3431 | Red Hat Security Advisory: pcs security update | 2024-05-28T14:28:05+00:00 | 2025-11-21T19:03:10+00:00 |
| rhsa-2024:3428 | Red Hat Security Advisory: rust-toolset:rhel8 security update | 2024-05-28T13:43:53+00:00 | 2025-11-21T19:03:10+00:00 |
| rhsa-2024:3422 | Red Hat Security Advisory: linux-firmware security update | 2024-05-28T14:13:08+00:00 | 2025-11-21T19:03:08+00:00 |
| rhsa-2024:3418 | Red Hat Security Advisory: rust security update | 2024-05-28T14:09:13+00:00 | 2025-11-21T19:03:08+00:00 |
| rhsa-2024:3401 | Red Hat Security Advisory: rpm-ostree security update | 2024-05-28T14:37:48+00:00 | 2025-11-21T19:03:04+00:00 |
| rhsa-2024:3392 | Red Hat Security Advisory: pcp security update | 2024-05-28T12:48:13+00:00 | 2025-11-21T19:03:03+00:00 |
| rhsa-2024:3391 | Red Hat Security Advisory: python3 security update | 2024-05-28T13:12:43+00:00 | 2025-11-21T19:03:03+00:00 |
| rhsa-2024:3368 | Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.3 security update | 2024-05-28T08:22:42+00:00 | 2025-11-21T19:03:03+00:00 |
| rhsa-2024:3369 | Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.10.6 security update | 2024-05-28T08:21:45+00:00 | 2025-11-21T19:03:02+00:00 |
| rhsa-2024:3347 | Red Hat Security Advisory: python3 security update | 2024-05-23T16:30:10+00:00 | 2025-11-21T19:02:59+00:00 |
| rhsa-2024:3345 | Red Hat Security Advisory: .NET 8.0 security update | 2024-05-23T18:16:15+00:00 | 2025-11-21T19:02:58+00:00 |
| rhsa-2024:3344 | Red Hat Security Advisory: glibc security update | 2024-05-23T20:46:30+00:00 | 2025-11-21T19:02:58+00:00 |
| rhsa-2024:3343 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update | 2024-05-23T15:35:51+00:00 | 2025-11-21T19:02:58+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-26894 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-01T07:00:00.000Z |
| msrc_cve-2022-26891 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-01T07:00:00.000Z |
| msrc_cve-2022-24523 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-01T07:00:00.000Z |
| msrc_cve-2022-24475 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2022-04-12T08:00:00.000Z | 2022-04-01T07:00:00.000Z |
| msrc_cve-2022-0995 | An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state potentially allowing a local user to gain privileged access or cause a denial of service on the system. | 2022-03-02T00:00:00.000Z | 2022-04-01T00:00:00.000Z |
| msrc_cve-2022-23295 | Raw Image Extension Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-31T07:00:00.000Z |
| msrc_cve-2022-0854 | A memory leak flaw was found in the Linux kernel’s DMA subsystem in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. | 2022-03-02T00:00:00.000Z | 2022-03-31T00:00:00.000Z |
| msrc_cve-2021-4197 | An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. | 2022-03-02T00:00:00.000Z | 2022-03-31T00:00:00.000Z |
| msrc_cve-2021-4150 | A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the lack of code cleanup when device_add call fails when adding a partition to the disk. | 2022-03-02T00:00:00.000Z | 2022-03-31T00:00:00.000Z |
| msrc_cve-2021-4149 | A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem. | 2022-03-02T00:00:00.000Z | 2022-03-31T00:00:00.000Z |
| msrc_cve-2021-4148 | A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem. | 2022-03-02T00:00:00.000Z | 2022-03-31T00:00:00.000Z |
| msrc_cve-2022-0396 | DoS from specifically crafted TCP packets | 2022-03-02T00:00:00.000Z | 2022-03-30T00:00:00.000Z |
| msrc_cve-2021-25220 | DNS forwarders - cache poisoning vulnerability | 2022-03-02T00:00:00.000Z | 2022-03-30T00:00:00.000Z |
| msrc_cve-2022-0742 | Memory leak in ICMP6 in Linux Kernel | 2022-03-02T00:00:00.000Z | 2022-03-26T00:00:00.000Z |
| msrc_cve-2021-4190 | Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file | 2021-12-02T00:00:00.000Z | 2022-03-26T00:00:00.000Z |
| msrc_cve-2022-1011 | A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem resulting in privilege escalation. | 2022-03-02T00:00:00.000Z | 2022-03-25T00:00:00.000Z |
| msrc_cve-2022-23300 | Raw Image Extension Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-24T07:00:00.000Z |
| msrc_cve-2021-45868 | In the Linux kernel before 5.15.3 fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can for example lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file. | 2022-03-02T00:00:00.000Z | 2022-03-24T00:00:00.000Z |
| msrc_cve-2022-23282 | Paint 3D Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-23T07:00:00.000Z |
| msrc_cve-2022-21957 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | 2022-02-08T08:00:00.000Z | 2022-03-23T07:00:00.000Z |
| msrc_cve-2022-27223 | In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12 the endpoint index is not validated and might be manipulated by the host for out-of-array access. | 2022-03-02T00:00:00.000Z | 2022-03-23T00:00:00.000Z |
| msrc_cve-2022-26878 | drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket buffers have memory allocated but not freed). | 2022-03-02T00:00:00.000Z | 2022-03-23T00:00:00.000Z |
| msrc_cve-2022-0943 | Heap-based Buffer Overflow occurs in vim in vim/vim | 2022-03-02T00:00:00.000Z | 2022-03-23T00:00:00.000Z |
| msrc_cve-2021-36368 | An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose and an attacker has silently modified the server to support the None authentication option then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass since nothing is being bypassed. | 2022-03-02T00:00:00.000Z | 2022-03-20T00:00:00.000Z |
| msrc_cve-2022-26966 | An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. | 2022-03-02T00:00:00.000Z | 2022-03-19T00:00:00.000Z |
| msrc_cve-2022-23943 | mod_sed: Read/write beyond bounds | 2022-03-02T00:00:00.000Z | 2022-03-19T00:00:00.000Z |
| msrc_cve-2022-22721 | core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody | 2022-03-02T00:00:00.000Z | 2022-03-19T00:00:00.000Z |
| msrc_cve-2022-22720 | HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier | 2022-03-02T00:00:00.000Z | 2022-03-19T00:00:00.000Z |
| msrc_cve-2022-22719 | mod_lua Use of uninitialized value of in r:parsebody | 2022-03-02T00:00:00.000Z | 2022-03-19T00:00:00.000Z |
| msrc_cve-2022-0924 | Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit 408976c4. | 2022-03-02T00:00:00.000Z | 2022-03-19T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201503-0303 | Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmw… | 2025-04-13T23:14:34.307000Z |
| var-201503-0298 | Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 routers with firmware … | 2025-04-13T23:14:34.269000Z |
| var-201503-0424 | EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting wit… | 2025-04-13T23:14:34.139000Z |
| var-201504-0201 | The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 b… | 2025-04-13T23:14:34.050000Z |
| var-201504-0199 | The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 b… | 2025-04-13T23:14:34.020000Z |
| var-201504-0197 | The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 b… | 2025-04-13T23:14:33.990000Z |
| var-201504-0198 | The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 b… | 2025-04-13T23:14:33.960000Z |
| var-201504-0200 | The call-handling implementation in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 befo… | 2025-04-13T23:14:33.930000Z |
| var-201504-0451 | The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27… | 2025-04-13T23:14:33.683000Z |
| var-201505-0135 | Cisco Unified Communications Manager 10.0(1.10000.12) allows local users to gain privileg… | 2025-04-13T23:14:33.118000Z |
| var-201505-0177 | The ISDN implementation in Cisco IOS 15.3S allows remote attackers to cause a denial of s… | 2025-04-13T23:14:33.082000Z |
| var-201505-0238 | racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service… | 2025-04-13T23:14:33.003000Z |
| var-201506-0251 | Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service … | 2025-04-13T23:14:32.508000Z |
| var-201506-0253 | Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a denial of service (… | 2025-04-13T23:14:32.473000Z |
| var-201506-0292 | Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR… | 2025-04-13T23:14:32.438000Z |
| var-201506-0256 | Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Ro… | 2025-04-13T23:14:32.404000Z |
| var-201506-0257 | Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routi… | 2025-04-13T23:14:32.370000Z |
| var-201506-0293 | Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) module on uBR10000 … | 2025-04-13T23:14:32.335000Z |
| var-201506-0298 | Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center allows remote atta… | 2025-04-13T23:14:32.302000Z |
| var-201506-0296 | Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests… | 2025-04-13T23:14:32.273000Z |
| var-201506-0297 | Cisco WebEx Meeting Center does not properly determine authorization for reading a host c… | 2025-04-13T23:14:32.239000Z |
| var-201506-0300 | Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information via un… | 2025-04-13T23:14:32.209000Z |
| var-201506-0295 | Cisco WebEx Meeting Center places a meeting's access number in a URL, which allows remote… | 2025-04-13T23:14:32.179000Z |
| var-201507-0145 | Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmwa… | 2025-04-13T23:14:31.840000Z |
| var-201507-0144 | SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGa… | 2025-04-13T23:14:31.805000Z |
| var-201507-0501 | Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to byp… | 2025-04-13T23:14:31.103000Z |
| var-201507-0503 | The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with softwa… | 2025-04-13T23:14:31.069000Z |
| var-201507-0538 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Serial Gateway devi… | 2025-04-13T23:14:31.030000Z |
| var-201507-0540 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP Gateway devices … | 2025-04-13T23:14:30.995000Z |
| var-201507-0542 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence MCU 4500 devices wi… | 2025-04-13T23:14:30.957000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2021:14747-1 | Security update for xterm | 2021-06-14T13:28:03Z | 2021-06-14T13:28:03Z |
| suse-su-2021:1963-1 | Security update for crowbar-openstack, grafana, kibana, monasca-installer, python-Django, python-py, rubygem-activerecord-session_store | 2021-06-11T13:14:14Z | 2021-06-11T13:14:14Z |
| suse-su-2021:1962-1 | Security update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone | 2021-06-11T13:13:53Z | 2021-06-11T13:13:53Z |
| suse-su-2021:1961-1 | Security update for squid | 2021-06-11T10:56:48Z | 2021-06-11T10:56:48Z |
| suse-su-2021:1960-1 | Security update for freeradius-server | 2021-06-11T10:56:09Z | 2021-06-11T10:56:09Z |
| suse-su-2021:1959-1 | Security update for freeradius-server | 2021-06-11T10:55:29Z | 2021-06-11T10:55:29Z |
| suse-su-2021:1958-1 | Security update for libjpeg-turbo | 2021-06-11T10:55:20Z | 2021-06-11T10:55:20Z |
| suse-su-2021:1957-1 | Security update for libjpeg-turbo | 2021-06-11T10:53:56Z | 2021-06-11T10:53:56Z |
| suse-su-2021:1956-1 | Security update for spice | 2021-06-11T10:53:39Z | 2021-06-11T10:53:39Z |
| suse-su-2021:1954-1 | Security update for containerd, docker, runc | 2021-06-11T08:45:35Z | 2021-06-11T08:45:35Z |
| suse-su-2021:1952-1 | Security update for csync2 | 2021-06-10T14:18:44Z | 2021-06-10T14:18:44Z |
| suse-su-2021:1951-1 | Security update for salt | 2021-06-10T14:06:21Z | 2021-06-10T14:06:21Z |
| suse-su-2021:1948-1 | Security update for djvulibre | 2021-06-10T10:32:37Z | 2021-06-10T10:32:37Z |
| suse-su-2021:1947-1 | Security update for qemu | 2021-06-10T10:31:38Z | 2021-06-10T10:31:38Z |
| suse-su-2021:1944-1 | Security update for gstreamer-plugins-bad | 2021-06-10T08:52:07Z | 2021-06-10T08:52:07Z |
| suse-su-2021:1943-1 | Security update for caribou | 2021-06-10T08:51:23Z | 2021-06-10T08:51:23Z |
| suse-su-2021:1942-1 | Security update for qemu | 2021-06-10T08:50:33Z | 2021-06-10T08:50:33Z |
| suse-su-2021:1940-1 | Security update for python-Pillow | 2021-06-10T08:49:31Z | 2021-06-10T08:49:31Z |
| suse-su-2021:1939-1 | Security update for python-Pillow | 2021-06-10T08:49:21Z | 2021-06-10T08:49:21Z |
| suse-su-2021:1938-1 | Security update for python-Pillow | 2021-06-10T08:49:07Z | 2021-06-10T08:49:07Z |
| suse-su-2021:1933-1 | Security update for ucode-intel | 2021-06-10T08:28:43Z | 2021-06-10T08:28:43Z |
| suse-su-2021:1932-1 | Security update for ucode-intel | 2021-06-10T08:28:15Z | 2021-06-10T08:28:15Z |
| suse-su-2021:1931-1 | Security update for ucode-intel | 2021-06-10T08:27:00Z | 2021-06-10T08:27:00Z |
| suse-su-2021:1930-1 | Security update for ucode-intel | 2021-06-10T08:26:44Z | 2021-06-10T08:26:44Z |
| suse-su-2021:1929-1 | Security update for ucode-intel | 2021-06-10T07:18:57Z | 2021-06-10T07:18:57Z |
| suse-su-2021:1928-1 | Security update for spice-gtk | 2021-06-10T06:42:50Z | 2021-06-10T06:42:50Z |
| suse-su-2021:1927-1 | Security update for spice | 2021-06-10T06:42:08Z | 2021-06-10T06:42:08Z |
| suse-su-2021:1919-1 | Security update for MozillaFirefox | 2021-06-09T13:21:26Z | 2021-06-09T13:21:26Z |
| suse-su-2021:1918-1 | Security update for qemu | 2021-06-09T13:20:36Z | 2021-06-09T13:20:36Z |
| suse-su-2021:1917-1 | Security update for libxml2 | 2021-06-09T12:48:29Z | 2021-06-09T12:48:29Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2024-48745 | IrfanView代码执行漏洞(CNVD-2024-48745) | 2024-11-27 | 2024-12-19 |
| cnvd-2024-48744 | IrfanView DWG文件解析越界读取远程代码执行漏洞 | 2024-11-28 | 2024-12-19 |
| cnvd-2024-48743 | IrfanView堆缓冲区溢出漏洞(CNVD-2024-48743) | 2024-11-28 | 2024-12-19 |
| cnvd-2024-48742 | IrfanView DXF文件解析类型混淆远程代码执行漏洞(CNVD-2024-48742) | 2024-11-28 | 2024-12-19 |
| cnvd-2024-48678 | Oracle Java SE存在未明漏洞(CNVD-2024-48678) | 2024-04-18 | 2024-12-19 |
| cnvd-2024-48677 | Oracle Java SE存在未明漏洞(CNVD-2024-48677) | 2024-04-18 | 2024-12-19 |
| cnvd-2024-48676 | Oracle Java SE存在未明漏洞(CNVD-2024-48676) | 2024-04-18 | 2024-12-19 |
| cnvd-2024-48675 | Oracle Java SE存在未明漏洞(CNVD-2024-48675) | 2024-04-18 | 2024-12-19 |
| cnvd-2024-48674 | Oracle Java SE存在未明漏洞(CNVD-2024-48674) | 2024-04-18 | 2024-12-19 |
| cnvd-2024-48673 | Oracle Java SE存在未明漏洞(CNVD-2024-48673) | 2024-04-18 | 2024-12-19 |
| cnvd-2024-48575 | Apache Tomcat远程代码执行漏洞 | 2024-12-19 | 2024-12-19 |
| cnvd-2024-48569 | Mozilla Firefox点击劫持漏洞(CNVD-2024-48569) | 2024-12-04 | 2024-12-19 |
| cnvd-2024-48568 | Mozilla Firefox存在未明漏洞(CNVD-2024-48568) | 2024-12-04 | 2024-12-19 |
| cnvd-2024-48567 | Mozilla Firefox for iOS欺骗漏洞 | 2024-12-04 | 2024-12-19 |
| cnvd-2024-48566 | Mozilla Firefox安全绕过漏洞(CNVD-2024-48566) | 2024-12-04 | 2024-12-18 |
| cnvd-2024-48565 | 多款Mozilla产品欺骗漏洞(CNVD-2024-48565) | 2024-12-04 | 2024-12-18 |
| cnvd-2024-48564 | 多款Mozilla产品安全绕过漏洞(CNVD-2024-48564) | 2024-12-04 | 2024-12-18 |
| cnvd-2024-48563 | 多款Mozilla产品代码执行漏洞(CNVD-2024-48563) | 2024-12-04 | 2024-12-18 |
| cnvd-2024-48562 | 多款Mozilla产品跨站脚本漏洞(CNVD-2024-48562) | 2024-12-04 | 2024-12-18 |
| cnvd-2024-48561 | 多款Mozilla产品安全绕过漏洞(CNVD-2024-48561) | 2024-12-04 | 2024-12-18 |
| cnvd-2024-48560 | 多款Mozilla产品拒绝服务漏洞(CNVD-2024-48560) | 2024-12-04 | 2024-12-18 |
| cnvd-2024-48385 | Google Chrome代码执行漏洞(CNVD-2024-48385) | 2024-10-25 | 2024-12-18 |
| cnvd-2024-48384 | Google Chrome安全绕过漏洞(CNVD-2024-48384) | 2024-10-25 | 2024-12-18 |
| cnvd-2024-48383 | Google Chrome代码执行漏洞(CNVD-2024-48383) | 2024-11-15 | 2024-12-18 |
| cnvd-2024-47756 | 用友网络科技股份有限公司用友U8Cloud存在SQL注入漏洞(CNVD-2024-47756) | 2024-11-03 | 2024-12-18 |
| cnvd-2024-48436 | Siemens Opcenter Execution Foundation缓冲区溢出漏洞 | 2024-12-16 | 2024-12-17 |
| cnvd-2024-48435 | Siemens Opcenter Intelligence缓冲区溢出漏洞 | 2024-12-16 | 2024-12-17 |
| cnvd-2024-48434 | Siemens Opcenter Quality缓冲区溢出漏洞 | 2024-12-16 | 2024-12-17 |
| cnvd-2024-48433 | Siemens Opcenter RDL缓冲区溢出漏洞 | 2024-12-16 | 2024-12-17 |
| cnvd-2024-48432 | Siemens SIMATIC PCS neo缓冲区溢出漏洞 | 2024-12-16 | 2024-12-17 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2012-avi-034 | Vulnérabilité dans le noyau linux | 2012-01-30T00:00:00.000000 | 2012-01-30T00:00:00.000000 |
| certa-2012-avi-033 | Multiples vulnérabilités dans Opera | 2012-01-26T00:00:00.000000 | 2012-01-26T00:00:00.000000 |
| certa-2012-avi-031 | Vulnérabilité dans CISCO Digital Media Manager | 2012-01-26T00:00:00.000000 | 2012-01-26T00:00:00.000000 |
| certa-2012-avi-030 | Multiples vulnérabilités dans Google Chrome | 2012-01-25T00:00:00.000000 | 2012-01-25T00:00:00.000000 |
| certa-2012-avi-029 | Vulnérabilité dans Apache Struts | 2012-01-23T00:00:00.000000 | 2012-01-23T00:00:00.000000 |
| certa-2012-avi-027 | Vulnérabilités dans Moodle | 2012-01-19T00:00:00.000000 | 2012-01-19T00:00:00.000000 |
| certa-2012-avi-026 | Vulnérabilité dans le serveur HTTP Apache | 2012-01-18T00:00:00.000000 | 2012-01-18T00:00:00.000000 |
| certa-2012-avi-025 | Vulnérabilité dans Apache Tomcat | 2012-01-18T00:00:00.000000 | 2012-01-18T00:00:00.000000 |
| certa-2012-avi-024 | Multiples vulnérabilités dans les produits Oracle | 2012-01-18T00:00:00.000000 | 2012-01-18T00:00:00.000000 |
| certa-2012-avi-023 | Multiples vulnérabilités dans les produits IBM | 2012-01-18T00:00:00.000000 | 2012-01-18T00:00:00.000000 |
| certa-2012-avi-022 | Vulnérabilités dans HP StorageWorks Modular Smart Array P2000 G3 | 2012-01-17T00:00:00.000000 | 2012-01-17T00:00:00.000000 |
| certa-2012-avi-021 | Vulnérabilités dans PHP | 2012-01-16T00:00:00.000000 | 2012-01-16T00:00:00.000000 |
| certa-2012-avi-020 | Vulnérabilités dans Wireshark | 2012-01-16T00:00:00.000000 | 2012-01-16T00:00:00.000000 |
| certa-2012-avi-019 | Vulnérabilité dans ISC DHCP | 2012-01-16T00:00:00.000000 | 2012-01-16T00:00:00.000000 |
| certa-2012-avi-018 | Multiples vulnérabilités dans FFmpeg | 2012-01-13T00:00:00.000000 | 2012-01-13T00:00:00.000000 |
| certa-2012-avi-017 | Vulnérabilité dans Sumatra PDF | 2012-01-13T00:00:00.000000 | 2012-01-13T00:00:00.000000 |
| certa-2012-avi-016 | Vulnérabilité dans PowerDNS | 2012-01-13T00:00:00.000000 | 2012-01-13T00:00:00.000000 |
| certa-2012-avi-015 | Multiples vulnérabilités dans Bluecoat PolicyCenter | 2012-01-13T00:00:00.000000 | 2012-01-13T00:00:00.000000 |
| certa-2012-avi-014 | Vulnérabilités dans Adobe Reader et Adobe Acrobat | 2012-01-11T00:00:00.000000 | 2012-01-11T00:00:00.000000 |
| certa-2012-avi-013 | Vulnérabilité dans Microsoft AntiXSS | 2012-01-11T00:00:00.000000 | 2012-01-11T00:00:00.000000 |
| certa-2012-avi-012 | Vulnérabilité dans les protocoles SSL/TLS dans Microsoft Windows | 2012-01-11T00:00:00.000000 | 2012-01-11T00:00:00.000000 |
| certa-2012-avi-011 | Vulnérabilité dans Microsoft Windows | 2012-01-11T00:00:00.000000 | 2012-01-11T00:00:00.000000 |
| certa-2012-avi-010 | Vulnérabilités dans Windows Media | 2012-01-11T00:00:00.000000 | 2012-01-11T00:00:00.000000 |
| certa-2012-avi-009 | Vulnérabilité dans le processus CSRSS de Windows | 2012-01-11T00:00:00.000000 | 2012-01-11T00:00:00.000000 |
| certa-2012-avi-008 | Vulnérabilité dans le gestionnaire de liaisons de Microsoft Windows | 2012-01-11T00:00:00.000000 | 2012-01-11T00:00:00.000000 |
| certa-2012-avi-007 | Vulnérabilité dans le noyau Microsoft Windows | 2012-01-11T00:00:00.000000 | 2012-01-11T00:00:00.000000 |
| certa-2012-avi-005 | Vulnérabilité dans les imprimantes HP LaserJet P3015 | 2012-01-10T00:00:00.000000 | 2012-01-10T00:00:00.000000 |
| certa-2012-avi-004 | Multiples vulnérabilités dans Google Chrome | 2012-01-10T00:00:00.000000 | 2012-01-10T00:00:00.000000 |
| certa-2012-avi-003 | Multiples vulnérabilités dans Apache Struts | 2012-01-05T00:00:00.000000 | 2012-01-05T00:00:00.000000 |
| certa-2012-avi-002 | Vulnérabilité dans WordPress | 2012-01-05T00:00:00.000000 | 2012-01-05T00:00:00.000000 |