Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-21920 |
7.5 (3.1)
8.7 (4.0)
|
Junos OS: SRX Series: If a specific request is process… |
Juniper Networks |
Junos OS |
2026-01-15T20:28:10.526Z | 2026-01-15T20:59:21.070Z |
| CVE-2026-21921 |
6.5 (3.1)
7.1 (4.0)
|
Junos OS and Junos OS Evolved: When telemetry collecto… |
Juniper Networks |
Junos OS |
2026-01-15T20:28:29.656Z | 2026-01-15T20:55:25.182Z |
| CVE-2026-21909 |
6.5 (3.1)
7.1 (4.0)
|
Junos OS and Junos OS Evolved: Receipt of specific IS-… |
Juniper Networks |
Junos OS |
2026-01-15T20:22:44.674Z | 2026-01-15T20:52:42.400Z |
| CVE-2026-21910 |
6.5 (3.1)
7.1 (4.0)
|
Junos OS: EX4k Series, QFX5k Series: In an EVPN-VXLAN … |
Juniper Networks |
Junos OS |
2026-01-15T20:23:29.682Z | 2026-01-15T20:51:57.933Z |
| CVE-2026-21911 |
6.5 (3.1)
7.1 (4.0)
|
Junos OS Evolved: Flapping management interface causes… |
Juniper Networks |
Junos OS Evolved |
2026-01-15T20:23:54.924Z | 2026-01-15T20:51:32.531Z |
| CVE-2026-21912 |
5.5 (3.1)
6.8 (4.0)
|
Junos OS: MX10k Series: 'show system firmware' CLI com… |
Juniper Networks |
Junos OS |
2026-01-15T20:24:20.087Z | 2026-01-15T20:50:28.949Z |
| CVE-2026-21913 |
7.5 (3.1)
8.7 (4.0)
|
Junos OS: EX4000: A high volume of traffic destined to… |
Juniper Networks |
Junos OS |
2026-01-15T20:25:03.276Z | 2026-01-15T20:45:02.652Z |
| CVE-2026-21914 |
7.5 (3.1)
8.7 (4.0)
|
Junos OS: SRX Series: A specifically malformed GTP mes… |
Juniper Networks |
Junos OS |
2026-01-15T20:25:35.725Z | 2026-01-15T20:44:30.550Z |
| CVE-2025-66169 |
N/A
|
Apache Camel Neo4j: Cypher injection vulnerability in … |
Apache Software Foundation |
Apache Camel Neo4j |
2026-01-14T11:45:20.338Z | 2026-01-15T20:43:58.492Z |
| CVE-2025-14301 |
9.8 (3.1)
|
Integration Opvius AI for WooCommerce <= 1.3.0 - Unaut… |
woosaai |
Integration Opvius AI for WooCommerce |
2026-01-14T05:28:05.974Z | 2026-01-15T20:35:48.151Z |
| CVE-2025-15265 |
5.3 (4.0)
|
Svelte 5.46.0 - Hydratable Key Script-Breakout XSS (SSR) |
Svelte |
Svelte |
2026-01-15T19:59:41.683Z | 2026-01-15T20:28:16.479Z |
| CVE-2025-65349 |
5.4 (3.1)
|
A Stored Cross-Site Scripting (XSS) vulnerability… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T20:25:22.255Z |
| CVE-2025-15377 |
4.3 (3.1)
|
Sosh Share Buttons <= 1.1.0 - Cross-Site Request Forgery |
abage |
Sosh Share Buttons |
2026-01-14T05:28:06.577Z | 2026-01-15T20:19:13.876Z |
| CVE-2025-13733 |
8.5 (4.0)
|
BuhoNTFS 1.3.2 - Local Privilege Escalation |
Dr.Buho |
BuhoNTFS |
2025-12-12T15:58:37.088Z | 2026-01-15T20:10:24.643Z |
| CVE-2025-14379 |
4.4 (3.1)
|
Testimonials Creator 1.6 - Authenticated (Admin+) Stor… |
adoncreatives |
Testimonials Creator |
2026-01-14T05:28:07.014Z | 2026-01-15T20:07:54.708Z |
| CVE-2025-15283 |
7.2 (3.1)
|
Name Directory <= 1.30.3 - Unauthenticated Stored Cros… |
jeroenpeters1986 |
Name Directory |
2026-01-14T05:28:07.374Z | 2026-01-15T20:00:43.944Z |
| CVE-2026-23527 |
8.9 (3.1)
|
Request Smuggling (TE.TE) in h3 v1 |
h3js |
h3 |
2026-01-15T19:24:20.514Z | 2026-01-15T20:00:06.302Z |
| CVE-2026-23520 |
9.1 (3.1)
|
Arcane has a Command Injection in Arcane Updater Lifec… |
getarcaneapp |
arcane |
2026-01-15T19:20:22.434Z | 2026-01-15T19:58:45.182Z |
| CVE-2026-0694 |
6.4 (3.1)
|
SearchWiz <= 1.0.0 - Authenticated (Contributor+) Stor… |
searchwiz |
SearchWiz |
2026-01-14T05:28:07.738Z | 2026-01-15T19:58:43.596Z |
| CVE-2026-23519 |
8.9 (4.0)
|
RustCrypto cmov: thumbv6m-none-eabi compiler emits non… |
RustCrypto |
utils |
2026-01-15T19:13:54.440Z | 2026-01-15T19:57:48.741Z |
| CVE-2026-23511 |
5.3 (3.1)
|
ZITADEL has a user enumeration vulnerability in Login UIs |
zitadel |
zitadel |
2026-01-15T19:09:06.154Z | 2026-01-15T19:56:24.164Z |
| CVE-2025-62004 |
7.7 (4.0)
7.5 (3.1)
|
BullWall Server Intrusion Protection (SIP) initializat… |
BullWall |
Server Intrusion Protection |
2025-12-18T20:36:13.123Z | 2026-01-15T19:51:45.196Z |
| CVE-2025-62003 |
7.5 (3.1)
7.7 (4.0)
|
BullWall Server Intrusion Protection RDP MFA connectio… |
BullWall |
Server Intrusion Protection |
2025-12-18T20:35:52.330Z | 2026-01-15T19:51:31.946Z |
| CVE-2025-62002 |
4.3 (3.1)
5.3 (4.0)
|
BullWall Ransomware Containment file count detection bypass |
BullWall |
Ransomware Containment |
2025-12-18T20:33:55.098Z | 2026-01-15T19:51:15.560Z |
| CVE-2025-62001 |
8.8 (3.1)
8.7 (4.0)
|
BullWall Ransomware Containment hard-coded folder exclusions |
BullWall |
Ransomware Containment |
2025-12-18T20:32:21.620Z | 2026-01-15T19:51:00.410Z |
| CVE-2025-62000 |
7.1 (3.1)
6.9 (4.0)
|
BullWall Ransomware Containment incomplete file inspection |
BullWall |
Ransomware Containment |
2025-12-18T20:32:02.910Z | 2026-01-15T19:50:39.114Z |
| CVE-2024-48077 |
7.5 (3.1)
|
An issue in nanomq v0.22.7 allows attackers to ca… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T19:28:59.364Z |
| CVE-2026-22775 |
7.5 (3.1)
|
devalue vulnerable to denial of service due to memory/… |
sveltejs |
devalue |
2026-01-15T18:59:37.499Z | 2026-01-15T19:22:56.774Z |
| CVE-2026-22774 |
7.5 (3.1)
|
devalue vulnerable to denial of service due to memory … |
sveltejs |
devalue |
2026-01-15T18:53:21.963Z | 2026-01-15T19:16:10.500Z |
| CVE-2026-22249 |
7.1 (3.1)
|
Docmost affected by an Arbitrary File Write via Zip Im… |
docmost |
docmost |
2026-01-15T18:43:56.263Z | 2026-01-15T19:08:26.158Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-54745 |
6.5 (3.1)
|
WordPress miniOrange's Google Authenticator Plugin <= … |
miniOrange |
miniOrange's Google Authenticator |
2025-12-18T07:21:49.914Z | 2026-01-20T14:28:10.170Z |
| CVE-2025-54743 |
5.3 (3.1)
|
WordPress Download After Email Plugin 2.1.5-2.1.6 - Ot… |
mkscripts |
Download After Email |
2025-12-18T07:21:49.722Z | 2026-01-29T15:33:17.915Z |
| CVE-2025-54741 |
8.6 (3.1)
|
WordPress Super Blank Plugin <= 1.2.0 - Arbitrary Cont… |
Tyler Moore |
Super Blank |
2025-12-18T07:21:49.496Z | 2026-02-03T16:03:36.275Z |
| CVE-2025-54737 |
7.1 (3.1)
|
WordPress Jobmonster theme <= 4.7.8 - Cross Site Scrip… |
NooTheme |
Jobmonster |
2025-11-06T15:54:17.806Z | 2026-01-20T14:28:10.029Z |
| CVE-2025-54723 |
9.8 (3.1)
|
WordPress DentiCare Theme < 1.4.3 - PHP Object Injecti… |
BoldThemes |
DentiCare |
2025-12-18T07:21:49.313Z | 2026-02-03T16:04:44.922Z |
| CVE-2025-54722 |
7.1 (3.1)
|
WordPress WooTour plugin <= 3.6.3 - Cross Site Scripti… |
Ex-Themes |
WooTour |
2025-11-06T15:54:16.991Z | 2026-01-20T14:28:09.895Z |
| CVE-2025-54721 |
7.1 (3.1)
|
WordPress Resca theme <= 3.0.2 - Cross Site Scripting … |
ThimPress |
Resca |
2025-11-06T15:54:16.209Z | 2026-01-20T14:28:09.884Z |
| CVE-2025-54719 |
8.8 (3.1)
|
WordPress Yogi - Health Beauty & Yoga Theme <= 2.9.2 -… |
NooTheme |
Yogi - Health Beauty & Yoga |
2025-11-06T15:54:15.371Z | 2026-01-20T14:28:09.932Z |
| CVE-2025-54718 |
7.1 (3.1)
|
WordPress Yogi - Health Beauty & Yoga theme <= 2.9.2 -… |
NooTheme |
Yogi - Health Beauty & Yoga |
2025-11-06T15:54:14.634Z | 2026-01-20T14:28:09.933Z |
| CVE-2025-54711 |
7.1 (3.1)
|
WordPress Info Cards Plugin <= 1.0.11 - Broken Access … |
bPlugins |
Info Cards |
2025-11-06T15:54:14.029Z | 2026-01-20T14:28:09.984Z |
| CVE-2025-54045 |
4.3 (3.1)
|
WordPress CM On Demand Search And Replace plugin <= 1.… |
CreativeMindsSolutions |
CM On Demand Search And Replace |
2025-12-16T08:12:46.351Z | 2026-01-20T14:28:09.965Z |
| CVE-2025-54005 |
4.3 (3.1)
|
WordPress SKT Page Builder plugin <= 4.9 - Broken Acce… |
sonalsinha21 |
SKT Page Builder |
2025-12-16T08:12:45.965Z | 2026-02-05T16:27:33.105Z |
| CVE-2025-54004 |
2.6 (3.1)
|
WordPress WCFM – Frontend Manager for WooCommerce plug… |
WC Lovers |
WCFM – Frontend Manager for WooCommerce |
2025-12-16T08:12:45.704Z | 2026-02-05T16:27:50.467Z |
| CVE-2025-53586 |
9.8 (3.1)
|
WordPress WeMusic Theme <= 1.9.1 - PHP Object Injectio… |
NooTheme |
WeMusic |
2025-11-06T15:54:13.387Z | 2026-01-20T14:28:09.916Z |
| CVE-2025-53585 |
7.1 (3.1)
|
WordPress WeMusic theme <= 1.9.1 - Cross Site Scriptin… |
NooTheme |
WeMusic |
2025-11-06T15:54:12.787Z | 2026-01-20T14:28:10.097Z |
| CVE-2025-53574 |
6.1 (3.1)
|
WordPress Doliconnect Plugin <= 9.3.2 - Cross Site Scr… |
ptibogxiv |
Doliconnect |
2025-11-06T15:54:11.607Z | 2026-01-20T14:28:09.876Z |
| CVE-2025-53573 |
7.1 (3.1)
|
WordPress Epic Review Plugin <= 1.0.2 - Cross Site Scr… |
jegtheme |
Epic Review |
2025-11-06T15:54:10.426Z | 2026-01-20T14:28:09.871Z |
| CVE-2025-53453 |
8.2 (3.1)
|
WordPress Hygia theme <= 1.16 - Local File Inclusion v… |
axiomthemes |
Hygia |
2025-12-18T07:21:49.127Z | 2026-02-03T16:05:11.528Z |
| CVE-2025-53449 |
8.1 (3.1)
|
WordPress Convex theme <= 1.11 - Local File Inclusion … |
axiomthemes |
Convex |
2025-12-18T07:21:48.947Z | 2026-01-20T14:28:09.907Z |
| CVE-2025-53448 |
8.1 (3.1)
|
WordPress Rally theme <= 1.1 - Local File Inclusion vu… |
axiomthemes |
Rally |
2025-12-18T07:21:48.769Z | 2026-01-20T14:28:09.880Z |
| CVE-2025-53447 |
8.1 (3.1)
|
WordPress Assembly theme <= 1.1 - Local File Inclusion… |
axiomthemes |
Assembly |
2025-12-18T07:21:48.588Z | 2026-01-20T14:28:09.843Z |
| CVE-2025-53446 |
8.1 (3.1)
|
WordPress Beautique theme <= 1.5 - Local File Inclusio… |
axiomthemes |
Beautique |
2025-12-18T07:21:48.403Z | 2026-01-20T14:28:09.895Z |
| CVE-2025-53445 |
8.1 (3.1)
|
WordPress Catwalk theme <= 1.4 - Local File Inclusion … |
axiomthemes |
Catwalk |
2025-12-18T07:21:48.218Z | 2026-01-20T14:28:09.892Z |
| CVE-2025-53443 |
8.1 (3.1)
|
WordPress Smash theme <= 1.7 - Local File Inclusion vu… |
axiomthemes |
Smash |
2025-12-18T07:21:48.033Z | 2026-01-20T14:28:09.805Z |
| CVE-2025-53442 |
8.1 (3.1)
|
WordPress Rentic theme <= 1.1 - Local File Inclusion v… |
axiomthemes |
Rentic |
2025-12-18T07:21:47.842Z | 2026-01-20T14:28:09.727Z |
| CVE-2025-53441 |
8.1 (3.1)
|
WordPress Greeny theme <= 2.6 - Local File Inclusion v… |
axiomthemes |
Greeny |
2025-12-18T07:21:47.651Z | 2026-01-20T14:28:09.749Z |
| CVE-2025-53439 |
8.1 (3.1)
|
WordPress Harper theme <= 1.13 - Local File Inclusion … |
axiomthemes |
Harper |
2025-12-18T07:21:47.455Z | 2026-01-20T14:28:09.777Z |
| CVE-2025-53438 |
8.1 (3.1)
|
WordPress FitLine theme <= 1.6 - Local File Inclusion … |
axiomthemes |
FitLine |
2025-12-18T07:21:47.228Z | 2026-01-20T14:28:09.672Z |
| CVE-2025-53437 |
8.1 (3.1)
|
WordPress Greenorganic theme <= 2.45 - Local File Incl… |
ApusTheme |
Greenorganic |
2025-12-18T07:21:47.030Z | 2026-01-20T14:28:09.573Z |
| CVE-2025-53436 |
8.1 (3.1)
|
WordPress Monki theme <= 2.0.4 - Local File Inclusion … |
BZOTheme |
Monki |
2025-12-18T07:21:46.801Z | 2026-01-20T14:28:09.817Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-54722 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:58.277 | 2026-01-20T15:17:00.967 |
| fkie_cve-2025-54721 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:58.053 | 2026-01-20T15:17:00.827 |
| fkie_cve-2025-54719 | Deserialization of Untrusted Data vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi al… | 2025-11-06T16:15:57.837 | 2026-01-20T15:17:00.693 |
| fkie_cve-2025-54718 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:57.677 | 2026-01-20T15:17:00.543 |
| fkie_cve-2025-54711 | Missing Authorization vulnerability in bPlugins Info Cards info-cards allows Accessing Functionalit… | 2025-11-06T16:15:57.523 | 2026-01-20T15:17:00.403 |
| fkie_cve-2025-54045 | Missing Authorization vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on… | 2025-12-16T09:15:52.563 | 2026-01-20T15:16:59.933 |
| fkie_cve-2025-54005 | Missing Authorization vulnerability in sonalsinha21 SKT Page Builder skt-builder allows Exploiting … | 2025-12-16T09:15:52.440 | 2026-01-20T15:16:59.753 |
| fkie_cve-2025-54004 | Missing Authorization vulnerability in WC Lovers WCFM – Frontend Manager for WooCommerce wc-fronten… | 2025-12-16T09:15:52.283 | 2026-01-20T15:16:59.613 |
| fkie_cve-2025-53586 | Deserialization of Untrusted Data vulnerability in NooTheme WeMusic noo-wemusic allows Object Injec… | 2025-11-06T16:15:57.373 | 2026-01-20T15:16:59.010 |
| fkie_cve-2025-53585 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:57.227 | 2026-01-20T15:16:58.880 |
| fkie_cve-2025-53574 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:57.080 | 2026-01-20T15:16:58.750 |
| fkie_cve-2025-53573 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:56.930 | 2026-01-20T15:16:58.610 |
| fkie_cve-2025-53453 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.530 | 2026-01-20T15:16:58.333 |
| fkie_cve-2025-53449 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.403 | 2026-01-20T15:16:58.197 |
| fkie_cve-2025-53448 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.270 | 2026-01-20T15:16:58.050 |
| fkie_cve-2025-53447 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.140 | 2026-01-20T15:16:57.907 |
| fkie_cve-2025-53446 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:55.017 | 2026-01-20T15:16:57.767 |
| fkie_cve-2025-53445 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.887 | 2026-01-20T15:16:57.630 |
| fkie_cve-2025-53443 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.760 | 2026-01-20T15:16:57.477 |
| fkie_cve-2025-53442 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.633 | 2026-01-20T15:16:57.340 |
| fkie_cve-2025-53441 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.507 | 2026-01-20T15:16:57.200 |
| fkie_cve-2025-53439 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.380 | 2026-01-20T15:16:57.043 |
| fkie_cve-2025-53438 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.247 | 2026-01-20T15:16:56.883 |
| fkie_cve-2025-53437 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:54.117 | 2026-01-20T15:16:56.737 |
| fkie_cve-2025-53436 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.983 | 2026-01-20T15:16:56.403 |
| fkie_cve-2025-53435 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.853 | 2026-01-20T15:16:56.263 |
| fkie_cve-2025-53434 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.710 | 2026-01-20T15:16:56.130 |
| fkie_cve-2025-53433 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.563 | 2026-01-20T15:16:55.997 |
| fkie_cve-2025-53432 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.440 | 2026-01-20T15:16:55.870 |
| fkie_cve-2025-53431 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-18T08:15:53.303 | 2026-01-20T15:16:55.740 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-h5g2-f397-gc23 |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-cpj2-6jmp-955v |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-9xc5-pgjp-9mcj |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-3x46-6xw6-vv9h |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-3pj2-6fqg-5xxm |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-24x2-jv4m-57w2 |
|
Rejected reason: Not used | 2026-01-03T06:30:16Z | 2026-01-03T06:30:16Z |
| ghsa-96xq-9m54-h7p4 |
9.4 (4.0)
|
A vulnerability in Nuvation Energy nCloud VPN Service allowed Network Boundary Bridging.This issue … | 2026-01-03T03:30:25Z | 2026-01-03T03:30:25Z |
| ghsa-9fpm-5f3v-gxp2 |
8.7 (4.0)
|
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerab… | 2026-01-03T03:30:24Z | 2026-01-03T03:30:24Z |
| ghsa-2mwc-h2mg-v6p8 |
5.2 (4.0)
|
Bagisto has HTML Filter Bypass that Enables Stored XSS | 2026-01-02T21:16:23Z | 2026-01-03T00:32:58Z |
| ghsa-gvq6-hvvp-h34h |
9.2 (4.0)
|
AdonisJS Path Traversal in Multipart File Handling | 2026-01-02T18:58:32Z | 2026-01-03T00:32:09Z |
| ghsa-v668-5qxg-qhjh |
9.4 (4.0)
|
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerab… | 2026-01-03T00:31:26Z | 2026-01-03T00:31:26Z |
| ghsa-rw75-27g5-4c67 |
9.4 (4.0)
|
A vulnerability in Nuvation Energy nCloud VPN Service allowed Network Boundary Bridging.This issue … | 2026-01-03T00:31:26Z | 2026-01-03T00:31:26Z |
| ghsa-fwx4-5874-4gvg |
10.0 (4.0)
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvation Energy Multi-Sta… | 2026-01-03T00:31:26Z | 2026-01-03T00:31:26Z |
| ghsa-757q-w8xv-793g |
9.3 (4.0)
|
A vulnerability in Nuvation Battery Management System allows Authentication Bypass.This issue affec… | 2026-01-03T00:31:26Z | 2026-01-03T00:31:26Z |
| ghsa-2hrm-3727-3mc5 |
7.2 (4.0)
|
Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller (MSC) … | 2026-01-03T00:31:26Z | 2026-01-03T00:31:26Z |
| ghsa-xmhc-qgjh-2r5x |
6.1 (3.1)
|
The ShopBuilder WordPress plugin before 3.2.2 does not sanitise and escape a parameter before outp… | 2026-01-02T06:30:26Z | 2026-01-03T00:31:25Z |
| ghsa-mjh6-7rhf-fhc8 |
5.3 (3.1)
|
The Ninja Forms WordPress plugin before 3.13.3 allows unauthenticated attackers to generate valid … | 2026-01-02T06:30:26Z | 2026-01-03T00:31:25Z |
| ghsa-6w96-gvjq-xh8h |
6.5 (3.1)
|
The WPBookit WordPress plugin through 1.0.7 lacks a CSRF check when deleting customers. This could … | 2026-01-02T06:30:26Z | 2026-01-03T00:31:25Z |
| ghsa-24cx-vf27-7gv3 |
6.1 (3.1)
|
The Logo Slider WordPress plugin before 4.9.0 does not validate and escape some of its slider opti… | 2026-01-02T06:30:26Z | 2026-01-03T00:31:25Z |
| ghsa-f43r-cc68-gpx4 |
7.1 (3.1)
|
External Control of File Name or Path in Langflow | 2025-12-19T22:53:13Z | 2026-01-03T00:28:22Z |
| ghsa-v627-69v2-xx37 |
7.1 (3.1)
|
`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary r… | 2024-03-05T16:20:07Z | 2026-01-03T00:04:20Z |
| ghsa-jmr4-p576-v565 |
5.4 (4.0)
|
listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover | 2026-01-02T23:04:15Z | 2026-01-02T23:04:15Z |
| ghsa-2267-xqcf-gw2m |
8.6 (4.0)
|
FacturaScripts is Vulnerable to Stored Cross-Site Scripting (XSS) via XML File Upload | 2025-12-30T20:52:21Z | 2026-01-02T22:51:51Z |
| ghsa-x5rw-qvvp-5cgm |
7.1 (3.1)
|
Bagisto has IDOR in Customer Order Reorder Functionality | 2026-01-02T22:50:47Z | 2026-01-02T22:50:47Z |
| ghsa-9hvg-qw5q-wqwp |
7.3 (4.0)
|
Bagisto SSTI vulnerability in type parameter can lead to RCE | 2026-01-02T21:56:00Z | 2026-01-02T21:56:00Z |
| ghsa-c7qp-pc4p-62xw |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function … | 2026-01-02T21:30:29Z | 2026-01-02T21:30:29Z |
| ghsa-28rq-cfhw-3x7j |
4.3 (3.1)
2.1 (4.0)
|
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b467… | 2026-01-02T21:30:29Z | 2026-01-02T21:30:29Z |
| ghsa-c97g-77hh-hcrq |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown func… | 2026-01-02T21:30:28Z | 2026-01-02T21:30:28Z |
| ghsa-w789-3q45-984r |
5.9 (3.1)
|
In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can… | 2025-12-28T00:30:23Z | 2026-01-02T21:30:27Z |
| ghsa-g3fh-r5q2-x687 |
5.5 (3.1)
|
An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allow… | 2025-12-29T18:30:55Z | 2026-01-02T21:30:27Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-1572 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:25.862329Z |
| gsd-2024-1527 | Unrestricted file upload vulnerability in CMS Made Simple, affecting version 2.2.14. This… | 2024-02-16T06:02:25.860804Z |
| gsd-2024-1551 | Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. I… | 2024-02-16T06:02:25.855555Z |
| gsd-2024-1543 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-16T06:02:25.854300Z |
| gsd-2024-1563 | An attacker could have executed unauthorized scripts on top origin sites using a JavaScri… | 2024-02-16T06:02:25.844671Z |
| gsd-2024-1564 | The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a… | 2024-02-16T06:02:25.835386Z |
| gsd-2024-1555 | When opening a website using the `firefox://` protocol handler, SameSite cookies were not… | 2024-02-16T06:02:25.800940Z |
| gsd-2024-1536 | The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerc… | 2024-02-16T06:02:25.800371Z |
| gsd-2024-1560 | A path traversal vulnerability exists in the mlflow/mlflow repository, specifically withi… | 2024-02-16T06:02:25.792213Z |
| gsd-2024-1540 | Previously, it was possible to exfiltrate secrets in Gradio's CI, but this is now fixed. | 2024-02-16T06:02:25.781154Z |
| gsd-2023-52432 | Improper input validation in IpcTxSndSetLoopbackCtrl in libsec-ril prior to SMR Sep-2023 … | 2024-02-16T06:01:44.162624Z |
| gsd-2024-26041 | Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site … | 2024-02-15T06:02:25.177032Z |
| gsd-2024-26201 | Microsoft Intune Linux Agent Elevation of Privilege Vulnerability | 2024-02-15T06:02:25.176699Z |
| gsd-2024-26085 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-15T06:02:25.176378Z |
| gsd-2024-26074 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-15T06:02:25.176105Z |
| gsd-2024-26012 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-15T06:02:25.175815Z |
| gsd-2024-26104 | Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Si… | 2024-02-15T06:02:25.175493Z |
| gsd-2024-26039 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-15T06:02:25.175041Z |
| gsd-2024-26136 | kedi ElectronCord is a bot management tool for Discord. Commit aaaeaf4e6c99893827b2eea4dd… | 2024-02-15T06:02:25.174737Z |
| gsd-2024-26054 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-15T06:02:25.174441Z |
| gsd-2024-26084 | Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site … | 2024-02-15T06:02:25.174150Z |
| gsd-2024-26087 | Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site … | 2024-02-15T06:02:25.173845Z |
| gsd-2024-26141 | Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a … | 2024-02-15T06:02:25.173510Z |
| gsd-2024-26213 | Microsoft Brokering File System Elevation of Privilege Vulnerability | 2024-02-15T06:02:25.173196Z |
| gsd-2024-26035 | Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site … | 2024-02-15T06:02:25.172882Z |
| gsd-2024-26002 | An improper input validation in the Qualcom plctool allows a local attacker with low priv… | 2024-02-15T06:02:25.172578Z |
| gsd-2024-26197 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | 2024-02-15T06:02:25.172267Z |
| gsd-2024-26119 | Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access C… | 2024-02-15T06:02:25.171877Z |
| gsd-2024-26060 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-15T06:02:25.171575Z |
| gsd-2024-26126 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-15T06:02:25.171216Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-184563 | Malicious code in oc-gua-vsjfi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184562 | Malicious code in oc-gua-vsjfhi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184561 | Malicious code in oc-gua-vsjfahi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184560 | Malicious code in oc-gua-vsi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184559 | Malicious code in mugiy-ajvoig-daicutafamajjauak (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184558 | Malicious code in mugiy-ajoig-diajk (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184557 | Malicious code in mugiy-ajoig-dajk (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184556 | Malicious code in mugiy-ajoig-daitajk (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184555 | Malicious code in mugiy-ajoig-daicutafamajjk (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184554 | Malicious code in mugiy-ajoig-daicutafamajjauak (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184553 | Malicious code in mugiy-ajoig-daicutafamajjak (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184552 | Malicious code in mugiy-ajoig-daicutafaajjk (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184551 | Malicious code in mugiy-ajoig-daicutaaajk (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184550 | Malicious code in mugiy-ajoig-daictajk (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184549 | Malicious code in mugiy-ajoig-daictaajk (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184548 | Malicious code in mugiy-ajoig-daiajk (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184547 | Malicious code in msokidt-avog-uucav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184546 | Malicious code in mskidt-avog-uucav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184545 | Malicious code in mokok-lukunai-haj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184544 | Malicious code in mokok-lukni-huj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184543 | Malicious code in mokok-luknai-haj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184542 | Malicious code in mokok-luki-haj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184541 | Malicious code in mokok-lukaunai-hunauaj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184540 | Malicious code in mokok-lukaunai-hunanauaj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184539 | Malicious code in mokok-lukaunai-hunanakuaj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184538 | Malicious code in mokok-lukaunai-hunaj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184537 | Malicious code in mokok-lukaunai-hunaaj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184536 | Malicious code in mokok-lukaunai-huaj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184535 | Malicious code in mokok-lukaunai-haj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-184534 | Malicious code in mokok-lukani-hunauaj (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2024:3105 | Red Hat Security Advisory: python3.11-cryptography security update | 2024-05-22T10:07:11+00:00 | 2025-11-21T19:02:26+00:00 |
| rhsa-2024:3102 | Red Hat Security Advisory: python-jinja2 security update | 2024-05-22T09:46:54+00:00 | 2025-11-21T19:02:26+00:00 |
| rhsa-2024:3067 | Red Hat Security Advisory: tigervnc security update | 2024-05-22T09:29:09+00:00 | 2025-11-21T19:02:26+00:00 |
| rhsa-2024:3066 | Red Hat Security Advisory: exempi security update | 2024-05-22T10:10:16+00:00 | 2025-11-21T19:02:26+00:00 |
| rhsa-2024:3095 | Red Hat Security Advisory: vorbis-tools security update | 2024-05-22T09:32:54+00:00 | 2025-11-21T19:02:25+00:00 |
| rhsa-2024:3089 | Red Hat Security Advisory: gstreamer1-plugins-good security update | 2024-05-22T09:55:36+00:00 | 2025-11-21T19:02:25+00:00 |
| rhsa-2024:3088 | Red Hat Security Advisory: gstreamer1-plugins-base security update | 2024-05-22T10:28:51+00:00 | 2025-11-21T19:02:24+00:00 |
| rhsa-2024:3043 | Red Hat Security Advisory: ansible-core bug fix, enhancement, and security update | 2024-05-22T10:18:55+00:00 | 2025-11-21T19:02:23+00:00 |
| rhsa-2024:3061 | Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security update | 2024-05-22T09:32:13+00:00 | 2025-11-21T19:02:22+00:00 |
| rhsa-2024:3060 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2024-05-22T09:26:56+00:00 | 2025-11-21T19:02:22+00:00 |
| rhsa-2024:3044 | Red Hat Security Advisory: idm:DL1 security update | 2024-05-22T09:50:56+00:00 | 2025-11-21T19:02:22+00:00 |
| rhsa-2024:3059 | Red Hat Security Advisory: libtiff security update | 2024-05-22T09:28:57+00:00 | 2025-11-21T19:02:21+00:00 |
| rhsa-2024:3058 | Red Hat Security Advisory: mutt security update | 2024-05-22T09:45:19+00:00 | 2025-11-21T19:02:21+00:00 |
| rhsa-2024:3056 | Red Hat Security Advisory: qt5-qtbase security update | 2024-05-22T09:30:43+00:00 | 2025-11-21T19:02:20+00:00 |
| rhsa-2024:3030 | Red Hat Security Advisory: libsndfile security update | 2024-05-22T10:30:30+00:00 | 2025-11-21T19:02:18+00:00 |
| rhsa-2024:3022 | Red Hat Security Advisory: motif security update | 2024-05-22T10:02:56+00:00 | 2025-11-21T19:02:18+00:00 |
| rhsa-2024:3017 | Red Hat Security Advisory: edk2 security update | 2024-05-22T09:52:32+00:00 | 2025-11-21T19:02:18+00:00 |
| rhsa-2024:3008 | Red Hat Security Advisory: pmix security update | 2024-05-22T09:48:15+00:00 | 2025-11-21T19:02:18+00:00 |
| rhsa-2024:3005 | Red Hat Security Advisory: python-pillow security update | 2024-05-22T10:16:29+00:00 | 2025-11-21T19:02:17+00:00 |
| rhsa-2024:2996 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update | 2024-05-22T10:12:23+00:00 | 2025-11-21T19:02:17+00:00 |
| rhsa-2024:2995 | Red Hat Security Advisory: xorg-x11-server security update | 2024-05-22T09:45:07+00:00 | 2025-11-21T19:02:15+00:00 |
| rhsa-2024:2994 | Red Hat Security Advisory: LibRaw security update | 2024-05-22T09:57:54+00:00 | 2025-11-21T19:02:14+00:00 |
| rhsa-2024:2981 | Red Hat Security Advisory: frr security update | 2024-05-22T10:06:03+00:00 | 2025-11-21T19:02:12+00:00 |
| rhsa-2024:2980 | Red Hat Security Advisory: harfbuzz security update | 2024-05-22T09:56:26+00:00 | 2025-11-21T19:02:12+00:00 |
| rhsa-2024:2979 | Red Hat Security Advisory: poppler security update | 2024-05-22T10:27:14+00:00 | 2025-11-21T19:02:10+00:00 |
| rhsa-2024:2974 | Red Hat Security Advisory: libXpm security update | 2024-05-22T09:39:44+00:00 | 2025-11-21T19:02:10+00:00 |
| rhsa-2024:2973 | Red Hat Security Advisory: libX11 security update | 2024-05-22T09:42:32+00:00 | 2025-11-21T19:02:09+00:00 |
| rhsa-2024:2966 | Red Hat Security Advisory: ghostscript security update | 2024-05-22T09:52:10+00:00 | 2025-11-21T19:02:08+00:00 |
| rhsa-2024:2962 | Red Hat Security Advisory: virt:rhel and virt-devel:rhel security and enhancement update | 2024-05-22T10:16:15+00:00 | 2025-11-21T19:02:07+00:00 |
| rhsa-2024:2961 | Red Hat Security Advisory: Image builder components bug fix, enhancement and security update | 2024-05-22T09:29:16+00:00 | 2025-11-21T19:02:07+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-0847 | A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2022-0711 | A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-3772 | A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-3677 | A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0 the known versions of this attack are infeasible. However undiscovered variants of the attack may be independent of that setting. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-3667 | An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-3656 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result the L2 guest would be allowed to read/write physical pages of the host resulting in a crash of the entire system leak of sensitive data or potential guest-to-host escape. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-3631 | A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-3609 | .A flaw was found in the CAN BCM networking protocol in the Linux kernel where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-23222 | A man-in-the-middle attacker can inject false responses to the client's first few queries despite the use of SSL certificate verification and encryption. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2022-24526 | Visual Studio Code Spoofing Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-10T08:00:00.000Z |
| msrc_cve-2022-23308 | valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | 2022-02-02T00:00:00.000Z | 2022-03-09T00:00:00.000Z |
| msrc_cve-2022-21824 | Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter which could be "__proto__". The prototype pollution has very limited control in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9 >= 14.18.3 >= 16.13.2 and >= 17.3.1 use a null protoype for the object these properties are being assigned to. | 2022-02-02T00:00:00.000Z | 2022-03-09T00:00:00.000Z |
| msrc_cve-2022-24525 | Windows Update Stack Elevation of Privilege Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24520 | Azure Site Recovery Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24519 | Azure Site Recovery Elevation of Privilege Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24518 | Azure Site Recovery Elevation of Privilege Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24517 | Azure Site Recovery Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24515 | Azure Site Recovery Elevation of Privilege Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24510 | Microsoft Office Visio Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24509 | Microsoft Office Visio Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24508 | Win32 File Enumeration Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24507 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24506 | Azure Site Recovery Elevation of Privilege Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24505 | Windows ALPC Elevation of Privilege Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24503 | Remote Desktop Protocol Client Information Disclosure Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24501 | VP9 Video Extensions Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24471 | Azure Site Recovery Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24470 | Azure Site Recovery Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24469 | Azure Site Recovery Elevation of Privilege Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| msrc_cve-2022-24468 | Azure Site Recovery Remote Code Execution Vulnerability | 2022-03-08T08:00:00.000Z | 2022-03-08T08:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201601-0493 | Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes… | 2025-04-13T23:14:23.019000Z |
| var-201601-0535 | Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote att… | 2025-04-13T23:14:22.964000Z |
| var-201602-0044 | The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1(11… | 2025-04-13T23:14:22.323000Z |
| var-201602-0065 | Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote auth… | 2025-04-13T23:14:22.293000Z |
| var-201602-0317 | Cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM) 6.1.0 allows r… | 2025-04-13T23:14:22.068000Z |
| var-201603-0289 | Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption… | 2025-04-13T23:14:21.912000Z |
| var-201603-0329 | Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and U… | 2025-04-13T23:14:21.881000Z |
| var-201604-0088 | The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.… | 2025-04-13T23:14:21.751000Z |
| var-201604-0089 | The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.… | 2025-04-13T23:14:21.720000Z |
| var-201604-0383 | Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmwar… | 2025-04-13T23:14:21.196000Z |
| var-201604-0425 | Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP… | 2025-04-13T23:14:21.161000Z |
| var-201604-0570 | Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote attackers to obtain potenti… | 2025-04-13T23:14:21.101000Z |
| var-201605-0373 | IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communicati… | 2025-04-13T23:14:16.997000Z |
| var-201606-0031 | The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controlle… | 2025-04-13T23:14:16.531000Z |
| var-201606-0115 | Red Hat OpenShift Enterprise 3.2 and 3.1 do not properly validate the origin of a request… | 2025-04-13T23:14:16.424000Z |
| var-201606-0178 | Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX-R devices allows r… | 2025-04-13T23:14:16.362000Z |
| var-201606-0283 | The license-certificate upload functionality on Cisco 8800 phones with software 11.0(1) a… | 2025-04-13T23:14:16.243000Z |
| var-201606-0430 | Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x befor… | 2025-04-13T23:14:16.180000Z |
| var-201607-0057 | Buffer overflow in the CLI on IBM WebSphere DataPower XC10 appliances 2.1 and 2.5 allows … | 2025-04-13T23:14:16.047000Z |
| var-201607-0433 | Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make c… | 2025-04-13T23:14:15.956000Z |
| var-201608-0010 | Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 1… | 2025-04-13T23:14:15.850000Z |
| var-201608-0089 | cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, a… | 2025-04-13T23:14:15.339000Z |
| var-201608-0073 | Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and… | 2025-04-13T23:14:15.291000Z |
| var-201608-0088 | handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 throu… | 2025-04-13T23:14:15.241000Z |
| var-201608-0087 | __debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5… | 2025-04-13T23:14:15.192000Z |
| var-201608-0090 | NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNA… | 2025-04-13T23:14:15.144000Z |
| var-201608-0072 | cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance … | 2025-04-13T23:14:15.096000Z |
| var-201608-0071 | NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded ro… | 2025-04-13T23:14:15.048000Z |
| var-201608-0241 | Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, whic… | 2025-04-13T23:14:15.004000Z |
| var-201609-0063 | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL0… | 2025-04-13T23:14:14.490000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2021:1876-1 | Security update for snakeyaml | 2021-06-07T12:01:32Z | 2021-06-07T12:01:32Z |
| suse-su-2021:1875-1 | Security update for gstreamer-plugins-bad | 2021-06-07T12:00:34Z | 2021-06-07T12:00:34Z |
| suse-su-2021:1873-1 | Security update for gstreamer-plugins-bad | 2021-06-07T06:18:16Z | 2021-06-07T06:18:16Z |
| suse-su-2021:1870-1 | Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) | 2021-06-04T11:01:42Z | 2021-06-04T11:01:42Z |
| suse-su-2021:1865-1 | Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) | 2021-06-04T11:01:16Z | 2021-06-04T11:01:16Z |
| suse-su-2021:1863-1 | Security update for umoci | 2021-06-04T09:16:48Z | 2021-06-04T09:16:48Z |
| suse-su-2021:1493-2 | Security update for avahi | 2021-06-04T09:15:08Z | 2021-06-04T09:15:08Z |
| suse-su-2021:1860-1 | Security update for libwebp | 2021-06-04T07:04:48Z | 2021-06-04T07:04:48Z |
| suse-su-2021:1859-1 | Security update for python-py | 2021-06-04T07:02:58Z | 2021-06-04T07:02:58Z |
| suse-su-2021:1858-1 | Security update for csync2 | 2021-06-04T07:02:37Z | 2021-06-04T07:02:37Z |
| suse-su-2021:1857-1 | Security update for djvulibre | 2021-06-04T06:56:20Z | 2021-06-04T06:56:20Z |
| suse-su-2021:1856-1 | Security update for slurm_18_08 | 2021-06-04T06:55:18Z | 2021-06-04T06:55:18Z |
| suse-su-2021:1855-1 | Security update for slurm | 2021-06-04T06:55:03Z | 2021-06-04T06:55:03Z |
| suse-su-2021:1854-1 | Security update for MozillaThunderbird | 2021-06-04T06:54:13Z | 2021-06-04T06:54:13Z |
| suse-su-2021:1494-2 | Security update for avahi | 2021-06-03T15:53:48Z | 2021-06-03T15:53:48Z |
| suse-su-2021:1845-1 | Security update for avahi | 2021-06-03T15:52:34Z | 2021-06-03T15:52:34Z |
| suse-su-2021:1844-1 | Security update for polkit | 2021-06-03T14:23:36Z | 2021-06-03T14:23:36Z |
| suse-su-2021:1843-1 | Security update for polkit | 2021-06-03T14:22:54Z | 2021-06-03T14:22:54Z |
| suse-su-2021:1842-1 | Security update for polkit | 2021-06-03T14:21:32Z | 2021-06-03T14:21:32Z |
| suse-su-2021:1841-1 | Security update for dhcp | 2021-06-02T14:31:23Z | 2021-06-02T14:31:23Z |
| suse-su-2021:1840-1 | Security update for xstream | 2021-06-02T14:29:41Z | 2021-06-02T14:29:41Z |
| suse-su-2021:1839-1 | Security update for nginx | 2021-06-02T14:29:21Z | 2021-06-02T14:29:21Z |
| suse-su-2021:1838-1 | Security update for squid | 2021-06-02T14:28:33Z | 2021-06-02T14:28:33Z |
| suse-su-2021:1837-1 | Security update for qemu | 2021-06-02T14:28:16Z | 2021-06-02T14:28:16Z |
| suse-su-2021:1835-1 | Security update for ceph | 2021-06-02T13:38:19Z | 2021-06-02T13:38:19Z |
| suse-su-2021:1834-1 | Security update for ceph | 2021-06-02T13:37:14Z | 2021-06-02T13:37:14Z |
| suse-su-2021:1830-1 | Security update for libwebp | 2021-06-02T12:23:27Z | 2021-06-02T12:23:27Z |
| suse-su-2021:1829-1 | Security update for qemu | 2021-06-02T12:21:01Z | 2021-06-02T12:21:01Z |
| suse-su-2021:1826-1 | Security update for bind | 2021-06-01T14:40:34Z | 2021-06-01T14:40:34Z |
| suse-su-2021:1825-1 | Security update for lz4 | 2021-06-01T14:24:04Z | 2021-06-01T14:24:04Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2024-48101 | FreePBX文件上传漏洞 | 2024-12-04 | 2024-12-13 |
| cnvd-2024-48100 | Moodle跨站脚本漏洞(CNVD-2024-48100) | 2024-06-28 | 2024-12-13 |
| cnvd-2024-47906 | Siemens Parasolid越界写入漏洞(CNVD-2024-47906) | 2024-12-11 | 2024-12-13 |
| cnvd-2024-47520 | IBM Security Verify Access Appliance操作系统命令注入漏洞 | 2024-12-03 | 2024-12-13 |
| cnvd-2024-47519 | IBM Jazz Foundation访问控制错误漏洞 | 2024-12-04 | 2024-12-13 |
| cnvd-2024-47518 | IBM Cloud Pak for Data资源管理错误漏洞 | 2024-12-06 | 2024-12-13 |
| cnvd-2024-47517 | IBM Cognos Controller信任管理问题漏洞(CNVD-2024-47517) | 2024-12-06 | 2024-12-13 |
| cnvd-2024-47516 | IBM Cognos Controller跨站请求伪造漏洞 | 2024-12-06 | 2024-12-13 |
| cnvd-2024-47515 | IBM Cognos Controller加密问题漏洞(CNVD-2024-47515) | 2024-12-06 | 2024-12-13 |
| cnvd-2024-47514 | IBM App Connect Enterprise操作系统命令注入漏洞 | 2024-12-06 | 2024-12-13 |
| cnvd-2024-47916 | Apache Struts文件上传漏洞 | 2024-12-12 | 2024-12-12 |
| cnvd-2024-47915 | Siemens SICAM A8000 CP-8031和CP-8050固件解密漏洞 | 2024-12-11 | 2024-12-12 |
| cnvd-2024-47914 | Siemens RUGGEDCOM ROX II跨站请求伪造漏洞 | 2024-12-11 | 2024-12-12 |
| cnvd-2024-47913 | Siemens Engineering Platforms本地任意代码执行漏洞 | 2024-12-11 | 2024-12-12 |
| cnvd-2024-47912 | Siemens COMOS XXE注入漏洞 | 2024-12-12 | 2024-12-12 |
| cnvd-2024-47911 | Siemens COMOS XXE注入漏洞(CNVD-2024-47911) | 2024-12-11 | 2024-12-12 |
| cnvd-2024-47910 | Siemens Solid Edge V2024堆缓冲区溢出漏洞 | 2024-12-11 | 2024-12-12 |
| cnvd-2024-47909 | Siemens Solid Edge V2024堆缓冲区溢出漏洞(CNVD-2024-47909) | 2024-12-11 | 2024-12-12 |
| cnvd-2024-47908 | Siemens Solid Edge V2024整数下溢漏洞 | 2024-12-11 | 2024-12-12 |
| cnvd-2024-47907 | Siemens Engineering Platforms反序列化漏洞 | 2024-12-11 | 2024-12-12 |
| cnvd-2024-47708 | WordPress插件WP Umbrella: Update Backup Restore & Monitoring本地文件包含漏洞 | 2024-12-11 | 2024-12-12 |
| cnvd-2024-47147 | 畅捷通信息技术股份有限公司畅捷通T+存在SQL注入漏洞 | 2024-10-28 | 2024-12-12 |
| cnvd-2024-47141 | 北京天融信科技有限公司上网行为管理系统存在命令执行漏洞 | 2024-10-28 | 2024-12-12 |
| cnvd-2024-47716 | Apache Roller跨站请求伪造漏洞(CNVD-2024-47716) | 2024-10-17 | 2024-12-11 |
| cnvd-2024-47715 | Apache HertzBeat信息泄露漏洞 | 2024-11-21 | 2024-12-11 |
| cnvd-2024-47714 | Apache HertzBeat命令注入漏洞 | 2024-11-21 | 2024-12-11 |
| cnvd-2024-47713 | Apache HertzBeat反序列化漏洞(CNVD-2024-47713) | 2024-11-21 | 2024-12-11 |
| cnvd-2024-47712 | Apache NimBLE越界读取漏洞(CNVD-2024-47712) | 2024-12-06 | 2024-12-11 |
| cnvd-2024-47711 | Apache NimBLE缓冲区溢出漏洞 | 2024-12-06 | 2024-12-11 |
| cnvd-2024-47710 | Apache NimBLE越界读取漏洞 | 2024-12-06 | 2024-12-11 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2011-avi-701 | Vulnérabilité dans RSA SecurID Software Token | 2011-12-16T00:00:00.000000 | 2011-12-16T00:00:00.000000 |
| certa-2011-avi-700 | Vulnérabilités dans Splunk | 2011-12-16T00:00:00.000000 | 2011-12-16T00:00:00.000000 |
| certa-2011-avi-699 | Multiples vulnérabilités dans Cacti | 2011-12-15T00:00:00.000000 | 2011-12-15T00:00:00.000000 |
| certa-2011-avi-698 | Vulnérabilités dans Google Chrome | 2011-12-15T00:00:00.000000 | 2011-12-15T00:00:00.000000 |
| certa-2011-avi-697 | Vulnérabilités dans Adobe ColdFusion | 2011-12-15T00:00:00.000000 | 2011-12-15T00:00:00.000000 |
| certa-2011-avi-696 | Multiples vulnérabilités dans Internet Explorer | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-695 | Vulnérabilité dans le noyau Windows | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-694 | Vulnérabilité dans Microsoft Windows | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-693 | Vulnérabilité dans Microsoft Excel | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-692 | Vulnérabilité dans Active Directory | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-691 | Vulnérabilités dans Microsoft PowerPoint | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-690 | Vulnérabilité dans OLE | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-689 | Vulnérabilité dans Windows Media Player | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-688 | Vulnérabilités dans Microsoft Publisher | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-687 | Vulnérabilité dans Microsoft Time | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-686 | Vulnérabilité dans Microsoft Office | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-685 | Vulnérabilité dans Microsoft Office | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-684 | Vulnérabilité dans la gestion des polices TrueType sur Windows | 2011-12-14T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-avi-683 | Vulnérabilité dans acpid | 2011-12-13T00:00:00.000000 | 2011-12-13T00:00:00.000000 |
| certa-2011-avi-682 | Vulnérabilités dans Asterisk | 2011-12-13T00:00:00.000000 | 2011-12-13T00:00:00.000000 |
| certa-2011-avi-681 | Vulnérabilité dans Apache Struts | 2011-12-13T00:00:00.000000 | 2011-12-13T00:00:00.000000 |
| certa-2011-avi-680 | Vulnérabilité dans Trend Micro Control Manager | 2011-12-13T00:00:00.000000 | 2011-12-13T00:00:00.000000 |
| certa-2011-avi-679 | Vulnérabilité dans CA SiteMinder | 2011-12-13T00:00:00.000000 | 2011-12-13T00:00:00.000000 |
| certa-2011-avi-531 | Multiple vulnérabilités dans Adobe Flash Player | 2011-09-22T00:00:00.000000 | 2011-12-13T00:00:00.000000 |
| certa-2011-avi-678 | Vulnérabilité dans Novell ZENworks | 2011-12-09T00:00:00.000000 | 2011-12-09T00:00:00.000000 |
| certa-2011-avi-677 | Vulnérabilité dans ISC DHCP | 2011-12-08T00:00:00.000000 | 2011-12-08T00:00:00.000000 |
| certa-2011-avi-676 | Vulnérabilité dans Foxit Reader | 2011-12-07T00:00:00.000000 | 2011-12-07T00:00:00.000000 |
| certa-2011-avi-675 | Vulnérabilités dans Opera | 2011-12-07T00:00:00.000000 | 2011-12-07T00:00:00.000000 |
| certa-2011-avi-674 | Vulnérabilité dans MIT Kerberos | 2011-12-07T00:00:00.000000 | 2011-12-07T00:00:00.000000 |
| certa-2011-avi-673 | Vulnérabilité dans libXfont | 2011-12-06T00:00:00.000000 | 2011-12-06T00:00:00.000000 |