Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-47774 |
8.4 (4.0)
9.8 (3.1)
|
Kingdia CD Extractor 3.0.2 - Buffer Overflow (SEH) |
En |
Kingdia CD Extractor |
2026-01-15T15:52:12.724Z | 2026-01-15T16:46:45.316Z |
| CVE-2026-22265 |
7.5 (3.1)
|
Roxy-WI has a Command Injection via grep parameter in … |
roxy-wi |
roxy-wi |
2026-01-15T16:27:52.446Z | 2026-01-15T16:46:11.782Z |
| CVE-2021-47775 |
8.4 (4.0)
8.4 (3.1)
|
YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH) |
Litexmedia |
YouTube Video Grabber |
2026-01-15T15:52:13.223Z | 2026-01-15T16:46:04.528Z |
| CVE-2025-66417 |
7.5 (3.1)
|
GLPI has an unauthenticated SQL injection through the… |
glpi-project |
glpi |
2026-01-15T16:25:03.467Z | 2026-01-15T16:45:31.206Z |
| CVE-2025-66292 |
8.1 (3.1)
|
DPanel has an arbitrary file deletion vulnerability in… |
donknap |
dpanel |
2026-01-15T16:19:55.507Z | 2026-01-15T16:44:51.018Z |
| CVE-2025-70308 |
7.5 (3.1)
|
An out-of-bounds read in the GSF demuxer filter c… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:44:15.156Z |
| CVE-2025-70304 |
7.5 (3.1)
|
A buffer overflow in the vobsub_get_subpic_durati… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:43:16.567Z |
| CVE-2025-70310 |
5.5 (3.1)
|
A heap overflow in the vorbis_to_intern() functio… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:43:01.292Z |
| CVE-2021-47776 |
6.9 (4.0)
5.3 (3.1)
|
Umbraco v8.14.1 - 'baseUrl' SSRF |
umbraco |
Umbraco |
2026-01-15T15:52:13.737Z | 2026-01-15T16:40:33.352Z |
| CVE-2021-47777 |
8.8 (4.0)
8.2 (3.1)
|
Build Smart ERP 21.0817 - 'eidValue' SQL Injection (Un… |
Ribccs |
Build Smart ERP |
2026-01-15T15:52:14.242Z | 2026-01-15T16:40:07.115Z |
| CVE-2026-0992 |
2.9 (3.1)
|
Libxml2: libxml2: denial of service via crafted xml catalogs |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-15T14:20:24.934Z | 2026-01-15T16:39:47.982Z |
| CVE-2021-47781 |
6.7 (4.0)
9.8 (3.1)
|
Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial of … |
Cmder |
Cmder Console Emulator |
2026-01-15T15:52:14.687Z | 2026-01-15T16:39:37.145Z |
| CVE-2026-0989 |
3.7 (3.1)
|
Libxml2: unbounded relaxng include recursion leading t… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-15T14:20:23.274Z | 2026-01-15T16:39:34.311Z |
| CVE-2026-0990 |
5.9 (3.1)
|
Libxml2: libxml2: denial of service via uncontrolled r… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-15T14:20:06.515Z | 2026-01-15T16:39:20.891Z |
| CVE-2021-47784 |
6.7 (4.0)
7.5 (3.1)
|
Cyberfox Web Browser 52.9.1 - Denial of Service (PoC) |
Cyberfox |
Cyberfox Web Browser |
2026-01-15T15:52:15.185Z | 2026-01-15T16:39:13.224Z |
| CVE-2026-0897 |
7.1 (4.0)
|
Denial of Service in Keras via Excessive Memory Alloca… |
Google |
Keras |
2026-01-15T14:09:53.603Z | 2026-01-15T16:38:18.772Z |
| CVE-2025-70309 |
5.5 (3.1)
|
A stack overflow in the pcmreframe_flush_packet f… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:38:15.352Z |
| CVE-2026-22914 |
4.3 (3.1)
|
An attacker with limited permissions may still be… |
SICK AG |
TDC-X401GL |
2026-01-15T13:06:19.599Z | 2026-01-15T16:38:01.091Z |
| CVE-2026-22913 |
4.3 (3.1)
|
Improper handling of a URL parameter may allow at… |
SICK AG |
TDC-X401GL |
2026-01-15T13:05:40.925Z | 2026-01-15T16:37:50.866Z |
| CVE-2026-22912 |
4.3 (3.1)
|
Improper validation of a login parameter may allo… |
SICK AG |
TDC-X401GL |
2026-01-15T13:03:15.361Z | 2026-01-15T16:37:41.596Z |
| CVE-2026-22862 |
7.1 (4.0)
|
go-ethereum has a DoS via malicious p2p message |
ethereum |
go-ethereum |
2026-01-13T20:27:10.979Z | 2026-01-15T16:37:30.177Z |
| CVE-2025-37186 |
7.8 (3.1)
|
Local Privilege Escalation Vulnerability in HPE Aruba … |
Hewlett Packard Enterprise (HPE) |
Virtual Intranet Access (VIA) |
2026-01-13T20:16:33.606Z | 2026-01-15T16:37:19.095Z |
| CVE-2025-68698 |
8.7 (4.0)
|
Jervis has an RSA PKCS#1 v1.5 Padding Vulnerability |
samrocketman |
jervis |
2026-01-13T19:16:01.757Z | 2026-01-15T16:37:02.420Z |
| CVE-2021-47799 |
8.5 (4.0)
6.2 (3.1)
|
Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation |
Visual-Tools |
Visual Tools DVR VX16 |
2026-01-15T15:52:15.717Z | 2026-01-15T16:32:06.015Z |
| CVE-2025-20393 |
10 (3.1)
|
Cisco Secure Email Gateway and Cisco Secure Email and … |
Cisco |
Cisco Secure Email |
2025-12-17T16:47:13.128Z | 2026-01-15T16:32:03.740Z |
| CVE-2021-47819 |
9.3 (4.0)
9.8 (3.1)
|
ProjeQtOr Project Management 9.1.4 - Remote Code Execution |
Projeqtor |
ProjeQtOr Project Management |
2026-01-15T15:52:16.218Z | 2026-01-15T16:09:10.470Z |
| CVE-2025-64516 |
7.5 (3.1)
|
GLPI incorrectly authorizes access to documents |
glpi-project |
glpi |
2026-01-15T16:01:03.470Z | 2026-01-15T16:08:18.590Z |
| CVE-2025-67083 |
5.3 (3.1)
|
Directory traversal vulnerability in InvoicePlane… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:08:02.045Z |
| CVE-2024-36856 |
7.5 (3.1)
|
RMQTT Broker 0.4.0 allows remote attackers to cau… |
n/a |
n/a |
2024-06-12T00:00:00.000Z | 2026-01-15T16:06:03.877Z |
| CVE-2025-67246 |
7.3 (3.1)
|
A local information disclosure vulnerability exis… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-01-15T16:02:13.237Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-48330 |
9.8 (3.1)
|
WordPress Real Time Validation for Gravity Forms <= 1.… |
Daman Jeet |
Real Time Validation for Gravity Forms |
2025-11-06T15:53:48.806Z | 2026-01-20T14:28:06.327Z |
| CVE-2025-48290 |
9.8 (3.1)
|
WordPress Kinsley theme <= 3.4.4 - Local File Inclusio… |
bslthemes |
Kinsley |
2025-11-06T15:53:47.362Z | 2026-01-20T14:28:06.389Z |
| CVE-2025-48106 |
10 (3.1)
|
WordPress Clanora theme < 1.3.1 - Arbitrary File Uploa… |
CMSSuperHeroes |
Clanora |
2025-10-22T14:32:07.674Z | 2026-01-20T14:28:06.040Z |
| CVE-2025-48099 |
4.7 (3.1)
|
WordPress Search & Filter plugin <= 1.2.17 - Cross Sit… |
Code Amp |
Search & Filter |
2025-10-22T14:32:07.494Z | 2026-01-20T14:28:05.849Z |
| CVE-2025-48098 |
7.1 (3.1)
|
WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site … |
Ays Pro |
Survey Maker |
2025-10-22T14:32:07.268Z | 2026-01-20T14:28:05.964Z |
| CVE-2025-48097 |
7.1 (3.1)
|
WordPress WSAnalytics plugin <= 1.1.2 - Reflected Cros… |
Shiva |
WSAnalytics |
2025-10-22T14:32:07.078Z | 2026-01-20T14:28:06.030Z |
| CVE-2025-48096 |
6.5 (3.1)
|
WordPress Custom CSS plugin <= 1.4.0 - Broken Access C… |
FRESHFACE |
Custom CSS |
2025-10-22T14:32:06.895Z | 2026-01-20T14:28:06.033Z |
| CVE-2025-48095 |
5.9 (3.1)
|
WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site … |
Ays Pro |
Survey Maker |
2025-10-22T14:32:06.692Z | 2026-01-20T14:28:06.023Z |
| CVE-2025-48093 |
7.1 (3.1)
|
WordPress Password only login plugin <= 0.2 - Reflecte… |
Calvaweb |
Password only login |
2025-10-22T14:32:06.499Z | 2026-01-20T14:28:06.143Z |
| CVE-2025-48092 |
7.1 (3.1)
|
WordPress Fix Multiple Redirects plugin <= 1.2.3 - Ref… |
jurajpuchky |
Fix Multiple Redirects |
2025-10-22T14:32:06.317Z | 2026-01-20T14:28:06.013Z |
| CVE-2025-48091 |
8.5 (3.1)
|
WordPress AnyComment plugin <= 0.3.6 - SQL Injection v… |
Alexander |
AnyComment |
2025-10-22T14:32:06.134Z | 2026-01-20T14:28:05.973Z |
| CVE-2025-48090 |
8.2 (3.1)
|
WordPress Blanka - One Page WordPress Theme Theme < 1.… |
CocoBasic |
Blanka - One Page WordPress Theme |
2025-11-06T15:53:43.727Z | 2026-01-20T14:28:05.889Z |
| CVE-2025-48089 |
9.8 (3.1)
|
WordPress Education WordPress Theme | HiStudy theme < … |
Rainbow-Themes |
Education WordPress Theme | HiStudy |
2025-11-06T15:53:43.152Z | 2026-01-20T14:28:05.780Z |
| CVE-2025-48088 |
6.5 (3.1)
|
WordPress Ultimate Addons for WPBakery Page Builder pl… |
Brainstorm Force |
Ultimate Addons for WPBakery Page Builder |
2025-10-27T02:09:52.224Z | 2026-01-20T14:28:05.703Z |
| CVE-2025-48087 |
6.5 (3.1)
|
WordPress Memberlite Shortcodes plugin <= 1.4.1 - Cros… |
Jason C. |
Memberlite Shortcodes |
2025-10-17T14:18:04.368Z | 2026-01-20T14:28:05.761Z |
| CVE-2025-48086 |
9.8 (3.1)
|
WordPress Ajax Search Lite plugin <= 4.13.3 - PHP Obje… |
wpdreams |
Ajax Search Lite |
2025-11-06T15:53:42.585Z | 2026-01-20T14:28:05.623Z |
| CVE-2025-48085 |
8.8 (3.1)
|
WordPress Simple Stripe plugin <= 0.9.17 - Cross Site … |
ZIPANG |
Simple Stripe |
2025-11-06T15:53:41.777Z | 2026-01-20T14:28:05.540Z |
| CVE-2025-48083 |
8.8 (3.1)
|
WordPress wpNamedUsers plugin <= 0.5 - Cross Site Requ… |
andriassundskard |
wpNamedUsers |
2025-11-06T15:53:40.546Z | 2026-01-20T14:28:05.728Z |
| CVE-2025-48082 |
8.8 (3.1)
|
WordPress Progress Planner plugin <= 1.8.0 - Privilege… |
Progress Planner |
Progress Planner |
2025-10-22T14:32:05.935Z | 2026-01-20T14:28:05.589Z |
| CVE-2025-48078 |
8.8 (3.1)
|
WordPress Slick Google Map plugin <= 0.3 - Cross Site … |
Norbert |
Slick Google Map |
2025-11-06T15:53:37.443Z | 2026-01-20T14:28:05.590Z |
| CVE-2025-48077 |
8.8 (3.1)
|
WordPress Block Country plugin <= 1.0 - Cross Site Req… |
nitinmaurya12 |
Block Country |
2025-11-06T15:53:36.642Z | 2026-01-20T14:28:05.512Z |
| CVE-2025-47588 |
9.8 (3.1)
|
WordPress Dynamic Pricing With Discount Rules for WooC… |
acowebs |
Dynamic Pricing With Discount Rules for WooCommerce |
2025-11-06T15:53:35.904Z | 2026-01-20T14:28:05.523Z |
| CVE-2025-47566 |
7.1 (3.1)
|
WordPress ZoomSounds plugin <= 6.91 - Reflected Cross … |
ZoomSounds |
ZoomSounds |
2025-12-31T20:07:56.919Z | 2026-01-20T14:28:05.562Z |
| CVE-2025-46255 |
7.5 (3.1)
|
WordPress LoginWP - Pro Plugin <= 4.0.8.5 - Settings C… |
Marketing Fire LLC |
LoginWP - Pro |
2026-01-05T16:44:34.478Z | 2026-01-20T14:28:05.508Z |
| CVE-2025-39561 |
6.5 (3.1)
|
WordPress LoginWP - Pro Plugin <= 4.0.8.5 - Broken Acc… |
Marketing Fire, LLC |
LoginWP - Pro |
2026-01-05T16:50:25.554Z | 2026-01-20T14:28:05.437Z |
| CVE-2025-39534 |
7.1 (3.1)
|
WordPress Terms Dictionary Plugin <= 1.5.1 - Reflected… |
Somonator |
Terms Dictionary |
2025-10-22T14:32:05.744Z | 2026-01-20T14:28:05.517Z |
| CVE-2025-39497 |
6.5 (3.1)
|
WordPress Dokan Pro plugin <= 3.14.5 - Cross Site Scri… |
Dokan |
Dokan Pro |
2026-01-05T16:51:39.889Z | 2026-01-20T14:28:05.472Z |
| CVE-2025-39484 |
9.3 (3.1)
|
WordPress Entrada Theme <= 5.7.7 - SQL Injection vulne… |
Waituk |
Entrada |
2026-01-05T16:53:28.100Z | 2026-01-20T14:28:05.385Z |
| CVE-2025-39468 |
9.8 (3.1)
|
WordPress Modal Survey plugin <= 2.0.2.0.1 - Local Fil… |
pantherius |
Modal Survey |
2025-11-06T15:53:34.539Z | 2026-01-20T14:28:05.416Z |
| CVE-2025-39465 |
8.1 (3.1)
|
WordPress Advanced Google Maps plugin <= 5.8.4 - Broke… |
flippercode |
Advanced Google Maps |
2025-11-06T15:53:29.145Z | 2026-01-20T14:28:05.359Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-48099 | Cross-Site Request Forgery (CSRF) vulnerability in Code Amp Search & Filter search-filter allows Cr… | 2025-10-22T15:15:34.733 | 2026-01-20T15:16:30.600 |
| fkie_cve-2025-48098 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:34.600 | 2026-01-20T15:16:30.450 |
| fkie_cve-2025-48097 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:34.467 | 2026-01-20T15:16:30.300 |
| fkie_cve-2025-48096 | Missing Authorization vulnerability in FRESHFACE Custom CSS custom-css-editor allows Exploiting Inc… | 2025-10-22T15:15:34.333 | 2026-01-20T15:16:30.157 |
| fkie_cve-2025-48095 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:34.210 | 2026-01-20T15:16:30.013 |
| fkie_cve-2025-48093 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:34.090 | 2026-01-20T15:16:29.843 |
| fkie_cve-2025-48092 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:33.963 | 2026-01-20T15:16:29.667 |
| fkie_cve-2025-48091 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-10-22T15:15:33.840 | 2026-01-20T15:16:28.740 |
| fkie_cve-2025-48090 | Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Page WordPress Theme blanka-wp … | 2025-11-06T16:15:52.423 | 2026-01-20T15:16:27.027 |
| fkie_cve-2025-48089 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-11-06T16:15:52.270 | 2026-01-20T15:16:26.877 |
| fkie_cve-2025-48088 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:15:50.727 | 2026-01-20T15:16:26.767 |
| fkie_cve-2025-48087 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-17T15:15:38.730 | 2026-01-20T15:16:26.650 |
| fkie_cve-2025-48086 | Deserialization of Untrusted Data vulnerability in wpdreams Ajax Search Lite ajax-search-lite allow… | 2025-11-06T16:15:52.120 | 2026-01-20T15:16:26.520 |
| fkie_cve-2025-48085 | Cross-Site Request Forgery (CSRF) vulnerability in ZIPANG Simple Stripe simple-stripe allows Stored… | 2025-11-06T16:15:51.970 | 2026-01-20T15:16:26.377 |
| fkie_cve-2025-48083 | Cross-Site Request Forgery (CSRF) vulnerability in andriassundskard wpNamedUsers wpnamedusers allow… | 2025-11-06T16:15:51.810 | 2026-01-20T15:16:26.243 |
| fkie_cve-2025-48082 | Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner … | 2025-10-22T15:15:33.707 | 2026-01-20T15:16:26.110 |
| fkie_cve-2025-48078 | Cross-Site Request Forgery (CSRF) vulnerability in Norbert Slick Google Map slick-google-map allows… | 2025-11-06T16:15:51.670 | 2026-01-20T15:16:25.983 |
| fkie_cve-2025-48077 | Cross-Site Request Forgery (CSRF) vulnerability in nitinmaurya12 Block Country block-country allows… | 2025-11-06T16:15:51.513 | 2026-01-20T15:16:25.853 |
| fkie_cve-2025-47588 | Improper Control of Generation of Code ('Code Injection') vulnerability in acowebs Dynamic Pricing … | 2025-11-06T16:15:51.363 | 2026-01-20T15:16:25.713 |
| fkie_cve-2025-47566 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T20:15:42.650 | 2026-01-20T15:16:25.607 |
| fkie_cve-2025-46255 | Missing Authorization vulnerability in Marketing Fire LLC LoginWP - Pro allows Accessing Functional… | 2026-01-05T17:15:45.480 | 2026-01-20T15:16:25.347 |
| fkie_cve-2025-39561 | Missing Authorization vulnerability in Marketing Fire, LLC LoginWP - Pro allows Accessing Functiona… | 2026-01-05T17:15:45.330 | 2026-01-20T15:16:24.937 |
| fkie_cve-2025-39534 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-22T15:15:33.580 | 2026-01-20T15:16:24.800 |
| fkie_cve-2025-39497 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-05T17:15:45.183 | 2026-01-20T15:16:24.693 |
| fkie_cve-2025-39484 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-01-05T17:15:45.033 | 2026-01-20T15:16:24.590 |
| fkie_cve-2025-39468 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T16:15:51.210 | 2026-01-20T15:16:24.457 |
| fkie_cve-2025-39465 | Missing Authorization vulnerability in flippercode Advanced Google Maps wp-google-map-gold allows E… | 2025-11-06T16:15:50.700 | 2026-01-20T15:16:24.050 |
| fkie_cve-2025-39463 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T16:15:50.447 | 2026-01-20T15:16:23.910 |
| fkie_cve-2025-32657 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-10-22T15:15:33.443 | 2026-01-20T15:16:23.557 |
| fkie_cve-2025-32283 | Deserialization of Untrusted Data vulnerability in designthemes Solar Energy solar allows Object In… | 2025-10-22T15:15:33.307 | 2026-01-20T15:16:23.413 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-2hwm-56x6-pwwc |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:41Z | 2026-01-02T18:30:41Z |
| ghsa-26hf-8wp7-h2jq |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:41Z | 2026-01-02T18:30:41Z |
| ghsa-xw55-hvqx-m963 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-x9rr-fxm5-7mp2 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-vwww-vp37-cpwg |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-vpjh-2xvm-v653 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-vmmw-5x3f-fhg5 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-v83r-wqfj-3mw5 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-r64w-c7r2-46f2 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-mq2m-42m5-q6q6 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-m7wm-rxxw-rv7w |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-hh9x-x276-4pvv |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:40Z |
| ghsa-h76v-ffvp-5vfp |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-fvrp-8m3r-j83m |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:40Z |
| ghsa-ccg2-vgx8-m2xv |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-9mc2-qj8m-rw7x |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-8rw2-hf9g-35wh |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-835q-cj89-gwxm |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-7f46-wwmf-m6v3 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-72r9-6hhq-8j4p |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-6vv4-r35q-4h6w |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-5jp5-2ccp-575c |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-34vr-x63q-c2p5 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-2j4x-8g92-58rm |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:40Z | 2026-01-02T18:30:40Z |
| ghsa-wvc2-m599-j75p |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:39Z |
| ghsa-v7f2-hxcr-p5rp |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:39Z |
| ghsa-rq6v-8fv9-q7fm |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:39Z |
| ghsa-qcjq-c899-cf23 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:39Z |
| ghsa-mp73-fr35-fqwg |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:39Z |
| ghsa-jg7g-h9qm-xvp8 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:39Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-1424 | The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable … | 2024-02-10T06:02:58.443300Z |
| gsd-2024-1416 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-10T06:02:58.432250Z |
| gsd-2024-1420 | ** REJECT ** **REJECT** This is a duplicate of CVE-2024-1049. Please use CVE-2024-1049 instead. | 2024-02-10T06:02:58.431206Z |
| gsd-2024-1413 | The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Sit… | 2024-02-10T06:02:58.411251Z |
| gsd-2024-1401 | The Profile Box Shortcode And Widget WordPress plugin before 1.2.1 does not sanitise and … | 2024-02-10T06:02:58.410815Z |
| gsd-2024-1404 | A vulnerability was found in Linksys WRT54GL 4.30.18 and classified as problematic. Affec… | 2024-02-10T06:02:58.401749Z |
| gsd-2024-1425 | The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & An… | 2024-02-10T06:02:58.391607Z |
| gsd-2024-1421 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored … | 2024-02-10T06:02:58.391296Z |
| gsd-2024-1406 | A vulnerability was found in Linksys WRT54GL 4.30.18. It has been declared as problematic… | 2024-02-10T06:02:58.376859Z |
| gsd-2024-1429 | The Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, … | 2024-02-10T06:02:58.374943Z |
| gsd-2024-1400 | The Mollie Forms plugin for WordPress is vulnerable to unauthorized post or page duplicat… | 2024-02-10T06:02:58.360562Z |
| gsd-2024-1408 | The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &… | 2024-02-10T06:02:58.356264Z |
| gsd-2024-1409 | The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &… | 2024-02-10T06:02:58.355870Z |
| gsd-2024-1398 | The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Store… | 2024-02-10T06:02:58.351837Z |
| gsd-2024-25670 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-10T06:02:58.346896Z |
| gsd-2024-25699 | There is a difficult to exploit improper authentication issue in the Home application fo… | 2024-02-10T06:02:58.345525Z |
| gsd-2024-25659 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-10T06:02:58.342464Z |
| gsd-2024-25675 | An issue was discovered in MISP before 2.4.184. A client does not need to use POST to sta… | 2024-02-10T06:02:58.337905Z |
| gsd-2024-25655 | Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unifie… | 2024-02-10T06:02:58.336099Z |
| gsd-2024-25679 | In PQUIC before 5bde5bb, retention of unused initial encryption keys allows attackers to … | 2024-02-10T06:02:58.334938Z |
| gsd-2024-25660 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-10T06:02:58.332615Z |
| gsd-2024-25677 | In Min before 1.31.0, local files are not correctly treated as unique security origins, w… | 2024-02-10T06:02:58.331884Z |
| gsd-2024-25682 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-10T06:02:58.329282Z |
| gsd-2024-25702 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-10T06:02:58.315660Z |
| gsd-2024-25652 | In Delinea PAM Secret Server 11.4, it is possible for a user (with access to the Report f… | 2024-02-10T06:02:58.315107Z |
| gsd-2024-25701 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-10T06:02:58.312320Z |
| gsd-2024-25678 | In LiteSpeed QUIC (LSQUIC) Library before 4.0.4, DCID validation is mishandled. | 2024-02-10T06:02:58.304920Z |
| gsd-2024-25662 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-10T06:02:58.302930Z |
| gsd-2024-25700 | There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise… | 2024-02-10T06:02:58.301848Z |
| gsd-2024-25697 | There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions <=11.1 th… | 2024-02-10T06:02:58.296145Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-183895 | Malicious code in masv-ilo-civasavuium (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183894 | Malicious code in masv-ilo-civasavuinaum (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183893 | Malicious code in masv-ilo-civasaum (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183892 | Malicious code in masv-ilmo-civufavsba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183891 | Malicious code in masv-ilmo-civufavsaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183890 | Malicious code in masv-ilmo-civufavisaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183889 | Malicious code in masv-ilmo-civufavicasaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183888 | Malicious code in masv-ilmo-civufavba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183887 | Malicious code in masv-ilmo-civufaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183886 | Malicious code in masv-ilmo-civuaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183885 | Malicious code in masv-ilmo-civasavuum (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183884 | Malicious code in masv-ilmo-civasavunaum (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183883 | Malicious code in masv-ilmo-civasavum (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183882 | Malicious code in masv-ilmo-civasavuinaum (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183881 | Malicious code in masv-ilmo-civasavm (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183880 | Malicious code in masv-ilmo-civasam (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183879 | Malicious code in masv-ilmo-civasa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183878 | Malicious code in masv-ilmo-civas (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183877 | Malicious code in masv-ilmo-civaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183876 | Malicious code in masv-ilmo-civa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183875 | Malicious code in masv-ilmo-civ (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183874 | Malicious code in masv-ilmo-ciba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183873 | Malicious code in masv-ilmo-ciaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183872 | Malicious code in masv-ilmo-ci (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183871 | Malicious code in masv-ilmo-cba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183870 | Malicious code in masv-ilmo-cb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183869 | Malicious code in masv-ilisiamo-iuf (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183868 | Malicious code in masv-ilisiamo-inuf (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183867 | Malicious code in masv-ilisiamo-inafuuf (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183866 | Malicious code in masv-ilisiamo-civufaua (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2023:7788 | Red Hat Security Advisory: postgresql:10 security update | 2023-12-13T16:29:01+00:00 | 2025-11-21T18:52:10+00:00 |
| rhsa-2023:7786 | Red Hat Security Advisory: postgresql:10 security update | 2023-12-13T15:27:24+00:00 | 2025-11-21T18:52:09+00:00 |
| rhsa-2023:7783 | Red Hat Security Advisory: postgresql security update | 2023-12-13T15:24:05+00:00 | 2025-11-21T18:52:09+00:00 |
| rhsa-2023:7773 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update | 2023-12-13T08:36:28+00:00 | 2025-11-21T18:52:09+00:00 |
| rhsa-2023:7778 | Red Hat Security Advisory: postgresql:10 security update | 2023-12-13T14:37:34+00:00 | 2025-11-21T18:52:08+00:00 |
| rhsa-2023:7771 | Red Hat Security Advisory: rh-postgresql10-postgresql security update | 2023-12-13T08:06:28+00:00 | 2025-11-21T18:52:07+00:00 |
| rhsa-2023:7754 | Red Hat Security Advisory: pixman security update | 2023-12-12T17:24:52+00:00 | 2025-11-21T18:52:06+00:00 |
| rhsa-2023:7747 | Red Hat Security Advisory: libxml2 security update | 2023-12-12T17:28:55+00:00 | 2025-11-21T18:52:04+00:00 |
| rhsa-2023:7744 | Red Hat Security Advisory: tracker-miners security update | 2023-12-12T16:19:35+00:00 | 2025-11-21T18:52:04+00:00 |
| rhsa-2023:7743 | Red Hat Security Advisory: curl security update | 2023-12-12T16:27:30+00:00 | 2025-11-21T18:52:04+00:00 |
| rhsa-2023:7740 | Red Hat Security Advisory: Red Hat Ceph Storage 6.1 security, enhancements, and bug fix update | 2023-12-12T13:59:00+00:00 | 2025-11-21T18:52:04+00:00 |
| rhsa-2023:7739 | Red Hat Security Advisory: tracker-miners security update | 2023-12-12T13:23:15+00:00 | 2025-11-21T18:52:04+00:00 |
| rhsa-2023:7734 | Red Hat Security Advisory: kpatch-patch security update | 2023-12-12T10:58:38+00:00 | 2025-11-21T18:52:03+00:00 |
| rhsa-2023:7733 | Red Hat Security Advisory: tracker-miners security update | 2023-12-12T10:59:17+00:00 | 2025-11-21T18:52:03+00:00 |
| rhsa-2023:7732 | Red Hat Security Advisory: tracker-miners security update | 2023-12-12T10:59:24+00:00 | 2025-11-21T18:52:02+00:00 |
| rhsa-2023:7731 | Red Hat Security Advisory: tracker-miners security update | 2023-12-12T10:47:49+00:00 | 2025-11-21T18:52:02+00:00 |
| rhsa-2023:7730 | Red Hat Security Advisory: tracker-miners security update | 2023-12-12T08:32:44+00:00 | 2025-11-21T18:52:02+00:00 |
| rhsa-2023:7725 | Red Hat Security Advisory: RHACS 4.3 enhancement and security update | 2023-12-11T15:09:44+00:00 | 2025-11-21T18:52:02+00:00 |
| rhsa-2023:7720 | Red Hat Security Advisory: Logging Subsystem 5.8.1- Red Hat OpenShift security update | 2023-12-13T18:42:32+00:00 | 2025-11-21T18:52:02+00:00 |
| rhsa-2023:7713 | Red Hat Security Advisory: tracker-miners security update | 2023-12-11T09:32:55+00:00 | 2025-11-21T18:52:01+00:00 |
| rhsa-2023:7712 | Red Hat Security Advisory: tracker-miners security update | 2023-12-11T09:31:53+00:00 | 2025-11-21T18:52:00+00:00 |
| rhsa-2023:7711 | Red Hat Security Advisory: apr security update | 2023-12-11T09:07:05+00:00 | 2025-11-21T18:52:00+00:00 |
| rhsa-2023:7709 | Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 8.1.1 security update | 2023-12-11T00:20:03+00:00 | 2025-11-21T18:52:00+00:00 |
| rhsa-2023:7700 | Red Hat Security Advisory: Red Hat build of Quarkus 2.13.9 release and security update | 2023-12-07T14:26:37+00:00 | 2025-11-21T18:51:58+00:00 |
| rhsa-2023:7670 | Red Hat Security Advisory: Migration Toolkit for Runtimes bug fix, enhancement and security update | 2023-12-06T13:16:30+00:00 | 2025-11-21T18:51:54+00:00 |
| rhsa-2023:7668 | Red Hat Security Advisory: squid:4 security update | 2023-12-06T10:02:28+00:00 | 2025-11-21T18:51:53+00:00 |
| rhsa-2023:7612 | Red Hat Security Advisory: Red Hat build of Quarkus 3.2.9 release and security update | 2023-11-30T11:36:55+00:00 | 2025-11-21T18:51:46+00:00 |
| rhsa-2023:7606 | Red Hat Security Advisory: OpenShift Container Platform 4.13.25 packages and security update | 2023-12-06T00:54:28+00:00 | 2025-11-21T18:51:45+00:00 |
| rhsa-2023:7578 | Red Hat Security Advisory: squid security update | 2023-11-29T14:03:05+00:00 | 2025-11-21T18:51:42+00:00 |
| rhsa-2023:7577 | Red Hat Security Advisory: firefox security update | 2023-11-29T13:59:59+00:00 | 2025-11-21T18:51:42+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-32761 | Integer overflow issues with *BIT commands on 32-bit systems | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32760 | Archive package allows chmod of file outside of unpack target directory | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3272 | jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components. | 2021-01-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32690 | Repository credentials passed to alternate domain | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32687 | Integer overflow issue with intsets in Redis | 2021-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32675 | DoS vulnerability in Redis | 2021-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32672 | Vulnerability in Lua Debugger in Redis | 2021-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32628 | Vulnerability in handling large ziplists | 2021-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32627 | Integer overflow issue with Streams in Redis | 2021-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32626 | Lua scripts can overflow the heap-based Lua stack in Redis | 2021-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32399 | net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | 2021-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32078 | An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative e.g. access to element -2 of an array aka CID-298a58e165e4. | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32066 | An issue was discovered in Ruby through 2.6.7 2.7.x through 2.7.3 and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command aka a "StartTLS stripping attack." | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-31916 | An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | 2021-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-31879 | GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin a related issue to CVE-2018-1000007. | 2021-04-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-31829 | kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads leading to disclosure of stack content via side-channel attacks aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel. | 2021-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-30641 | Unexpected URL matching with 'MergeSlashes OFF' | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-29657 | arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests aka CID-a58d9166a756. This occurs because of a TOCTOU race condition associated with a VMCB12 double fetch in nested_svm_vmrun. | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-29622 | Arbitrary redirects under /new endpoint | 2021-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-29266 | An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon re-opening a character device aka CID-f6bbf0010ba0. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-29265 | An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status aka CID-9380afd6df70. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-29264 | An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled aka CID-d8861bab48b6. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28972 | In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8 the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination aka CID-cc7a0bb058b8. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28971 | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled aka CID-d88d05a9e0b6. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28964 | A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation aka CID-dbcc7d57bffc. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28957 | An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28952 | An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.) | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28951 | An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread but concurrently that SQPOLL thread is waiting for a signal to start aka CID-3ebba796fa25. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28950 | An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode aka CID-775c5033a0d1. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28831 | decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer with a resultant invalid free or segmentation fault via malformed gzip data. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201601-0032 | Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat… | 2025-04-13T23:03:18.001000Z |
| var-201601-0604 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:17.967000Z |
| var-201601-0602 | Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acro… | 2025-04-13T23:03:17.932000Z |
| var-201601-0593 | Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader an… | 2025-04-13T23:03:17.901000Z |
| var-201601-0594 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:17.871000Z |
| var-201601-0590 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:17.841000Z |
| var-201601-0597 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:17.806000Z |
| var-201601-0592 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:17.774000Z |
| var-201601-0595 | Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat before 11.0.14, Acrob… | 2025-04-13T23:03:17.738000Z |
| var-201601-0599 | The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reade… | 2025-04-13T23:03:17.704000Z |
| var-201601-0601 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acro… | 2025-04-13T23:03:17.672000Z |
| var-201601-0591 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:17.642000Z |
| var-201601-0596 | Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat… | 2025-04-13T23:03:17.607000Z |
| var-201601-0603 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:17.575000Z |
| var-201601-0598 | Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat… | 2025-04-13T23:03:17.541000Z |
| var-201601-0031 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:17.505000Z |
| var-201601-0600 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:17.462000Z |
| var-201601-0041 | Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote at… | 2025-04-13T23:03:17.182000Z |
| var-201601-0036 | Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAja… | 2025-04-13T23:03:17.120000Z |
| var-201601-0037 | Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attacke… | 2025-04-13T23:03:17.053000Z |
| var-201601-0039 | Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attac… | 2025-04-13T23:03:16.975000Z |
| var-201601-0025 | Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote… | 2025-04-13T23:03:16.922000Z |
| var-201508-0600 | XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider (SP), do… | 2025-04-13T23:03:16.871000Z |
| var-201509-0477 | Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote… | 2025-04-13T23:03:16.834000Z |
| var-201602-0020 | General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware bef… | 2025-04-13T23:03:16.787000Z |
| var-201602-0019 | General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware bef… | 2025-04-13T23:03:16.746000Z |
| var-201602-0064 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.9… | 2025-04-13T23:03:16.658000Z |
| var-201602-0066 | Cisco Small Business 500 Wireless Access Point devices with firmware 1.0.4.4 allow remote… | 2025-04-13T23:03:16.628000Z |
| var-201407-0468 | Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux contr… | 2025-04-13T23:03:16.589000Z |
| var-201602-0087 | Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows… | 2025-04-13T23:03:16.549000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2020:3766-1 | Security update for the Linux Kernel | 2020-12-11T14:44:17Z | 2020-12-11T14:44:17Z |
| suse-su-2020:3765-1 | Security update for python | 2020-12-11T13:27:31Z | 2020-12-11T13:27:31Z |
| suse-su-2020:3764-1 | Security update for the Linux Kernel | 2020-12-11T13:25:44Z | 2020-12-11T13:25:44Z |
| suse-su-2020:3763-1 | Security update for openssl | 2020-12-11T13:17:55Z | 2020-12-11T13:17:55Z |
| suse-su-2020:3762-1 | Security update for openssl-1_0_0 | 2020-12-11T13:13:05Z | 2020-12-11T13:13:05Z |
| suse-su-2020:3749-1 | Security update for gcc7 | 2020-12-10T13:40:39Z | 2020-12-10T13:40:39Z |
| suse-su-2020:3748-1 | Security update for the Linux Kernel | 2020-12-10T13:04:57Z | 2020-12-10T13:04:57Z |
| suse-su-2020:3742-1 | Security update for xen | 2020-12-10T09:11:42Z | 2020-12-10T09:11:42Z |
| suse-su-2020:3740-1 | Security update for openssl-1_1 | 2020-12-10T08:18:17Z | 2020-12-10T08:18:17Z |
| suse-su-2020:3739-1 | Security update for curl | 2020-12-10T08:17:42Z | 2020-12-10T08:17:42Z |
| suse-su-2020:3737-1 | Security update for python-pip, python-scripttest | 2020-12-09T17:21:03Z | 2020-12-09T17:21:03Z |
| suse-su-2020:3736-1 | Security update for openssh | 2020-12-09T17:20:13Z | 2020-12-09T17:20:13Z |
| suse-su-2020:3735-1 | Security update for curl | 2020-12-09T17:19:28Z | 2020-12-09T17:19:28Z |
| suse-su-2020:14560-1 | Security update for openssl1 | 2020-12-09T17:19:05Z | 2020-12-09T17:19:05Z |
| suse-su-2020:3733-1 | Security update for curl | 2020-12-09T17:18:40Z | 2020-12-09T17:18:40Z |
| suse-su-2020:3732-1 | Security update for openssl-1_0_0 | 2020-12-09T17:18:12Z | 2020-12-09T17:18:12Z |
| suse-su-2020:3729-1 | Security update for clamav | 2020-12-09T13:44:57Z | 2020-12-09T13:44:57Z |
| suse-su-2020:3723-1 | Security update for python-urllib3 | 2020-12-09T12:38:20Z | 2020-12-09T12:38:20Z |
| suse-su-2020:3722-1 | Security update for openssl-1_1 | 2020-12-09T12:37:18Z | 2020-12-09T12:37:18Z |
| suse-su-2020:3721-1 | Security update for openssl-1_1 | 2020-12-09T12:36:50Z | 2020-12-09T12:36:50Z |
| suse-su-2020:3720-1 | Security update for openssl-1_1 | 2020-12-09T12:36:30Z | 2020-12-09T12:36:30Z |
| suse-su-2020:3718-1 | Security update for the Linux Kernel | 2020-12-09T09:31:30Z | 2020-12-09T09:31:30Z |
| suse-su-2020:3717-1 | Security update for the Linux Kernel | 2020-12-09T09:29:42Z | 2020-12-09T09:29:42Z |
| suse-su-2020:3715-1 | Security update for the Linux Kernel | 2020-12-08T17:35:23Z | 2020-12-08T17:35:23Z |
| suse-su-2020:3714-1 | Security update for the Linux Kernel | 2020-12-08T17:35:04Z | 2020-12-08T17:35:04Z |
| suse-su-2020:3713-1 | Security update for the Linux Kernel | 2020-12-08T17:34:50Z | 2020-12-08T17:34:50Z |
| suse-su-2020:14557-1 | Security update for xen | 2020-12-08T11:11:49Z | 2020-12-08T11:11:49Z |
| suse-su-2020:3705-1 | Security update for the Linux Kernel (Live Patch 21 for SLE 15) | 2020-12-08T07:56:03Z | 2020-12-08T07:56:03Z |
| suse-su-2020:3698-1 | Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP2) | 2020-12-07T16:35:05Z | 2020-12-07T16:35:05Z |
| suse-su-2020:3690-1 | Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1) | 2020-12-07T16:33:36Z | 2020-12-07T16:33:36Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2024-41681 | Elvaco M-Bus Metering Gateway CMe3100存在未明漏洞 | 2024-10-23 | 2024-10-25 |
| cnvd-2024-41680 | Elvaco M-Bus Metering Gateway CMe3100跨站脚本漏洞 | 2024-10-23 | 2024-10-25 |
| cnvd-2024-41679 | Elvaco M-Bus Metering Gateway CMe3100文件上传漏洞 | 2024-10-23 | 2024-10-25 |
| cnvd-2024-41678 | Adobe Substance 3D Sampler空指针解引用漏洞 | 2024-10-23 | 2024-10-25 |
| cnvd-2024-41670 | Apache JSPWiki跨站脚本漏洞(CNVD-2024-41670) | 2024-06-28 | 2024-10-25 |
| cnvd-2024-41669 | Apache Helix信任管理问题漏洞 | 2024-08-23 | 2024-10-25 |
| cnvd-2024-41668 | Apache Seata反序列化漏洞 | 2024-09-18 | 2024-10-25 |
| cnvd-2024-41666 | Apache Subversion操作系统命令注入漏洞 | 2024-10-17 | 2024-10-25 |
| cnvd-2024-41662 | Apache CloudStack代码问题漏洞 | 2024-10-23 | 2024-10-25 |
| cnvd-2024-41660 | Apache CloudStack输入验证错误漏洞(CNVD-2024-41660) | 2024-10-23 | 2024-10-25 |
| cnvd-2024-41263 | Adobe Animate内存错误引用漏洞(CNVD-2024-41263) | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41262 | Adobe Animate内存错误引用漏洞(CNVD-2024-41262) | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41261 | Adobe Animate内存错误引用漏洞(CNVD-2024-41261) | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41260 | Adobe Animate内存错误引用漏洞(CNVD-2024-41260) | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41259 | Adobe Animate整数溢出或环绕漏洞 | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41258 | Adobe Animate空指针解引用漏洞(CNVD-2024-41258) | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41257 | Adobe Animate越界读取漏洞(CNVD-2024-41257) | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41256 | Adobe Animate堆缓冲区溢出漏洞(CNVD-2024-41256) | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41255 | Adobe Animate内存错误引用漏洞(CNVD-2024-41255) | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41254 | Adobe Animate堆栈缓冲区溢出漏洞(CNVD-2024-41254) | 2024-10-13 | 2024-10-25 |
| cnvd-2024-41665 | Apache Lucene反序列化漏洞 | 2024-10-17 | 2024-10-24 |
| cnvd-2024-41664 | Apache Solr身份验证错误漏洞 | 2024-10-23 | 2024-10-24 |
| cnvd-2024-41663 | Apache CloudStack跨站请求伪造漏洞(CNVD-2024-41663) | 2024-10-23 | 2024-10-24 |
| cnvd-2024-41661 | Apache CloudStack访问控制错误漏洞 | 2024-10-23 | 2024-10-24 |
| cnvd-2024-41622 | Cisco Secure Endpoint缓冲区溢出漏洞 | 2024-02-22 | 2024-10-24 |
| cnvd-2024-41575 | Siemens InterMesh Subscriber Devices操作系统命令注入漏洞 | 2024-10-24 | 2024-10-24 |
| cnvd-2024-41574 | Siemens InterMesh Subscriber Devices存在未明漏洞 | 2024-10-24 | 2024-10-24 |
| cnvd-2024-41573 | Siemens InterMesh Subscriber Devices存在未明漏洞(CNVD-2024-41573) | 2024-10-24 | 2024-10-24 |
| cnvd-2024-41572 | Siemens InterMesh Subscriber Devices权限分配不正确漏洞 | 2024-10-24 | 2024-10-24 |
| cnvd-2024-41486 | TaskMatic SQL注入漏洞 | 2024-10-17 | 2024-10-24 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2011-avi-024 | Vulnérabilité dans Citrix Provisionning Services | 2011-01-20T00:00:00.000000 | 2011-01-20T00:00:00.000000 |
| certa-2011-avi-023 | Vulnérabilité dans Asterisk | 2011-01-20T00:00:00.000000 | 2011-01-20T00:00:00.000000 |
| certa-2011-avi-022 | Multiples vulnérabilités dans les produits Oracle | 2011-01-19T00:00:00.000000 | 2011-01-19T00:00:00.000000 |
| certa-2011-avi-021 | Vulnérabilités dans IBM WebSphere Application Server | 2011-01-18T00:00:00.000000 | 2011-01-18T00:00:00.000000 |
| certa-2011-avi-020 | Vulnérabilité dans IBM Websphere MQ | 2011-01-18T00:00:00.000000 | 2011-01-18T00:00:00.000000 |
| certa-2011-avi-019 | Vulnérabilité dans HP LoadRunner | 2011-01-18T00:00:00.000000 | 2011-01-18T00:00:00.000000 |
| certa-2010-avi-521 | Multiples vulnérabilités dans des produits Mozilla | 2010-10-28T00:00:00.000000 | 2011-01-18T00:00:00.000000 |
| certa-2010-avi-508 | Multiples vulnérabilités dans les produits Mozilla | 2010-10-20T00:00:00.000000 | 2011-01-18T00:00:00.000000 |
| certa-2010-avi-420 | Multiples vulnérabilités dans Mozilla Firefox et Mozilla SeaMonkey | 2010-09-08T00:00:00.000000 | 2011-01-18T00:00:00.000000 |
| certa-2011-avi-018 | Vulnérabilité dans SPIP | 2011-01-14T00:00:00.000000 | 2011-01-14T00:00:00.000000 |
| certa-2011-avi-017 | Vulnérabilités dans SAP | 2011-01-14T00:00:00.000000 | 2011-01-14T00:00:00.000000 |
| certa-2011-avi-016 | Multiples vulnérabilités dans Google Chrome | 2011-01-14T00:00:00.000000 | 2011-01-14T00:00:00.000000 |
| certa-2011-avi-015 | Vulnérabilités dans HP OpenView Network Node Manager | 2011-01-14T00:00:00.000000 | 2011-01-14T00:00:00.000000 |
| certa-2011-avi-014 | Vulnérabilité dans BlackBerry Enterprise Server | 2011-01-14T00:00:00.000000 | 2011-01-14T00:00:00.000000 |
| certa-2011-avi-012 | Vulnérabilité dans Symantec Web Gateway | 2011-01-13T00:00:00.000000 | 2011-01-13T00:00:00.000000 |
| certa-2011-avi-010 | Vulnérabilités dans Microsoft Data Access Components | 2011-01-12T00:00:00.000000 | 2011-01-12T00:00:00.000000 |
| certa-2011-avi-009 | Vulnérabilité dans Windows Vista | 2011-01-12T00:00:00.000000 | 2011-01-12T00:00:00.000000 |
| certa-2011-avi-008 | Vulnérabilité dans Novell Identity Manager | 2011-01-11T00:00:00.000000 | 2011-01-11T00:00:00.000000 |
| certa-2010-avi-635 | Vulnérabilités dans Django | 2010-12-28T00:00:00.000000 | 2011-01-11T00:00:00.000000 |
| certa-2011-avi-007 | Vulnérabilité dans Mono | 2011-01-10T00:00:00.000000 | 2011-01-10T00:00:00.000000 |
| certa-2011-avi-006 | Vulnérabilité dans Mac OS X | 2011-01-07T00:00:00.000000 | 2011-01-07T00:00:00.000000 |
| certa-2011-avi-005 | Multiples vulnérabilités dans evince | 2001-01-11T00:00:00.000000 | 2011-01-07T00:00:00.000000 |
| certa-2011-avi-004 | Vulnérabilités dans les paquetages tiers pour VMware | 2011-01-07T00:00:00.000000 | 2011-01-07T00:00:00.000000 |
| certa-2011-avi-003 | Vulnérabilité dans PHP | 2011-01-07T00:00:00.000000 | 2011-01-07T00:00:00.000000 |
| certa-2010-avi-612 | Vulnérabilités dans MantisBT | 2010-12-16T00:00:00.000000 | 2011-01-06T00:00:00.000000 |
| certa-2011-avi-002 | Vulnérabilité dans HP Photo Creative | 2011-01-05T00:00:00.000000 | 2011-01-05T00:00:00.000000 |
| certa-2011-avi-001 | Vulnérabilité dans Wireshark | 2011-01-05T00:00:00.000000 | 2011-01-05T00:00:00.000000 |
| certa-2010-avi-639 | Vulnérabilité dans VLC Media Player | 2010-12-31T00:00:00.000000 | 2010-12-31T00:00:00.000000 |
| certa-2010-avi-638 | Multiples vulnérabilités dans WordPress | 2010-12-31T00:00:00.000000 | 2010-12-31T00:00:00.000000 |
| certa-2010-avi-637 | Vulnérabilité dans IBM Tivoli Access Manager for e-business | 2010-12-29T00:00:00.000000 | 2010-12-29T00:00:00.000000 |