Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-21938 |
6.1 (3.1)
|
Vulnerability in the PeopleSoft Enterprise People… |
Oracle Corporation |
PeopleSoft Enterprise PeopleTools |
2026-01-20T21:56:25.746Z | 2026-01-21T20:59:06.372Z |
| CVE-2026-21937 |
4.9 (3.1)
|
Vulnerability in the MySQL Server product of Orac… |
Oracle Corporation |
MySQL Server |
2026-01-20T21:56:25.387Z | 2026-01-21T20:58:32.805Z |
| CVE-2026-21936 |
4.9 (3.1)
|
Vulnerability in the MySQL Server product of Orac… |
Oracle Corporation |
MySQL Cluster |
2026-01-20T21:56:25.060Z | 2026-01-21T20:57:55.683Z |
| CVE-2026-21934 |
5.4 (3.1)
|
Vulnerability in the PeopleSoft Enterprise People… |
Oracle Corporation |
PeopleSoft Enterprise PeopleTools |
2026-01-20T21:56:24.390Z | 2026-01-21T20:56:50.624Z |
| CVE-2026-21933 |
6.1 (3.1)
|
Vulnerability in the Oracle Java SE, Oracle Graal… |
Oracle Corporation |
Oracle Java SE |
2026-01-20T21:56:24.083Z | 2026-01-21T20:56:25.029Z |
| CVE-2026-21932 |
7.4 (3.1)
|
Vulnerability in the Oracle Java SE, Oracle Graal… |
Oracle Corporation |
Oracle Java SE |
2026-01-20T21:56:23.742Z | 2026-01-21T20:55:54.335Z |
| CVE-2026-21931 |
5.4 (3.1)
|
Vulnerability in the Oracle APEX Sample Applicati… |
Oracle Corporation |
Oracle APEX Sample Applications |
2026-01-20T21:56:23.267Z | 2026-01-21T20:55:14.477Z |
| CVE-2026-21929 |
5.3 (3.1)
|
Vulnerability in the MySQL Server product of Orac… |
Oracle Corporation |
MySQL Server |
2026-01-20T21:56:22.578Z | 2026-01-21T20:54:43.658Z |
| CVE-2026-21930 |
2.3 (3.1)
|
Vulnerability in the Oracle ZFS Storage Appliance… |
Oracle Corporation |
Oracle ZFS Storage Appliance Kit |
2026-01-20T21:56:22.940Z | 2026-01-21T20:54:21.244Z |
| CVE-2026-21928 |
5.3 (3.1)
|
Vulnerability in the Oracle Solaris product of Or… |
Oracle Corporation |
Oracle Solaris |
2026-01-20T21:56:22.236Z | 2026-01-21T20:52:42.304Z |
| CVE-2026-21926 |
7.5 (3.1)
|
Vulnerability in the Siebel CRM Deployment produc… |
Oracle Corporation |
Siebel CRM Deployment |
2026-01-20T21:56:21.443Z | 2026-01-21T20:51:46.300Z |
| CVE-2026-21925 |
4.8 (3.1)
|
Vulnerability in the Oracle Java SE, Oracle Graal… |
Oracle Corporation |
Oracle Java SE |
2026-01-20T21:56:21.058Z | 2026-01-21T20:51:07.046Z |
| CVE-2026-21924 |
5.4 (3.1)
|
Vulnerability in the Oracle Utilities Application… |
Oracle Corporation |
Oracle Utilities Application Framework |
2026-01-20T21:56:20.732Z | 2026-01-21T20:50:06.753Z |
| CVE-2026-21923 |
6.5 (3.1)
|
Vulnerability in the Oracle Life Sciences Central… |
Oracle Corporation |
Oracle Life Sciences Central Designer |
2026-01-20T21:56:20.389Z | 2026-01-21T20:49:28.694Z |
| CVE-2026-21922 |
4.2 (3.1)
|
Vulnerability in the Oracle Planning and Budgetin… |
Oracle Corporation |
Oracle Planning and Budgeting Cloud Service |
2026-01-20T21:56:19.994Z | 2026-01-21T20:48:53.795Z |
| CVE-2026-21642 |
6.1 (3.0)
|
HackerOne community member Patrick Lang (7yr) has… |
Revive |
Revive Adserver |
2026-01-20T20:48:48.079Z | 2026-01-21T20:47:21.691Z |
| CVE-2026-23886 |
5.3 (3.1)
|
Swift W3C TraceContext has malformed HTTP header that … |
swift-otel |
swift-w3c-trace-context |
2026-01-19T21:01:52.694Z | 2026-01-21T20:47:10.139Z |
| CVE-2026-21664 |
6.1 (3.0)
|
HackerOne community member Huynh Pham Thanh Luc (… |
Revive |
Revive Adserver |
2026-01-20T20:48:47.976Z | 2026-01-21T20:45:35.234Z |
| CVE-2026-21663 |
6.1 (3.0)
|
HackerOne community member Patrick Lang (7yr) has… |
Revive |
Revive Adserver |
2026-01-20T20:48:47.974Z | 2026-01-21T20:42:21.072Z |
| CVE-2025-59464 |
6.5 (3.0)
|
A memory leak in Node.js’s OpenSSL integration oc… |
nodejs |
node |
2026-01-20T20:41:55.599Z | 2026-01-21T20:41:09.437Z |
| CVE-2026-21637 |
5.9 (3.0)
|
A flaw in Node.js TLS error handling allows remot… |
nodejs |
node |
2026-01-20T20:41:55.352Z | 2026-01-21T20:22:51.033Z |
| CVE-2026-23950 |
8.8 (3.1)
|
node-tar has Race Condition in Path Reservations via U… |
isaacs |
node-tar |
2026-01-20T00:40:48.510Z | 2026-01-21T20:15:57.278Z |
| CVE-2025-59465 |
7.5 (3.0)
|
A malformed `HTTP/2 HEADERS` frame with oversized… |
nodejs |
node |
2026-01-20T20:41:55.317Z | 2026-01-21T20:11:28.986Z |
| CVE-2026-22770 |
6.5 (3.1)
|
ImageMagick vulnerable to Release of Invalid Pointer i… |
ImageMagick |
ImageMagick |
2026-01-20T00:48:19.241Z | 2026-01-21T20:10:46.858Z |
| CVE-2026-21964 |
4.9 (3.1)
|
Vulnerability in the MySQL Server product of Orac… |
Oracle Corporation |
MySQL Server |
2026-01-20T21:56:33.276Z | 2026-01-21T20:04:13.585Z |
| CVE-2026-21965 |
2.7 (3.1)
|
Vulnerability in the MySQL Server product of Orac… |
Oracle Corporation |
MySQL Server |
2026-01-20T21:56:33.583Z | 2026-01-21T19:57:30.139Z |
| CVE-2026-21966 |
6.1 (3.1)
|
Vulnerability in the Oracle Hospitality OPERA 5 P… |
Oracle Corporation |
Oracle Hospitality OPERA 5 Property Services |
2026-01-20T21:56:33.912Z | 2026-01-21T19:54:47.033Z |
| CVE-2026-23955 |
4.2 (3.1)
|
EVerest vulnerable to concatenation of strings literal… |
EVerest |
everest-core |
2026-01-21T19:25:12.104Z | 2026-01-21T19:53:57.098Z |
| CVE-2025-68137 |
8.4 (3.1)
|
EVerest's Integer Overflow and Signed to Unsigned conv… |
EVerest |
everest-core |
2026-01-21T19:20:09.059Z | 2026-01-21T19:51:26.058Z |
| CVE-2025-68136 |
7.4 (3.1)
|
EVerest's inadequate session handling can lead to memo… |
EVerest |
everest-core |
2026-01-21T19:18:21.068Z | 2026-01-21T19:47:04.055Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-39484 |
9.3 (3.1)
|
WordPress Entrada Theme <= 5.7.7 - SQL Injection vulne… |
Waituk |
Entrada |
2026-01-05T16:53:28.100Z | 2026-01-20T14:28:05.385Z |
| CVE-2025-39468 |
9.8 (3.1)
|
WordPress Modal Survey plugin <= 2.0.2.0.1 - Local Fil… |
pantherius |
Modal Survey |
2025-11-06T15:53:34.539Z | 2026-01-20T14:28:05.416Z |
| CVE-2025-39465 |
8.1 (3.1)
|
WordPress Advanced Google Maps plugin <= 5.8.4 - Broke… |
flippercode |
Advanced Google Maps |
2025-11-06T15:53:29.145Z | 2026-01-20T14:28:05.359Z |
| CVE-2025-39463 |
9.8 (3.1)
|
WordPress Dessau theme < 1.9 - Local File Inclusion vu… |
Select-Themes |
Dessau |
2025-11-06T15:53:23.424Z | 2026-01-20T14:28:05.344Z |
| CVE-2025-32657 |
7.5 (3.1)
|
WordPress Testimonial Slider and Showcase Pro plugin <… |
RadiusTheme |
Testimonial Slider And Showcase Pro |
2025-10-22T14:32:05.506Z | 2026-01-20T14:28:05.445Z |
| CVE-2025-32283 |
8.8 (3.1)
|
WordPress Solar Energy theme <= 3.5 - PHP Object Injec… |
designthemes |
Solar Energy |
2025-10-22T14:32:05.260Z | 2026-01-20T14:28:05.397Z |
| CVE-2025-32222 |
9.8 (3.1)
|
WordPress Widget Logic <= 6.0.5 - Remote Code Executio… |
Widgetlogic.org |
Widget Logic |
2025-11-06T15:53:22.717Z | 2026-01-20T14:28:05.039Z |
| CVE-2025-31634 |
8.8 (3.1)
|
WordPress Insurance theme <= 3.5 - PHP Object Injectio… |
designthemes |
Insurance |
2025-10-22T14:32:05.043Z | 2026-01-20T14:28:05.105Z |
| CVE-2025-31054 |
7.1 (3.1)
|
WordPress Bloggie theme <= 2.0.8 - Cross Site Scriptin… |
Themefy |
Bloggie |
2025-12-31T20:05:20.832Z | 2026-01-20T14:28:04.874Z |
| CVE-2025-31048 |
9.9 (3.1)
|
WordPress Shopo <= 1.1.4 - Arbitrary File Upload Vulne… |
Themify |
Shopo |
2026-01-05T10:27:01.221Z | 2026-01-20T14:28:05.731Z |
| CVE-2025-31047 |
8.8 (3.1)
|
WordPress Themify Edmin theme <= 2.0.0 - PHP Object In… |
Themify |
Themify Edmin |
2026-01-05T10:26:04.107Z | 2026-01-20T14:28:04.925Z |
| CVE-2025-31046 |
4.3 (3.1)
|
WordPress AnyWhere Elementor Pro plugin <= 2.29 - Brok… |
WPvibes |
AnyWhere Elementor Pro |
2026-01-05T10:24:56.305Z | 2026-01-20T14:28:04.908Z |
| CVE-2025-31044 |
8.5 (3.1)
|
WordPress Premium SEO Pack <= 3.3.2 - SQL Injection Vu… |
AA-Team |
Premium SEO Pack |
2026-01-05T10:23:17.529Z | 2026-01-20T14:28:04.811Z |
| CVE-2025-31029 |
5.4 (3.1)
|
WordPress replyMail plugin <= 1.2.0 - Cross Site Reque… |
bingu |
replyMail |
2025-11-06T15:53:19.694Z | 2026-01-20T14:28:04.716Z |
| CVE-2025-30944 |
7.5 (3.1)
|
WordPress Tablesome Table Premium <= 1.1.23 - Broken A… |
Essekia |
Tablesome Table Premium |
2025-10-22T14:32:04.793Z | 2026-01-20T14:28:05.029Z |
| CVE-2025-30633 |
9.3 (3.1)
|
WordPress Amazon Native Shopping Recommendations Plugi… |
AA-Team |
Amazon Native Shopping Recommendations |
2026-01-05T10:21:09.369Z | 2026-01-20T14:28:04.771Z |
| CVE-2025-30628 |
8.5 (3.1)
|
WordPress Amazon Affiliates Addon for WPBakery Page Bu… |
AA-Team |
Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) |
2025-12-31T20:03:50.402Z | 2026-01-20T14:28:05.322Z |
| CVE-2025-28973 |
6.5 (3.1)
|
WordPress Pro Bulk Watermark Plugin for WordPress <= 2… |
AA-Team |
Pro Bulk Watermark Plugin for WordPress |
2025-12-31T20:02:10.769Z | 2026-01-20T14:28:04.509Z |
| CVE-2025-28949 |
8.5 (3.1)
|
WordPress Mediabay - WordPress Media Library Folders <… |
Codedraft |
Mediabay - WordPress Media Library Folders |
2025-12-31T20:00:22.463Z | 2026-01-20T14:28:05.245Z |
| CVE-2025-27004 |
6.1 (3.1)
|
WordPress Famous - Responsive Image And Video Grid Gal… |
LambertGroup |
Famous - Responsive Image And Video Grid Gallery WordPress Plugin |
2026-01-08T09:17:41.802Z | 2026-01-20T14:28:05.101Z |
| CVE-2025-27002 |
6.1 (3.1)
|
WordPress CountDown With Image or Video Background plu… |
LambertGroup |
CountDown With Image or Video Background |
2026-01-08T09:17:41.443Z | 2026-01-20T14:28:04.180Z |
| CVE-2025-23993 |
9.8 (3.1)
|
WordPress Felan Framework plugin <= 1.1.3 - SQL Inject… |
RiceTheme |
Felan Framework |
2026-01-08T09:17:41.179Z | 2026-01-20T14:28:04.367Z |
| CVE-2025-23757 |
7.1 (3.1)
|
WordPress ZD Scribd iPaper plugin <= 1.0 - Reflected C… |
Proloy Chakroborty |
ZD Scribd iPaper |
2025-12-31T19:58:33.725Z | 2026-01-20T14:28:04.227Z |
| CVE-2025-23719 |
7.1 (3.1)
|
WordPress ZhinaTwitterWidget plugin <= 1.0 - Reflected… |
zckevin |
ZhinaTwitterWidget |
2025-12-31T19:57:28.449Z | 2026-01-20T14:28:04.844Z |
| CVE-2025-23707 |
7.1 (3.1)
|
WordPress En Masse plugin <= 1.0 - Reflected Cross Sit… |
Matamko |
En Masse |
2025-12-31T19:56:21.648Z | 2026-01-20T14:28:04.966Z |
| CVE-2025-23705 |
7.1 (3.1)
|
WordPress Zielke Design Project Gallery plugin <= 2.5.… |
Terry Zielke |
Zielke Design Project Gallery |
2025-12-31T19:55:23.308Z | 2026-01-20T14:28:05.005Z |
| CVE-2025-23667 |
7.1 (3.1)
|
WordPress custom-post-edit plugin <= 1.0.4 - Reflected… |
Christopher Churchill |
custom-post-edit |
2025-12-31T19:54:20.344Z | 2026-01-20T14:28:05.237Z |
| CVE-2025-23608 |
7.1 (3.1)
|
WordPress LIVE TV plugin <= 1.2 - Reflected Cross Site… |
Omar Mohamed Mohamoud |
LIVE TV |
2025-12-31T17:07:06.352Z | 2026-01-20T14:28:04.213Z |
| CVE-2025-23554 |
7.1 (3.1)
|
WordPress Off Page SEO plugin <= 3.0.3 - Reflected Cro… |
Jakub Glos |
Off Page SEO |
2025-12-29T23:51:32.627Z | 2026-01-20T14:28:05.444Z |
| CVE-2025-23550 |
7.1 (3.1)
|
WordPress Product Puller plugin <= 1.5.1 - Reflected C… |
Kemal YAZICI |
Product Puller |
2025-12-29T23:50:08.713Z | 2026-01-20T14:28:05.210Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-31029 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T16:15:50.067 | 2026-01-20T15:16:22.390 |
| fkie_cve-2025-30944 | Missing Authorization vulnerability in Essekia Tablesome Table Premium tablesome-premium allows Acc… | 2025-10-22T15:15:33.033 | 2026-01-20T15:16:22.233 |
| fkie_cve-2025-30633 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-01-05T11:17:40.183 | 2026-01-20T15:16:22.120 |
| fkie_cve-2025-30628 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-12-31T20:15:42.353 | 2026-01-20T15:16:22.010 |
| fkie_cve-2025-28973 | Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress allows… | 2025-12-31T20:15:42.207 | 2026-01-20T15:16:21.903 |
| fkie_cve-2025-28949 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-12-31T20:15:42.060 | 2026-01-20T15:16:21.647 |
| fkie_cve-2025-27004 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-08T10:15:48.923 | 2026-01-20T15:16:19.780 |
| fkie_cve-2025-27002 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-08T10:15:48.797 | 2026-01-20T15:16:19.533 |
| fkie_cve-2025-23993 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-01-08T10:15:48.650 | 2026-01-20T15:16:19.363 |
| fkie_cve-2025-23757 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T20:15:41.917 | 2026-01-20T15:16:19.250 |
| fkie_cve-2025-23719 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T20:15:41.770 | 2026-01-20T15:16:19.120 |
| fkie_cve-2025-23707 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T20:15:41.630 | 2026-01-20T15:16:19.000 |
| fkie_cve-2025-23705 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T20:15:41.483 | 2026-01-20T15:16:18.867 |
| fkie_cve-2025-23667 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T20:15:40.550 | 2026-01-20T15:16:18.757 |
| fkie_cve-2025-23608 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-31T18:15:44.007 | 2026-01-20T15:16:18.647 |
| fkie_cve-2025-23554 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:15:51.890 | 2026-01-20T15:16:18.550 |
| fkie_cve-2025-23550 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:15:51.747 | 2026-01-20T15:16:18.450 |
| fkie_cve-2025-23504 | Authentication Bypass Using an Alternate Path or Channel vulnerability in RiceTheme Felan Framework… | 2026-01-08T10:15:48.513 | 2026-01-20T15:16:18.287 |
| fkie_cve-2025-23469 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:15:51.597 | 2026-01-20T15:16:17.690 |
| fkie_cve-2025-23458 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:15:51.447 | 2026-01-20T15:16:17.577 |
| fkie_cve-2025-22728 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-01-08T10:15:48.390 | 2026-01-20T15:16:17.450 |
| fkie_cve-2025-22726 | Server-Side Request Forgery (SSRF) vulnerability in _nK nK Themes Helper nk-themes-helper allows Se… | 2026-01-08T10:15:48.247 | 2026-01-20T15:16:17.330 |
| fkie_cve-2025-22725 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-08T10:15:48.120 | 2026-01-20T15:16:17.203 |
| fkie_cve-2025-22715 | Missing Authorization vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal… | 2026-01-08T10:15:47.990 | 2026-01-20T15:16:17.070 |
| fkie_cve-2025-22713 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-01-08T10:15:47.850 | 2026-01-20T15:16:16.940 |
| fkie_cve-2025-22712 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-08T10:15:47.727 | 2026-01-20T15:16:16.813 |
| fkie_cve-2025-22509 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-08T10:15:47.337 | 2026-01-20T15:16:16.430 |
| fkie_cve-2025-22288 | Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Smush Im… | 2025-11-06T16:15:49.647 | 2026-01-20T15:16:16.277 |
| fkie_cve-2025-14431 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-08T10:15:46.463 | 2026-01-20T15:16:15.223 |
| fkie_cve-2025-14360 | Missing Authorization vulnerability in Kaira Blockons blockons allows Accessing Functionality Not P… | 2026-01-08T10:15:46.067 | 2026-01-20T15:16:14.707 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-44j4-f8g7-6rvw |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:39Z |
| ghsa-43x5-4jf2-wfq3 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:39Z |
| ghsa-2fq7-wr7m-4f94 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:39Z | 2026-01-02T18:30:39Z |
| ghsa-wq63-mx38-2j5f |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-vj2f-g9vx-mxr2 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-rj9w-cgpx-75w6 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-r85v-h3pq-48w5 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-r5g5-c2j6-8j8r |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-ppvp-3pc4-27m5 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-pjcm-33h8-599q |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-pcfg-f8h5-4pc7 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-p66q-3m7v-c8x3 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-m932-x76f-x6fv |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-jh6f-4pq5-95q3 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-h674-97ph-gwxw |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-gjjv-h8p2-77r7 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-f77j-3wr8-mxm9 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-f44q-qq73-2g32 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-9vr2-2x6c-jf8f |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-8p9x-rjvp-x4m6 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-8jq4-39wg-9593 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-8fqw-36pc-r97j |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-7gwh-6c6q-f3mh |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-76mq-fxp8-4m27 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:37Z | 2026-01-02T18:30:38Z |
| ghsa-6q6f-p984-3w35 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-6gc9-g2rv-qm3r |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-6852-5rjc-4j2q |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-5jpg-c8hq-px28 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-55pf-5gc7-3fx4 |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ghsa-5256-43f4-ccfr |
|
Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability … | 2026-01-02T18:30:38Z | 2026-01-02T18:30:38Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-1393 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scri… | 2024-02-09T06:02:34.626667Z |
| gsd-2024-1391 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scri… | 2024-02-09T06:02:34.625186Z |
| gsd-2024-1346 | Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerab… | 2024-02-09T06:02:34.620568Z |
| gsd-2024-1380 | The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized acces… | 2024-02-09T06:02:34.619444Z |
| gsd-2024-1361 | The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery… | 2024-02-09T06:02:34.616628Z |
| gsd-2024-1356 | Authenticated command injection vulnerabilities exist in the ArubaOS command line interfa… | 2024-02-09T06:02:34.614565Z |
| gsd-2024-1366 | The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Sc… | 2024-02-09T06:02:34.612647Z |
| gsd-2024-1344 | Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerabi… | 2024-02-09T06:02:34.607347Z |
| gsd-2024-1353 | A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Af… | 2024-02-09T06:02:34.604481Z |
| gsd-2024-1350 | Missing Authorization vulnerability in Prasidhda Malla Honeypot for WP Comment.This issue… | 2024-02-09T06:02:34.600355Z |
| gsd-2024-1371 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-09T06:02:34.597649Z |
| gsd-2024-1349 | The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & An… | 2024-02-09T06:02:34.592849Z |
| gsd-2024-1381 | The Page Builder Sandwich – Front End WordPress Page Builder Plugin plugin for WordPress … | 2024-02-09T06:02:34.587902Z |
| gsd-2024-1354 | A command injection vulnerability was identified in GitHub Enterprise Server that allowed… | 2024-02-09T06:02:34.583642Z |
| gsd-2024-1374 | A command injection vulnerability was identified in GitHub Enterprise Server that allowed… | 2024-02-09T06:02:34.577361Z |
| gsd-2024-1352 | The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress … | 2024-02-09T06:02:34.573839Z |
| gsd-2024-1357 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to S… | 2024-02-09T06:02:34.570300Z |
| gsd-2024-1389 | The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content … | 2024-02-09T06:02:34.568412Z |
| gsd-2024-1351 | Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer … | 2024-02-09T06:02:34.561014Z |
| gsd-2024-1367 | A command injection vulnerability exists where an authenticated, remote attacker with ad… | 2024-02-09T06:02:34.546885Z |
| gsd-2024-1388 | The Yuki theme for WordPress is vulnerable to unauthorized modification of data due to a … | 2024-02-09T06:02:34.543668Z |
| gsd-2024-1382 | The Restaurant Reservations plugin for WordPress is vulnerable to Local File Inclusion in… | 2024-02-09T06:02:34.541666Z |
| gsd-2024-1377 | The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Sc… | 2024-02-09T06:02:34.534820Z |
| gsd-2024-1345 | Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerab… | 2024-02-09T06:02:34.531953Z |
| gsd-2024-1347 | An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all ve… | 2024-02-09T06:02:34.522978Z |
| gsd-2024-1390 | The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content … | 2024-02-09T06:02:34.520926Z |
| gsd-2024-1369 | A command injection vulnerability was identified in GitHub Enterprise Server that allowed… | 2024-02-09T06:02:34.520138Z |
| gsd-2024-1379 | The Website Article Monetization By MageNet plugin for WordPress is vulnerable to Stored … | 2024-02-09T06:02:34.519907Z |
| gsd-2024-1375 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-09T06:02:34.518447Z |
| gsd-2024-1358 | The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in… | 2024-02-09T06:02:34.518167Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-183814 | Malicious code in masolv-avlo-cobsabaasvov (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183813 | Malicious code in masolv-avlo-cobasvov (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183812 | Malicious code in masolv-avlo-cobabsvov (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183811 | Malicious code in masolv-avlo-cobabasvov (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183810 | Malicious code in masolv-avlo-civsoifaufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183809 | Malicious code in masolv-avlo-civbusasoifaufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183808 | Malicious code in masolv-avlo-civbsoifaufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183807 | Malicious code in masolv-avlo-civbsasoifaufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183806 | Malicious code in masolv-avlo-ciov (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183805 | Malicious code in masolv-avlo-cifufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183804 | Malicious code in masolv-avlo-cifov (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183803 | Malicious code in masolv-avlo-cifoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183802 | Malicious code in masolv-avlo-ciffoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183801 | Malicious code in masolv-avlo-cifaufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183800 | Malicious code in masolv-avilo-civbuv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183799 | Malicious code in masolv-avilo-civbusasoufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183798 | Malicious code in masolv-avilo-civbusasoifaufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183797 | Malicious code in masolv-avilo-civbusasoiaufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183796 | Malicious code in masolv-avilo-civbusasofoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183795 | Malicious code in masolv-avilo-civbusasoaufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183794 | Malicious code in masolv-avilo-civbusaofoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183793 | Malicious code in masolv-avilo-civbuoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183792 | Malicious code in masolv-avilo-civbufoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183791 | Malicious code in masolv-avilo-civbuaofoiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183790 | Malicious code in masolv-avilo-civbu (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183789 | Malicious code in masolv-ailo-civbu (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183788 | Malicious code in masokidt-avog-uucav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183787 | Malicious code in maslv-ilo-cvaginanavcuovhu (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183786 | Malicious code in manu-oyib-gsi (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183785 | Malicious code in manu-oyib-givaksuisois (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2023:7259 | Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update | 2023-11-15T21:38:41+00:00 | 2025-11-21T18:50:48+00:00 |
| rhsa-2023:7256 | Red Hat Security Advisory: dotnet7.0 security update | 2023-11-15T20:38:29+00:00 | 2025-11-21T18:50:48+00:00 |
| rhsa-2023:7254 | Red Hat Security Advisory: dotnet8.0 security update | 2023-11-15T20:42:14+00:00 | 2025-11-21T18:50:48+00:00 |
| rhsa-2023:7258 | Red Hat Security Advisory: dotnet6.0 security update | 2023-11-15T21:28:54+00:00 | 2025-11-21T18:50:47+00:00 |
| rhsa-2023:7253 | Red Hat Security Advisory: dotnet8.0 security update | 2023-11-15T21:30:49+00:00 | 2025-11-21T18:50:47+00:00 |
| rhsa-2023:7257 | Red Hat Security Advisory: dotnet6.0 security update | 2023-11-15T20:40:30+00:00 | 2025-11-21T18:50:46+00:00 |
| rhsa-2023:7255 | Red Hat Security Advisory: dotnet7.0 security update | 2023-11-15T21:29:09+00:00 | 2025-11-21T18:50:46+00:00 |
| rhsa-2023:7213 | Red Hat Security Advisory: squid:4 security update | 2023-11-14T17:37:03+00:00 | 2025-11-21T18:50:45+00:00 |
| rhsa-2023:7243 | Red Hat Security Advisory: kernel security update | 2023-11-15T17:46:08+00:00 | 2025-11-21T18:50:44+00:00 |
| rhsa-2023:7207 | Red Hat Security Advisory: c-ares security update | 2023-11-14T17:00:58+00:00 | 2025-11-21T18:50:40+00:00 |
| rhsa-2023:7189 | Red Hat Security Advisory: fwupd security update | 2023-11-14T15:39:03+00:00 | 2025-11-21T18:50:37+00:00 |
| rhsa-2023:7190 | Red Hat Security Advisory: avahi security update | 2023-11-14T16:11:16+00:00 | 2025-11-21T18:50:36+00:00 |
| rhsa-2023:7187 | Red Hat Security Advisory: procps-ng security update | 2023-11-14T15:26:27+00:00 | 2025-11-21T18:50:35+00:00 |
| rhsa-2023:7177 | Red Hat Security Advisory: bind security update | 2023-11-14T16:08:14+00:00 | 2025-11-21T18:50:34+00:00 |
| rhsa-2023:7174 | Red Hat Security Advisory: perl-HTTP-Tiny security update | 2023-11-14T15:20:31+00:00 | 2025-11-21T18:50:33+00:00 |
| rhsa-2023:7166 | Red Hat Security Advisory: tpm2-tss security and enhancement update | 2023-11-14T15:53:09+00:00 | 2025-11-21T18:50:33+00:00 |
| rhsa-2023:7165 | Red Hat Security Advisory: cups security and bug fix update | 2023-11-14T15:52:53+00:00 | 2025-11-21T18:50:31+00:00 |
| rhsa-2023:7160 | Red Hat Security Advisory: opensc security and bug fix update | 2023-11-14T16:09:24+00:00 | 2025-11-21T18:50:31+00:00 |
| rhsa-2023:7150 | Red Hat Security Advisory: librabbitmq security update | 2023-11-14T15:21:31+00:00 | 2025-11-21T18:50:30+00:00 |
| rhsa-2023:7139 | Red Hat Security Advisory: samba security, bug fix, and enhancement update | 2023-11-14T16:04:52+00:00 | 2025-11-21T18:50:29+00:00 |
| rhsa-2023:7112 | Red Hat Security Advisory: shadow-utils security and bug fix update | 2023-11-14T16:03:40+00:00 | 2025-11-21T18:50:28+00:00 |
| rhsa-2023:7109 | Red Hat Security Advisory: linux-firmware security, bug fix, and enhancement update | 2023-11-14T15:49:41+00:00 | 2025-11-21T18:50:28+00:00 |
| rhsa-2023:7096 | Red Hat Security Advisory: python-cryptography security update | 2023-11-14T16:14:38+00:00 | 2025-11-21T18:50:28+00:00 |
| rhsa-2023:7090 | Red Hat Security Advisory: libmicrohttpd security update | 2023-11-14T15:47:04+00:00 | 2025-11-21T18:50:27+00:00 |
| rhsa-2023:7083 | Red Hat Security Advisory: emacs security update | 2023-11-14T16:09:10+00:00 | 2025-11-21T18:50:27+00:00 |
| rhsa-2023:7065 | Red Hat Security Advisory: tomcat security and bug fix update | 2023-11-14T15:32:23+00:00 | 2025-11-21T18:50:26+00:00 |
| rhsa-2023:7057 | Red Hat Security Advisory: yajl security update | 2023-11-14T15:40:56+00:00 | 2025-11-21T18:50:25+00:00 |
| rhsa-2023:7055 | Red Hat Security Advisory: webkit2gtk3 security, bug fix, and enhancement update | 2023-11-14T15:25:22+00:00 | 2025-11-21T18:50:25+00:00 |
| rhsa-2023:7053 | Red Hat Security Advisory: ghostscript security and bug fix update | 2023-11-14T15:49:43+00:00 | 2025-11-21T18:50:24+00:00 |
| rhsa-2023:7046 | Red Hat Security Advisory: dnsmasq security and bug fix update | 2023-11-14T15:53:12+00:00 | 2025-11-21T18:50:23+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2020-28935 | Local symlink attack in Unbound and NSD | 2020-12-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27783 | A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code. | 2020-12-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27779 | A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27749 | A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents using a 1kB stack buffer for temporary storage without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload it is possible to overflow the stack buffer corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27171 | An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory aka CID-10d2bb2e6b1d. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27170 | An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-26572 | The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher. | 2020-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-26571 | The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init. | 2020-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-26570 | The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file. | 2020-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25647 | A flaw was found in grub2 in versions prior to 2.06. During USB device initialization descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25639 | A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25637 | A double free memory issue was found to occur in the libvirt API in versions before 6.8.0 responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon resulting in a denial of service or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2020-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25632 | A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25219 | url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. | 2020-09-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-24742 | An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory allowing attackers to execute arbitrary code via crafted files. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-24659 | An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing and then an invalid second handshake occurs. The crash happens in the application's error handling path where the gnutls_deinit function is called after detecting a handshake failure. | 2020-09-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-24455 | Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-24332 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files which could possibly lead to a DoS attack. | 2020-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-24331 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon). | 2020-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-24330 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user it fails to drop the root gid privilege when no longer needed. | 2020-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-17541 | Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service. | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-17525 | Remote unauthenticated denial-of-service in Subversion mod_authz_svn | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-17507 | An issue was discovered in Qt through 5.12.9 and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. | 2020-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-16120 | Unprivileged overlay + shiftfs read access | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-15945 | Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g. when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function. | 2020-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-15136 | Improper authentication in etcd | 2020-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-15115 | No minimum password length in etcd | 2020-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-15114 | Denial of Service in etcd | 2020-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-15113 | Improper Preservation of Permissions in etcd | 2020-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-15112 | Improper Input Validation in etcd | 2020-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201604-0330 | The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B23… | 2025-04-13T23:03:06.514000Z |
| var-201604-0446 | Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-… | 2025-04-13T23:03:06.479000Z |
| var-201604-0445 | The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B23… | 2025-04-13T23:03:06.444000Z |
| var-201604-0331 | The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, … | 2025-04-13T23:03:06.410000Z |
| var-201604-0447 | Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-… | 2025-04-13T23:03:06.375000Z |
| var-201604-0571 | The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remo… | 2025-04-13T23:03:06.025000Z |
| var-201605-0255 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:05.211000Z |
| var-201605-0116 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:05.172000Z |
| var-201605-0151 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:05.133000Z |
| var-201605-0148 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:05.097000Z |
| var-201605-0095 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:05.064000Z |
| var-201605-0236 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:05.022000Z |
| var-201605-0164 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.984000Z |
| var-201605-0382 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:04.946000Z |
| var-201605-0156 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.902000Z |
| var-201605-0235 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:04.859000Z |
| var-201605-0089 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.824000Z |
| var-201605-0245 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:04.787000Z |
| var-201605-0114 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.752000Z |
| var-201605-0241 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:04.710000Z |
| var-201605-0071 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.666000Z |
| var-201605-0090 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:04.633000Z |
| var-201605-0163 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.591000Z |
| var-201605-0379 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:04.552000Z |
| var-201605-0378 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.510000Z |
| var-201605-0380 | Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader D… | 2025-04-13T23:03:04.469000Z |
| var-201605-0252 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.429000Z |
| var-201605-0093 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.391000Z |
| var-201605-0304 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.… | 2025-04-13T23:03:04.353000Z |
| var-201605-0381 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acro… | 2025-04-13T23:03:04.313000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2020:3512-1 | Security update for the Linux Kernel | 2020-11-25T09:07:06Z | 2020-11-25T09:07:06Z |
| suse-su-2020:3507-1 | Security update for the Linux Kernel | 2020-11-24T16:17:12Z | 2020-11-24T16:17:12Z |
| suse-su-2020:3506-1 | Security update for slurm | 2020-11-24T16:16:45Z | 2020-11-24T16:16:45Z |
| suse-su-2020:3505-1 | Security update for slurm | 2020-11-24T16:16:27Z | 2020-11-24T16:16:27Z |
| suse-su-2020:3503-1 | Security update for the Linux Kernel | 2020-11-24T13:31:53Z | 2020-11-24T13:31:53Z |
| suse-su-2020:3501-1 | Security update for the Linux Kernel | 2020-11-24T13:31:07Z | 2020-11-24T13:31:07Z |
| suse-su-2020:3500-1 | Security update for mariadb | 2020-11-24T12:50:44Z | 2020-11-24T12:50:44Z |
| suse-su-2020:3464-1 | Security update for postgresql10 | 2020-11-24T10:26:59Z | 2020-11-24T10:26:59Z |
| suse-su-2020:3477-1 | Security update for postgresql96 | 2020-11-24T10:08:58Z | 2020-11-24T10:08:58Z |
| suse-su-2020:3497-1 | Security update for mariadb | 2020-11-24T09:15:07Z | 2020-11-24T09:15:07Z |
| suse-su-2020:3491-1 | Security update for the Linux Kernel | 2020-11-23T16:23:08Z | 2020-11-23T16:23:08Z |
| suse-su-2020:3484-1 | Security update for the Linux Kernel | 2020-11-23T11:49:49Z | 2020-11-23T11:49:49Z |
| suse-su-2020:3480-1 | Security update for dash | 2020-11-23T09:34:44Z | 2020-11-23T09:34:44Z |
| suse-su-2020:3478-1 | Security update for c-ares | 2020-11-23T08:33:45Z | 2020-11-23T08:33:45Z |
| suse-su-2020:3476-1 | Security update for postgresql10 | 2020-11-20T19:00:27Z | 2020-11-20T19:00:27Z |
| suse-su-2020:3474-1 | Security update for u-boot | 2020-11-20T18:09:59Z | 2020-11-20T18:09:59Z |
| suse-su-2020:3473-1 | Security update for ceph | 2020-11-20T18:08:38Z | 2020-11-20T18:08:38Z |
| suse-su-2020:3466-1 | Security update for SUSE Manager Server 4.0 | 2020-11-20T14:06:24Z | 2020-11-20T14:06:24Z |
| suse-su-2020:3463-1 | Security update for postgresql12 | 2020-11-20T12:50:11Z | 2020-11-20T12:50:11Z |
| suse-su-2020:3460-1 | Security update for java-1_8_0-openjdk | 2020-11-20T11:41:47Z | 2020-11-20T11:41:47Z |
| suse-su-2020:3257-1 | Security update for ceph, deepsea | 2020-11-20T11:14:55Z | 2020-11-20T11:14:55Z |
| suse-su-2020:3459-1 | Security update for ceph | 2020-11-20T11:14:40Z | 2020-11-20T11:14:40Z |
| suse-su-2020:3458-1 | Security update for MozillaFirefox | 2020-11-20T10:09:53Z | 2020-11-20T10:09:53Z |
| suse-su-2020:3457-1 | Security update for ucode-intel | 2020-11-20T09:16:05Z | 2020-11-20T09:16:05Z |
| suse-su-2020:14548-1 | Security update for MozillaFirefox | 2020-11-20T08:47:12Z | 2020-11-20T08:47:12Z |
| suse-su-2020:3455-1 | Security update for postgresql10 | 2020-11-20T08:22:34Z | 2020-11-20T08:22:34Z |
| suse-su-2020:3433-1 | Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP3) | 2020-11-19T16:23:32Z | 2020-11-19T16:23:32Z |
| suse-su-2020:3449-1 | Security update for the Linux Kernel (Live Patch 16 for SLE 15) | 2020-11-19T16:20:50Z | 2020-11-19T16:20:50Z |
| suse-su-2020:3441-1 | Security update for the Linux Kernel (Live Patch 17 for SLE 15) | 2020-11-19T16:20:20Z | 2020-11-19T16:20:20Z |
| suse-su-2020:3425-1 | Security update for postgresql12 | 2020-11-19T15:12:56Z | 2020-11-19T15:12:56Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2024-41006 | Esri Portal For ArcGIS跨站脚本洞(CNVD-2024-41006) | 2024-10-17 | 2024-10-18 |
| cnvd-2024-41005 | Esri Portal For ArcGIS跨站脚本漏洞(CNVD-2024-41005) | 2024-10-17 | 2024-10-18 |
| cnvd-2024-41004 | Esri Portal For ArcGIS跨站脚本漏洞(CNVD-2024-41004) | 2024-10-17 | 2024-10-18 |
| cnvd-2024-41003 | Esri Portal For ArcGIS跨站脚本漏洞 | 2024-10-17 | 2024-10-18 |
| cnvd-2024-41002 | Esri Portal For ArcGIS重定向漏洞 | 2024-10-17 | 2024-10-18 |
| cnvd-2024-41001 | Esri Portal For ArcGIS HTML注入漏洞 | 2024-10-17 | 2024-10-18 |
| cnvd-2024-41055 | D-Link DIR-605L formSetWanNonLogin函数缓冲区溢出漏洞 | 2024-10-13 | 2024-10-17 |
| cnvd-2024-41054 | D-Link DIR-605L formSetWanL2TP函数缓冲区溢出漏洞 | 2024-10-13 | 2024-10-17 |
| cnvd-2024-41053 | D-Link DIR-605L formSetPassword函数缓冲区溢出漏洞 | 2024-10-13 | 2024-10-17 |
| cnvd-2024-41051 | SeedDMS跨站脚本漏洞(CNVD-2024-41051) | 2024-10-13 | 2024-10-17 |
| cnvd-2024-41050 | October CMS跨站脚本漏洞 | 2024-10-13 | 2024-10-17 |
| cnvd-2024-41049 | Mozilla Firefox存在未明漏洞(CNVD-2024-41049) | 2024-10-13 | 2024-10-17 |
| cnvd-2024-41048 | D-Link DSL-2750U跨站脚本漏洞 | 2024-10-13 | 2024-10-17 |
| cnvd-2024-41047 | D-Link DIR-619L formSetLog函数缓冲区溢出漏洞 | 2024-10-13 | 2024-10-17 |
| cnvd-2024-41046 | D-Link DIR-619L formSetDDNS函数缓冲区溢出漏洞 | 2024-10-13 | 2024-10-17 |
| cnvd-2024-41045 | NETGEAR XR1000存在未明漏洞(CNVD-2024-41045) | 2024-10-14 | 2024-10-17 |
| cnvd-2024-41044 | NETGEAR EX3700存在未明漏洞(CNVD-2024-41044) | 2024-10-14 | 2024-10-17 |
| cnvd-2024-41043 | D-Link DIR-619L B1缓冲区溢出漏洞 | 2024-10-16 | 2024-10-17 |
| cnvd-2024-41034 | Google Chrome存在未明漏洞(CNVD-2024-41034) | 2024-10-17 | 2024-10-17 |
| cnvd-2024-41033 | Google Chrome存在未明漏洞(CNVD-2024-41033) | 2024-10-17 | 2024-10-17 |
| cnvd-2024-41032 | Google Chrome存在未明漏洞(CNVD-2024-41032) | 2024-10-17 | 2024-10-17 |
| cnvd-2024-40924 | Adobe Substance 3D Stager代码执行漏洞(CNVD-2024-40924) | 2024-10-11 | 2024-10-17 |
| cnvd-2024-40923 | Adobe Substance 3D Stager代码执行漏洞(CNVD-2024-40923) | 2024-10-11 | 2024-10-17 |
| cnvd-2024-40922 | Adobe Substance 3D Stager缓冲区溢出漏洞(CNVD-2024-40922) | 2024-10-11 | 2024-10-17 |
| cnvd-2024-40921 | Adobe Framemaker缓冲区溢出漏洞(CNVD-2024-40921) | 2024-10-11 | 2024-10-17 |
| cnvd-2024-40920 | Adobe InCopy代码问题漏洞(CNVD-2024-40920) | 2024-10-11 | 2024-10-17 |
| cnvd-2024-40919 | Adobe InDesign代码问题漏洞(CNVD-2024-40919) | 2024-10-11 | 2024-10-17 |
| cnvd-2024-40918 | Adobe Framemaker输入验证错误漏洞(CNVD-2024-40918) | 2024-10-11 | 2024-10-17 |
| cnvd-2024-40917 | Adobe Framemaker代码问题漏洞(CNVD-2024-40917) | 2024-10-11 | 2024-10-17 |
| cnvd-2024-40916 | Adobe Framemaker代码问题漏洞(CNVD-2024-40916) | 2024-10-11 | 2024-10-17 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2010-avi-237 | Vulnérabilités dans OpenSSL | 2010-06-04T00:00:00.000000 | 2010-12-03T00:00:00.000000 |
| certa-2010-avi-573 | Multiples vulnérabilités dans les produits Hitachi Cosminexus | 2010-12-02T00:00:00.000000 | 2010-12-02T00:00:00.000000 |
| certa-2010-avi-572 | Vulnérabilité dans phpMyAdmin | 2010-12-02T00:00:00.000000 | 2010-12-02T00:00:00.000000 |
| certa-2010-avi-571 | Vulnérabilités dans Kerberos | 2010-12-01T00:00:00.000000 | 2010-12-02T00:00:00.000000 |
| certa-2010-avi-549 | Vulnérabilité dans libxml2 | 2010-11-12T00:00:00.000000 | 2010-12-02T00:00:00.000000 |
| certa-2010-avi-570 | Vulnérabilité dans VMware ESX | 2010-12-01T00:00:00.000000 | 2010-12-01T00:00:00.000000 |
| certa-2010-avi-569 | Vulnérabilité dans Kerio Control Web Filter | 2010-12-01T00:00:00.000000 | 2010-12-01T00:00:00.000000 |
| certa-2010-avi-568 | Vulnérabilités dans WordPress | 2010-12-01T00:00:00.000000 | 2010-12-01T00:00:00.000000 |
| certa-2010-avi-567 | Vulnérabilités dans Apache Tomcat | 2010-11-29T00:00:00.000000 | 2010-11-29T00:00:00.000000 |
| certa-2010-avi-510 | Vulnérabilités dans Apache | 2010-10-21T00:00:00.000000 | 2010-11-29T00:00:00.000000 |
| certa-2010-avi-449 | Vulnérabilité dans bzip2 | 2010-09-22T00:00:00.000000 | 2010-11-29T00:00:00.000000 |
| certa-2010-avi-266 | Vulnérabilité dans Samba | 2010-06-16T00:00:00.000000 | 2010-11-29T00:00:00.000000 |
| certa-2009-avi-482 | Vulnérabilité du protocole SSL/TLS | 2009-11-06T00:00:00.000000 | 2010-11-29T00:00:00.000000 |
| certa-2010-avi-566 | Vulnérabilité dans PGP Desktop | 2010-11-24T00:00:00.000000 | 2010-11-24T00:00:00.000000 |
| certa-2010-avi-565 | Multiples vulnérabilités dans Apple iOS | 2010-11-24T00:00:00.000000 | 2010-11-24T00:00:00.000000 |
| certa-2010-avi-564 | Vulnérabilité dans les produits Horde | 2010-11-24T00:00:00.000000 | 2010-11-24T00:00:00.000000 |
| certa-2010-avi-563 | Vulnérabilité dans Trend Micro OfficeScan | 2010-11-24T00:00:00.000000 | 2010-11-24T00:00:00.000000 |
| certa-2010-avi-562 | Vulnérabilité dans DotNetNuke | 2010-11-23T00:00:00.000000 | 2010-11-23T00:00:00.000000 |
| certa-2010-avi-561 | Multiples vulnérabilités dans Cisco Videoconferencing | 2010-11-23T00:00:00.000000 | 2010-11-23T00:00:00.000000 |
| certa-2010-avi-560 | Vulnérabilités dans Wireshark | 2010-11-23T00:00:00.000000 | 2010-11-23T00:00:00.000000 |
| certa-2010-avi-559 | Vulnérabilité dans phpBB | 2010-11-23T00:00:00.000000 | 2010-11-23T00:00:00.000000 |
| certa-2010-avi-558 | Multiples vulnérabilités dans Apple Safari | 2010-11-19T00:00:00.000000 | 2010-11-19T00:00:00.000000 |
| certa-2010-avi-557 | Vulnérabilité dans Apple Mac OS X Server | 2010-11-19T00:00:00.000000 | 2010-11-19T00:00:00.000000 |
| certa-2010-avi-556 | Vulnérabilité dans VLC | 2010-11-19T00:00:00.000000 | 2010-11-19T00:00:00.000000 |
| certa-2010-avi-554 | Vulnérabilité dans LANDesk Management Gateway | 2010-11-17T00:00:00.000000 | 2010-11-17T00:00:00.000000 |
| certa-2010-avi-553 | Multiples vulnérabilités dans VMWare ESX et ESXi | 2010-11-17T00:00:00.000000 | 2010-11-17T00:00:00.000000 |
| certa-2010-avi-552 | Vulnérabilité dans les imprimantes HP LaserJet | 2010-11-17T00:00:00.000000 | 2010-11-17T00:00:00.000000 |
| certa-2010-avi-551 | Vulnérabilités dans Adobe Reader et Acrobat | 2010-11-17T00:00:00.000000 | 2010-11-17T00:00:00.000000 |
| certa-2010-avi-548 | Multiples vulnérabilités dans Mac OS X | 2010-11-12T00:00:00.000000 | 2010-11-12T00:00:00.000000 |
| certa-2010-avi-547 | Vulnérabilité dans Juniper IVE OS et Netscreen SSL VPN | 2010-11-10T00:00:00.000000 | 2010-11-10T00:00:00.000000 |