Recent vulnerabilities

ID CVSS Description Vendor Product Published Updated
CVE-2026-0725
4.4 (3.1)
Integrate Dynamics 365 CRM <= 1.1.1 - Authenticated (A… cyberlord92
 Integrate Dynamics 365 CRM
 2026-01-17T08:24:31.355Z 2026-01-20T19:23:19.234Z
CVE-2025-14078
5.3 (3.1)
PAYGENT for WooCommerce <= 2.4.6 - Missing Authorizati… shoheitanaka
 PAYGENT for WooCommerce
 2026-01-17T08:24:31.760Z 2026-01-20T19:23:14.231Z
CVE-2025-8615
6.4 (3.1)
CubeWP <= 1.1.26 - Authenticated (Contributor+) Stored… cubewp1211
 CubeWP Framework
 2026-01-17T08:24:32.192Z 2026-01-20T19:23:09.481Z
CVE-2025-23203
5.5 (3.1)
Icinga has rest API endpoints accessible to restricted users Icinga
 icingaweb2-module-director
 2025-03-26T13:44:58.110Z 2026-01-20T19:13:43.844Z
CVE-2025-67263
6.1 (3.1)
Abacre Retail Point of Sale 14.0.0.396 is affecte… n/a
 n/a
 2026-01-20T00:00:00.000Z 2026-01-20T18:53:28.009Z
CVE-2025-40679
5.1 (4.0)
HTML injection in Isshue from Bdtask Bdtask
 Isshue
 2026-01-20T11:53:39.846Z 2026-01-20T18:50:40.146Z
CVE-2025-33233
7.8 (3.1)
NVIDIA Merlin Transformers4Rec for all platforms … NVIDIA
 Merlin Transformers4Rec
 2026-01-20T17:43:38.169Z 2026-01-20T18:47:17.434Z
CVE-2025-45731
6.5 (3.1)
A group deletion race condition in 2FAuth v5.5.0 … n/a
 n/a
 2025-07-24T00:00:00.000Z 2026-01-20T18:43:16.863Z
CVE-2026-22219
8.3 (4.0)
Chainlit < 2.9.4 SQLAlchemy Data Layer SSRF via /proje… Chainlit
 Chainlit
 2026-01-19T23:15:08.897Z 2026-01-20T18:41:46.632Z
CVE-2026-0519
4.6 (4.0)
Information Disclosure in Secure Access Between 12.70 … Absolute Security
 Secure Access
 2026-01-17T01:13:59.183Z 2026-01-20T18:39:13.845Z
CVE-2026-0518
4.8 (4.0)
XSS in Secure Access Consoles prior to 14.20 Absolute Security
 Secure Access
 2026-01-17T01:09:29.268Z 2026-01-20T18:37:15.079Z
CVE-2026-22787
8.7 (4.0)
html2pdf.js has a cross-site scripting vulnerability eKoopmans
 html2pdf.js
 2026-01-14T16:52:38.372Z 2026-01-20T18:37:09.279Z
CVE-2025-12825
5.3 (3.1)
User Registration Using Contact Form 7 <= 2.5 - Authen… zealopensource
 User Registration Using Contact Form 7
 2026-01-17T04:34:02.212Z 2026-01-20T18:34:56.055Z
CVE-2026-0517
6 (4.0)
Denial of Service in Secure Access Servers Prior to 14.20. Absolute Security
 Secure Access
 2026-01-17T01:04:55.634Z 2026-01-20T18:34:14.258Z
CVE-2025-66019
6.6 (4.0)
pypdf manipulated LZWDecode streams can exhaust RAM py-pdf
 pypdf
 2025-11-25T23:38:12.473Z 2026-01-20T18:33:02.928Z
CVE-2025-12168
4.3 (3.1)
Phrase TMS Integration for WordPress <= 4.7.5 - Missin… memsource
 Phrase TMS Integration for WordPress
 2026-01-17T04:34:01.207Z 2026-01-20T18:32:40.697Z
CVE-2025-14029
5.3 (3.1)
Community Events <= 1.5.6 - Missing Authorization to U… jackdewey
 Community Events
 2026-01-17T04:34:00.530Z 2026-01-20T18:31:08.439Z
CVE-2025-41025
5.1 (4.0)
Stored Cross-Site Scripting in Poultry Farm Management… Poultry Farm Management System
 Poultry Farm Management System
 2026-01-20T12:04:05.614Z 2026-01-20T18:29:13.214Z
CVE-2026-0691
4.4 (3.1)
CM E-Mail Blacklist <= 1.6.2 - Authenticated (Administ… creativemindssolutions
 CM E-Mail Blacklist – Simple email filtering for safer registration
 2026-01-17T06:42:20.210Z 2026-01-20T18:28:47.071Z
CVE-2026-0808
5.3 (3.1)
Spin Wheel <= 2.1.0 - Unauthenticated Client-Side Priz… bdthemes
 Spin Wheel – Interactive spinning wheel that offers coupons
 2026-01-17T06:42:20.697Z 2026-01-20T18:27:18.935Z
CVE-2026-1222
8.6 (4.0)
7.2 (3.1)
BROWAN COMMUNICATIONS |PrismX MX100 AP controller - Ar… BROWAN COMMUNICATIONS
 PrismX MX100 AP controller
 2026-01-20T06:30:52.946Z 2026-01-20T18:26:15.271Z
CVE-2026-1223
6.9 (4.0)
4.9 (3.1)
BROWAN COMMUNICATIONS |PrismX MX100 AP controller - In… BROWAN COMMUNICATIONS
 PrismX MX100 AP controller
 2026-01-20T06:35:17.742Z 2026-01-20T18:24:10.328Z
CVE-2025-66523
6.1 (3.1)
Reflected Cross-Site Scripting (XSS) Vulnerability in … Foxit Software Inc.
 na1.foxitesign.foxit.com
 2026-01-20T06:51:34.771Z 2026-01-20T18:08:07.692Z
CVE-2026-0895
5.2 (4.0)
Insecure Deserialization in extension "Mailqueue" (mai… TYPO3
 Extension "Mailqueue"
 2026-01-20T07:19:00.786Z 2026-01-20T18:07:10.983Z
CVE-2025-6035
6.1 (3.1)
Gimp: gimp integer overflow

2025-06-13T15:21:17.439Z 2026-01-20T17:56:26.216Z
CVE-2026-1183
5.1 (4.0)
HTML injection in multiple Botble products Botble
 TransP
 2026-01-20T12:09:05.269Z 2026-01-20T17:51:26.528Z
CVE-2025-51602
4.8 (3.1)
mmstu.c in VideoLAN VLC media player before 3.0.2… VideoLAN
 VLC media player
 2026-01-16T00:00:00.000Z 2026-01-20T17:35:37.090Z
CVE-2026-0625
9.3 (4.0)
D-Link DSL/DIR/DNS Command Injection via DNS Configura… D-Link
 DSL-2640B
 2026-01-05T21:14:48.992Z 2026-01-20T17:34:41.776Z
CVE-2025-56154
6.1 (3.1)
htmly v3.0.8 is vulnerable to Cross Site Scriptin… n/a
 n/a
 2025-10-02T00:00:00.000Z 2026-01-20T17:34:14.577Z
CVE-2026-23840
9.3 (3.1)
Movary vulnerable to Cross-site Scripting with `?categ… leepeuker
 movary
 2026-01-19T18:32:50.229Z 2026-01-20T17:30:24.315Z
ID CVSS Description Vendor Product Published Updated
CVE-2025-40215
N/A
xfrm: delete x->tunnel as we delete x Linux
 Linux
 2025-12-04T12:38:32.517Z 2026-01-19T12:18:05.674Z
CVE-2025-40110
N/A
drm/vmwgfx: Fix a null-ptr access in the cursor snooper Linux
 Linux
 2025-11-12T01:07:24.739Z 2026-01-19T12:18:04.465Z
CVE-2025-38556
N/A
HID: core: Harden s32ton() against conversion to 0 bits Linux
 Linux
 2025-08-19T17:02:34.929Z 2026-01-19T12:18:03.142Z
CVE-2025-38129
N/A
page_pool: Fix use-after-free in page_pool_recycle_in_ring Linux
 Linux
 2025-07-03T08:35:33.728Z 2026-01-19T12:18:00.706Z
CVE-2025-38119
N/A
scsi: core: ufs: Fix a hang in the error handler Linux
 Linux
 2025-07-03T08:35:26.616Z 2026-01-19T12:17:59.357Z
CVE-2025-38022
N/A
RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_… Linux
 Linux
 2025-06-18T09:28:29.218Z 2026-01-19T12:17:58.186Z
CVE-2025-37830
N/A
cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() Linux
 Linux
 2025-05-08T06:26:21.736Z 2026-01-19T12:17:56.940Z
CVE-2025-22121
N/A
ext4: fix out-of-bound read in ext4_xattr_inode_dec_re… Linux
 Linux
 2025-04-16T14:13:05.894Z 2026-01-19T12:17:55.783Z
CVE-2025-22111
N/A
net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. Linux
 Linux
 2025-04-16T14:12:57.719Z 2026-01-19T12:17:54.573Z
CVE-2025-22022
N/A
usb: xhci: Apply the link chain quirk on NEC isoc endpoints Linux
 Linux
 2025-04-16T10:23:27.423Z 2026-01-19T12:17:53.138Z
CVE-2024-49968
N/A
ext4: filesystems without casefold feature cannot be m… Linux
 Linux
 2024-10-21T18:02:18.369Z 2026-01-19T12:17:51.927Z
CVE-2024-46830
N/A
KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU… Linux
 Linux
 2024-09-27T12:39:28.396Z 2026-01-19T12:17:50.664Z
CVE-2024-40928
N/A
net: ethtool: fix the error condition in ethtool_get_p… Linux
 Linux
 2024-07-12T12:25:07.769Z 2026-01-19T12:17:49.472Z
CVE-2024-36927
N/A
ipv4: Fix uninit-value access in __ip_make_skb() Linux
 Linux
 2024-05-30T15:29:20.275Z 2026-01-19T12:17:47.098Z
CVE-2024-36903
N/A
ipv6: Fix potential uninit-value access in __ip6_make_skb() Linux
 Linux
 2024-05-30T15:29:04.866Z 2026-01-19T12:17:45.894Z
CVE-2023-52975
7.8 (3.1)
scsi: iscsi_tcp: Fix UAF during logout when accessing … Linux
 Linux
 2025-03-27T16:43:15.322Z 2026-01-19T12:17:43.562Z
CVE-2022-49743
N/A
ovl: Use "buf" flexible array for memcpy() destination Linux
 Linux
 2025-03-27T16:42:54.289Z 2026-01-19T12:17:42.348Z
CVE-2022-49267
N/A
mmc: core: use sysfs_emit() instead of sprintf() Linux
 Linux
 2025-02-26T01:56:16.211Z 2026-01-19T12:17:38.477Z
CVE-2025-46397
7.8 (3.1)
Xfig: xfig: stack-overflow allows possible code execut…

2025-04-23T20:55:09.795Z 2026-01-19T03:55:40.389Z
CVE-2024-7885
7.5 (3.1)
Undertow: improper state management in proxy protocol …

2024-08-21T14:13:36.579Z 2026-01-19T03:51:37.166Z
CVE-2025-40920
8.6 (3.1)
Catalyst::Authentication::Credential::HTTP versions 1.… ETHER
 Catalyst::Authentication::Credential::HTTP
 2025-08-11T20:19:57.516Z 2026-01-17T20:23:09.178Z
CVE-2025-68792
N/A
tpm2-sessions: Fix out of range indexing in name_size Linux
 Linux
 2026-01-13T15:29:04.226Z 2026-02-09T08:33:39.373Z
CVE-2025-5489
N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A N/A 2026-01-16T22:19:09.219Z
CVE-2025-5102
N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A N/A 2026-01-16T22:19:09.061Z
CVE-2024-8506
N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A N/A 2026-01-16T22:19:08.895Z
CVE-2024-8491
N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A N/A 2026-01-16T22:19:08.586Z
CVE-2025-15456
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
bg5sbk MiniCMS Publish page-edit.php improper authentication bg5sbk
 MiniCMS
 2026-01-05T04:02:06.770Z 2026-02-23T08:16:46.676Z
CVE-2022-50443
N/A
drm/rockchip: lvds: fix PM usage counter unbalance in … Linux
 Linux
 2025-10-01T11:42:18.900Z 2025-10-01T11:42:18.900Z
CVE-2023-53461
N/A
io_uring: wait interruptibly for request completions on exit Linux
 Linux
 2025-10-01T11:42:32.525Z 2025-10-02T07:04:22.533Z
CVE-2023-53462
N/A
hsr: Fix uninit-value access in fill_frame_info() Linux
 Linux
 2025-10-01T11:42:33.434Z 2025-10-01T11:42:33.434Z
ID Description Published Updated
fkie_cve-2025-22022 In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chai… 2025-04-16T11:15:42.883 2026-01-19T13:16:07.630
fkie_cve-2024-49968 In the Linux kernel, the following vulnerability has been resolved: ext4: filesystems without case… 2024-10-21T18:15:17.833 2026-01-19T13:16:07.507
fkie_cve-2024-46830 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm->srcu wh… 2024-09-27T13:15:15.380 2026-01-19T13:16:07.367
fkie_cve-2024-40928 In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error co… 2024-07-12T13:15:15.550 2026-01-19T13:16:07.240
fkie_cve-2024-36927 In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access … 2024-05-30T16:15:15.957 2026-01-19T13:16:06.940
fkie_cve-2024-36903 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-val… 2024-05-30T16:15:13.867 2026-01-19T13:16:06.793
fkie_cve-2023-52975 In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Fix UAF durin… 2025-03-27T17:15:44.533 2026-01-19T13:16:06.533
fkie_cve-2022-49743 In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array … 2025-03-27T17:15:38.967 2026-01-19T13:16:06.403
fkie_cve-2022-49267 In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit() in… 2025-02-26T07:01:03.620 2026-01-19T13:16:05.963
fkie_cve-2025-46397 A flaw was found in xfig. This vulnerability allows possible code execution via local input manipul… 2025-04-23T21:15:16.807 2026-01-19T04:15:58.400
fkie_cve-2024-7885 A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBui… 2024-08-21T14:15:09.500 2026-01-19T04:15:58.173
fkie_cve-2025-40920 Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces usin… 2025-08-11T21:15:28.087 2026-01-17T21:15:48.750
fkie_cve-2025-68792 In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of rang… 2026-01-13T16:16:01.090 2026-01-17T16:16:05.827
fkie_cve-2025-5489 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 2026-01-16T23:15:49.150 2026-01-16T23:15:49.150
fkie_cve-2025-5102 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 2026-01-16T23:15:49.090 2026-01-16T23:15:49.090
fkie_cve-2024-8506 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 2026-01-16T23:15:49.017 2026-01-16T23:15:49.017
fkie_cve-2024-8491 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 2026-01-16T23:15:48.460 2026-01-16T23:15:48.460
fkie_cve-2025-15456 A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown func… 2026-01-05T05:15:53.007 2026-01-16T21:35:03.127
fkie_cve-2022-50443 In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usa… 2025-10-01T12:15:36.590 2026-01-16T21:34:09.787
fkie_cve-2023-53461 In the Linux kernel, the following vulnerability has been resolved: io_uring: wait interruptibly f… 2025-10-01T12:15:47.723 2026-01-16T21:33:19.060
fkie_cve-2023-53462 In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access i… 2025-10-01T12:15:47.887 2026-01-16T21:32:20.620
fkie_cve-2023-53463 In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reset dql stat… 2025-10-01T12:15:48.120 2026-01-16T21:31:26.387
fkie_cve-2025-61246 indieka900 online-shopping-system-php 1.0 is vulnerable to SQL Injection in master/review_action.ph… 2026-01-08T17:15:48.400 2026-01-16T21:31:24.953
fkie_cve-2023-53448 In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded… 2025-10-01T12:15:41.033 2026-01-16T21:28:52.693
fkie_cve-2025-67091 An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6… 2026-01-08T16:15:45.577 2026-01-16T21:28:39.047
fkie_cve-2025-67090 The LuCI web interface on Gl Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. Fix availabl… 2026-01-08T16:15:45.470 2026-01-16T21:28:08.207
fkie_cve-2025-67089 A command injection vulnerability exists in the GL-iNet GL-AXT1800 router firmware v4.6.8. The vuln… 2026-01-08T16:15:45.333 2026-01-16T21:26:11.910
fkie_cve-2023-53449 In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix potential memle… 2025-10-01T12:15:41.250 2026-01-16T21:25:30.833
fkie_cve-2023-53451 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential N… 2025-10-01T12:15:43.413 2026-01-16T21:24:42.710
fkie_cve-2023-53452 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential rac… 2025-10-01T12:15:43.600 2026-01-16T21:23:45.690
ID Severity Description Published Updated
ghsa-hvcp-4wf3-wrc5
6.1 (3.1)
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and … 2026-01-01T00:31:26Z 2026-01-01T00:31:26Z
ghsa-gffq-5p7q-h2w7
6.1 (3.1)
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and … 2026-01-01T00:31:25Z 2026-01-01T00:31:26Z
ghsa-65q9-988v-j5v5
6.1 (3.1)
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and … 2026-01-01T00:31:26Z 2026-01-01T00:31:26Z
ghsa-5w35-rjp9-mmr7
5.6 (3.1)
ArcGIS Server version 11.5 and earlier on Windows and Linux does not properly validate uploaded fil… 2026-01-01T00:31:26Z 2026-01-01T00:31:26Z
ghsa-4762-x793-4ghq
6.1 (3.1)
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and … 2026-01-01T00:31:26Z 2026-01-01T00:31:26Z
ghsa-3x4j-ww9c-3p4w
6.1 (3.1)
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and … 2026-01-01T00:31:26Z 2026-01-01T00:31:26Z
ghsa-j2rj-pxc8-245c
6.1 (3.1)
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and … 2026-01-01T00:31:25Z 2026-01-01T00:31:25Z
ghsa-h4qv-4942-vw79
6.1 (3.1)
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and … 2026-01-01T00:31:25Z 2026-01-01T00:31:25Z
ghsa-739h-rw2p-gghv
3.7 (3.1)
2.9 (4.0)
A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function f… 2026-01-01T00:31:25Z 2026-01-01T00:31:25Z
ghsa-mpj7-7xpf-5v66
3.7 (3.1)
Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: fr… 2024-04-24T12:30:42Z 2026-01-01T00:31:23Z
ghsa-j47q-rc62-w448
6.9 (4.0)
fastapi-guard is vulnerable to ReDoS through inefficient regex 2025-07-07T23:36:39Z 2025-12-31T22:50:34Z
ghsa-fff3-4rp7-px97
3.3 (3.1)
1.1 (4.0)
ImageMagick has a heap-buffer-overflow 2025-08-25T15:54:51Z 2025-12-31T22:18:05Z
ghsa-59pp-r3rg-353g
1.2 (4.0)
Composer is vulnerable to ANSI sequence injection 2025-12-30T17:44:10Z 2025-12-31T22:17:32Z
ghsa-jv8r-hv7q-p6vc
5.4 (3.1)
phpMyFAQ has Stored XSS in user list via admin-managed display_name 2025-12-29T22:12:35Z 2025-12-31T22:13:13Z
ghsa-p2gr-hm8g-q772
1.3 (4.0)
Temporal has a namespace policy bypass allowing requests to be authorized for incorrect contexts 2025-12-30T21:30:33Z 2025-12-31T22:08:24Z
ghsa-rwc2-f344-q6w6
7.5 (3.1)
serverless MCP Server vulnerable to Command Injection in list-projects tool 2025-12-31T22:05:32Z 2025-12-31T22:05:32Z
ghsa-fjmr-7667-8v4p
5.4 (3.1)
Visual Studio Code Go extension has unexpected untrusted code execution 2025-12-30T00:32:59Z 2025-12-31T22:05:05Z
ghsa-g3ch-rx76-35fx
4.2 (3.1)
vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS) 2024-07-23T15:31:09Z 2025-12-31T22:04:13Z
ghsa-xx83-cxmq-x89m
5.9 (3.1)
Boundary Community Edition Incorrectly Handles HTTP Requests On Initialization Which May Lead to a … 2024-12-13T00:30:50Z 2025-12-31T22:00:42Z
ghsa-423w-p2w9-r7vq
4.7 (3.1)
AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure 2023-09-22T16:11:47Z 2025-12-31T22:00:24Z
ghsa-vqf4-7m7x-wgfc
8.8 (4.0)
LZ4 Java Compression has Out-of-bounds memory operations which can cause DoS 2025-11-28T18:30:23Z 2025-12-31T22:00:12Z
ghsa-8vxj-4cph-c596
9.1 (3.1)
5.5 (4.0)
Deno has --allow-read / --allow-write permission bypass in `node:sqlite` 2025-06-04T21:22:27Z 2025-12-31T21:58:17Z
ghsa-h87r-f4vc-mchv
7.5 (3.1)
PocketMine-MP vulnerable to improperly checked dropped item count leading to server crash 2023-06-06T01:51:09Z 2025-12-31T21:42:11Z
ghsa-q49x-mf7w-873r
4.7 (3.1)
5.1 (4.0)
A vulnerability was detected in PKrystian Full-Stack-Bank up to bf73a0179e3ff07c0d7dc35297cea0be0e5… 2025-12-31T21:30:59Z 2025-12-31T21:30:59Z
ghsa-x9rg-7xj6-v2x6
7.5 (3.1)
6.9 (4.0)
KZTech JT3500V 4G LTE CPE 2.0.1 contains a session management vulnerability that allows attackers t… 2025-12-31T21:30:57Z 2025-12-31T21:30:57Z
ghsa-x8v6-6vmg-p732
5.4 (3.1)
4.8 (4.0)
STVS ProVision 5.9.10 contains a cross-site scripting vulnerability in the 'files' POST parameter t… 2025-12-31T21:30:57Z 2025-12-31T21:30:57Z
ghsa-x357-46c7-h4hf
6.1 (3.1)
5.1 (4.0)
COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scrip… 2025-12-31T21:30:57Z 2025-12-31T21:30:57Z
ghsa-v245-m4vw-4545
7.5 (3.1)
9.3 (4.0)
Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux dist… 2025-12-31T21:30:57Z 2025-12-31T21:30:57Z
ghsa-mmm6-w9m9-679x
8.8 (3.1)
8.5 (4.0)
Epic Games Psyonix Rocket League <=1.95 contains an insecure permissions vulnerability that allows … 2025-12-31T21:30:57Z 2025-12-31T21:30:57Z
ghsa-h2cc-vm9p-m74c
7.5 (3.1)
9.3 (4.0)
Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attacker… 2025-12-31T21:30:57Z 2025-12-31T21:30:57Z
ID Severity Description Package Published Updated
ID Description Type
ID Description Updated
gsd-2024-25211 Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via t… 2024-02-08T06:02:24.965839Z
gsd-2024-25219 A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to e… 2024-02-08T06:02:24.965488Z
gsd-2024-25259 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.963901Z
gsd-2024-25296 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.963625Z
gsd-2024-25543 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.963094Z
gsd-2024-25240 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.962465Z
gsd-2024-25403 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.962174Z
gsd-2024-25374 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.961553Z
gsd-2024-25266 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.961239Z
gsd-2024-25288 SLIMS (Senayan Library Management Systems) 9 Bulian v9.6.1 is vulnerable to SQL Injection… 2024-02-08T06:02:24.960941Z
gsd-2024-25502 Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execut… 2024-02-08T06:02:24.960633Z
gsd-2024-25442 An issue in the HuginBase::PanoramaMemento::loadPTScript function of Hugin v2022.0.0 allo… 2024-02-08T06:02:24.959768Z
gsd-2024-25294 An SSRF issue in REBUILD v.3.5 allows a remote attacker to obtain sensitive information a… 2024-02-08T06:02:24.958845Z
gsd-2024-25209 Barangay Population Monitoring System 1.0 was discovered to contain a SQL injection vulne… 2024-02-08T06:02:24.958291Z
gsd-2024-25254 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.958007Z
gsd-2024-25479 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.956437Z
gsd-2024-25183 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.956160Z
gsd-2024-25345 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.955847Z
gsd-2024-25166 Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute a… 2024-02-08T06:02:24.955276Z
gsd-2024-25213 Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability vi… 2024-02-08T06:02:24.954981Z
gsd-2024-25337 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.954679Z
gsd-2024-25464 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.954396Z
gsd-2024-25273 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.954071Z
gsd-2024-25329 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.953509Z
gsd-2024-25544 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.953217Z
gsd-2024-25282 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.952664Z
gsd-2024-25191 php-jwt 1.0.0 uses strcmp (which is not constant time) to verify authentication, which ma… 2024-02-08T06:02:24.952375Z
gsd-2024-25458 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.952087Z
gsd-2024-25520 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.951813Z
gsd-2024-25194 The format of the source doesn't require a description, click on the link for more details. 2024-02-08T06:02:24.951531Z
ID Description Published Updated
mal-2025-183358 Malicious code in liobc-ug-ayig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183357 Malicious code in liobc-ug-ayg (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183356 Malicious code in liobc-ug-agufiaidug (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183355 Malicious code in liobc-ug-agufiag (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183354 Malicious code in liobc-ug-agufiadug (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183353 Malicious code in liobc-ug-agufiaagidug (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183352 Malicious code in liobc-ug-agfiag (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183351 Malicious code in liobc-ug-agfag (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183350 Malicious code in liobc-ug-agag (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183349 Malicious code in liobc-ug-afayyig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183348 Malicious code in liobc-ug-afayig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183347 Malicious code in liobc-ug-afayauyig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183346 Malicious code in liobc-ug-afayafuyig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183345 Malicious code in liobc-ug-afayafuycig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183344 Malicious code in liobc-ug-afayafuyaicig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183343 Malicious code in liobc-ug-afayafuyacuicig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183342 Malicious code in liobc-ug-afayafuyacicig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183341 Malicious code in liobc-ug-afayafuyacauicig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183340 Malicious code in liobc-ug-aag (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183339 Malicious code in libc-ug-atag (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183338 Malicious code in libc-ug-atafuifiafaffaig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183337 Malicious code in libc-ug-atafuifiaafaig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183336 Malicious code in libc-ug-atafufiaafaig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183335 Malicious code in libc-ug-atafig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183334 Malicious code in libc-ug-atafiag (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183333 Malicious code in libc-ug-atafiafaig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183332 Malicious code in libc-ug-atafiaag (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183331 Malicious code in libc-ug-atafg (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183330 Malicious code in libc-ug-ataffiaafaig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183329 Malicious code in libc-ug-agufxagidug (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
rhsa-2023:4169 Red Hat Security Advisory: java-17-openjdk security update 2023-07-19T17:28:01+00:00 2025-11-21T18:42:25+00:00
rhsa-2023:4168 Red Hat Security Advisory: java-1.8.0-openjdk security update 2023-07-19T17:24:21+00:00 2025-11-21T18:42:25+00:00
rhsa-2023:4167 Red Hat Security Advisory: java-1.8.0-openjdk security update 2023-07-19T17:23:42+00:00 2025-11-21T18:42:25+00:00
rhsa-2023:4166 Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update 2023-07-21T14:35:58+00:00 2025-11-21T18:42:25+00:00
rhsa-2023:4165 Red Hat Security Advisory: java-11-openjdk security and bug fix update 2023-07-19T17:24:21+00:00 2025-11-21T18:42:25+00:00
rhsa-2023:4164 Red Hat Security Advisory: java-11-openjdk security and bug fix update 2023-07-19T17:29:34+00:00 2025-11-21T18:42:24+00:00
rhsa-2023:4163 Red Hat Security Advisory: java-11-openjdk security and bug fix update 2023-07-19T17:28:08+00:00 2025-11-21T18:42:24+00:00
rhsa-2023:4162 Red Hat Security Advisory: java-11-openjdk security and bug fix update 2023-07-19T17:24:42+00:00 2025-11-21T18:42:24+00:00
rhsa-2023:4161 Red Hat Security Advisory: OpenJDK 11.0.20 Security Update for Windows Builds 2023-07-20T12:11:40+00:00 2025-11-21T18:42:24+00:00
rhsa-2023:4160 Red Hat Security Advisory: java-1.8.0-ibm security update 2023-07-31T09:33:41+00:00 2025-11-21T18:42:22+00:00
rhsa-2023:4126 Red Hat Security Advisory: kernel-rt security and bug fix update 2023-07-18T07:48:37+00:00 2025-11-21T18:42:22+00:00
rhsa-2023:4159 Red Hat Security Advisory: java-17-openjdk security and bug fix update 2023-07-20T13:06:50+00:00 2025-11-21T18:42:21+00:00
rhsa-2023:4158 Red Hat Security Advisory: java-11-openjdk security and bug fix update 2023-07-20T12:19:55+00:00 2025-11-21T18:42:21+00:00
rhsa-2023:4157 Red Hat Security Advisory: java-11-openjdk security update 2023-07-19T17:27:25+00:00 2025-11-21T18:42:21+00:00
rhsa-2023:4154 Red Hat Security Advisory: bind security update 2023-07-18T08:28:58+00:00 2025-11-21T18:42:21+00:00
rhsa-2023:4153 Red Hat Security Advisory: bind security update 2023-07-18T08:30:29+00:00 2025-11-21T18:42:21+00:00
rhsa-2023:4152 Red Hat Security Advisory: bind security update 2023-07-18T08:36:42+00:00 2025-11-21T18:42:21+00:00
rhsa-2023:4151 Red Hat Security Advisory: kernel security and bug fix update 2023-07-18T08:35:24+00:00 2025-11-21T18:42:20+00:00
rhsa-2023:4150 Red Hat Security Advisory: kernel-rt security and bug fix update 2023-07-18T08:29:13+00:00 2025-11-21T18:42:19+00:00
rhsa-2023:4146 Red Hat Security Advisory: kpatch-patch security update 2023-07-18T09:03:53+00:00 2025-11-21T18:42:19+00:00
rhsa-2023:4145 Red Hat Security Advisory: kpatch-patch security update 2023-07-18T08:24:47+00:00 2025-11-21T18:42:19+00:00
rhsa-2023:4138 Red Hat Security Advisory: kernel-rt security and bug fix update 2023-07-18T08:31:22+00:00 2025-11-21T18:42:18+00:00
rhsa-2023:4137 Red Hat Security Advisory: kernel security and bug fix update 2023-07-18T08:33:17+00:00 2025-11-21T18:42:18+00:00
rhsa-2023:4125 Red Hat Security Advisory: kernel security and bug fix update 2023-07-18T07:48:59+00:00 2025-11-21T18:42:17+00:00
rhsa-2023:4124 Red Hat Security Advisory: edk2 security update 2023-07-18T07:48:11+00:00 2025-11-21T18:42:17+00:00
rhsa-2023:4103 Red Hat Security Advisory: java-1.8.0-ibm security update 2023-07-17T08:51:02+00:00 2025-11-21T18:42:15+00:00
rhsa-2023:4079 Red Hat Security Advisory: firefox security update 2023-07-13T12:11:27+00:00 2025-11-21T18:42:15+00:00
rhsa-2023:4102 Red Hat Security Advisory: bind security update 2023-07-17T09:02:48+00:00 2025-11-21T18:42:14+00:00
rhsa-2023:4101 Red Hat Security Advisory: bind security and bug fix update 2023-07-17T08:57:52+00:00 2025-11-21T18:42:14+00:00
rhsa-2023:4100 Red Hat Security Advisory: bind9.16 security update 2023-07-17T08:59:03+00:00 2025-11-21T18:42:14+00:00
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
msrc_cve-2020-14390 A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw privilege escalation cannot be fully ruled out. 2020-09-02T00:00:00.000Z 2020-09-30T00:00:00.000Z
msrc_cve-2020-25796 An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the InlineArray implementation an unaligned reference may be generated for a type that has a large alignment requirement. 2020-09-02T00:00:00.000Z 2020-09-26T00:00:00.000Z
msrc_cve-2020-25795 An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation insert_from can have a memory-safety issue upon a panic. 2020-09-02T00:00:00.000Z 2020-09-26T00:00:00.000Z
msrc_cve-2020-25793 An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation the array size is not checked when constructed with From<InlineArray<A T>>. 2020-09-02T00:00:00.000Z 2020-09-26T00:00:00.000Z
msrc_cve-2020-8428 fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket if the socket is being moved to a new parent directory and its old parent directory is being removed. 2020-01-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-6096 An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy() this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data. 2020-04-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-5291 Privilege escalation in setuid mode via user namespaces in Bubblewrap 2020-03-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-5247 HTTP Response Splitting in Puma 2020-02-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-25794 An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation clone can have a memory-safety issue upon a panic. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-25792 An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation the array size is not checked when constructed with pair(). 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-25791 An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation the array size is not checked when constructed with unit(). 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-25285 A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory cause a NULL pointer dereference or possibly have unspecified other impact aka CID-17743798d812. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-25284 The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices which could be leveraged by local attackers to map or unmap rbd block devices aka CID-f44d04e696fe. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-25212 A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c aka CID-b4487b935452. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-24394 In the Linux kernel before 5.7.8 fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support aka CID-22cf8419f131. This occurs because the current umask is not considered. 2020-08-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-2136 Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation resulting in a stored cross-site scripting vulnerability. 2020-03-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-1751 An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically the backtrace function did not properly check the array bounds when storing the frame address resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability. 2020-04-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-15780 An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions aka CID-75b0cea7bf30. 2020-07-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-15778 scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows." 2020-07-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-14386 A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-14385 A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown or otherwise rendered inaccessible until it is remounted leading to a denial of service. The highest threat from this vulnerability is to system availability. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-14356 A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. 2020-08-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-14331 A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console calling an ioctl VT_RESIZE which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-14314 A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability. 2020-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-14145 The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected. 2020-06-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-12826 A signal access-control issue was discovered in the Linux kernel before 5.6.5 aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs and the lack of scenarios where signals to a parent process present a substantial operational threat. 2020-05-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-12768 An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot the size is negligible and it can't be triggered at will 2020-05-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-12659 An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation. 2020-05-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-12657 An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body. 2020-05-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-12654 An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy aka CID-3a9b153c5591. 2020-05-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
ID Description Published Updated
ID Description Updated
var-201509-0065 Data Detectors Engine in Apple iOS before 9 allows remote attackers to execute arbitrary … 2025-04-13T22:52:38.307000Z
var-201406-0128 Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and b… 2025-04-13T22:52:31.111000Z
var-201503-0086 WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, all… 2025-04-13T22:52:30.095000Z
var-201510-0179 The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Con… 2025-04-13T22:52:29.880000Z
var-201409-0458 An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem … 2025-04-13T22:51:59.401000Z
var-201411-0268 dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlap… 2025-04-13T22:51:48.625000Z
var-201512-0166 IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of … 2025-04-13T22:51:43.478000Z
var-201507-0408 Apple OS X before 10.10.4 does not properly consider custom resource rules during app sig… 2025-04-13T22:51:41.958000Z
var-201501-0267 Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attacke… 2025-04-13T22:51:41.686000Z
var-201603-0219 The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a p… 2025-04-13T22:51:41.645000Z
var-201607-0334 WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which al… 2025-04-13T22:50:39.840000Z
var-201601-0551 The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button … 2025-04-13T22:50:39.731000Z
var-201508-0262 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux… 2025-04-13T22:49:59.386000Z
var-201407-0107 WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5… 2025-04-13T22:49:25.890000Z
var-201605-0440 Audio in Apple OS X before 10.11.5 allows attackers to cause a denial of service (NULL po… 2025-04-13T22:49:25.699000Z
var-201507-0082 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.… 2025-04-13T22:49:21.664000Z
var-201508-0298 Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11… 2025-04-13T22:48:45.420000Z
var-201504-0547 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows a… 2025-04-13T22:48:45.258000Z
var-201410-1078 Apple OS X before 10.10 allows remote attackers to cause a denial of service (NULL pointe… 2025-04-13T22:48:37.736000Z
var-201507-0440 The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows at… 2025-04-13T22:46:34.336000Z
var-201404-0195 Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11… 2025-04-13T22:46:34.172000Z
var-201601-0147 libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote a… 2025-04-13T22:46:29.908000Z
var-201509-0058 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to … 2025-04-13T22:45:28.580000Z
var-201509-0036 The CFNetwork Cookies component in Apple iOS before 9 allows remote attackers to track us… 2025-04-13T22:45:19.107000Z
var-201507-0083 Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows a… 2025-04-13T22:45:17.369000Z
var-201508-0438 QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary cod… 2025-04-13T22:45:16.565000Z
var-201504-0412 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.… 2025-04-13T22:45:15.907000Z
var-201509-0075 XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data … 2025-04-13T22:45:13.831000Z
var-201409-0479 An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem … 2025-04-13T22:45:13.793000Z
var-201512-0152 ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before… 2025-04-13T22:45:09.110000Z
ID Description Published Updated
ID Description Updated
ID Description Published Updated
suse-su-2020:2277-1 Security update for python3 2020-08-19T11:24:25Z 2020-08-19T11:24:25Z
suse-su-2020:2276-1 Security update for python 2020-08-19T11:23:21Z 2020-08-19T11:23:21Z
suse-su-2020:2275-1 Security update for python 2020-08-19T11:21:37Z 2020-08-19T11:21:37Z
suse-su-2020:2274-1 Security update for dovecot22 2020-08-19T07:56:53Z 2020-08-19T07:56:53Z
suse-su-2020:2272-1 Security update for freerdp 2020-08-18T14:44:51Z 2020-08-18T14:44:51Z
suse-su-2020:2271-1 Security update for postgresql12 2020-08-18T14:44:43Z 2020-08-18T14:44:43Z
suse-su-2020:2269-1 Security update for libvirt 2020-08-18T13:53:53Z 2020-08-18T13:53:53Z
suse-su-2020:14456-1 Security update for MozillaFirefox 2020-08-18T10:11:12Z 2020-08-18T10:11:12Z
suse-su-2020:2267-1 Security update for dovecot23 2020-08-18T10:10:28Z 2020-08-18T10:10:28Z
suse-su-2020:2266-1 Security update for dovecot23 2020-08-18T10:10:02Z 2020-08-18T10:10:02Z
suse-su-2020:2265-1 Security update for postgresql12 2020-08-18T10:09:18Z 2020-08-18T10:09:18Z
suse-su-2020:2264-1 Security update for postgresql10 2020-08-18T10:08:25Z 2020-08-18T10:08:25Z
suse-su-2020:14454-1 Security update for python-azure-agent 2020-08-18T07:52:06Z 2020-08-18T07:52:06Z
suse-su-2020:2259-1 Security update for fwupd 2020-08-18T07:51:56Z 2020-08-18T07:51:56Z
suse-su-2020:2258-1 Security update for fwupd 2020-08-18T07:51:40Z 2020-08-18T07:51:40Z
suse-su-2020:2251-1 Security update for zabbix 2020-08-17T10:18:19Z 2020-08-17T10:18:19Z
suse-su-2020:2238-1 Security update for perl-PlRPC 2020-08-14T10:08:37Z 2020-08-14T10:08:37Z
suse-su-2020:2237-1 Security update for libvirt 2020-08-14T07:46:18Z 2020-08-14T07:46:18Z
suse-su-2020:2235-1 Security update for libreoffice 2020-08-13T09:34:01Z 2020-08-13T09:34:01Z
suse-su-2020:2234-1 Security update for xen 2020-08-13T09:33:35Z 2020-08-13T09:33:35Z
suse-su-2020:2233-1 Security update for libvirt 2020-08-13T09:33:21Z 2020-08-13T09:33:21Z
suse-su-2020:2232-1 Security update for webkit2gtk3 2020-08-13T09:32:40Z 2020-08-13T09:32:40Z
suse-su-2020:2225-1 Security update for xerces-c 2020-08-13T07:52:59Z 2020-08-13T07:52:59Z
suse-su-2020:2217-1 Security update for libreoffice 2020-08-12T13:16:17Z 2020-08-12T13:16:17Z
suse-su-2020:2216-1 Security update for python36 2020-08-12T13:15:53Z 2020-08-12T13:15:53Z
suse-ru-2020:2204-1 Bugfixes on cilium, gangway and skuba and security fix for Kubernetes (cve-2020-8557) 2020-08-11T12:33:40Z 2020-08-11T12:33:40Z
suse-su-2020:14448-1 Security update for xen 2020-08-11T11:35:05Z 2020-08-11T11:35:05Z
suse-su-2020:2200-1 Security update for google-compute-engine 2020-08-11T11:34:49Z 2020-08-11T11:34:49Z
suse-su-2020:2199-1 Security update for webkit2gtk3 2020-08-11T11:34:32Z 2020-08-11T11:34:32Z
suse-su-2020:2197-1 Security update for libX11 2020-08-11T11:33:07Z 2020-08-11T11:33:07Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
cnvd-2024-38220 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38220) 2024-08-06 2024-09-14
cnvd-2024-38219 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38219) 2024-08-23 2024-09-14
cnvd-2024-38218 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38218) 2024-08-23 2024-09-14
cnvd-2024-38217 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38217) 2024-08-23 2024-09-14
cnvd-2024-38216 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38216) 2024-08-23 2024-09-14
cnvd-2024-38215 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38215) 2024-08-23 2024-09-14
cnvd-2024-38214 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38214) 2024-08-23 2024-09-14
cnvd-2024-38213 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38213) 2024-08-23 2024-09-14
cnvd-2024-38212 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38212) 2024-08-23 2024-09-14
cnvd-2024-38211 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38211) 2024-08-23 2024-09-14
cnvd-2024-38210 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38210) 2024-08-23 2024-09-14
cnvd-2024-38209 Warehouse Inventory System跨站请求伪造漏洞(CNVD-2024-38209) 2024-08-23 2024-09-14
cnvd-2024-38208 Kashipara Bus Ticket Reservation System跨站脚本漏洞 2024-08-29 2024-09-14
cnvd-2024-38207 Kashipara Bus Ticket Reservation System跨站脚本漏洞(CNVD-2024-38207) 2024-08-29 2024-09-14
cnvd-2024-38206 Kashipara Bus Ticket Reservation System跨站脚本漏洞(CNVD-2024-38206) 2024-08-29 2024-09-14
cnvd-2024-38205 Kashipara Bus Ticket Reservation System跨站请求伪造漏洞 2024-08-29 2024-09-14
cnvd-2024-38204 Kashipara Bus Ticket Reservation System访问控制错误漏洞 2024-08-29 2024-09-14
cnvd-2024-38203 Kashipara Bus Ticket Reservation System SQL注入漏洞 2024-08-29 2024-09-14
cnvd-2024-38202 NetIQ Advanced Authentication信息泄露漏洞 2024-08-30 2024-09-14
cnvd-2024-38201 NetIQ Advanced Authentication命令执行漏洞 2024-08-30 2024-09-14
cnvd-2024-38200 NetIQ Advanced Authentication跨站脚本漏洞 2024-08-30 2024-09-14
cnvd-2024-38199 NetIQ Advanced Authentication存在未明漏洞(CNVD-2024-38199) 2024-08-30 2024-09-14
cnvd-2024-38198 NetIQ Advanced Authentication存在未明漏洞(CNVD-2024-38198) 2024-08-30 2024-09-14
cnvd-2024-38197 NetIQ Advanced Authentication暴力破解漏洞 2024-08-30 2024-09-14
cnvd-2024-38191 GTKWave整数溢出漏洞(CNVD-2024-38191) 2024-01-11 2024-09-14
cnvd-2024-38190 GTKWave整数溢出漏洞(CNVD-2024-38190) 2024-01-11 2024-09-14
cnvd-2024-38189 GTKWave整数溢出漏洞(CNVD-2024-38189) 2024-01-11 2024-09-14
cnvd-2024-38188 GTKWave整数溢出漏洞(CNVD-2024-38188) 2024-01-11 2024-09-14
cnvd-2024-38187 GTKWave整数溢出漏洞(CNVD-2024-38187) 2024-01-11 2024-09-14
cnvd-2024-38186 GTKWave整数溢出漏洞(CNVD-2024-38186) 2024-01-11 2024-09-14
ID Description Published Updated
certa-2010-avi-106 Multiples vulnérabilités dans les produits VMware 2010-03-04T00:00:00.000000 2010-03-04T00:00:00.000000
certa-2010-avi-105 Multiples vulnérabilités dans Cisco Digital Media Manager 2010-03-04T00:00:00.000000 2010-03-04T00:00:00.000000
certa-2010-avi-104 Vulnérabilité dans Cisco Digital Media Player 2010-03-04T00:00:00.000000 2010-03-04T00:00:00.000000
certa-2010-avi-103 Multiples vulnérabilités dans Cisco Unified Communications Manager 2010-03-04T00:00:00.000000 2010-03-04T00:00:00.000000
certa-2010-avi-102 Vulnérabilité dans Novell eDirectory 2010-03-03T00:00:00.000000 2010-03-03T00:00:00.000000
certa-2010-avi-101 Vulnérabilité dans McAfee LinuxShield 2010-03-03T00:00:00.000000 2010-03-03T00:00:00.000000
certa-2010-avi-100 Vulnérabilité dans IBM AIX 2010-03-02T00:00:00.000000 2010-03-02T00:00:00.000000
certa-2010-avi-099 Vulnérabilité dans IBM Lotus iNotes 2010-03-02T00:00:00.000000 2010-03-02T00:00:00.000000
certa-2010-avi-098 Multiples vulnérabilités dans BIND 2010-03-02T00:00:00.000000 2010-03-02T00:00:00.000000
certa-2010-avi-096 Vulnérabilité dans EMC HomeBase Server 2010-03-01T00:00:00.000000 2010-03-01T00:00:00.000000
certa-2010-avi-095 Vulnérabilité dans Sudo 2010-03-01T00:00:00.000000 2010-03-01T00:00:00.000000
certa-2010-avi-094 Vulnérabilité dans Google Picasa 2010-03-01T00:00:00.000000 2010-03-01T00:00:00.000000
certa-2010-avi-092 Multiples vulnérabilités dans PHP 2010-03-01T00:00:00.000000 2010-03-01T00:00:00.000000
certa-2010-avi-079 Vulnérabilité dans Squid 2010-02-15T00:00:00.000000 2010-03-01T00:00:00.000000
certa-2010-avi-091 Vulnérabilités dans TYPO3 2010-02-24T00:00:00.000000 2010-02-24T00:00:00.000000
certa-2010-avi-090 Vulnérabilité dans WordPress 2010-02-24T00:00:00.000000 2010-02-24T00:00:00.000000
certa-2010-avi-089 Vulnérabilité dans Adobe Download Manager 2010-02-24T00:00:00.000000 2010-02-24T00:00:00.000000
certa-2010-avi-082 Vulnérabilités dans Mozilla Firefox 2010-02-18T00:00:00.000000 2010-02-24T00:00:00.000000
certa-2010-avi-088 Vulnérabilité dans l'antivirus Avast! 2010-02-23T00:00:00.000000 2010-02-23T00:00:00.000000
certa-2010-avi-087 Multiples vulnérabilités dans plusieurs produits Symantec 2010-02-22T00:00:00.000000 2010-02-23T00:00:00.000000
certa-2010-avi-077 Multiples vulnérabilités dans Google Chrome 2010-02-11T00:00:00.000000 2010-02-23T00:00:00.000000
certa-2010-avi-086 Multiples vulnérabilités dans Cisco Security Agent 2010-02-18T00:00:00.000000 2010-02-18T00:00:00.000000
certa-2010-avi-085 Vulnérabilités de Cisco ASA 2010-02-18T00:00:00.000000 2010-02-18T00:00:00.000000
certa-2010-avi-084 Vulnérabilité dans Cisco Firewall Services Module 2010-02-18T00:00:00.000000 2010-02-18T00:00:00.000000
certa-2010-avi-083 Multiples Vulnérabilités dans HP ProLiant Support Pack 2010-02-18T00:00:00.000000 2010-02-18T00:00:00.000000
certa-2010-avi-080 Multiples vulnérabilités dans OpenOffice 2010-02-15T00:00:00.000000 2010-02-15T00:00:00.000000
certa-2010-avi-078 Multiples vulnérabilités dans Adobe Flash Player et Adobe Air 2010-02-12T00:00:00.000000 2010-02-12T00:00:00.000000
certa-2010-avi-076 Multiples vulnérabilités dans Cisco IronPort 2010-02-11T00:00:00.000000 2010-02-11T00:00:00.000000
certa-2010-avi-075 Vulnérabilité dans HP Network Node Manager 2010-02-11T00:00:00.000000 2010-02-11T00:00:00.000000
certa-2010-avi-074 Vulnérabilité dans Oracle WebLogic Server 2010-02-10T00:00:00.000000 2010-02-10T00:00:00.000000
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated