Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2000-0249 |
N/A
|
The AIX Fast Response Cache Accelerator (FRCA) al… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:20.608Z |
| CVE-2000-0251 |
N/A
|
HP-UX 11.04 VirtualVault (VVOS) sends data to unp… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.159Z |
| CVE-2000-0261 |
N/A
|
The AVM KEN! web server allows remote attackers t… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:20.612Z |
| CVE-2000-0262 |
N/A
|
The AVM KEN! ISDN Proxy server allows remote atta… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:20.834Z |
| CVE-2000-0264 |
N/A
|
Panda Security 3.0 with registry editing disabled… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:20.508Z |
| CVE-2000-0279 |
N/A
|
BeOS allows remote attackers to cause a denial of… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:20.616Z |
| CVE-2000-0297 |
N/A
|
Allaire Forums 2.0.5 allows remote attackers to b… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:20.613Z |
| CVE-2000-0303 |
N/A
|
Quake3 Arena allows malicious server operators to… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:20.673Z |
| CVE-2000-0304 |
N/A
|
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virt… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:20.988Z |
| CVE-2000-0305 |
N/A
|
Windows 95, Windows 98, Windows 2000, Windows NT … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:20.553Z |
| CVE-2000-0311 |
N/A
|
The Windows 2000 domain controller allows a malic… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.123Z |
| CVE-2000-0316 |
N/A
|
Buffer overflow in Solaris 7 lp allows local user… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.145Z |
| CVE-2000-0331 |
N/A
|
Buffer overflow in Microsoft command processor (C… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.278Z |
| CVE-2000-0334 |
N/A
|
The Allaire Spectra container editor preview tool… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.440Z |
| CVE-2000-0336 |
N/A
|
Linux OpenLDAP server allows local users to modif… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.407Z |
| CVE-2000-0337 |
N/A
|
Buffer overflow in Xsun X server in Solaris 7 all… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.268Z |
| CVE-2000-0339 |
N/A
|
ZoneAlarm 2.1.10 and earlier does not filter UDP … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.474Z |
| CVE-2000-0342 |
N/A
|
Eudora 4.x allows remote attackers to bypass the … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.354Z |
| CVE-2000-0346 |
N/A
|
AppleShare IP 6.1 and later allows a remote attac… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.439Z |
| CVE-2000-0350 |
N/A
|
A debugging feature in NetworkICE ICEcap 2.0.23 a… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.418Z |
| CVE-2000-0352 |
N/A
|
Pine before version 4.21 does not properly filter… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.497Z |
| CVE-2000-0353 |
N/A
|
Pine 4.x allows a remote attacker to execute arbi… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.499Z |
| CVE-2000-0354 |
N/A
|
mirror 2.8.x in Linux systems allows remote attac… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.503Z |
| CVE-2000-0356 |
N/A
|
Pluggable Authentication Modules (PAM) in Red Hat… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.349Z |
| CVE-2000-0359 |
N/A
|
Buffer overflow in Trivial HTTP (THTTPd) allows r… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.425Z |
| CVE-2000-0360 |
N/A
|
Buffer overflow in INN 2.2.1 and earlier allows r… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.453Z |
| CVE-2000-0361 |
N/A
|
The PPP wvdial.lxdialog script in wvdial 1.4 and … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.443Z |
| CVE-2000-0362 |
N/A
|
Buffer overflows in Linux cdwtools 093 and earlie… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.479Z |
| CVE-2000-0363 |
N/A
|
Linux cdwtools 093 and earlier allows local users… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.498Z |
| CVE-2000-0367 |
N/A
|
Vulnerability in eterm 0.8.8 in Debian GNU/Linux … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.425Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-0911 |
N/A
|
Buffer overflow in ProFTPD, wu-ftpd, and beroftpd… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:55:28.981Z |
| CVE-1999-1016 |
N/A
|
Microsoft HTML control as used in (1) Internet Ex… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T16:55:29.417Z |
| CVE-1999-1354 |
N/A
|
E-mail client in Softarc FirstClass Internet Serv… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:02.890Z |
| CVE-1999-1513 |
N/A
|
Management information base (MIB) for a 3Com Supe… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.522Z |
| CVE-1999-0774 |
N/A
|
Buffer overflows in Mars NetWare Emulation (NWE, … |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:48:37.998Z |
| CVE-1999-1515 |
N/A
|
A non-default configuration in TenFour TFS Gatewa… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.503Z |
| CVE-1999-0669 |
N/A
|
The Eyedog ActiveX control is marked as "safe for… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:48:37.535Z |
| CVE-1999-0670 |
N/A
|
Buffer overflow in the Eyedog ActiveX control all… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:48:37.621Z |
| CVE-1999-0705 |
N/A
|
Buffer overflow in INN inews program. |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:48:37.884Z |
| CVE-1999-0891 |
N/A
|
The "download behavior" in Internet Explorer 5 al… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:55:29.024Z |
| CVE-1999-1129 |
N/A
|
Cisco Catalyst 2900 Virtual LAN (VLAN) switches a… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:02:53.702Z |
| CVE-1999-0685 |
N/A
|
Buffer overflow in Netscape Communicator via EMBE… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:48:37.318Z |
| CVE-1999-1356 |
N/A
|
Compaq Integration Maintenance Utility as used in… |
n/a |
n/a |
2002-03-09T05:00:00 | 2024-08-01T17:11:03.248Z |
| CVE-1999-1516 |
N/A
|
A buffer overflow in TenFour TFS Gateway SMTP mai… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.517Z |
| CVE-1999-1564 |
N/A
|
FreeBSD 3.2 and possibly other versions allows a … |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.627Z |
| CVE-1999-0925 |
N/A
|
UnityMail allows remote attackers to conduct a de… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:55:28.989Z |
| CVE-1999-0926 |
N/A
|
Apache allows remote attackers to conduct a denia… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T16:55:29.396Z |
| CVE-1999-1562 |
N/A
|
gFTP FTP client 1.13, and other versions before 2… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.467Z |
| CVE-2000-0489 |
N/A
|
FreeBSD, NetBSD, and OpenBSD allow an attacker to… |
n/a |
n/a |
2000-10-13T04:00:00 | 2024-08-08T05:21:31.195Z |
| CVE-1999-1353 |
N/A
|
Nosque MsgCore 2.14 stores passwords in cleartext… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:02.949Z |
| CVE-1999-0767 |
N/A
|
Buffer overflow in Solaris libc, ufsrestore, and … |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:48:37.850Z |
| CVE-1999-0697 |
N/A
|
SCO Doctor allows local users to gain root privil… |
n/a |
n/a |
2000-10-13T04:00:00 | 2024-08-01T16:48:37.340Z |
| CVE-1999-1377 |
N/A
|
Matt Wright's download.cgi 1.0 allows remote atta… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:02.894Z |
| CVE-1999-0702 |
N/A
|
Internet Explorer 5.0 and 5.01 allows remote atta… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:48:37.636Z |
| CVE-1999-0910 |
N/A
|
Microsoft Site Server and Commercial Internet Sys… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-01T16:55:29.077Z |
| CVE-1999-1575 |
N/A
|
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) … |
n/a |
n/a |
2005-04-21T04:00:00 | 2024-08-01T17:18:07.549Z |
| CVE-1999-1521 |
N/A
|
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP serv… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.436Z |
| CVE-1999-0687 |
N/A
|
The ToolTalk ttsession daemon uses weak RPC authe… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:48:37.419Z |
| CVE-1999-0689 |
N/A
|
The CDE dtspcd daemon allows local users to execu… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:48:37.000Z |
| CVE-1999-0691 |
N/A
|
Buffer overflow in the AddSuLog function of the C… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:48:37.364Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-722q-3g9x-vp8q |
|
Downloads Resources over HTTP in tomita-parser | 2019-02-18T23:54:41Z | 2021-01-08T19:18:41Z |
| ghsa-f757-9c4x-chff |
8.1 (3.1)
|
poco downloads Resources over HTTP | 2019-02-18T23:54:44Z | 2023-09-13T22:48:59Z |
| ghsa-2mhh-w6q8-5hxw |
|
Remote Memory Disclosure in ws | 2019-02-18T23:56:42Z | 2020-08-31T18:09:55Z |
| ghsa-735c-r4vc-6gm9 |
|
Downloads Resources over HTTP in bionode-sra | 2019-02-18T23:56:45Z | 2021-09-16T20:41:21Z |
| ghsa-8p52-7cxv-6c95 |
|
Downloads Resources over HTTP in curses | 2019-02-18T23:56:47Z | 2021-01-08T19:08:24Z |
| ghsa-362x-34h3-h6h6 |
|
Downloads Resources over HTTP in box2d-native | 2019-02-18T23:56:48Z | 2021-01-08T20:04:03Z |
| ghsa-8r98-rqg5-4vm3 |
8.1 (3.1)
|
node-browser downloads Resources over HTTP | 2019-02-18T23:56:50Z | 2023-09-08T21:30:12Z |
| ghsa-x3j8-g4v9-67jq |
|
Downloads Resources over HTTP in pennyworth | 2019-02-18T23:56:51Z | 2021-01-08T00:47:47Z |
| ghsa-87g3-x896-w798 |
|
Downloads Resources over HTTP in atom-node-module-installer | 2019-02-18T23:56:53Z | 2021-01-08T19:11:36Z |
| ghsa-6p48-xfj3-jw67 |
|
Downloads Resources over HTTP in fibjs | 2019-02-18T23:56:54Z | 2021-01-08T19:21:01Z |
| ghsa-3c87-r9f7-qfgq |
|
Downloads Resources over HTTP in macaca-chromedriver-zxa | 2019-02-18T23:56:56Z | 2021-01-08T20:02:32Z |
| ghsa-g95j-p8f6-pwh4 |
8.1 (3.1)
|
headless-browser-lite downloads Resources over HTTP | 2019-02-18T23:56:58Z | 2023-09-13T19:39:29Z |
| ghsa-3vv5-42wr-m32g |
|
Downloads Resources over HTTP in scala-bin | 2019-02-18T23:57:00Z | 2021-01-08T19:58:45Z |
| ghsa-9jf3-f2pg-7868 |
8.1 (3.1)
|
nw-with-arm downloads Resources over HTTP | 2019-02-18T23:57:01Z | 2023-09-11T21:50:14Z |
| ghsa-qx9m-27wh-7fjg |
|
Downloads Resources over HTTP in jvminstall | 2019-02-18T23:57:03Z | 2021-01-08T01:58:11Z |
| ghsa-4pf7-579w-f4gm |
8.1 (3.1)
|
dwebp-bin downloads Resources over HTTP | 2019-02-18T23:57:04Z | 2023-09-07T20:13:05Z |
| ghsa-vvwp-3f54-xc39 |
|
Downloads Resources over HTTP in broccoli-closure | 2019-02-18T23:57:05Z | 2021-01-08T01:57:11Z |
| ghsa-899g-6q6w-7v94 |
6.5 (3.1)
|
m-server Vulnerable to Directory Traversal | 2019-02-18T23:58:00Z | 2023-09-12T20:43:11Z |
| ghsa-2hpj-g53m-9gj6 |
8.1 (3.1)
|
closure-util downloads Resources over HTTP | 2019-02-18T23:58:03Z | 2023-09-08T20:52:07Z |
| ghsa-jh5w-6964-x5cf |
8.1 (3.1)
|
chromedriver Downloads Resources over HTTP | 2019-02-18T23:58:05Z | 2025-07-11T14:30:55Z |
| ghsa-856x-cp3q-47vg |
|
Insecure Default Configuration in airbrake | 2019-02-18T23:58:13Z | 2020-08-31T18:10:42Z |
| ghsa-vfvf-mqq8-rwqc |
6.1 (3.1)
|
Sanitization bypass using HTML Entities in marked | 2019-02-18T23:58:20Z | 2023-09-07T22:23:29Z |
| ghsa-q43m-ffwr-rpcc |
|
SSL Validation Defaults to False in electron-packager | 2019-02-18T23:58:24Z | 2021-01-08T18:18:07Z |
| ghsa-qg8p-v9q4-gh34 |
9.8 (3.1)
|
Potential Command Injection in shell-quote | 2019-02-18T23:58:29Z | 2022-11-22T17:49:45Z |
| ghsa-6663-c963-2gqg |
|
DoS due to excessively large websocket message in ws | 2019-02-18T23:58:35Z | 2020-08-31T18:11:28Z |
| ghsa-3q32-j57w-q4w7 |
7.5 (3.1)
|
Path Traversal in total.js | 2019-02-20T15:40:13Z | 2021-08-31T21:22:06Z |
| ghsa-9v3m-8fp8-mj99 |
6.1 (3.1)
|
Bootstrap Vulnerable to Cross-Site Scripting | 2019-02-22T20:54:47Z | 2024-08-01T21:03:10Z |
| ghsa-fx7m-j728-mjw3 |
5.3 (3.1)
|
uap-core Regular Expression Denial of Service issue | 2019-03-06T17:35:47Z | 2023-01-23T17:07:55Z |
| ghsa-xgjc-49cw-529m |
6.1 (3.1)
|
Moderate severity vulnerability that affects org.b3log:symphony | 2019-03-06T17:35:49Z | 2021-09-21T22:32:33Z |
| ghsa-99cv-8cvv-666c |
5.5 (3.1)
5.1 (4.0)
|
Apache Airflow vulnerable to Stored XSS | 2019-03-06T17:35:58Z | 2024-09-10T21:42:14Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2021-66 |
|
This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is … | jinja2 | 2021-02-01T20:15:00Z | 2021-03-22T16:34:00Z |
| pysec-2021-9 |
|
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.ar… | django | 2021-02-02T07:15:00Z | 2021-03-05T19:19:00Z |
| pysec-2021-865 |
|
In Mozilla Bleach before 3.3.0, a mutation XSS affects users calling bleach.clean with ma… | bleach | 2021-02-02T17:58:00Z | 2022-01-05T02:16:13.001009Z |
| pysec-2021-33 |
|
LinkedIn Oncall through 1.4.0 allows reflected XSS via /query because of mishandling of t… | oncall | 2021-02-05T18:15:00Z | 2021-02-08T20:54:00Z |
| pysec-2021-63 |
|
In the cryptography package before 3.3.2 for Python, certain sequences of update calls to… | cryptography | 2021-02-07T20:15:00Z | 2021-02-19T17:23:00Z |
| pysec-2021-16 |
|
httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.… | httplib2 | 2021-02-08T20:15:00Z | 2021-02-12T14:56:00Z |
| pysec-2021-142 |
|
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is … | pyyaml | 2021-02-09T21:15:00Z | 2021-08-27T03:22:18.913334Z |
| pysec-2021-86 |
|
This affects all versions of package qlib. The workflow function in cli part of qlib was … | pyqlib | 2021-02-15T16:15:00Z | 2021-06-09T05:01:32.318077Z |
| pysec-2021-68 |
|
An issue was discovered in NFStream 5.2.0. Because some allocated modules are not correct… | nfstream | 2021-02-16T15:15:00Z | 2021-02-19T21:11:00Z |
| pysec-2021-2 |
|
Improper Access Control on Configurations Endpoint for the Stable API of Apache Airflow a… | apache-airflow | 2021-02-17T15:15:00Z | 2021-02-23T17:48:00Z |
| pysec-2021-3 |
|
The lineage endpoint of the deprecated Experimental API was not protected by authenticati… | apache-airflow | 2021-02-17T15:15:00Z | 2021-02-23T17:59:00Z |
| pysec-2021-65 |
|
GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use… | gramaddict | 2021-02-17T22:15:00Z | 2021-02-24T13:58:00Z |
| pysec-2021-146 |
|
All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) vi… | reportlab | 2021-02-18T16:15:00Z | 2021-08-27T03:22:19.297131Z |
| pysec-2021-113 |
|
Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information … | channels | 2021-02-22T03:15:00Z | 2021-02-26T12:36:00Z |
| pysec-2021-76 |
|
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohtt… | aiohttp | 2021-02-26T03:15:00Z | 2021-03-26T20:01:00Z |
| pysec-2021-131 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-02-26T18:15:00Z | 2021-08-27T03:22:06.569635Z |
| pysec-2021-132 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-02-26T18:15:00Z | 2021-08-27T03:22:06.616674Z |
| pysec-2021-50 |
|
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor … | salt | 2021-02-27T05:15:00Z | 2021-04-01T17:15:00Z |
| pysec-2021-51 |
|
An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_ro… | salt | 2021-02-27T05:15:00Z | 2021-04-01T17:15:00Z |
| pysec-2021-52 |
|
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does … | salt | 2021-02-27T05:15:00Z | 2021-03-31T14:15:00Z |
| pysec-2021-53 |
|
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can … | salt | 2021-02-27T05:15:00Z | 2021-03-31T14:15:00Z |
| pysec-2021-54 |
|
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They mi… | salt | 2021-02-27T05:15:00Z | 2021-03-31T14:15:00Z |
| pysec-2021-55 |
|
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to … | salt | 2021-02-27T05:15:00Z | 2021-03-31T14:15:00Z |
| pysec-2021-57 |
|
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vul… | salt | 2021-02-27T05:15:00Z | 2021-03-31T14:15:00Z |
| pysec-2021-73 |
|
An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vul… | salt | 2021-02-27T05:15:00Z | 2021-03-31T14:15:00Z |
| pysec-2021-74 |
|
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi serv… | salt | 2021-02-27T05:15:00Z | 2021-03-31T14:15:00Z |
| pysec-2021-75 |
|
In SaltStack Salt before 3002.5, when authenticating to services using certain modules, t… | salt | 2021-02-27T05:15:00Z | 2021-03-31T14:15:00Z |
| pysec-2021-40 |
|
Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) be… | pillow | 2021-03-03T09:15:00Z | 2021-03-23T19:49:00Z |
| pysec-2021-41 |
|
Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) be… | pillow | 2021-03-03T09:15:00Z | 2021-03-23T19:49:00Z |
| pysec-2021-42 |
|
Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) be… | pillow | 2021-03-03T09:15:00Z | 2021-03-23T19:48:00Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2022-5370 | Malicious code in plugin-proposal-export-default-from (npm) | 2022-06-20T20:10:32Z | 2022-06-20T20:10:37Z |
| mal-2022-3313 | Malicious code in gd-pc-common (npm) | 2022-06-20T20:10:37Z | 2022-06-20T20:10:38Z |
| mal-2022-4240 | Malicious code in kusto-language-service (npm) | 2022-06-20T20:10:37Z | 2022-06-20T20:10:38Z |
| mal-2022-4399 | Malicious code in lorawan-devices (npm) | 2022-06-20T20:10:37Z | 2022-06-20T20:10:37Z |
| mal-2022-4533 | Malicious code in media-server-embed (npm) | 2022-06-20T20:10:37Z | 2022-06-20T20:10:37Z |
| mal-2022-1330 | Malicious code in azure-filter-3 (npm) | 2022-06-20T20:10:38Z | 2022-06-20T20:10:39Z |
| mal-2022-3307 | Malicious code in gd-gplus (npm) | 2022-06-20T20:10:38Z | 2022-06-20T20:10:38Z |
| mal-2022-3314 | Malicious code in gd-react-toolbox (npm) | 2022-06-20T20:10:38Z | 2022-06-20T20:10:39Z |
| mal-2022-943 | Malicious code in all-digital (npm) | 2022-06-20T20:10:38Z | 2022-06-20T20:10:39Z |
| mal-2022-3821 | Malicious code in ing-feat-view-cancel-payments (npm) | 2022-06-20T20:10:39Z | 2022-06-20T20:10:39Z |
| mal-2022-3830 | Malicious code in ing-message-screen (npm) | 2022-06-20T20:10:39Z | 2022-06-20T20:10:40Z |
| mal-2022-4431 | Malicious code in lx-cockpit-components-loader (npm) | 2022-06-20T20:10:39Z | 2022-06-20T20:10:40Z |
| mal-2022-5230 | Malicious code in pattern-middleware (npm) | 2022-06-20T20:10:39Z | 2022-06-20T20:10:39Z |
| mal-2022-1234 | Malicious code in azure-api-style-guide (npm) | 2022-06-20T20:10:40Z | 2022-06-20T20:10:41Z |
| mal-2022-402 | Malicious code in @lxo-blocks/react (npm) | 2022-06-20T20:10:40Z | 2022-06-20T20:10:41Z |
| mal-2022-4432 | Malicious code in lx-web-service-utils (npm) | 2022-06-20T20:10:40Z | 2022-06-20T20:10:40Z |
| mal-2022-5923 | Malicious code in samples-cors-typescript (npm) | 2022-06-20T20:10:40Z | 2022-06-20T20:10:41Z |
| mal-2022-2616 | Malicious code in durable-functions-samples (npm) | 2022-06-20T20:10:41Z | 2022-06-20T20:10:41Z |
| mal-2022-2692 | Malicious code in electron-test-app (npm) | 2022-06-20T20:10:41Z | 2022-06-20T20:10:42Z |
| mal-2022-5926 | Malicious code in samples-web-workers-ts (npm) | 2022-06-20T20:10:41Z | 2022-06-20T20:10:42Z |
| mal-2022-6716 | Malicious code in typescript-react-sample (npm) | 2022-06-20T20:10:42Z | 2022-06-20T20:10:47Z |
| mal-2022-1319 | Malicious code in azure-cosmos-samples-ts (npm) | 2022-06-20T20:10:47Z | 2022-06-20T20:10:48Z |
| mal-2022-3939 | Malicious code in iot-central-high-availability-clients (npm) | 2022-06-20T20:10:47Z | 2022-06-20T20:10:47Z |
| mal-2022-3944 | Malicious code in iotc-file-upload-device (npm) | 2022-06-20T20:10:47Z | 2022-06-20T20:10:48Z |
| mal-2022-1299 | Malicious code in azure-communication-chat-samples-js (npm) | 2022-06-20T20:10:48Z | 2022-06-20T20:10:49Z |
| mal-2022-1300 | Malicious code in azure-communication-chat-samples-ts (npm) | 2022-06-20T20:10:48Z | 2022-06-20T20:10:49Z |
| mal-2022-1342 | Malicious code in azure-keyvault-admin-samples-ts (npm) | 2022-06-20T20:10:48Z | 2022-06-20T20:10:49Z |
| mal-2022-1361 | Malicious code in azure-package-name-test (npm) | 2022-06-20T20:10:48Z | 2022-06-20T20:10:48Z |
| mal-2022-1393 | Malicious code in azure-web-pubsub-samples-ts (npm) | 2022-06-20T20:10:48Z | 2022-06-20T20:10:48Z |
| mal-2022-3767 | Malicious code in identity-browser-manual-tests (npm) | 2022-06-20T20:10:48Z | 2022-06-20T20:10:49Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-0416 | JFrog Artifactory: Schwachstelle ermöglicht SQL-Injection | 2021-12-20T23:00:00.000+00:00 | 2024-11-11T23:00:00.000+00:00 |
| wid-sec-w-2022-0317 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2021-12-21T23:00:00.000+00:00 | 2023-09-27T22:00:00.000+00:00 |
| wid-sec-w-2022-1125 | QEMU: Schwachstelle ermöglicht Denial of Service | 2021-12-21T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2022-2062 | Linux Kernel: Mehrere Schwachstellen | 2021-12-23T23:00:00.000+00:00 | 2025-07-20T22:00:00.000+00:00 |
| wid-sec-w-2022-0232 | Linux Kernel: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2021-12-26T23:00:00.000+00:00 | 2023-08-13T22:00:00.000+00:00 |
| wid-sec-w-2022-0354 | vim: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen | 2021-12-26T23:00:00.000+00:00 | 2023-04-18T22:00:00.000+00:00 |
| wid-sec-w-2022-0197 | Apache log4j: Schwachstelle ermöglicht Codeausführung | 2021-12-28T23:00:00.000+00:00 | 2025-11-05T23:00:00.000+00:00 |
| wid-sec-w-2022-1126 | vim: Schwachstelle ermöglicht Codeausführung | 2021-12-28T23:00:00.000+00:00 | 2025-03-30T22:00:00.000+00:00 |
| wid-sec-w-2022-1127 | vim: Schwachstelle ermöglicht Codeausführung | 2021-12-29T23:00:00.000+00:00 | 2025-03-30T22:00:00.000+00:00 |
| wid-sec-w-2022-1471 | Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service | 2021-12-29T23:00:00.000+00:00 | 2025-06-04T22:00:00.000+00:00 |
| wid-sec-w-2022-0048 | vim: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2022-01-02T23:00:00.000+00:00 | 2023-04-18T22:00:00.000+00:00 |
| wid-sec-w-2022-0497 | libsndfile: Schwachstelle ermöglicht Denial of Service | 2022-01-05T23:00:00.000+00:00 | 2025-12-10T23:00:00.000+00:00 |
| wid-sec-w-2022-0820 | VMware Tanzu Spring Framework: Schwachstelle ermöglicht Manipulation von Log-Dateien | 2022-01-05T23:00:00.000+00:00 | 2024-03-20T23:00:00.000+00:00 |
| wid-sec-w-2023-0581 | QT: Schwachstelle ermöglicht Denial of Service | 2022-01-05T23:00:00.000+00:00 | 2025-08-24T22:00:00.000+00:00 |
| wid-sec-w-2022-0098 | H2: Schwachstelle ermöglicht Codeausführung | 2022-01-06T23:00:00.000+00:00 | 2024-06-13T22:00:00.000+00:00 |
| wid-sec-w-2022-0355 | vim: Schwachstelle ermöglicht Offenlegung von Informationen | 2022-01-06T23:00:00.000+00:00 | 2023-07-02T22:00:00.000+00:00 |
| wid-sec-w-2023-0506 | lighttpd: Schwachstelle ermöglicht Denial of Service | 2022-01-06T23:00:00.000+00:00 | 2023-02-28T23:00:00.000+00:00 |
| wid-sec-w-2023-1544 | Kubernetes: Schwachstelle ermöglicht Manipulation von Dateien | 2022-01-06T23:00:00.000+00:00 | 2025-08-12T22:00:00.000+00:00 |
| wid-sec-w-2022-0728 | libTIFF: Schwachstelle ermöglicht Denial of Service | 2022-01-09T23:00:00.000+00:00 | 2025-11-09T23:00:00.000+00:00 |
| wid-sec-w-2022-1482 | TLS Implementierungen: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2022-01-09T23:00:00.000+00:00 | 2024-11-03T23:00:00.000+00:00 |
| wid-sec-w-2023-0232 | Ghostscript: Mehrere Schwachstellen ermöglichen Codeausführung | 2022-01-09T23:00:00.000+00:00 | 2023-01-30T23:00:00.000+00:00 |
| wid-sec-w-2023-2979 | Samba: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2022-01-09T23:00:00.000+00:00 | 2025-09-04T22:00:00.000+00:00 |
| wid-sec-w-2022-0049 | Linux Kernel: Mehrere Schwachstellen | 2022-01-10T23:00:00.000+00:00 | 2025-08-27T22:00:00.000+00:00 |
| wid-sec-w-2022-0099 | Node.js: Mehrere Schwachstellen | 2022-01-10T23:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2022-0465 | Samba: Schwachstelle ermöglicht Manipulation von Dateien | 2022-01-10T23:00:00.000+00:00 | 2023-11-21T23:00:00.000+00:00 |
| wid-sec-w-2022-0790 | Linux Kernel: Mehrere Schwachstellen ermöglichen Codeausführung | 2022-01-10T23:00:00.000+00:00 | 2025-03-30T22:00:00.000+00:00 |
| wid-sec-w-2022-2277 | systemd: Schwachstelle ermöglicht Denial of Service | 2022-01-10T23:00:00.000+00:00 | 2025-09-02T22:00:00.000+00:00 |
| wid-sec-w-2025-0798 | HPE HP-UX: Schwachstelle ermöglicht Codeausführung | 2022-01-10T23:00:00.000+00:00 | 2025-04-14T22:00:00.000+00:00 |
| wid-sec-w-2022-0611 | Mozilla Firefox und Thunderbird: Mehrere Schwachstellen | 2022-01-11T23:00:00.000+00:00 | 2023-02-15T23:00:00.000+00:00 |
| wid-sec-w-2022-0356 | vim: Mehrere Schwachstellen | 2022-01-12T23:00:00.000+00:00 | 2023-07-02T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2007:0640 | Red Hat Security Advisory: conga security, bug fix, and enhancement update | 2007-11-07T09:00:00+00:00 | 2025-11-21T17:31:58+00:00 |
| rhsa-2007:0710 | Red Hat Security Advisory: wireshark security update | 2007-11-07T09:00:00+00:00 | 2025-11-21T17:32:01+00:00 |
| rhsa-2007:0746 | Red Hat Security Advisory: httpd security, bug fix, and enhancement update | 2007-11-07T09:00:00+00:00 | 2025-11-21T17:32:07+00:00 |
| rhsa-2007:1021 | Red Hat Security Advisory: cups security update | 2007-11-07T17:45:00+00:00 | 2025-11-21T17:32:32+00:00 |
| rhsa-2007:1022 | Red Hat Security Advisory: cups security update | 2007-11-07T17:52:00+00:00 | 2026-01-13T22:28:58+00:00 |
| rhsa-2007:1023 | Red Hat Security Advisory: cups security update | 2007-11-07T17:58:00+00:00 | 2026-01-13T22:39:56+00:00 |
| rhsa-2007:1025 | Red Hat Security Advisory: gpdf security update | 2007-11-07T18:04:00+00:00 | 2025-11-21T17:32:32+00:00 |
| rhsa-2007:1026 | Red Hat Security Advisory: poppler security update | 2007-11-07T18:10:00+00:00 | 2025-11-21T17:32:33+00:00 |
| rhsa-2007:1028 | Red Hat Security Advisory: tetex security update | 2007-11-07T18:39:00+00:00 | 2025-11-21T17:32:33+00:00 |
| rhsa-2007:1029 | Red Hat Security Advisory: xpdf security update | 2007-11-07T18:48:00+00:00 | 2025-11-21T17:32:34+00:00 |
| rhsa-2007:1030 | Red Hat Security Advisory: xpdf security update | 2007-11-07T18:57:00+00:00 | 2026-01-13T22:39:32+00:00 |
| rhsa-2007:1031 | Red Hat Security Advisory: xpdf security update | 2007-11-07T19:05:00+00:00 | 2026-01-13T20:58:18+00:00 |
| rhsa-2007:1027 | Red Hat Security Advisory: tetex security update | 2007-11-08T13:45:00+00:00 | 2026-01-13T20:58:15+00:00 |
| rhsa-2007:1037 | Red Hat Security Advisory: openldap security and enhancement update | 2007-11-08T16:54:00+00:00 | 2025-11-21T17:32:35+00:00 |
| rhsa-2007:1052 | Red Hat Security Advisory: pcre security update | 2007-11-10T04:20:00+00:00 | 2025-11-21T17:32:36+00:00 |
| rhsa-2007:1024 | Red Hat Security Advisory: kdegraphics security update | 2007-11-12T09:21:00+00:00 | 2025-11-21T17:32:32+00:00 |
| rhsa-2007:1051 | Red Hat Security Advisory: kdegraphics security update | 2007-11-12T09:24:00+00:00 | 2025-11-21T17:32:36+00:00 |
| rhsa-2007:0965 | Red Hat Security Advisory: ruby security update | 2007-11-13T09:39:00+00:00 | 2025-11-21T17:32:26+00:00 |
| rhsa-2007:0961 | Red Hat Security Advisory: ruby security update | 2007-11-13T09:42:00+00:00 | 2025-11-21T17:32:25+00:00 |
| rhsa-2007:1003 | Red Hat Security Advisory: openssl security and bug fix update | 2007-11-15T13:22:00+00:00 | 2025-11-21T17:32:29+00:00 |
| rhsa-2007:0703 | Red Hat Security Advisory: openssh security and bug fix update | 2007-11-15T13:24:00+00:00 | 2025-11-21T17:32:00+00:00 |
| rhsa-2007:0709 | Red Hat Security Advisory: wireshark security and bug fix update | 2007-11-15T13:26:00+00:00 | 2025-11-21T17:32:01+00:00 |
| rhsa-2007:0747 | Red Hat Security Advisory: httpd security, bug fix, and enhancement update | 2007-11-15T13:27:00+00:00 | 2025-11-21T17:32:07+00:00 |
| rhsa-2007:0387 | Red Hat Security Advisory: tcpdump security and bug fix update | 2007-11-15T13:28:00+00:00 | 2025-11-21T17:31:42+00:00 |
| rhsa-2007:0779 | Red Hat Security Advisory: mailman security and bug fix update | 2007-11-15T13:30:00+00:00 | 2025-11-21T17:32:08+00:00 |
| rhsa-2007:0701 | Red Hat Security Advisory: xterm security update | 2007-11-15T13:31:00+00:00 | 2025-11-21T17:32:00+00:00 |
| rhsa-2007:0737 | Red Hat Security Advisory: pam security, bug fix, and enhancement update | 2007-11-15T13:32:00+00:00 | 2025-11-21T17:32:06+00:00 |
| rhsa-2007:1034 | Red Hat Security Advisory: samba security update | 2007-11-15T15:19:00+00:00 | 2025-11-21T17:32:34+00:00 |
| rhsa-2007:1013 | Red Hat Security Advisory: samba security update | 2007-11-15T15:37:00+00:00 | 2025-11-21T17:32:30+00:00 |
| rhsa-2007:0969 | Red Hat Security Advisory: util-linux security update | 2007-11-15T16:07:00+00:00 | 2025-11-21T17:32:26+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-19-346-03 | Omron PLC CJ, CS and NJ Series | 2019-12-12T00:00:00.000000Z | 2019-12-12T00:00:00.000000Z |
| icsa-19-351-01 | GE S2020/S2020G Fast Switch 61850 | 2019-12-17T00:00:00.000000Z | 2019-12-17T00:00:00.000000Z |
| icsa-19-353-01 | Moxa EDS Ethernet Switches | 2019-12-19T00:00:00.000000Z | 2019-12-19T00:00:00.000000Z |
| icsa-19-353-02 | Equinox Control Expert | 2019-12-19T00:00:00.000000Z | 2019-12-19T00:00:00.000000Z |
| icsa-19-353-03 | WECON PLC Editor | 2019-12-19T00:00:00.000000Z | 2019-12-19T00:00:00.000000Z |
| icsa-19-353-04 | Reliable Controls MACH-ProWebCom/Sys | 2019-12-19T00:00:00.000000Z | 2019-12-19T00:00:00.000000Z |
| icsma-19-353-01 | Philips Veradius Unity, Pulsera, and Endura Dual WAN Routers | 2019-12-19T00:00:00.000000Z | 2019-12-19T00:00:00.000000Z |
| icsa-20-014-01 | GE PACSystems RX3i | 2020-01-14T00:00:00.000000Z | 2020-01-14T00:00:00.000000Z |
| icsa-20-014-02 | Siemens SINEMA Server | 2020-01-14T00:00:00.000000Z | 2020-01-14T00:00:00.000000Z |
| icsa-20-014-03 | Siemens SCALANCE X Switches (Update B) | 2020-01-14T00:00:00.000000Z | 2022-12-13T00:00:00.000000Z |
| icsa-20-014-04 | Siemens SINAMICS PERFECT HARMONY GH180 | 2020-01-14T00:00:00.000000Z | 2020-01-14T00:00:00.000000Z |
| icsa-20-014-06 | OSIsoft PI Vision | 2020-01-14T00:00:00.000000Z | 2020-01-14T00:00:00.000000Z |
| icsa-20-014-05 | Siemens TIA Portal (Update F) | 2020-01-16T00:00:00.000000Z | 2022-06-16T00:00:00.000000Z |
| icsa-20-016-01 | Schneider Electric Modicon Controllers (Update A) | 2020-01-16T00:00:00.000000Z | 2020-03-31T00:00:00.000000Z |
| icsa-20-021-01 | ICSA-20-021-01_Honeywell Maxpro VMS & NVR | 2020-01-21T00:00:00.000000Z | 2020-01-21T00:00:00.000000Z |
| icsma-20-023-01 | GE CARESCAPE, ApexPro, and Clinical Information Center systems | 2020-01-23T00:00:00.000000Z | 2020-01-23T00:00:00.000000Z |
| icsa-20-035-01 | ICSA-20-035-01_AutomationDirect C-More Touch Panels | 2020-02-04T00:00:00.000000Z | 2020-02-04T00:00:00.000000Z |
| icsa-20-042-01 | Synergy Systems & Solutions HUSKY RTU (Update A) | 2020-02-11T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-042-02 | Siemens Industrial Products SNMP (Update F) | 2020-02-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-20-042-03 | Siemens SIMATIC CP 1543-1 | 2020-02-11T00:00:00.000000Z | 2020-02-11T00:00:00.000000Z |
| icsa-20-042-04 | Siemens PROFINET-IO Stack (Update H) | 2020-02-11T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-20-042-05 | Siemens SIMATIC S7 (Update B) | 2020-02-11T00:00:00.000000Z | 2023-01-10T00:00:00.000000Z |
| icsa-20-042-06 | Siemens SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC NET PC (Update G) | 2020-02-11T00:00:00.000000Z | 2023-04-11T00:00:00.000000Z |
| icsa-20-042-07 | Siemens SCALANCE X Switches (Update B) | 2020-02-11T00:00:00.000000Z | 2022-12-13T00:00:00.000000Z |
| icsa-20-042-08 | Siemens SIPORT MP | 2020-02-11T00:00:00.000000Z | 2020-02-11T00:00:00.000000Z |
| icsa-20-042-09 | Siemens OZW Web Server | 2020-02-11T00:00:00.000000Z | 2020-02-11T00:00:00.000000Z |
| icsa-20-042-10 | Siemens SCALANCE S-600 (Update B) | 2020-02-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-20-042-11 | Siemens SIMATIC S7-1500 (Update A) | 2020-02-11T00:00:00.000000Z | 2020-03-10T00:00:00.000000Z |
| icsa-20-042-12 | Siemens SIPROTEC 4 and SIPROTEC Compact | 2020-02-11T00:00:00.000000Z | 2020-02-11T00:00:00.000000Z |
| icsa-20-042-13 | Digi ConnectPort LTS 32 MEI | 2020-02-11T00:00:00.000000Z | 2020-02-11T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-webex-client-url-fcmpdfvy | Cisco Webex Meetings Desktop App and Webex Meetings Client URL Filtering Arbitrary Program Execution Vulnerability | 2020-06-17T16:00:00+00:00 | 2020-08-11T16:29:52+00:00 |
| cisco-sa-webex-token-zpvejkn | Cisco Webex Meetings and Cisco Webex Meetings Server Token Handling Unauthorized Access Vulnerability | 2020-06-17T16:00:00+00:00 | 2020-06-17T16:00:00+00:00 |
| cisco-sa-xracl-zbwswret | Cisco IOS XR Software Standby Route Processor Gigabit Ethernet Management Interface Access Control List Bypass Vulnerability | 2020-06-17T16:00:00+00:00 | 2020-06-17T16:00:00+00:00 |
| cisco-sa-treck-ip-stack-jybq5gyc | Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020 | 2020-06-17T20:00:00+00:00 | 2020-08-21T16:40:13+00:00 |
| cisco-sa-telnetd-efjrezpx | Telnet Vulnerability Affecting Cisco Products: June 2020 | 2020-06-24T16:00:00+00:00 | 2020-07-08T16:58:30+00:00 |
| cisco-sa-anyconnect-mac-dos-36s2y3lv | Cisco AnyConnect Secure Mobility Client for Mac OS File Corruption Vulnerability | 2020-07-01T16:00:00+00:00 | 2020-07-01T16:00:00+00:00 |
| cisco-sa-cucm-cuc-imp-xss-owusyap | Cisco Unified Communications Products Cross-Site Scripting Vulnerability | 2020-07-01T16:00:00+00:00 | 2020-07-01T16:00:00+00:00 |
| cisco-sa-cucm-xss-blzw4ctq | Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability | 2020-07-01T16:00:00+00:00 | 2020-07-01T16:00:00+00:00 |
| cisco-sa-cvp-info-dislosure-nzbewj9v | Cisco Unified Customer Voice Portal Information Disclosure Vulnerability | 2020-07-01T16:00:00+00:00 | 2020-08-11T13:54:42+00:00 |
| cisco-sa-dnac-info-disc-6xscydyy | Cisco Digital Network Architecture Center Information Disclosure Vulnerability | 2020-07-01T16:00:00+00:00 | 2020-07-01T16:00:00+00:00 |
| cisco-sa-mlt-ise-strd-xss-nqfhttx7 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities | 2020-07-01T16:00:00+00:00 | 2020-07-01T16:00:00+00:00 |
| cisco-sa-sa-rv-routers-xss-k7z5u6q3 | Cisco Small Business RV042 and RV042G Routers Cross-Site Scripting Vulnerability | 2020-07-01T16:00:00+00:00 | 2020-07-01T16:00:00+00:00 |
| cisco-sa-sbswitch-session-jzas5jny | Cisco Small Business Smart and Managed Switches Session Management Vulnerability | 2020-07-01T16:00:00+00:00 | 2020-07-01T16:00:00+00:00 |
| cisco-sa-cisco-prime-priv-esc-hyhwdzba | Cisco Prime License Manager Privilege Escalation Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-clibypvman-skclf2l | Cisco SD-WAN vManage Software Command Injection Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-cma-turn-crdls-rhjszkxn | Cisco Meetings App Missing TURN Server Credentials Expiration Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-cmd-shell-injection-9joqn9dy | Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-code-exec-wh3bnfb | Cisco RV110W and RV215W Series Routers Arbitrary Code Execution Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-dcnm-privescal-zxfch7dg | Cisco Data Center Network Manager Privilege Escalation Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-dncm-xss-avmyawd2 | Cisco Data Center Network Manager Cross-Site Scripting Vulnerabilities | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-emvman-3y6lutcz | Cisco SD-WAN vManage Software Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-esa-filt-39jxvmfm | Cisco Email Security Appliance Filter Bypass Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-16T16:44:30+00:00 |
| cisco-sa-fpdos-horbfd9f | Cisco SD-WAN vEdge Routers Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-auth-bypass-cgv9eruz | Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-info-dis-fewbwgsd | Cisco Small Business RV110W and RV215W Series Routers Information Disclosure Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-rce-aqkreqp | Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-rce-m4feegwx | Cisco RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Multiple Vulnerabilities | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv110w-static-cred-bmtwbwty | Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sb-dos-zn5gvnh7 | Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sb-rce-dos-9zajkx4 | Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Remote Code Execution and Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-32690 | Repository credentials passed to alternate domain | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32923 | HashiCorp Vault and Vault Enterprise allowed the renewal of nearly-expired token leases and dynamic secret leases (specifically those within 1 second of their maximum TTL) which caused them to be incorrectly treated as non-expiring during subsequent use. Fixed in 1.5.9 1.6.5 and 1.7.2. | 2021-06-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-33503 | An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component the authority regular expression exhibits catastrophic backtracking causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect. | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-33515 | The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address. | 2021-06-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-33560 | Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm and the window size is not chosen appropriately. This for example affects use of ElGamal in OpenPGP. | 2021-06-02T00:00:00.000Z | 2021-06-16T00:00:00.000Z |
| msrc_cve-2021-33624 | In kernel/bpf/verifier.c in the Linux kernel before 5.12.13 a branch can be mispredicted (e.g. because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack aka CID-9183671af6db. | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3468 | A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service which becomes unresponsive after this flaw is triggered. | 2021-06-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2021-34693 | net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3544 | Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime. | 2021-06-02T00:00:00.000Z | 2025-10-01T23:11:10.000Z |
| msrc_cve-2021-3545 | An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the host. | 2021-06-02T00:00:00.000Z | 2021-06-10T00:00:00.000Z |
| msrc_cve-2021-3546 | An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host resulting in a denial of service condition or potential code execution with the privileges of the QEMU process. | 2021-06-02T00:00:00.000Z | 2021-06-10T00:00:00.000Z |
| msrc_cve-2021-3564 | A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13. | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3565 | A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality. | 2021-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3588 | memory contents disclosure in cli_feat_read_cb | 2021-06-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2019-25051 | objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list). | 2021-07-02T00:00:00.000Z | 2022-10-30T00:00:00.000Z |
| msrc_cve-2020-36422 | An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable. | 2021-07-02T00:00:00.000Z | 2025-09-04T03:38:16.000Z |
| msrc_cve-2020-36424 | An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values. | 2021-07-02T00:00:00.000Z | 2025-09-03T21:53:42.000Z |
| msrc_cve-2020-36425 | An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock. | 2021-07-02T00:00:00.000Z | 2025-09-04T03:19:33.000Z |
| msrc_cve-2020-36426 | An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte). | 2021-07-02T00:00:00.000Z | 2025-09-04T03:23:43.000Z |
| msrc_cve-2021-22144 | In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node. | 2021-07-02T00:00:00.000Z | 2021-12-01T00:00:00.000Z |
| msrc_cve-2021-22235 | Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file | 2021-07-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-22918 | Node.js before 16.4.1 14.17.2 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo(). | 2021-07-02T00:00:00.000Z | 2025-01-30T00:00:00.000Z |
| msrc_cve-2021-2339 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-2340 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-2352 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-2354 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-2356 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H). | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-2357 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-24119 | In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. | 2021-07-02T00:00:00.000Z | 2025-09-04T03:20:13.000Z |
| msrc_cve-2021-29657 | arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests aka CID-a58d9166a756. This occurs because of a TOCTOU race condition associated with a VMCB12 double fetch in nested_svm_vmrun. | 2021-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-202103-1726 | Ruijie Networks Co., Ltd. is a data communication solution provider. Ruijie RSR serie… | 2022-05-04T09:32:29.300000Z |
| var-202103-1705 | Inhantong InRouter900 series industrial routers are 4G industrial routers. Inhantong … | 2022-05-04T09:32:29.311000Z |
| var-202103-1684 | Founded in 1987, Huawei is a provider of ICT (information and communications) infrastruct… | 2022-05-04T09:32:29.322000Z |
| var-202103-1663 | Ruijie Networks Co., Ltd. is a company mainly engaged in information system integration s… | 2022-05-04T09:32:29.334000Z |
| var-202103-1641 | TP-LINK Technology Co., Ltd. ("TP-LINK" for short) is the world's leading supplier of net… | 2022-05-04T09:32:29.345000Z |
| var-202103-1284 | NETGEAR RBR850 devices before 3.2.10.11 are affected by authentication bypass. NETGEAR RB… | 2022-05-04T09:32:29.510000Z |
| var-202102-1627 | WS5200 is a router from Huawei. Huawei router WS5200 has a denial of service vulnerab… | 2022-05-04T09:32:33.542000Z |
| var-202102-1606 | The business scope of Fiberhome Communication Technology Co., Ltd. includes: optical fibe… | 2022-05-04T09:32:33.554000Z |
| var-202102-1585 | The business scope of Shenzhen Meikexing Communication Technology Co., Ltd. includes: tec… | 2022-05-04T09:32:33.566000Z |
| var-202102-1564 | Redmi router AX5 is a router of Xiaomi company. Redmi router AX5 has a denial of serv… | 2022-05-04T09:32:33.578000Z |
| var-202102-1543 | Cisco RV110W Wireless-N VPN Firewall is an enterprise-level router of Cisco (Cisco). … | 2022-05-04T09:32:33.588000Z |
| var-202102-1522 | OMRON CJ1M-PA205C is a controller product of the Controllers series of Omron Automation (… | 2022-05-04T09:32:33.598000Z |
| var-202101-2026 | Shenzhen Zhongda Youkong Technology Co., Ltd. is a company that concentrates on industria… | 2022-05-04T09:32:35.169000Z |
| var-202101-2005 | The UCM cooperative communication platform is a SIP communication control hardware device… | 2022-05-04T09:32:35.181000Z |
| var-202101-1981 | Alcatel-Lucent (Alcatel-Lucent) is a multinational company that provides telecommunicatio… | 2022-05-04T09:32:35.195000Z |
| var-202101-1960 | Huawei HG532 router is a wireless router product designed for home and small office users… | 2022-05-04T09:32:35.205000Z |
| var-202012-1617 | Tricon safety instrumented system is the safety instrumented system of Schneider Electric… | 2022-05-04T09:32:36.967000Z |
| var-202012-1615 | Tricon safety instrumented system is the safety instrumented system of Schneider Electric… | 2022-05-04T09:32:36.978000Z |
| var-202012-1594 | Zijinqiao monitoring configuration software is a professional Zijinqiao monitoring config… | 2022-05-04T09:32:36.991000Z |
| var-202012-1362 | Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU un… | 2022-05-04T09:32:37.087000Z |
| var-202011-1598 | S7-300 is a modular small PLC system. SIMATIC S7-300 has a denial of service vulnerab… | 2022-05-04T09:32:38.162000Z |
| var-202011-1576 | NETIS SYSTEMS is part of the NETCORE Group and is headquartered in Shenzhen, China. N… | 2022-05-04T09:32:38.174000Z |
| var-202011-1555 | Advantech WebAccess/HMI Designer is a man-machine interface integrated development tool. … | 2022-05-04T09:32:38.185000Z |
| var-202011-1534 | Schneider-Electric M340 PLC is widely used in the field of industrial control. It is a hi… | 2022-05-04T09:32:38.196000Z |
| var-202010-1608 | China Mobile Yu Router is a router. There are unauthorized access vulnerabilities in … | 2022-05-04T09:32:42.274000Z |
| var-202009-1736 | Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaom… | 2022-05-04T09:32:43.502000Z |
| var-202009-1673 | Shenzhen Wangxin Technology Co., Ltd. is committed to the field of global shared computin… | 2022-05-04T09:32:43.534000Z |
| var-202008-1322 | Advantech WebAccess Node is a HMI/SCADA monitoring software completely based on IE browse… | 2022-05-04T09:32:45.223000Z |
| var-202008-1301 | Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture. A… | 2022-05-04T09:32:45.234000Z |
| var-202007-1510 | Tvheadend is a streaming media server software installed under LINUX system. TVHeaden… | 2022-05-04T09:32:46.270000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-000067 | mt-phpincgi vulnerable to PHP object injection | 2015-05-20T14:34+09:00 | 2015-05-28T18:05+09:00 |
| jvndb-2015-002705 | Problem with directory permissions in JP1/Automatic Operation | 2015-05-21T16:36+09:00 | 2015-05-21T16:36+09:00 |
| jvndb-2015-002706 | Information Disclosure Vulnerability in JP1/Integrated Management - Universal CMDB | 2015-05-21T16:37+09:00 | 2015-05-21T16:37+09:00 |
| jvndb-2015-000068 | SXF Common Library vulnerable to buffer overflow | 2015-05-22T14:15+09:00 | 2015-05-28T18:14+09:00 |
| jvndb-2015-000069 | Apache Sling API and Servlets Post components vulnerable to cross-site scripting | 2015-05-27T14:43+09:00 | 2015-06-04T15:39+09:00 |
| jvndb-2015-000070 | Zenphoto vulnerable to cross-site scripting | 2015-05-28T13:42+09:00 | 2015-06-03T18:06+09:00 |
| jvndb-2015-000071 | ZenPhoto20 vulnerable to cross-site scripting | 2015-05-28T13:42+09:00 | 2015-06-03T18:06+09:00 |
| jvndb-2015-000072 | "Open Explorer Beta" App for Android vulnerable to directory traversal | 2015-06-03T14:59+09:00 | 2015-06-08T12:25+09:00 |
| jvndb-2015-000073 | F21 JWT fails to verify token signatures | 2015-06-03T15:01+09:00 | 2015-06-08T12:04+09:00 |
| jvndb-2015-000074 | NetFlow Analyzer vulnerable to cross-site scripting | 2015-06-05T13:59+09:00 | 2015-06-10T16:06+09:00 |
| jvndb-2015-000075 | NetFlow Analyzer fails to restrict access permissions | 2015-06-05T14:02+09:00 | 2015-06-10T16:10+09:00 |
| jvndb-2015-000076 | NetFlow Analyzer vulnerable to cross-site request forgery | 2015-06-05T14:14+09:00 | 2015-06-10T16:14+09:00 |
| jvndb-2015-000085 | Multiple Buffalo wireless LAN routers vulnerable to OS command injection | 2015-06-05T14:16+09:00 | 2015-06-10T17:54+09:00 |
| jvndb-2015-000078 | MilkyStep fails to restrict access permissions | 2015-06-09T13:43+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000079 | MilkyStep vulnerable to cross-site request forgery | 2015-06-09T13:45+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000080 | MilkyStep vulnerable to OS command injection | 2015-06-09T14:02+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000081 | MilkyStep vulnerable to SQL injection | 2015-06-09T14:15+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000082 | MilkyStep vulnerable to cross-site scripting | 2015-06-09T14:15+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000083 | MilkyStep fails to restrict access permissions | 2015-06-09T14:16+09:00 | 2015-06-16T16:51+09:00 |
| jvndb-2015-000086 | LoadLibrary function in Microsoft Windows fails to validate input properly | 2015-06-12T14:11+09:00 | 2015-06-12T14:11+09:00 |
| jvndb-2015-000087 | BloBee vulnerable to arbitrary file creation | 2015-06-12T14:12+09:00 | 2015-06-16T16:51+09:00 |
| jvndb-2015-000077 | MilkyStep fails to restrict access permissions | 2015-06-12T14:13+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000088 | Ruby on Rails library Paperclip vulnerable to cross-site scripting | 2015-06-18T14:14+09:00 | 2015-07-14T18:15+09:00 |
| jvndb-2015-000089 | Symfony vulnerable to code injection | 2015-06-23T12:29+09:00 | 2015-06-25T17:34+09:00 |
| jvndb-2015-000090 | namshi/jose fails to verify token signatures | 2015-06-25T15:00+09:00 | 2015-07-14T17:18+09:00 |
| jvndb-2015-000091 | osCommerce Japanese version vulnerable to directory traversal | 2015-06-25T15:53+09:00 | 2015-06-30T11:53+09:00 |
| jvndb-2015-000092 | OpenEMR vulnerable to authentication bypass | 2015-06-30T13:55+09:00 | 2015-07-14T17:16+09:00 |
| jvndb-2015-000093 | Explorer+ File Manager vulnerable to directory traversal | 2015-06-30T13:56+09:00 | 2015-07-02T15:04+09:00 |
| jvndb-2009-003901 | Cacti vulnerable to cross-site scripting | 2015-07-09T14:41+09:00 | 2015-07-09T14:41+09:00 |
| jvndb-2014-002239 | Cacti vulnerable to cross-site request forgery | 2015-07-09T14:41+09:00 | 2015-07-09T14:41+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2016:2902-1 | Security update for kvm | 2016-11-24T13:31:19Z | 2016-11-24T13:31:19Z |
| suse-su-2016:2898-1 | Security update for nodejs4 | 2016-11-24T13:31:38Z | 2016-11-24T13:31:38Z |
| suse-su-2016:2911-1 | Security update for libarchive | 2016-11-25T11:33:02Z | 2016-11-25T11:33:02Z |
| suse-su-2016:2912-1 | Security update for the Linux Kernel | 2016-11-25T12:49:49Z | 2016-11-25T12:49:49Z |
| suse-su-2016:2915-1 | Security update for dovecot22 | 2016-11-25T14:45:24Z | 2016-11-25T14:45:24Z |
| suse-su-2016:2933-1 | Recommended update for mariadb | 2016-11-28T15:25:24Z | 2016-11-28T15:25:24Z |
| suse-su-2016:2932-1 | Security update for mariadb | 2016-11-28T15:26:50Z | 2016-11-28T15:26:50Z |
| suse-su-2016:2936-1 | Security update for qemu | 2016-11-29T09:18:32Z | 2016-11-29T09:18:32Z |
| suse-su-2016:2938-1 | Security update for vim | 2016-11-29T12:11:54Z | 2016-11-29T12:11:54Z |
| suse-su-2016:2942-1 | Security update for vim | 2016-11-29T12:12:53Z | 2016-11-29T12:12:53Z |
| suse-su-2016:2941-1 | Security update for php7 | 2016-11-29T12:42:58Z | 2016-11-29T12:42:58Z |
| suse-su-2016:2952-1 | Security update for ImageMagick | 2016-11-30T09:43:20Z | 2016-11-30T09:43:20Z |
| suse-su-2016:2953-1 | Security update for java-1_7_0-openjdk | 2016-11-30T09:44:33Z | 2016-11-30T09:44:33Z |
| suse-su-2016:2954-1 | Security update for util-linux | 2016-11-30T12:56:19Z | 2016-11-30T12:56:19Z |
| suse-su-2016:2958-1 | Security update for mono-core | 2016-12-01T09:31:59Z | 2016-12-01T09:31:59Z |
| suse-su-2016:2964-1 | Security update for ImageMagick | 2016-12-01T13:22:05Z | 2016-12-01T13:22:05Z |
| suse-su-2016:2975-1 | Security update for php5 | 2016-12-02T10:40:24Z | 2016-12-02T10:40:24Z |
| suse-su-2016:2969-1 | Security update for libgit2 | 2016-12-02T10:40:38Z | 2016-12-02T10:40:38Z |
| suse-su-2016:2974-1 | Security update for pacemaker | 2016-12-02T10:41:08Z | 2016-12-02T10:41:08Z |
| suse-su-2016:2971-1 | Security update for pcre | 2016-12-02T10:43:31Z | 2016-12-02T10:43:31Z |
| suse-su-2016:2976-1 | Security update for the Linux Kernel | 2016-12-02T11:04:24Z | 2016-12-02T11:04:24Z |
| suse-su-2016:2988-1 | Security update for qemu | 2016-12-02T16:25:10Z | 2016-12-02T16:25:10Z |
| suse-su-2016:3001-1 | Security update for libX11 | 2016-12-05T08:28:48Z | 2016-12-05T08:28:48Z |
| suse-su-2016:3010-1 | Security update for java-1_6_0-ibm | 2016-12-05T13:22:39Z | 2016-12-05T13:22:39Z |
| suse-su-2016:3014-1 | Security update for MozillaFirefox, mozilla-nss | 2016-12-05T17:04:31Z | 2016-12-05T17:04:31Z |
| suse-su-2016:3039-1 | Security update for the Linux Kernel | 2016-12-07T12:25:51Z | 2016-12-07T12:25:51Z |
| suse-su-2016:3040-1 | Security update for java-1_6_0-ibm | 2016-12-07T13:23:07Z | 2016-12-07T13:23:07Z |
| suse-su-2016:3041-1 | Security update for java-1_7_1-ibm | 2016-12-07T13:24:58Z | 2016-12-07T13:24:58Z |
| suse-su-2016:3047-1 | Security update for libXi | 2016-12-07T15:44:22Z | 2016-12-07T15:44:22Z |
| suse-su-2016:3044-1 | Security update for xen | 2016-12-07T15:44:40Z | 2016-12-07T15:44:40Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2020:0780-1 | Security update for libcroco | 2020-06-07T22:17:21Z | 2020-06-07T22:17:21Z |
| opensuse-su-2020:0781-1 | Security update for libxml2 | 2020-06-07T22:17:31Z | 2020-06-07T22:17:31Z |
| opensuse-su-2020:0784-1 | Security update for xawtv | 2020-06-07T22:17:51Z | 2020-06-07T22:17:51Z |
| opensuse-su-2020:0785-1 | Security update for axel | 2020-06-08T09:28:00Z | 2020-06-08T09:28:00Z |
| opensuse-su-2020:0786-1 | Security update for libreoffice | 2020-06-08T10:22:01Z | 2020-06-08T10:22:01Z |
| opensuse-su-2020:0787-1 | Security update for xawtv | 2020-06-10T12:58:42Z | 2020-06-10T12:58:42Z |
| opensuse-su-2020:0788-1 | Security update for GraphicsMagick | 2020-06-10T12:58:47Z | 2020-06-10T12:58:47Z |
| opensuse-su-2020:0789-1 | Security update for MozillaFirefox | 2020-06-10T16:20:25Z | 2020-06-10T16:20:25Z |
| opensuse-su-2020:0790-1 | Security update for gnutls | 2020-06-10T17:41:13Z | 2020-06-10T17:41:13Z |
| opensuse-su-2020:0791-1 | Security update for ucode-intel | 2020-06-10T17:58:41Z | 2020-06-10T17:58:41Z |
| opensuse-su-2020:0793-1 | Security update for libexif | 2020-06-11T08:33:02Z | 2020-06-11T08:33:02Z |
| opensuse-su-2020:0794-1 | Security update for vim | 2020-06-11T12:20:24Z | 2020-06-11T12:20:24Z |
| opensuse-su-2020:0799-1 | Security update for MozillaThunderbird | 2020-06-12T10:20:30Z | 2020-06-12T10:20:30Z |
| opensuse-su-2020:0800-1 | Security update for java-1_8_0-openjdk | 2020-06-12T14:20:51Z | 2020-06-12T14:20:51Z |
| opensuse-su-2020:0801-1 | Security update for the Linux Kernel | 2020-06-12T15:14:33Z | 2020-06-12T15:14:33Z |
| opensuse-su-2020:0802-1 | Security update for nodejs8 | 2020-06-12T18:17:49Z | 2020-06-12T18:17:49Z |
| opensuse-su-2020:0803-1 | Security update for rubygem-bundler | 2020-06-12T22:17:33Z | 2020-06-12T22:17:33Z |
| opensuse-su-2020:0804-1 | Security update for texlive-filesystem | 2020-06-13T04:17:15Z | 2020-06-13T04:17:15Z |
| opensuse-su-2020:0805-1 | Security update for libupnp | 2020-06-13T10:16:42Z | 2020-06-13T10:16:42Z |
| opensuse-su-2020:0806-1 | Security update for libntlm | 2020-06-13T10:16:51Z | 2020-06-13T10:16:51Z |
| opensuse-su-2020:0807-1 | Security update for prboom-plus | 2020-06-13T10:16:59Z | 2020-06-13T10:16:59Z |
| opensuse-su-2020:0808-1 | Security update for varnish | 2020-06-13T10:17:05Z | 2020-06-13T10:17:05Z |
| opensuse-su-2020:0816-1 | Security update for libntlm | 2020-06-13T16:56:52Z | 2020-06-13T16:56:52Z |
| opensuse-su-2020:0818-1 | Security update for xen | 2020-06-14T16:26:57Z | 2020-06-14T16:26:57Z |
| opensuse-su-2020:0819-1 | Security update for varnish | 2020-06-16T05:51:42Z | 2020-06-16T05:51:42Z |
| opensuse-su-2020:0820-1 | Security update for prboom-plus | 2020-06-16T05:51:56Z | 2020-06-16T05:51:56Z |
| opensuse-su-2020:0821-1 | Security update for libupnp | 2020-06-16T05:52:04Z | 2020-06-16T05:52:04Z |
| opensuse-su-2020:0823-1 | Security update for chromium | 2020-06-17T16:18:21Z | 2020-06-17T16:18:21Z |
| opensuse-su-2020:0825-1 | Security update for file-roller | 2020-06-17T16:18:46Z | 2020-06-17T16:18:46Z |
| opensuse-su-2020:0827-1 | Security update for adns | 2020-06-17T16:19:06Z | 2020-06-17T16:19:06Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2015-01159 | Radexscript CMS 'SEARCH_TERMS'参数SQL注入漏洞 | 2015-02-13 | 2015-02-14 |
| cnvd-2015-01160 | Elasticsearch Groovy脚本引擎沙盒安全绕过漏洞 | 2015-02-13 | 2015-02-14 |
| cnvd-2015-01162 | u5CMS跨站脚本漏洞 | 2015-02-13 | 2015-02-14 |
| cnvd-2015-01163 | WordPress插件Spider Facebook跨站脚本漏洞 | 2015-02-13 | 2015-02-14 |
| cnvd-2015-01164 | u5CMS SQL注入漏洞 | 2015-02-13 | 2015-02-14 |
| cnvd-2015-01165 | u5CMS 'u5admin/deletefile.php'目录遍历漏洞 | 2015-02-13 | 2015-02-14 |
| cnvd-2015-01166 | u5CMS开放重定向漏洞 | 2015-02-13 | 2015-02-14 |
| cnvd-2015-01167 | PostgreSQL 'constraint-violation'信息泄露漏洞 | 2015-02-13 | 2015-02-14 |
| cnvd-2015-01247 | Advantech EKI-1200 Series存在未明缓冲区溢出漏洞 | 2015-02-13 | 2015-02-27 |
| cnvd-2015-01175 | IBM Optim Performance Manager for DB2和InfoSphere Optim Performance Manager for DB2目录遍历漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01176 | IBM InfoSphere BigInsights alert模块信息泄露漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01177 | IBM Tivoli Storage Manager竞争条件权限提升漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01178 | IBM Tivoli Storage Manager权限提升漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01179 | Apple CUPS cupsRasterReadPixels缓冲区溢出漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01180 | EMC Captiva Capture InputAccel Database信息泄露漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01181 | IBM Business Process Manager Search REST API访问绕过漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01182 | IBM Content Navigator跨站脚本漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01183 | IBM Curam Social Program Management Universal Access组件CRLF注入漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01184 | IBM Curam Social Program Management Curam Universal Access信息泄露漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01196 | Siemens SIMATIC STEP 7 TIA Portal中间人攻击信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01197 | Siemens SIMATIC STEP 7 TIA Portal密码哈希算法安全漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01198 | Siemens SIMATIC STEP 7安全绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01199 | Siemens SIMATIC STEP 7敏感信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01203 | OpenStack Glance拒绝服务漏洞(CNVD-2015-01203) | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01204 | Drupal Term Queue模块跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01205 | Drupal Services Basic Authentication模块访问绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01206 | Drupal Navigate模块跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01207 | Drupal Panopoly Magic模块跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01208 | Drupal RESTful Web Services信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01209 | Drupal Avatar Uploader任意文件上传漏洞 | 2015-02-21 | 2015-02-27 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2005-avi-022 | Vulnérabilité de Ethereal | 2005-01-24T00:00:00.000000 | 2005-02-17T00:00:00.000000 |
| certa-2005-avi-023 | Multiples vulnérabilités du noyau Linux | 2005-01-24T00:00:00.000000 | 2005-02-21T00:00:00.000000 |
| certa-2005-avi-024 | Vulnérabilité de Veritas Backup Exec | 2005-01-24T00:00:00.000000 | 2005-01-24T00:00:00.000000 |
| certa-2005-avi-025 | Correctif de sécurité cumulatif pour les produits Oracle | 2005-01-24T00:00:00.000000 | 2005-01-24T00:00:00.000000 |
| certa-2005-avi-026 | Vulnérabilité des points d'accès 3Com OfficeConnect Wireless 11g | 2005-01-24T00:00:00.000000 | 2005-01-24T00:00:00.000000 |
| certa-2005-avi-027 | Vulnérabilité de Konversation | 2005-01-24T00:00:00.000000 | 2005-02-14T00:00:00.000000 |
| certa-2005-avi-028 | Failles dans les greffons Java de Sun | 2005-01-24T00:00:00.000000 | 2005-01-24T00:00:00.000000 |
| certa-2005-avi-029 | Vulnérabilité du système d'exploitation Cisco IOS | 2005-01-26T00:00:00.000000 | 2005-01-26T00:00:00.000000 |
| certa-2005-avi-030 | Vulnérabilités dans le traitement des paquets BGP par Cisco IOS | 2005-01-27T00:00:00.000000 | 2005-01-27T00:00:00.000000 |
| certa-2005-avi-031 | Vulnérabilité les routeurs Cisco supportant MPLS | 2005-01-27T00:00:00.000000 | 2005-01-27T00:00:00.000000 |
| certa-2005-avi-032 | Vulnérabilité IPv6 dans Cisco IOS | 2005-01-27T00:00:00.000000 | 2005-01-27T00:00:00.000000 |
| certa-2005-avi-033 | Vulnérabilité des serveurs DNS BIND | 2005-01-27T00:00:00.000000 | 2005-06-10T00:00:00.000000 |
| certa-2005-avi-034 | Multiples vulnérabilités dans Mac OS X | 2005-01-27T00:00:00.000000 | 2005-06-23T00:00:00.000000 |
| certa-2005-avi-035 | Vulnérabilité de AWStats | 2005-01-27T00:00:00.000000 | 2005-02-18T00:00:00.000000 |
| certa-2005-avi-036 | Vulnérabilité dans WinAMP | 2005-01-28T00:00:00.000000 | 2005-01-28T00:00:00.000000 |
| certa-2005-avi-037 | Vulnérabilité de Evolution | 2005-01-31T00:00:00.000000 | 2005-05-27T00:00:00.000000 |
| certa-2005-avi-038 | Multiples vulnérabilités dans SquirrelMail | 2005-01-31T00:00:00.000000 | 2005-06-10T00:00:00.000000 |
| certa-2005-avi-039 | Vulnérabilité dans BlackBerry Enterprise Server | 2005-01-31T00:00:00.000000 | 2005-01-31T00:00:00.000000 |
| certa-2005-avi-040 | Vulnérabilité de ncpfs | 2005-01-31T00:00:00.000000 | 2005-02-04T00:00:00.000000 |
| certa-2005-avi-041 | Vulnérabilité de mailman | 2005-01-31T00:00:00.000000 | 2005-03-01T00:00:00.000000 |
| certa-2005-avi-042 | Multiples vulnérabilités dans Squid | 2005-02-01T00:00:00.000000 | 2005-06-10T00:00:00.000000 |
| certa-2005-avi-043 | Vulérabilité sur Juniper | 2005-02-01T00:00:00.000000 | 2005-02-01T00:00:00.000000 |
| certa-2005-avi-044 | Vulnérabilité de ClamAV | 2005-02-01T00:00:00.000000 | 2005-02-24T00:00:00.000000 |
| certa-2005-avi-045 | Vulnérabilité de Eudora | 2005-02-03T00:00:00.000000 | 2005-02-03T00:00:00.000000 |
| certa-2005-avi-046 | Vulnérabilité de Perl | 2005-02-03T00:00:00.000000 | 2005-02-24T00:00:00.000000 |
| certa-2005-avi-047 | Vulnérabilité des équipements IP/VC de Cisco | 2005-02-03T00:00:00.000000 | 2005-02-03T00:00:00.000000 |
| certa-2005-avi-048 | Vulnérabilité dans UW-Imapd | 2005-02-03T00:00:00.000000 | 2005-06-10T00:00:00.000000 |
| certa-2005-avi-049 | Vulnérabilité de PostgreSQL | 2005-02-09T00:00:00.000000 | 2005-04-21T00:00:00.000000 |
| certa-2005-avi-050 | Vulnérabilité de Microsoft Office XP | 2005-02-09T00:00:00.000000 | 2005-02-09T00:00:00.000000 |
| certa-2005-avi-051 | Vunérabilté dans Microsoft Windows Licence Logging Service | 2005-02-09T00:00:00.000000 | 2005-02-09T00:00:00.000000 |