Recent vulnerabilities

ID CVSS Description Vendor Product Published Updated
CVE-2026-23646
6.5 (3.1)
OpenProject users can delete other user's session, cau… opf
 openproject
 2026-01-19T17:48:03.082Z 2026-01-20T14:54:40.162Z
CVE-2026-0548
5.4 (3.1)
Tutor LMS – eLearning and online course solution <= 3.… themeum
 Tutor LMS – eLearning and online course solution
 2026-01-20T14:26:31.808Z 2026-01-20T14:53:42.335Z
CVE-2026-23745
8.2 (4.0)
node-tar Vulnerable to Arbitrary File Overwrite and Sy… isaacs
 node-tar
 2026-01-16T22:00:08.769Z 2026-01-20T14:53:24.513Z
CVE-2026-0690
6.4 (3.1)
FlatPM – Ad Manager, AdSense and Custom Code <= 3.2.2 … flatboy
 FlatPM – Ad Manager, AdSense and Custom Code
 2026-01-20T14:26:32.223Z 2026-01-20T14:52:49.486Z
CVE-2025-52660
2.7 (3.1)
HCL AION is affected by an Host Header Injection vulne… HCL Software
 AION
 2026-01-19T17:49:52.166Z 2026-01-20T14:51:58.265Z
CVE-2026-23721
4.3 (3.1)
OpenProject users with "View Members" permission in an… opf
 openproject
 2026-01-19T17:52:35.307Z 2026-01-20T14:51:21.936Z
CVE-2025-15043
5.4 (3.1)
The Events Calendar <= 6.15.13 - Missing Authorization… stellarwp
 The Events Calendar
 2026-01-20T14:26:32.694Z 2026-01-20T14:51:12.202Z
CVE-2025-15347
8.8 (3.1)
Creator LMS – The LMS for Creators, Coaches, and Train… getwpfunnels
 Creator LMS – The LMS for Creators, Coaches, and Trainers
 2026-01-20T14:26:33.130Z 2026-01-20T14:50:26.163Z
CVE-2026-0608
6.4 (3.1)
Head Meta Data <= 20251118 - Authenticated (Contributo… specialk
 Head Meta Data
 2026-01-20T14:26:33.497Z 2026-01-20T14:49:46.704Z
CVE-2026-22816
8.6 (4.0)
Gradle fails to disable repositories which can expose … gradle
 gradle
 2026-01-16T22:45:48.937Z 2026-01-20T14:49:32.077Z
CVE-2025-15380
7.2 (3.1)
NotificationX <= 3.2.0 - Unauthenticated DOM-Based Cro… wpdevteam
 NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar
 2026-01-20T14:26:33.859Z 2026-01-20T14:48:22.901Z
CVE-2026-22865
8.6 (4.0)
Gradle's failure to disable repositories failing to an… gradle
 gradle
 2026-01-16T22:46:19.741Z 2026-01-20T14:47:41.205Z
CVE-2026-0554
4.3 (3.1)
NotificationX <= 3.1.11 - Missing Authorization to Aut… wpdevteam
 NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar
 2026-01-20T14:26:34.215Z 2026-01-20T14:47:07.305Z
CVE-2026-22031
8.4 (3.1)
Fastify Middie Middleware Path Bypass fastify
 middie
 2026-01-19T15:24:45.899Z 2026-01-20T14:45:31.487Z
CVE-2026-23534
7.7 (4.0)
FreeRDP has heap-buffer-overflow in clear_decompress_b… FreeRDP
 FreeRDP
 2026-01-19T17:09:55.715Z 2026-01-20T14:42:31.717Z
CVE-2026-0906
9.8 (3.1)
Incorrect security UI in Google Chrome on Androi… Google
 Chrome
 2026-01-20T04:14:17.058Z 2026-01-20T14:40:03.328Z
CVE-2026-23846
8.1 (3.1)
Tugtainer vulnerable to Password Exposure via URL Quer… Quenary
 tugtainer
 2026-01-19T19:42:35.581Z 2026-01-20T14:40:03.105Z
CVE-2025-40644
5.1 (4.0)
Reflected Cross-Site Scripting (XSS) in QRGen's Riftzilla Riftzilla
 QRGen
 2026-01-20T11:33:28.820Z 2026-01-20T14:39:59.902Z
CVE-2026-23847
2.1 (4.0)
SiYuan Vulnerable to Reflected Cross-Site Scripting (X… siyuan-note
 siyuan
 2026-01-19T19:46:08.980Z 2026-01-20T14:37:42.649Z
CVE-2026-0907
9.8 (3.1)
Incorrect security UI in Split View in Google Chr… Google
 Chrome
 2026-01-20T04:14:17.460Z 2026-01-20T14:37:38.272Z
CVE-2025-14369
5.5 (3.1)
CVE-2025-14369 mackron
 dr_flac
 2026-01-20T11:49:08.348Z 2026-01-20T14:33:15.550Z
CVE-2024-30516
7.5 (3.1)
WordPress Booking Package plugin <= 1.6.27 - Price Man… SaasProject
 Booking Package
 2026-01-05T16:38:43.668Z 2026-01-20T14:31:54.985Z
CVE-2024-30461
7.1 (3.1)
WordPress Tumult Hype Animations plugin <= 1.9.11 - CS… Tumult Inc
 Tumult Hype Animations
 2026-01-05T16:36:41.495Z 2026-01-20T14:31:54.980Z
CVE-2026-0676
5.3 (3.1)
WordPress Zorka theme <= 1.5.7 - Broken Access Control… G5Theme
 Zorka
 2026-01-08T09:17:55.655Z 2026-01-20T14:31:54.967Z
CVE-2024-24844
7.5 (3.1)
WordPress PowerPack Pro for Elementor plugin <= 2.10.6… IdeaBox Creations
 PowerPack Pro for Elementor
 2025-12-23T12:06:04.875Z 2026-01-20T14:31:54.892Z
CVE-2024-53735
7.1 (3.1)
WordPress iPhone Webclip Manager plugin <= 0.5 - CSRF … Corourke
 iPhone Webclip Manager
 2026-01-05T16:41:08.654Z 2026-01-20T14:31:54.884Z
CVE-2026-0674
4.3 (3.1)
WordPress Campaign Monitor for WordPress plugin <= 2.9… Campaign Monitor
 Campaign Monitor for WordPress
 2026-01-08T09:17:55.119Z 2026-01-20T14:31:54.868Z
CVE-2024-23511
6.5 (3.1)
WordPress The Plus Addons for Elementor plugin <= 5.3.… POSIMYTH
 The Plus Addons for Elementor Page Builder Lite
 2026-01-05T13:33:57.628Z 2026-01-20T14:31:54.867Z
CVE-2025-12573
6.5 (3.1)
Bookingor <= 1.0.12 - Subscriber+ Category Deletion Unknown
 Bookingor
 2026-01-20T06:00:06.707Z 2026-01-20T14:31:33.367Z
CVE-2025-69352
5.4 (3.1)
WordPress The Events Calendar plugin <= 6.15.12.2 - Br… StellarWP
 The Events Calendar
 2026-01-06T16:36:40.651Z 2026-01-20T14:28:30.039Z
ID CVSS Description Vendor Product Published Updated
CVE-2025-39909
N/A
mm/damon/lru_sort: avoid divide-by-zero in damon_lru_s… Linux
 Linux
 2025-10-01T07:44:32.936Z 2025-11-03T17:44:35.076Z
CVE-2025-68926
9.8 (3.1)
RustFS has a gRPC Hardcoded Token Authentication Bypass rustfs
 rustfs
 2025-12-30T16:59:53.999Z 2026-01-05T14:23:55.080Z
CVE-2025-39907
N/A
mtd: rawnand: stm32_fmc2: avoid overlapping mappings o… Linux
 Linux
 2025-10-01T07:44:30.864Z 2025-11-03T17:44:34.141Z
CVE-2025-39902
N/A
mm/slub: avoid accessing metadata when pointer is inva… Linux
 Linux
 2025-10-01T07:42:49.415Z 2025-11-03T17:44:33.198Z
CVE-2025-39894
N/A
netfilter: br_netfilter: do not check confirmed bit in… Linux
 Linux
 2025-10-01T07:42:43.126Z 2025-11-03T17:44:28.733Z
CVE-2025-68705
8.8 (4.0)
RustFS Path Traversal Vulnerability rustfs
 rustfs
 2026-01-07T20:31:44.236Z 2026-01-07T21:28:30.316Z
CVE-2025-39885
N/A
ocfs2: fix recursive semaphore deadlock in fiemap call Linux
 Linux
 2025-09-23T06:00:52.584Z 2025-11-03T17:44:25.898Z
CVE-2025-69255
5.5 (4.0)
RustFS gRPC GetMetrics deserialization panic enables r… rustfs
 rustfs
 2026-01-07T20:34:25.282Z 2026-01-07T21:25:33.094Z
CVE-2017-11349
N/A
dataTaker DT8x dEX 1.72.007 allows remote attacke… n/a
 n/a
 2017-07-17T00:00:00.000Z 2024-08-05T18:05:30.515Z
CVE-2017-11165
N/A
dataTaker DT80 dEX 1.50.012 allows remote attacke… n/a
 n/a
 2017-07-12T12:00:00.000Z 2024-08-05T17:57:58.071Z
CVE-2025-39883
N/A
mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(pag… Linux
 Linux
 2025-09-23T06:00:51.548Z 2025-11-03T17:44:24.900Z
CVE-2025-39881
N/A
kernfs: Fix UAF in polling when open file is released Linux
 Linux
 2025-09-23T06:00:50.496Z 2025-11-03T17:44:23.968Z
CVE-2022-50459
N/A
scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calli… Linux
 Linux
 2025-10-01T11:45:31.740Z 2025-10-01T11:45:31.740Z
CVE-2022-50458
N/A
clk: tegra: Fix refcount leak in tegra210_clock_init Linux
 Linux
 2025-10-01T11:45:30.959Z 2025-10-01T11:45:30.959Z
CVE-2022-50457
N/A
mtd: core: Fix refcount error in del_mtd_device() Linux
 Linux
 2025-10-01T11:45:30.263Z 2025-10-01T11:45:30.263Z
CVE-2022-50456
N/A
btrfs: fix resolving backrefs for inline extent follow… Linux
 Linux
 2025-10-01T11:45:29.587Z 2025-12-23T13:29:29.725Z
CVE-2022-50454
N/A
drm/nouveau: fix a use-after-free in nouveau_gem_prime… Linux
 Linux
 2025-10-01T11:45:27.337Z 2025-10-01T11:45:27.337Z
CVE-2022-50453
N/A
gpiolib: cdev: fix NULL-pointer dereferences Linux
 Linux
 2025-10-01T11:45:26.499Z 2025-10-01T11:45:26.499Z
CVE-2022-50452
N/A
net: sched: cake: fix null pointer access issue when c… Linux
 Linux
 2025-10-01T11:45:25.394Z 2025-10-01T11:45:25.394Z
CVE-2022-50451
N/A
fs/ntfs3: Fix memory leak on ntfs_fill_super() error path Linux
 Linux
 2025-10-01T11:45:24.652Z 2025-10-02T07:04:17.424Z
CVE-2021-24863
N/A
StopBadBots < 6.67 - Unauthenticated SQL Injection Unknown
 WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots
 2021-12-13T10:41:14.000Z 2024-08-03T19:49:12.639Z
CVE-2021-24727
N/A
Block and Stop Bad Bots < 6.60 - Authenticated SQL Inj… Unknown
 WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots
 2021-09-13T17:56:42.000Z 2024-08-03T19:42:16.852Z
CVE-2017-15948
N/A
Perch Content Management System 3.0.3 allows unre… n/a
 n/a
 2017-10-28T00:00:00.000Z 2024-09-16T23:37:01.882Z
CVE-2024-58338
8.6 (4.0)
10 (3.1)
Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Tra… Ateme
 Flamingo XL
 2025-12-30T22:41:45.411Z 2026-01-16T19:00:19.750Z
CVE-2024-58337
8.7 (4.0)
4.3 (3.1)
Akuvox Smart Intercom S539 Improper Access Control via… The Akuvox Company
 Akuvox Smart Doorphone
 2025-12-30T22:41:44.989Z 2026-01-16T19:00:19.517Z
CVE-2024-58336
8.7 (4.0)
5.3 (3.1)
Akuvox Smart Intercom S539 Unauthenticated Video Strea… The Akuvox Company
 Akuvox Smart Doorphone
 2025-12-30T22:41:44.569Z 2026-01-16T19:00:19.275Z
CVE-2024-58315
8.5 (4.0)
7.8 (3.1)
Tosibox Key Service 3.3.0 Local Privilege Escalation v… Tosibox Oy
 Tosibox Key Service
 2025-12-30T22:41:44.147Z 2026-01-16T19:00:19.011Z
CVE-2023-54327
9.3 (4.0)
9.8 (3.1)
Tinycontrol LAN Controller 1.58a Authentication Bypass… Tinycontrol
 LAN Controller
 2025-12-30T22:41:43.728Z 2026-01-16T19:00:18.796Z
CVE-2023-54163
8.8 (4.0)
7.5 (3.1)
NLB mKlik Macedonia 3.3.12 SQL Injection via Internati… NLB Banka AD Skopje
 NLB mKlik Makedonija
 2025-12-30T22:41:43.245Z 2026-01-16T19:00:18.541Z
CVE-2023-53983
9.3 (4.0)
9.8 (3.1)
Anevia Flamingo XL/XS 3.6.20 Default Credentials Authe… Ateme
 Anevia Flamingo XL/XS
 2025-12-30T22:41:42.839Z 2026-01-16T19:00:18.214Z
ID Description Published Updated
fkie_cve-2025-39907 In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: stm32_fmc2: avoi… 2025-10-01T08:15:33.603 2026-01-16T19:31:03.467
fkie_cve-2025-39902 In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metad… 2025-10-01T08:15:32.993 2026-01-16T19:30:38.430
fkie_cve-2025-39894 In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: do no… 2025-10-01T08:15:31.987 2026-01-16T19:30:25.443
fkie_cve-2025-68705 RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.13 to 1.0.0-al… 2026-01-07T21:15:59.383 2026-01-16T19:29:47.410
fkie_cve-2025-39885 In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix recursive semaphore… 2025-09-23T06:15:48.370 2026-01-16T19:29:02.180
fkie_cve-2025-69255 RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.13 to 1.0.0-al… 2026-01-07T21:16:00.510 2026-01-16T19:28:22.447
fkie_cve-2017-11349 dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes … 2017-07-17T13:18:21.237 2026-01-16T19:28:18.943
fkie_cve-2017-11165 dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuratio… 2017-07-12T12:29:00.190 2026-01-16T19:28:04.570
fkie_cve-2025-39883 In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VM_BUG_… 2025-09-23T06:15:48.087 2026-01-16T19:26:44.733
fkie_cve-2025-39881 In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling whe… 2025-09-23T06:15:47.793 2026-01-16T19:26:01.513
fkie_cve-2022-50459 In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsi_tcp: Fix nu… 2025-10-01T12:15:39.283 2026-01-16T19:24:44.347
fkie_cve-2022-50458 In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak … 2025-10-01T12:15:39.123 2026-01-16T19:24:37.673
fkie_cve-2022-50457 In the Linux kernel, the following vulnerability has been resolved: mtd: core: Fix refcount error … 2025-10-01T12:15:38.967 2026-01-16T19:24:26.590
fkie_cve-2022-50456 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs … 2025-10-01T12:15:38.807 2026-01-16T19:24:14.110
fkie_cve-2022-50454 In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-f… 2025-10-01T12:15:38.510 2026-01-16T19:24:04.770
fkie_cve-2022-50453 In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointe… 2025-10-01T12:15:38.363 2026-01-16T19:23:56.910
fkie_cve-2022-50452 In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null poi… 2025-10-01T12:15:38.210 2026-01-16T19:23:48.460
fkie_cve-2022-50451 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak on n… 2025-10-01T12:15:38.050 2026-01-16T19:23:40.883
fkie_cve-2021-24863 The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots Wor… 2021-12-13T11:15:09.270 2026-01-16T19:23:16.610
fkie_cve-2021-24727 The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET p… 2021-09-13T18:15:18.947 2026-01-16T19:23:16.610
fkie_cve-2017-15948 Perch Content Management System 3.0.3 allows unrestricted file upload (with resultant XSS) via the … 2017-10-28T00:29:00.340 2026-01-16T19:22:10.100
fkie_cve-2024-58338 Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to … 2025-12-30T23:15:49.227 2026-01-16T19:16:16.033
fkie_cve-2024-58337 Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with… 2025-12-30T23:15:49.060 2026-01-16T19:16:15.843
fkie_cve-2024-58336 Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers t… 2025-12-30T23:15:48.880 2026-01-16T19:16:15.663
fkie_cve-2024-58315 Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-pri… 2025-12-30T23:15:48.700 2026-01-16T19:16:15.497
fkie_cve-2023-54327 Tinycontrol LAN Controller 1.58a contains an authentication bypass vulnerability that allows unauth… 2025-12-30T23:15:48.500 2026-01-16T19:16:15.010
fkie_cve-2023-54163 NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer paramet… 2025-12-30T23:15:48.337 2026-01-16T19:16:14.840
fkie_cve-2023-53983 Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative cre… 2025-12-30T23:15:48.163 2026-01-16T19:16:14.653
fkie_cve-2023-53982 PMB 7.4.6 contains a SQL injection vulnerability in the storage parameter of the ajax.php endpoint … 2025-12-23T20:15:46.073 2026-01-16T19:16:14.480
fkie_cve-2023-53964 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated vulnerability in the /usr/cgi-bin/re… 2025-12-22T22:16:00.860 2026-01-16T19:16:14.297
ID Severity Description Published Updated
ghsa-98h2-7j4h-7xc5
7.4 (3.1)
Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause net… 2024-01-23T06:30:21Z 2025-12-31T03:30:26Z
ghsa-7695-f938-c2jf
7.4 (3.1)
Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause netw… 2024-01-23T06:30:21Z 2025-12-31T03:30:26Z
ghsa-4425-3v92-m6q6
7.4 (3.1)
Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause netw… 2024-01-23T06:30:21Z 2025-12-31T03:30:26Z
ghsa-x5cr-w4x6-22r9
8.0 (3.1)
5.1 (4.0)
Ksenia Security Lares 4.0 version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' s… 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-wm7p-2wcf-h9qh
9.8 (3.1)
8.6 (4.0)
Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to … 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-rg8q-q5qg-28fm
7.5 (3.1)
9.3 (4.0)
Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative cre… 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-mv53-5j69-vvj9
6.5 (3.1)
5.1 (4.0)
JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery (CSRF) attacks, all… 2025-12-31T00:31:10Z 2025-12-31T00:31:11Z
ghsa-mpcq-qm9f-9qfj
9.8 (3.1)
8.7 (4.0)
Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers t… 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-jv66-87h9-r6q4
8.4 (3.1)
8.5 (4.0)
Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-pri… 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-hcw3-qjrp-gq57
7.5 (3.1)
9.3 (4.0)
Tinycontrol LAN Controller 1.58a contains an authentication bypass vulnerability that allows unauth… 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-g772-q552-ggr6
7.8 (3.1)
8.5 (4.0)
Ksenia Security Lares 4.0 Home Automation version 1.6 contains an unprotected endpoint vulnerabilit… 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-g2pw-5fjr-fhhf
7.5 (3.1)
9.3 (4.0)
Ksenia Security Lares 4.0 Home Automation version 1.6 contains a default credentials vulnerability … 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-c56g-3hg8-4249
7.5 (3.1)
8.7 (4.0)
Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with… 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-5xw5-83cp-4rjf
9.8 (3.1)
9.3 (4.0)
Ksenia Security Lares 4.0 Home Automation version 1.6 contains a critical security flaw that expose… 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-4rhh-qhhp-cw22
8.2 (3.1)
8.8 (4.0)
NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer paramet… 2025-12-31T00:31:11Z 2025-12-31T00:31:11Z
ghsa-xpmj-f96f-w324
6.1 (3.1)
5.1 (4.0)
ETAP Safety Manager 1.0.0.32 contains a cross-site scripting vulnerability in the 'action' GET para… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-x593-jp73-3qq7
8.4 (3.1)
8.5 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a command injection vulnerability that allows local au… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-vf6p-f83q-937h
8.2 (3.1)
8.8 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an SQL injection vulnerability in the 'username' POST … 2025-12-31T00:31:09Z 2025-12-31T00:31:10Z
ghsa-r568-76cw-jx2w
8.4 (3.1)
8.5 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that all… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-q68f-54g3-3rc9
8.4 (3.1)
8.5 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that all… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-pc62-v6r5-973x
7.5 (3.1)
6.9 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an insufficient session expiration vul… 2025-12-31T00:31:09Z 2025-12-31T00:31:10Z
ghsa-m8f6-rrcx-mrm3
7.5 (3.1)
6.9 (4.0)
H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usern… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-hv34-rhhr-q53f
7.5 (3.1)
9.3 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an unauthenticated remote code execution vulnerability… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-gxjj-79fr-px4p
7.2 (3.1)
5.3 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains an unauthenticated stored cross-site scripting … 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-gr6g-859c-3j6j
7.5 (3.1)
6.7 (4.0)
SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-gcc4-3hh2-4mcx
9.8 (3.1)
9.3 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated command injection v… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-cqgr-77q2-257r
9.8 (3.1)
8.7 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthentic… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-cjhx-gxg4-xjm7
7.5 (3.1)
7.1 (4.0)
Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger … 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-9x83-xq9p-cxq5
7.5 (3.1)
6.9 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows un… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ghsa-7h43-qx63-fwcr
9.8 (3.1)
8.7 (4.0)
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vul… 2025-12-31T00:31:10Z 2025-12-31T00:31:10Z
ID Severity Description Package Published Updated
ID Description Type
ID Description Updated
gsd-2024-1274 The My Calendar WordPress plugin before 3.4.24 does not sanitise and escape some paramete… 2024-02-07T06:03:41.645323Z
gsd-2024-1251 A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.10. Affe… 2024-02-07T06:03:41.644539Z
gsd-2024-1263 A vulnerability, which was classified as critical, was found in Juanpao JPShop up to 1.5.… 2024-02-07T06:03:41.639986Z
gsd-2024-1261 A vulnerability classified as critical was found in Juanpao JPShop up to 1.5.02. This vul… 2024-02-07T06:03:41.635837Z
gsd-2024-1250 An issue has been discovered in GitLab EE affecting all versions starting from 16.8 befor… 2024-02-07T06:03:41.634740Z
gsd-2024-1249 A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unv… 2024-02-07T06:03:41.633294Z
gsd-2024-1290 The User Registration WordPress plugin before 2.12 does not prevent users with at least t… 2024-02-07T06:03:41.627258Z
gsd-2024-1295 The format of the source doesn't require a description, click on the link for more details. 2024-02-07T06:03:41.626533Z
gsd-2024-1284 Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker… 2024-02-07T06:03:41.620325Z
gsd-2024-1266 A vulnerability classified as problematic was found in CodeAstro University Management Sy… 2024-02-07T06:03:41.617310Z
gsd-2024-1293 The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scriptin… 2024-02-07T06:03:41.600664Z
gsd-2024-1272 The format of the source doesn't require a description, click on the link for more details. 2024-02-07T06:03:41.592784Z
gsd-2024-1291 The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scriptin… 2024-02-07T06:03:41.582613Z
gsd-2024-1270 The format of the source doesn't require a description, click on the link for more details. 2024-02-07T06:03:41.581857Z
gsd-2024-25155 In FileCatalyst Direct 3.8.8 and earlier through 3.8.6, the web server does not properly … 2024-02-07T06:03:41.578718Z
gsd-2024-25142 The format of the source doesn't require a description, click on the link for more details. 2024-02-07T06:03:41.573646Z
gsd-2024-25143 The Document and Media widget In Liferay Portal 7.2.0 through 7.3.6, and older unsupporte… 2024-02-07T06:03:41.572415Z
gsd-2024-25144 The IFrame widget in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported version… 2024-02-07T06:03:41.571365Z
gsd-2024-25157 The format of the source doesn't require a description, click on the link for more details. 2024-02-07T06:03:41.567541Z
gsd-2024-25139 In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to a… 2024-02-07T06:03:41.559162Z
gsd-2024-25151 The Calendar module in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions… 2024-02-07T06:03:41.557747Z
gsd-2024-25148 In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.… 2024-02-07T06:03:41.557392Z
gsd-2024-25156 A path traversal vulnerability exists in GoAnywhere MFT prior to 7.4.2 which allows atta… 2024-02-07T06:03:41.556738Z
gsd-2024-25146 Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 b… 2024-02-07T06:03:41.547911Z
gsd-2024-25140 ** DISPUTED ** A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert c… 2024-02-07T06:03:41.545803Z
gsd-2024-25153 A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal all… 2024-02-07T06:03:41.536146Z
gsd-2024-25141 When ssl was enabled for Mongo Hook, default settings included "allow_insecure" which cau… 2024-02-07T06:03:41.533327Z
gsd-2024-25152 Stored cross-site scripting (XSS) vulnerability in Message Board widget in Liferay Portal… 2024-02-07T06:03:41.531387Z
gsd-2024-25147 Cross-site scripting (XSS) vulnerability in HtmlUtil.escapeJsLink in Liferay Portal 7.2.0… 2024-02-07T06:03:41.527070Z
gsd-2024-25149 Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 b… 2024-02-07T06:03:41.525849Z
ID Description Published Updated
mal-2025-183242 Malicious code in kisut-difg-diwfzcfecdavgecab (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183241 Malicious code in kisut-difg-diwfzcfecdavgec (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183240 Malicious code in kisut-difg-diwfzcfecdavge (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183239 Malicious code in kisut-difg-diwfzcfecdavg (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183238 Malicious code in kisut-difg-diwfzcfecdav (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183237 Malicious code in kisut-difg-diwfzcfecda (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183236 Malicious code in kisut-difg-diwfzcfecd (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183235 Malicious code in kisut-difg-diwfzcfec (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183234 Malicious code in kisut-difg-diwfzcfe (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183233 Malicious code in kisut-difg-diwfzcf (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183232 Malicious code in kisut-difg-diwfzc (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183231 Malicious code in kisut-difg-diwfz (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183230 Malicious code in kisut-difg-diwf (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183229 Malicious code in kisut-difg-diw (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183228 Malicious code in kisut-difg-diguuota (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183227 Malicious code in kisut-difg-diguota (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183226 Malicious code in kisut-difg-diguauota (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183225 Malicious code in kisut-difg-diguauaota (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183224 Malicious code in kisut-difg-diguafuavaotav (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183223 Malicious code in kisut-difg-diguafuavaota (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183222 Malicious code in kisut-difg-diguafuaaota (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183221 Malicious code in kisut-difg-digua (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183220 Malicious code in kisut-difg-digu (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183219 Malicious code in kisut-difg-dig (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183218 Malicious code in kisut-difg-di (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183217 Malicious code in kisut-dfg-dzb (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183216 Malicious code in kisut-dfg-dufban (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183215 Malicious code in kisut-dfg-dufainban (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183214 Malicious code in kisut-dfg-dufaiban (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
mal-2025-183213 Malicious code in kisut-dfg-dufadiuynban (npm) 2025-11-12T22:25:03Z 2025-11-12T22:25:03Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
rhsa-2023:3590 Red Hat Security Advisory: firefox security update 2023-06-14T08:54:55+00:00 2025-11-21T18:41:27+00:00
rhsa-2023:3589 Red Hat Security Advisory: firefox security update 2023-06-14T08:46:25+00:00 2025-11-21T18:41:26+00:00
rhsa-2023:3588 Red Hat Security Advisory: thunderbird security update 2023-06-14T08:54:10+00:00 2025-11-21T18:41:26+00:00
rhsa-2023:3587 Red Hat Security Advisory: thunderbird security update 2023-06-14T08:43:39+00:00 2025-11-21T18:41:26+00:00
rhsa-2023:3586 Red Hat Security Advisory: nodejs security update 2023-06-14T08:43:54+00:00 2025-11-21T18:41:26+00:00
rhsa-2023:3585 Red Hat Security Advisory: python3.11 security update 2023-06-14T08:47:35+00:00 2025-11-21T18:41:25+00:00
rhsa-2023:3584 Red Hat Security Advisory: c-ares security update 2023-06-14T08:15:46+00:00 2025-11-21T18:41:25+00:00
rhsa-2023:3583 Red Hat Security Advisory: c-ares security update 2023-06-14T08:03:32+00:00 2025-11-21T18:41:25+00:00
rhsa-2023:3579 Red Hat Security Advisory: firefox security update 2023-06-14T07:56:25+00:00 2025-11-21T18:41:24+00:00
rhsa-2023:3578 Red Hat Security Advisory: firefox security update 2023-06-14T07:37:25+00:00 2025-11-21T18:41:24+00:00
rhsa-2023:3577 Red Hat Security Advisory: nodejs:18 security update 2023-06-14T07:33:08+00:00 2025-11-21T18:41:23+00:00
rhsa-2023:3567 Red Hat Security Advisory: thunderbird security update 2023-06-13T15:00:13+00:00 2025-11-21T18:41:23+00:00
rhsa-2023:3566 Red Hat Security Advisory: thunderbird security update 2023-06-13T15:00:57+00:00 2025-11-21T18:41:23+00:00
rhsa-2023:3565 Red Hat Security Advisory: thunderbird security update 2023-06-13T14:59:17+00:00 2025-11-21T18:41:23+00:00
rhsa-2023:3564 Red Hat Security Advisory: thunderbird security update 2023-06-13T14:58:48+00:00 2025-11-21T18:41:22+00:00
rhsa-2023:3563 Red Hat Security Advisory: thunderbird security update 2023-06-13T15:00:31+00:00 2025-11-21T18:41:22+00:00
rhsa-2023:3562 Red Hat Security Advisory: firefox security update 2023-06-13T14:59:50+00:00 2025-11-21T18:41:22+00:00
rhsa-2023:3561 Red Hat Security Advisory: firefox security update 2023-06-13T14:58:54+00:00 2025-11-21T18:41:21+00:00
rhsa-2023:3560 Red Hat Security Advisory: firefox security update 2023-06-13T15:00:36+00:00 2025-11-21T18:41:21+00:00
rhsa-2023:3559 Red Hat Security Advisory: c-ares security update 2023-06-13T15:40:05+00:00 2025-11-21T18:41:21+00:00
rhsa-2023:3556 Red Hat Security Advisory: python3 security update 2023-06-09T08:06:59+00:00 2025-11-21T18:41:21+00:00
rhsa-2023:3555 Red Hat Security Advisory: python security update 2023-06-09T08:07:12+00:00 2025-11-21T18:41:20+00:00
rhsa-2023:3550 Red Hat Security Advisory: python security update 2023-06-08T11:57:16+00:00 2025-11-21T18:41:20+00:00
rhsa-2023:3490 Red Hat Security Advisory: kpatch-patch security update 2023-06-06T13:40:56+00:00 2025-11-21T18:41:19+00:00
rhsa-2023:3541 Red Hat Security Advisory: OpenShift Container Platform 4.11.43 packages and security update 2023-06-14T14:39:36+00:00 2025-11-21T18:41:18+00:00
rhsa-2023:3525 Red Hat Security Advisory: python-flask security update 2023-06-07T07:46:53+00:00 2025-11-21T18:41:18+00:00
rhsa-2023:3517 Red Hat Security Advisory: kpatch-patch security update 2023-06-06T16:30:57+00:00 2025-11-21T18:41:17+00:00
rhsa-2023:3491 Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update 2023-06-06T14:14:54+00:00 2025-11-21T18:41:16+00:00
rhsa-2023:3489 Red Hat Security Advisory: redhat-ds:12 security, bug fix, and enhancement update 2023-06-06T13:09:16+00:00 2025-11-21T18:41:16+00:00
rhsa-2023:3481 Red Hat Security Advisory: emacs security update 2023-06-06T13:19:07+00:00 2025-11-21T18:41:16+00:00
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
msrc_cve-2005-2069 pam_ldap and nss_ldap when used with OpenLDAP and connecting to a slave using TLS does not use TLS for the subsequent connection if the client is referred to a master which may cause a password to be sent in cleartext and allows remote attackers to sniff the password. 2005-06-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2000-0803 GNU Groff uses the current working directory to find a device description file which allows a local user to gain additional privileges by including a malicious postpro directive in the description file which is executed when another user runs groff. 2001-05-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-1999-1412 A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs which generates a large number of processes. 2001-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-1999-0428 OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls. 2000-01-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-1999-0236 ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. 1999-09-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2020-25211 In the Linux kernel through 5.8.7 local attackers able to inject conntrack netlink configuration could overflow a local buffer causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c aka CID-1cc5ef91d2ff. 2020-09-02T00:00:00.000Z 2020-09-17T00:00:00.000Z
msrc_cve-2020-24977 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. 2020-09-02T00:00:00.000Z 2020-09-11T00:00:00.000Z
msrc_cve-2020-12829 In QEMU through 5.0.0 an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host resulting in a denial of service. 2020-08-02T00:00:00.000Z 2020-09-09T00:00:00.000Z
msrc_cve-2020-11501 GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol. 2020-04-02T00:00:00.000Z 2020-09-09T00:00:00.000Z
msrc_cve-2020-14364 An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in do_token_out routines. This flaw allows a guest user to crash the QEMU process resulting in a denial of service or the potential execution of arbitrary code with the privileges of the QEMU process on the host. 2020-08-02T00:00:00.000Z 2020-09-04T00:00:00.000Z
msrc_cve-2020-14415 oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. 2020-08-02T00:00:00.000Z 2020-09-02T00:00:00.000Z
msrc_cve-2020-14350 It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script during the installation or update of such extension. This affects PostgreSQL versions before 12.4 before 11.9 before 10.14 before 9.6.19 and before 9.5.23. 2020-08-02T00:00:00.000Z 2020-08-28T00:00:00.000Z
msrc_cve-2020-14349 It was found that PostgreSQL versions before 12.4 before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058 in order to execute arbitrary SQL command in the context of the user used for replication. 2020-08-02T00:00:00.000Z 2020-08-27T00:00:00.000Z
msrc_cve-2020-8624 update-policy rules of type "subdomain" are enforced incorrectly 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-8623 A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-8622 A truncated TSIG response can lead to an assertion failure 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-8621 Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-8620 In BIND 9.15.6 -> 9.16.5 9.17.0 -> 9.17.3 An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure causing the server to exit. 2020-08-02T00:00:00.000Z 2020-08-26T00:00:00.000Z
msrc_cve-2020-9490 Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers. 2020-08-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-9383 An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it aka CID-2e90ca68b0d2. 2020-02-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-8649 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. 2020-02-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-8648 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. 2020-02-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-8647 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. 2020-02-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-8632 In cloud-init through 19.4 rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value which makes it easier for attackers to guess passwords. 2020-02-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-8631 cloud-init through 19.4 relies on Mersenne Twister for a random password which makes it easier for attackers to predict passwords because rand_str in cloudinit/util.py calls the random.choice function. 2020-02-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-8619 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer 2020-06-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-8618 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer 2020-06-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-7595 xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. 2020-01-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-7211 tftp.c in libslirp 4.1.0 as used in QEMU 4.2.0 does not prevent ..\ directory traversal on Windows. 2020-01-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
msrc_cve-2020-1752 A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that when processed by the glob function would potentially lead to arbitrary code execution. This was fixed in version 2.32. 2020-04-02T00:00:00.000Z 2020-08-18T00:00:00.000Z
ID Description Published Updated
ID Description Updated
var-201509-0097 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to … 2025-04-13T22:29:38.726000Z
var-201603-0118 libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 befor… 2025-04-13T22:29:38.681000Z
var-201505-0087 Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows a… 2025-04-13T22:29:37.801000Z
var-201607-0357 libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, … 2025-04-13T22:29:37.447000Z
var-201607-0655 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0,… 2025-04-13T22:29:26.882000Z
var-201411-0269 The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the … 2025-04-13T22:29:25.705000Z
var-201411-0036 Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and O… 2025-04-13T22:29:25.343000Z
var-201504-0411 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows a… 2025-04-13T22:29:25.182000Z
var-201412-0572 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, all… 2025-04-13T22:28:20.442000Z
var-201409-0505 WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to e… 2025-04-13T22:28:18.864000Z
var-201407-0486 The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmw… 2025-04-13T22:28:16.619000Z
var-201406-0313 Cisco IOS allows remote authenticated users to cause a denial of service (device reload) … 2025-04-13T22:28:15.306000Z
var-201603-0001 Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web pag… 2025-04-13T22:28:10.712000Z
var-201409-0482 An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem … 2025-04-13T22:28:10.432000Z
var-201509-0109 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to … 2025-04-13T22:27:23.618000Z
var-201504-0094 LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a c… 2025-04-13T22:27:23.456000Z
var-201407-0081 iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log… 2025-04-13T22:27:22.689000Z
var-201507-0393 Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local us… 2025-04-13T22:27:22Z
var-201605-0460 IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, an… 2025-04-13T22:27:21.771000Z
var-201504-0086 fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gai… 2025-04-13T22:27:20.454000Z
var-201609-0276 CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows … 2025-04-13T22:27:13.462000Z
var-201609-0496 ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session na… 2025-04-13T22:26:41.005000Z
var-201509-0045 The HTML form implementation in WebKit in Apple iOS before 9 does not prevent QuickType a… 2025-04-13T22:26:04.817000Z
var-201603-0215 The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS bef… 2025-04-13T22:26:04.772000Z
var-201507-0395 Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local us… 2025-04-13T22:26:04.169000Z
var-201508-0445 The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers to change arbitrary… 2025-04-13T22:26:03.929000Z
var-201508-0042 Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attacke… 2025-04-13T22:25:26.255000Z
var-201409-0489 Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain… 2025-04-13T22:25:18.190000Z
var-201510-0254 The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges … 2025-04-13T22:25:18.098000Z
var-201607-0343 QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code … 2025-04-13T22:25:17.949000Z
ID Description Published Updated
ID Description Updated
ID Description Published Updated
suse-su-2020:1948-1 Security update for ldb, samba 2020-07-17T12:48:18Z 2020-07-17T12:48:18Z
suse-su-2020:14424-1 Security update for LibVNCServer 2020-07-17T12:21:12Z 2020-07-17T12:21:12Z
suse-su-2020:1946-1 Security update for squid 2020-07-17T12:15:21Z 2020-07-17T12:15:21Z
suse-su-2020:1944-1 Security update for ant 2020-07-17T11:50:51Z 2020-07-17T11:50:51Z
suse-su-2020:1943-1 Security update for xrdp 2020-07-17T11:49:49Z 2020-07-17T11:49:49Z
suse-su-2020:1940-1 Security update for python-ipaddress 2020-07-17T10:47:54Z 2020-07-17T10:47:54Z
suse-su-2020:1939-1 Security update for python-ipaddress 2020-07-17T10:47:39Z 2020-07-17T10:47:39Z
suse-su-2020:1937-1 Security update for cairo 2020-07-15T21:56:33Z 2020-07-15T21:56:33Z
suse-su-2020:1934-1 Security update for google-compute-engine 2020-07-15T13:07:43Z 2020-07-15T13:07:43Z
suse-su-2020:1933-1 Security update for xrdp 2020-07-15T13:07:26Z 2020-07-15T13:07:26Z
suse-su-2020:14423-1 Security update for mailman 2020-07-15T13:06:31Z 2020-07-15T13:06:31Z
suse-su-2020:1931-1 Security update for openexr 2020-07-15T13:06:01Z 2020-07-15T13:06:01Z
suse-su-2020:1930-1 Security update for openconnect 2020-07-15T13:05:26Z 2020-07-15T13:05:26Z
suse-su-2020:1709-2 Security update for mercurial 2020-07-15T12:33:20Z 2020-07-15T12:33:20Z
suse-su-2020:1657-2 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork 2020-07-15T12:30:23Z 2020-07-15T12:30:23Z
suse-su-2020:1922-1 Security update for LibVNCServer 2020-07-15T09:31:09Z 2020-07-15T09:31:09Z
suse-su-2020:1420-2 Security update for jasper 2020-07-15T08:58:13Z 2020-07-15T08:58:13Z
suse-su-2020:1532-2 Security update for libxml2 2020-07-15T08:58:00Z 2020-07-15T08:58:00Z
suse-su-2020:1582-2 Security update for rubygem-bundler 2020-07-15T08:57:32Z 2020-07-15T08:57:32Z
suse-su-2020:1920-1 Security update for python-ipaddress 2020-07-15T08:56:50Z 2020-07-15T08:56:50Z
suse-su-2020:1919-1 Security update for rubygem-puma 2020-07-15T08:56:27Z 2020-07-15T08:56:27Z
suse-su-2020:1918-1 Security update for xrdp 2020-07-15T08:55:34Z 2020-07-15T08:55:34Z
suse-su-2020:1915-1 Security update for slirp4netns 2020-07-15T07:34:21Z 2020-07-15T07:34:21Z
suse-su-2020:1914-1 Security update for bind 2020-07-15T07:34:08Z 2020-07-15T07:34:08Z
suse-su-2020:1913-1 Security update for samba 2020-07-14T15:41:02Z 2020-07-14T15:41:02Z
suse-su-2020:1569-2 Security update for java-1_8_0-openjdk 2020-07-14T13:20:11Z 2020-07-14T13:20:11Z
suse-su-2020:1902-1 Security update for xen 2020-07-14T13:19:47Z 2020-07-14T13:19:47Z
suse-su-2020:1901-1 Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm 2020-07-14T12:42:01Z 2020-07-14T12:42:01Z
suse-su-2020:1900-1 Security update for MozillaThunderbird 2020-07-13T13:07:40Z 2020-07-13T13:07:40Z
suse-su-2020:1899-1 Security update for MozillaFirefox 2020-07-13T13:06:56Z 2020-07-13T13:06:56Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
cnvd-2024-37615 Kliqqi CMS跨站请求伪造漏洞(CNVD-2024-37615) 2024-08-23 2024-09-06
cnvd-2024-37614 Kliqqi CMS跨站请求伪造漏洞(CNVD-2024-37614) 2024-08-23 2024-09-06
cnvd-2024-37613 Kliqqi CMS跨站请求伪造漏洞(CNVD-2024-37613) 2024-08-23 2024-09-06
cnvd-2024-37612 Kliqqi CMS跨站请求伪造漏洞(CNVD-2024-37612) 2024-08-23 2024-09-06
cnvd-2024-37610 TpMeCMS跨站脚本漏洞 2024-08-21 2024-09-06
cnvd-2024-37605 SeaCMS代码执行漏洞(CNVD-2024-37605) 2024-08-23 2024-09-06
cnvd-2024-37604 SportsNET SQL注入漏洞 2024-09-04 2024-09-06
cnvd-2024-37603 SportsNET SQL注入漏洞(CNVD-2024-37603) 2024-09-04 2024-09-06
cnvd-2024-37602 SportsNET SQL注入漏洞(CNVD-2024-37602) 2024-09-04 2024-09-06
cnvd-2024-37601 SportsNET SQL注入漏洞(CNVD-2024-37601) 2024-09-04 2024-09-06
cnvd-2024-37600 SportsNET SQL注入漏洞(CNVD-2024-37600) 2024-09-04 2024-09-06
cnvd-2024-37599 SportsNET SQL注入漏洞(CNVD-2024-37599) 2024-09-04 2024-09-06
cnvd-2024-37598 SportsNET SQL注入漏洞(CNVD-2024-37598) 2024-09-04 2024-09-06
cnvd-2024-37597 SportsNET SQL注入漏洞(CNVD-2024-37597) 2024-09-04 2024-09-06
cnvd-2024-37596 SportsNET SQL注入漏洞(CNVD-2024-37596) 2024-09-04 2024-09-06
cnvd-2024-37595 NetBox跨站脚本漏洞(CNVD-2024-37595) 2024-07-12 2024-09-06
cnvd-2024-37594 NetBox跨站脚本漏洞(CNVD-2024-37594) 2024-07-12 2024-09-06
cnvd-2024-37593 NetBox跨站脚本漏洞(CNVD-2024-37593) 2024-07-12 2024-09-06
cnvd-2024-37592 NetBox跨站脚本漏洞(CNVD-2024-37592) 2024-07-12 2024-09-06
cnvd-2024-37591 NetBox跨站脚本漏洞(CNVD-2024-37591) 2024-07-12 2024-09-06
cnvd-2024-37590 NetBox跨站脚本漏洞(CNVD-2024-37590) 2024-07-12 2024-09-06
cnvd-2024-37589 NetBox跨站脚本漏洞(CNVD-2024-37589) 2024-07-12 2024-09-06
cnvd-2024-37588 NetBox跨站脚本漏洞(CNVD-2024-37588) 2024-07-12 2024-09-06
cnvd-2024-37587 NetBox跨站脚本漏洞(CNVD-2024-37587) 2024-07-12 2024-09-06
cnvd-2024-37586 NetBox跨站脚本漏洞(CNVD-2024-37586) 2024-07-12 2024-09-06
cnvd-2024-37585 NetBox跨站脚本漏洞(CNVD-2024-37585) 2024-07-12 2024-09-06
cnvd-2024-37584 NetBox跨站脚本漏洞(CNVD-2024-37584) 2024-07-12 2024-09-06
cnvd-2024-37583 NetBox跨站脚本漏洞(CNVD-2024-37583) 2024-07-12 2024-09-06
cnvd-2024-37582 NetBox跨站脚本漏洞(CNVD-2024-37582) 2024-07-12 2024-09-06
cnvd-2024-37581 NetBox跨站脚本漏洞(CNVD-2024-37581) 2024-07-12 2024-09-06
ID Description Published Updated
certa-2009-avi-545 Multiples vulnérabilités dans Moodle 2009-12-14T00:00:00.000000 2009-12-14T00:00:00.000000
certa-2009-avi-544 Multiples vulnérabilités dans HP OpenView Network Node Manager 2009-12-11T00:00:00.000000 2009-12-11T00:00:00.000000
certa-2009-avi-543 Vulnérabilité dans Ruby 2009-12-11T00:00:00.000000 2009-12-11T00:00:00.000000
certa-2009-avi-542 Vulnérabilité des produits Symantec Veritas VRTSweb 2009-12-11T00:00:00.000000 2009-12-11T00:00:00.000000
certa-2009-avi-541 Multiples vulnérabilités dans Adobe Flash Player et Adobe Air 2009-12-09T00:00:00.000000 2009-12-09T00:00:00.000000
certa-2009-avi-540 Vulnérabilité dans Microsoft Office Project 2009-12-09T00:00:00.000000 2009-12-09T00:00:00.000000
certa-2009-avi-539 Vulnérabilité dans Microsoft WordPad et Microsoft Office Word 2009-12-09T00:00:00.000000 2009-12-09T00:00:00.000000
certa-2009-avi-538 Multiples vulnérabilités dans Internet Explorer 2009-12-09T00:00:00.000000 2009-12-09T00:00:00.000000
certa-2009-avi-537 Multiples vulnérabilités du service d'authentification Internet de Microsoft 2009-12-09T00:00:00.000000 2009-12-09T00:00:00.000000
certa-2009-avi-536 Vulnérabilités dans Microsoft ADFS 2009-12-09T00:00:00.000000 2009-12-09T00:00:00.000000
certa-2009-avi-535 Vulnérabilité dans le service LSASS de Microsoft Windows 2009-12-09T00:00:00.000000 2009-12-09T00:00:00.000000
certa-2007-avi-377 Vulnérabilité dans GNU tar 2007-08-24T00:00:00.000000 2009-12-07T00:00:00.000000
certa-2009-avi-534 Multiples vulnérabilités dans le Sun Java Portal Server 2009-12-04T00:00:00.000000 2009-12-04T00:00:00.000000
certa-2009-avi-533 Multiples vulnérabilités dans Sun Solaris 2009-12-04T00:00:00.000000 2009-12-04T00:00:00.000000
certa-2009-avi-532 Multiples vulnérabilités dans BlackBerry Attachement Service 2009-12-04T00:00:00.000000 2009-12-04T00:00:00.000000
certa-2009-avi-531 Vulnérabilité dans HP NonStop Server 2009-12-04T00:00:00.000000 2009-12-04T00:00:00.000000
certa-2009-avi-530 Multiples vulnérabilités de Java pour Mac OS X 2009-12-04T00:00:00.000000 2009-12-04T00:00:00.000000
certa-2009-avi-529 Vulnérabilités dans IBM WebSphere 2009-12-04T00:00:00.000000 2009-12-04T00:00:00.000000
certa-2009-avi-363 Vulnérabilité de wget 2009-09-02T00:00:00.000000 2009-12-04T00:00:00.000000
certa-2007-avi-391 Vulnérabilité dans GNU Tar 2007-09-06T00:00:00.000000 2009-12-04T00:00:00.000000
certa-2009-avi-528 Multiples vulnérabilités des systèmes FreeBSD 2009-12-03T00:00:00.000000 2009-12-03T00:00:00.000000
certa-2009-avi-527 Vulnérabilité dans Asterisk 2009-12-03T00:00:00.000000 2009-12-03T00:00:00.000000
certa-2009-avi-526 Vulnérabilité dans Ruby on Rails 2009-12-02T00:00:00.000000 2009-12-02T00:00:00.000000
certa-2009-avi-525 Multiples vulnérabilités dans ActivePerl 2009-12-02T00:00:00.000000 2009-12-02T00:00:00.000000
certa-2009-avi-524 Vulnérabilités dans IBM WebSphere 2009-12-02T00:00:00.000000 2009-12-02T00:00:00.000000
certa-2009-avi-523 Vulnérabilité dans HP Operation Manager 2009-12-01T00:00:00.000000 2009-12-01T00:00:00.000000
certa-2009-avi-522 Vulnérabilités dans MySQL 2009-11-27T00:00:00.000000 2009-11-27T00:00:00.000000
certa-2009-avi-521 Vulnérabilité dans le service sshd de Sun Solaris 2009-11-27T00:00:00.000000 2009-11-27T00:00:00.000000
certa-2009-avi-520 Vulnérabilité dans kdelibs 2009-11-27T00:00:00.000000 2009-11-27T00:00:00.000000
certa-2009-avi-510 Multiples vulnérabilités dans PHP 2009-11-23T00:00:00.000000 2009-11-27T00:00:00.000000
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated