Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-69354 |
5.4 (3.1)
|
WordPress Better Business Reviews plugin <= 0.1.1 - Br… |
BBR Plugins |
Better Business Reviews |
2026-01-06T16:36:41.018Z | 2026-01-20T14:28:30.030Z |
| CVE-2025-69360 |
6.5 (3.1)
|
WordPress TheGem Theme Elements (for WPBakery) plugin … |
CodexThemes |
TheGem Theme Elements (for WPBakery) |
2026-01-06T16:36:41.901Z | 2026-01-20T14:28:30.027Z |
| CVE-2025-69349 |
5.4 (3.1)
|
WordPress RSS Feed Widget plugin <= 3.0.2 - Broken Acc… |
Fahad Mahmood |
RSS Feed Widget |
2026-01-06T16:36:39.797Z | 2026-01-20T14:28:30.026Z |
| CVE-2025-69362 |
6.5 (3.1)
|
WordPress UiChemy plugin <= 4.4.2 - Cross Site Scripti… |
POSIMYTH |
UiChemy |
2026-01-06T16:36:42.232Z | 2026-01-20T14:28:30.018Z |
| CVE-2025-69359 |
5.3 (3.1)
|
WordPress Creator LMS plugin <= 1.1.12 - Broken Access… |
WPFunnels |
Creator LMS |
2026-01-06T16:36:41.733Z | 2026-01-20T14:28:30.002Z |
| CVE-2025-69353 |
5.4 (3.1)
|
WordPress Proxy & VPN Blocker plugin <= 3.5.3 - Broken… |
Proxy & VPN Blocker |
Proxy & VPN Blocker |
2026-01-06T16:36:40.850Z | 2026-01-20T14:28:30.000Z |
| CVE-2025-69361 |
4.3 (3.1)
|
WordPress Post Expirator plugin <= 4.9.3 - Broken Acce… |
PublishPress |
Post Expirator |
2026-01-06T16:36:42.054Z | 2026-01-20T14:28:29.984Z |
| CVE-2025-69364 |
5.3 (3.1)
|
WordPress Breeze plugin <= 2.2.21 - Broken Access Cont… |
Cloudways |
Breeze |
2026-01-06T16:36:42.620Z | 2026-01-20T14:28:29.983Z |
| CVE-2025-69363 |
6.5 (3.1)
|
WordPress Responsive Addons for Elementor plugin <= 2.… |
CyberChimps |
Responsive Addons for Elementor |
2026-01-06T16:36:42.458Z | 2026-01-20T14:28:29.979Z |
| CVE-2025-69350 |
6.5 (3.1)
|
WordPress Accordion plugin <= 3.0.3 - Cross Site Scrip… |
Themepoints |
Accordion |
2026-01-06T16:36:40.193Z | 2026-01-20T14:28:29.968Z |
| CVE-2025-69345 |
5.4 (3.1)
|
WordPress Post and Page Builder by BoldGrid plugin <= … |
BoldGrid |
Post and Page Builder by BoldGrid |
2026-01-06T16:36:39.258Z | 2026-01-20T14:28:29.966Z |
| CVE-2025-69356 |
7.5 (3.1)
|
WordPress TheGem Theme Elements (for Elementor) plugin… |
CodexThemes |
TheGem Theme Elements (for Elementor) |
2026-01-06T16:36:41.397Z | 2026-01-20T14:28:29.964Z |
| CVE-2025-69357 |
6.5 (3.1)
|
WordPress TheGem Theme Elements (for Elementor) plugin… |
CodexThemes |
TheGem Theme Elements (for Elementor) |
2026-01-06T16:36:41.561Z | 2026-01-20T14:28:29.960Z |
| CVE-2025-69355 |
4.3 (3.1)
|
WordPress Tickera plugin <= 3.5.6.4 - Broken Access Co… |
Tickera |
Tickera |
2026-01-06T16:36:41.230Z | 2026-01-20T14:28:29.952Z |
| CVE-2025-69348 |
5.4 (3.1)
|
WordPress The Events Calendar Countdown Addon plugin <… |
CoolHappy |
The Events Calendar Countdown Addon |
2026-01-06T16:36:39.616Z | 2026-01-20T14:28:29.948Z |
| CVE-2025-69351 |
6.5 (3.1)
|
WordPress Ninja Tables plugin <= 5.2.4 - SQL Injection… |
Shahjahan Jewel |
Ninja Tables |
2026-01-06T16:36:40.416Z | 2026-01-20T14:28:29.947Z |
| CVE-2025-69346 |
5.4 (3.1)
|
WordPress AffiliateX plugin <= 1.3.9.3 - Broken Access… |
WPCenter |
AffiliateX |
2026-01-06T16:36:39.417Z | 2026-01-20T14:28:29.905Z |
| CVE-2025-69336 |
4.3 (3.1)
|
WordPress Ultimate Store Kit Elementor Addons plugin <… |
bdthemes |
Ultimate Store Kit Elementor Addons |
2026-01-06T16:36:38.740Z | 2026-01-20T14:28:29.892Z |
| CVE-2025-69341 |
5.4 (3.1)
|
WordPress WeDesignTech Ultimate Booking Addon plugin <… |
BuddhaThemes |
WeDesignTech Ultimate Booking Addon |
2026-01-06T16:36:38.896Z | 2026-01-20T14:28:29.879Z |
| CVE-2025-69342 |
7.5 (3.1)
|
WordPress Calafate theme <= 1.7.7 - Local File Inclusi… |
VanKarWai |
Calafate |
2026-01-06T16:36:39.090Z | 2026-01-20T14:28:29.876Z |
| CVE-2025-69335 |
5.4 (3.1)
|
WordPress Team Showcase plugin <= 2.9 - Cross Site Scr… |
Themepoints |
Team Showcase |
2026-01-06T16:36:38.562Z | 2026-01-20T14:28:29.854Z |
| CVE-2025-69334 |
6.5 (3.1)
|
WordPress Wishlist for WooCommerce plugin <= 3.3.0 - C… |
WPFactory |
Wishlist for WooCommerce |
2026-01-06T16:36:38.389Z | 2026-01-20T14:28:29.799Z |
| CVE-2025-69093 |
5.3 (3.1)
|
WordPress ShopMagic plugin <= 4.7.2 - Broken Access Co… |
wpdesk |
ShopMagic |
2025-12-30T10:47:58.699Z | 2026-01-20T14:28:29.792Z |
| CVE-2025-69327 |
4.3 (3.1)
|
WordPress Car Rental Manager plugin <= 1.0.9 - Broken … |
magepeopleteam |
Car Rental Manager |
2026-01-06T16:36:37.973Z | 2026-01-20T14:28:29.788Z |
| CVE-2025-69331 |
4.3 (3.1)
|
WordPress Theater for WordPress plugin <= 0.19 - Broke… |
Jeroen Schmit |
Theater for WordPress |
2026-01-06T16:36:38.222Z | 2026-01-20T14:28:29.781Z |
| CVE-2025-69092 |
6.5 (3.1)
|
WordPress Essential Addons for Elementor plugin <= 6.5… |
WPDeveloper |
Essential Addons for Elementor |
2025-12-30T10:47:58.488Z | 2026-01-20T14:28:29.757Z |
| CVE-2025-69169 |
5.4 (3.1)
|
WordPress Easy Media Download plugin <= 1.1.11 - CSS I… |
Noor Alam |
Easy Media Download |
2026-01-08T09:17:54.850Z | 2026-01-20T14:28:29.736Z |
| CVE-2025-69087 |
8.1 (3.1)
|
WordPress FreeAgent theme <= 2.1.2 - Local File Inclus… |
jwsthemes |
FreeAgent |
2026-01-05T10:18:16.966Z | 2026-01-20T14:28:29.708Z |
| CVE-2025-69091 |
4.3 (3.1)
|
WordPress Demo Importer Plus plugin <= 2.0.8 - Broken … |
Kraft Plugins |
Demo Importer Plus |
2025-12-30T10:47:58.298Z | 2026-01-20T14:28:29.706Z |
| CVE-2025-69089 |
6.5 (3.1)
|
WordPress Auto Listings plugin <= 2.7.1 - Cross Site S… |
autolistings |
Auto Listings |
2025-12-30T10:47:58.084Z | 2026-01-20T14:28:29.698Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-53982 |
9.3 (4.0)
7.5 (3.1)
|
PMB 7.4.6 SQL Injection Vulnerability via Unsanitized … |
Sigb |
PMB |
2025-12-23T19:34:11.262Z | 2026-01-16T19:00:17.433Z |
| CVE-2023-53964 |
8.8 (4.0)
9.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Fac… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-22T21:37:17.482Z | 2026-01-16T19:00:17.216Z |
| CVE-2023-53962 |
8.8 (4.0)
7.5 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Dir… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-22T21:37:16.671Z | 2026-01-16T19:00:17.015Z |
| CVE-2023-53961 |
5.1 (4.0)
4.3 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Cross-Site Request … |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-22T21:37:16.249Z | 2026-01-16T19:00:16.776Z |
| CVE-2023-53960 |
9.3 (4.0)
9.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x SQL Injection via A… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-22T21:37:15.771Z | 2026-01-16T19:00:16.368Z |
| CVE-2023-53936 |
5.1 (4.0)
4.8 (3.1)
|
Cameleon CMS 2.7.4 Authenticated Persistent Cross-Site… |
tuzitio |
Cameleon CMS |
2025-12-18T19:53:33.354Z | 2026-01-16T19:00:15.747Z |
| CVE-2022-50916 |
8.7 (4.0)
7.2 (3.1)
|
e107 CMS v3.2.1 - Upload restriction bypass (Authentic… |
e107 |
e107 CMS |
2026-01-13T22:51:52.935Z | 2026-01-16T19:00:15.312Z |
| CVE-2022-50907 |
8.6 (4.0)
7.2 (3.1)
|
e107 CMS v3.2.1 - Admin Upload Restriction Bypass + RCE |
e107 |
e107 CMS |
2026-01-13T22:51:49.167Z | 2026-01-16T19:00:14.735Z |
| CVE-2022-50906 |
4.8 (4.0)
4.8 (3.1)
|
e107 CMS v3.2.1 - Admin Upload Restriction Bypass + St… |
e107 |
e107 CMS |
2026-01-13T22:51:48.496Z | 2026-01-16T19:00:14.289Z |
| CVE-2022-50804 |
5.1 (4.0)
8.8 (3.1)
|
JM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:42.422Z | 2026-01-16T19:00:14.014Z |
| CVE-2022-50796 |
9.3 (4.0)
9.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Re… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.503Z | 2026-02-18T21:22:29.703Z |
| CVE-2022-50795 |
8.5 (4.0)
7.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.100Z | 2026-01-16T19:00:12.897Z |
| CVE-2022-50792 |
8.7 (4.0)
7.5 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Fi… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:37.875Z | 2026-01-16T19:00:12.389Z |
| CVE-2022-50791 |
8.5 (4.0)
7.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:37.450Z | 2026-01-16T19:00:10.180Z |
| CVE-2022-50790 |
6.9 (4.0)
7.5 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Ra… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:37.051Z | 2026-01-16T18:59:59.915Z |
| CVE-2022-50789 |
8.5 (4.0)
7.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:36.629Z | 2026-01-16T18:59:59.639Z |
| CVE-2022-50696 |
9.3 (4.0)
9.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Hardcoded Credenti… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:35.214Z | 2026-01-16T18:59:59.439Z |
| CVE-2022-50695 |
8.7 (4.0)
7.5 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x ICMP Flood Attack … |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:34.792Z | 2026-02-18T21:20:29.273Z |
| CVE-2022-50694 |
8.8 (4.0)
9.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x SQL Injection via … |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:34.373Z | 2026-02-18T21:20:53.446Z |
| CVE-2019-25279 |
6.8 (4.0)
7.5 (3.1)
|
FaceSentry Access Control System 6.4.8 Cleartext Passw… |
iWT Ltd. |
FaceSentry Access Control System |
2026-01-07T23:10:00.907Z | 2026-01-16T18:59:58.793Z |
| CVE-2019-25278 |
9.1 (4.0)
5.9 (3.1)
|
FaceSentry Access Control System 6.4.8 Authentication … |
iWT Ltd. |
FaceSentry Access Control System |
2026-01-07T23:09:59.751Z | 2026-02-18T20:37:19.697Z |
| CVE-2019-25254 |
5.1 (4.0)
8.8 (3.1)
|
KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery … |
KYOCERA Corporation |
KYOCERA Net Admin |
2025-12-24T19:28:04.889Z | 2026-01-16T18:59:58.350Z |
| CVE-2022-50469 |
N/A
|
staging: rtl8723bs: fix potential memory leak in rtw_i… |
Linux |
Linux |
2025-10-01T11:45:39.811Z | 2025-10-02T07:04:18.862Z |
| CVE-2022-50468 |
N/A
|
platform/chrome: cros_usbpd_notify: Fix error handling… |
Linux |
Linux |
2025-10-01T11:45:38.881Z | 2025-10-01T11:45:38.881Z |
| CVE-2022-50467 |
N/A
|
scsi: lpfc: Fix null ndlp ptr dereference in abnormal … |
Linux |
Linux |
2025-10-01T11:45:38.110Z | 2025-12-23T13:29:31.163Z |
| CVE-2022-50466 |
N/A
|
fs/binfmt_elf: Fix memory leak in load_elf_binary() |
Linux |
Linux |
2025-10-01T11:45:37.376Z | 2025-10-01T11:45:37.376Z |
| CVE-2022-50465 |
N/A
|
ext4: fix leaking uninitialized memory in fast-commit … |
Linux |
Linux |
2025-10-01T11:45:36.647Z | 2025-10-01T11:45:36.647Z |
| CVE-2022-50464 |
N/A
|
mt76: mt7915: Fix PCI device refcount leak in mt7915_p… |
Linux |
Linux |
2025-10-01T11:45:35.878Z | 2025-10-01T11:45:35.878Z |
| CVE-2022-50463 |
N/A
|
powerpc/52xx: Fix a resource leak in an error handling path |
Linux |
Linux |
2025-10-01T11:45:34.858Z | 2025-10-01T11:45:34.858Z |
| CVE-2022-50462 |
N/A
|
MIPS: vpe-mt: fix possible memory leak while module exiting |
Linux |
Linux |
2025-10-01T11:45:34.107Z | 2025-10-01T11:45:34.107Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2023-53982 | PMB 7.4.6 contains a SQL injection vulnerability in the storage parameter of the ajax.php endpoint … | 2025-12-23T20:15:46.073 | 2026-01-16T19:16:14.480 |
| fkie_cve-2023-53964 | SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated vulnerability in the /usr/cgi-bin/re… | 2025-12-22T22:16:00.860 | 2026-01-16T19:16:14.297 |
| fkie_cve-2023-53962 | SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated directory traversal vulnerability th… | 2025-12-22T22:16:00.530 | 2026-01-16T19:16:13.767 |
| fkie_cve-2023-53961 | SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains a cross-site request forgery vulnerability that allows … | 2025-12-22T22:16:00.367 | 2026-01-16T19:16:13.567 |
| fkie_cve-2023-53960 | SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x contains an SQL injection vulnerability in the 'index.php… | 2025-12-22T22:16:00.170 | 2026-01-16T19:16:13.373 |
| fkie_cve-2023-53936 | Cameleon CMS 2.7.4 contains a persistent cross-site scripting vulnerability that allows authenticat… | 2025-12-18T20:15:51.843 | 2026-01-16T19:16:13.203 |
| fkie_cve-2022-50916 | e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrator… | 2026-01-13T23:15:55.073 | 2026-01-16T19:16:13.023 |
| fkie_cve-2022-50907 | e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrativ… | 2026-01-13T23:15:53.440 | 2026-01-16T19:16:12.860 |
| fkie_cve-2022-50906 | e107 CMS 3.2.1 contains an upload restriction bypass vulnerability that allows authenticated admini… | 2026-01-13T23:15:53.260 | 2026-01-16T19:16:12.677 |
| fkie_cve-2022-50804 | JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery (CSRF) attacks, all… | 2025-12-30T23:15:47.987 | 2026-01-16T19:16:12.483 |
| fkie_cve-2022-50796 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an unauthenticated remote code execution vulnerability… | 2025-12-30T23:15:46.743 | 2026-01-16T19:16:12.300 |
| fkie_cve-2022-50795 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that all… | 2025-12-30T23:15:46.580 | 2026-01-16T19:16:12.117 |
| fkie_cve-2022-50792 | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vul… | 2025-12-30T23:15:46.077 | 2026-01-16T19:16:11.927 |
| fkie_cve-2022-50791 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that all… | 2025-12-30T23:15:45.903 | 2026-01-16T19:16:11.740 |
| fkie_cve-2022-50790 | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated vulnerability that … | 2025-12-30T23:15:45.723 | 2026-01-16T19:16:11.560 |
| fkie_cve-2022-50789 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a command injection vulnerability that allows local au… | 2025-12-30T23:15:45.557 | 2026-01-16T19:16:11.373 |
| fkie_cve-2022-50696 | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in serv… | 2025-12-30T23:15:45.060 | 2026-01-16T19:16:11.050 |
| fkie_cve-2022-50695 | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthentic… | 2025-12-30T23:15:44.893 | 2026-01-16T19:16:10.867 |
| fkie_cve-2022-50694 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an SQL injection vulnerability in the 'username' POST … | 2025-12-30T23:15:44.723 | 2026-01-16T19:16:10.677 |
| fkie_cve-2019-25279 | FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that all… | 2026-01-08T00:15:58.107 | 2026-01-16T19:16:06.010 |
| fkie_cve-2019-25278 | FaceSentry Access Control System 6.4.8 contains a cleartext transmission vulnerability that allows … | 2026-01-08T00:15:57.937 | 2026-01-16T19:16:05.847 |
| fkie_cve-2019-25254 | KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attacker… | 2025-12-24T20:15:54.010 | 2026-01-16T19:16:04.333 |
| fkie_cve-2022-50469 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potent… | 2025-10-01T12:15:40.757 | 2026-01-16T19:15:33.563 |
| fkie_cve-2022-50468 | In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_usbpd_no… | 2025-10-01T12:15:40.603 | 2026-01-16T19:15:28.443 |
| fkie_cve-2022-50467 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null ndlp ptr … | 2025-10-01T12:15:40.457 | 2026-01-16T19:15:20.380 |
| fkie_cve-2022-50466 | In the Linux kernel, the following vulnerability has been resolved: fs/binfmt_elf: Fix memory leak… | 2025-10-01T12:15:40.310 | 2026-01-16T19:15:14.517 |
| fkie_cve-2022-50465 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix leaking uninitialize… | 2025-10-01T12:15:40.167 | 2026-01-16T19:15:03.053 |
| fkie_cve-2022-50464 | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fix PCI device r… | 2025-10-01T12:15:39.997 | 2026-01-16T19:14:57.737 |
| fkie_cve-2022-50463 | In the Linux kernel, the following vulnerability has been resolved: powerpc/52xx: Fix a resource l… | 2025-10-01T12:15:39.830 | 2026-01-16T19:14:50.720 |
| fkie_cve-2022-50462 | In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fix possible mem… | 2025-10-01T12:15:39.690 | 2026-01-16T19:14:45.527 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-9x83-xq9p-cxq5 |
7.5 (3.1)
6.9 (4.0)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows un… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-7h43-qx63-fwcr |
9.8 (3.1)
8.7 (4.0)
|
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vul… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-7fvm-m3gq-pf2p |
6.5 (3.1)
9.3 (4.0)
|
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in serv… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-6xcq-8cpm-6v2h |
8.8 (3.1)
8.7 (4.0)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an authenticated command injection vulnerability in th… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-3crj-9596-945w |
9.8 (3.1)
9.3 (4.0)
|
JM-DATA ONU JF511-TV version 1.0.67 uses default credentials that allow attackers to gain unauthori… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-32jx-jm5r-c6x7 |
9.8 (3.1)
6.9 (4.0)
|
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated vulnerability that … | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-2v4h-c2w7-48pw |
4.3 (3.1)
5.1 (4.0)
|
JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to authenticated stored cross-site scripting (XSS… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-r6vv-wc27-96r7 |
9.8 (3.1)
9.3 (4.0)
|
MiniDVBLinux 5.4 contains a remote command execution vulnerability that allows unauthenticated atta… | 2025-12-31T00:31:09Z | 2025-12-31T00:31:09Z |
| ghsa-3gq6-fx9q-4r9m |
4.7 (3.1)
2.0 (4.0)
|
A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the f… | 2025-12-31T00:31:09Z | 2025-12-31T00:31:09Z |
| ghsa-jm2j-x4xc-567m |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-05-07T15:31:44Z | 2025-12-31T00:31:06Z |
| ghsa-j4p8-h8mh-rh8q |
7.1 (3.1)
|
Self-hosted n8n has Legacy Code node that enables arbitrary file read/write | 2025-12-26T18:26:38Z | 2025-12-31T00:20:06Z |
| ghsa-wh6m-h6f4-rjf4 |
7.3 (4.0)
|
Libredesk has Improper Neutralization of HTML Tags in a Web Page | 2025-12-16T20:43:16Z | 2025-12-31T00:13:33Z |
| ghsa-7rvh-xqp3-pr8j |
4.0 (3.1)
|
ImageMagick's failure to limit MVG mutual causes Stack Overflow | 2025-12-30T23:08:15Z | 2025-12-30T23:08:15Z |
| ghsa-p27m-hp98-6637 |
5.3 (3.1)
|
ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack | 2025-12-30T22:54:32Z | 2025-12-30T22:54:33Z |
| ghsa-xx3f-437p-fp69 |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the f… | 2025-12-30T21:30:33Z | 2025-12-30T21:30:33Z |
| ghsa-mmjm-9vqc-hxxm |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the functio… | 2025-12-30T21:30:32Z | 2025-12-30T21:30:33Z |
| ghsa-95cj-hx7q-rjj4 |
8.8 (3.1)
7.4 (4.0)
|
A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the functio… | 2025-12-30T21:30:33Z | 2025-12-30T21:30:33Z |
| ghsa-2733-h98q-64p4 |
7.3 (3.1)
5.5 (4.0)
|
A flaw has been found in itsourcecode Society Management System 1.0. The affected element is an unk… | 2025-12-30T21:30:32Z | 2025-12-30T21:30:33Z |
| ghsa-w5qh-693v-56hm |
7.3 (3.1)
5.5 (4.0)
|
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of… | 2025-12-30T21:30:32Z | 2025-12-30T21:30:32Z |
| ghsa-mg7r-rmfx-wx93 |
8.8 (3.1)
7.4 (4.0)
|
A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTP… | 2025-12-30T03:30:17Z | 2025-12-30T21:30:32Z |
| ghsa-jc4g-746q-772h |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected is the function formStaDrvSe… | 2025-12-30T18:30:19Z | 2025-12-30T21:30:32Z |
| ghsa-4g6x-74c2-rfr9 |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an unknown function of the file… | 2025-12-30T21:30:32Z | 2025-12-30T21:30:32Z |
| ghsa-xjx3-pxg9-f9p4 |
9.8 (3.1)
6.9 (4.0)
|
Soosyze 2.0.0 contains a file upload vulnerability that allows attackers to upload arbitrary HTML f… | 2025-12-15T21:30:31Z | 2025-12-30T21:30:26Z |
| ghsa-q566-6fqg-9j2h |
7.5 (3.1)
8.7 (4.0)
|
xbtitFM 4.1.18 contains a path traversal vulnerability that allows unauthenticated attackers to acc… | 2025-12-12T00:30:21Z | 2025-12-30T21:30:25Z |
| ghsa-j4gw-33j8-8f5j |
9.8 (3.1)
9.3 (4.0)
|
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that allows … | 2025-12-10T21:31:37Z | 2025-12-30T21:30:25Z |
| ghsa-7v2x-vj66-5pgm |
7.2 (3.1)
8.6 (4.0)
|
xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers w… | 2025-12-12T00:30:21Z | 2025-12-30T21:30:25Z |
| ghsa-36vw-m4cf-f8jm |
8.8 (3.1)
8.6 (4.0)
|
UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that al… | 2025-12-10T21:31:37Z | 2025-12-30T21:30:25Z |
| ghsa-36pw-gpfg-hfxr |
9.8 (3.1)
8.7 (4.0)
|
xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote attackers… | 2025-12-12T00:30:21Z | 2025-12-30T21:30:25Z |
| ghsa-j4pr-3wm6-xx2r |
2.7 (4.0)
|
URI Credential Leakage Bypass over CVE-2025-27221 | 2025-12-30T21:07:14Z | 2025-12-30T21:07:15Z |
| ghsa-6mp4-q625-mxjp |
7.1 (3.1)
|
YOURLS is vulnerable to XSS through JSONP and Callback request parameters | 2025-12-30T19:34:26Z | 2025-12-30T19:34:26Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-25150 | Information disclosure vulnerability in the Control Panel in Liferay Portal 7.2.0 through… | 2024-02-07T06:03:41.522544Z |
| gsd-2024-25154 | Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier … | 2024-02-07T06:03:41.520114Z |
| gsd-2024-25145 | Stored cross-site scripting (XSS) vulnerability in the Portal Search module's Search Resu… | 2024-02-07T06:03:41.517061Z |
| gsd-2021-4436 | The 3DPrint Lite WordPress plugin before 1.9.1.5 does not have any authorisation and does… | 2024-02-06T06:05:00.172793Z |
| gsd-2024-1226 | The software does not neutralize or incorrectly neutralizes certain characters before the… | 2024-02-06T06:02:56.278068Z |
| gsd-2024-1234 | The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Sit… | 2024-02-06T06:02:56.275284Z |
| gsd-2024-1232 | The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some … | 2024-02-06T06:02:56.258506Z |
| gsd-2024-1243 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-06T06:02:56.255662Z |
| gsd-2024-1231 | The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some … | 2024-02-06T06:02:56.251143Z |
| gsd-2024-1245 | Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and descript… | 2024-02-06T06:02:56.248541Z |
| gsd-2024-1237 | The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-… | 2024-02-06T06:02:56.247837Z |
| gsd-2024-1247 | Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS via the Role Name field … | 2024-02-06T06:02:56.243893Z |
| gsd-2024-1227 | An open redirect vulnerability, the exploitation of which could allow an attacker to crea… | 2024-02-06T06:02:56.226046Z |
| gsd-2024-1248 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-06T06:02:56.219089Z |
| gsd-2024-1246 | Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL I… | 2024-02-06T06:02:56.217663Z |
| gsd-2024-1244 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-06T06:02:56.216934Z |
| gsd-2024-1224 | This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic alg… | 2024-02-06T06:02:56.204939Z |
| gsd-2024-1242 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site … | 2024-02-06T06:02:56.197796Z |
| gsd-2024-1225 | A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affe… | 2024-02-06T06:02:56.194399Z |
| gsd-2024-1229 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-06T06:02:56.190039Z |
| gsd-2024-1235 | The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site … | 2024-02-06T06:02:56.185408Z |
| gsd-2024-1228 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-06T06:02:56.183577Z |
| gsd-2024-1236 | The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerc… | 2024-02-06T06:02:56.176277Z |
| gsd-2024-1240 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-06T06:02:56.175726Z |
| gsd-2024-1230 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-06T06:02:56.171959Z |
| gsd-2024-1241 | Watchdog Antivirus v1.6.415 is vulnerable to a Denial of Service vulnerability by trigger… | 2024-02-06T06:02:56.147876Z |
| gsd-2024-1238 | The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site … | 2024-02-06T06:02:56.138137Z |
| gsd-2024-1239 | The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site … | 2024-02-06T06:02:56.135556Z |
| gsd-2024-1233 | A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator che… | 2024-02-06T06:02:56.132407Z |
| gsd-2024-25117 | php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to … | 2024-02-06T06:02:56.125023Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-183213 | Malicious code in kisut-dfg-dufadiuynban (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183212 | Malicious code in kisut-dfg-dufadinban (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183211 | Malicious code in kisut-dfg-duban (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183210 | Malicious code in kisut-dfg-dizcb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183209 | Malicious code in kisut-dfg-dizb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183208 | Malicious code in kisut-dfg-diwfzcfecdcb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183207 | Malicious code in kisut-dfg-diwfzcfecdavgecab (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183206 | Malicious code in kisut-dfg-diwfzcfecdavgcab (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183205 | Malicious code in kisut-dfg-diwfzcfecdavcb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183204 | Malicious code in kisut-dfg-diwfzcfecdacb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183203 | Malicious code in kisut-dfg-diwfzcfeccb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183202 | Malicious code in kisut-dfg-difzcfeccb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183201 | Malicious code in kisut-dfg-difzcfccb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183200 | Malicious code in kisut-dfg-difzcfcb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183199 | Malicious code in kisut-dfg-difzcfb (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183198 | Malicious code in kisut-dfg-dbn (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183197 | Malicious code in kisut-dfg-dban (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183196 | Malicious code in kisut-dfg-db (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183195 | Malicious code in kimuay-agg-ibifua (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183194 | Malicious code in kidt-avog-uvuffacfeaaifv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183193 | Malicious code in kidt-avog-uvuffacfeaaifaafiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183192 | Malicious code in kidt-avog-uvuffacfeaaiafv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183191 | Malicious code in kidt-avog-uvuffacfeaaiafiv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183190 | Malicious code in kidt-avog-uvuffacfafv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183189 | Malicious code in kidt-avog-uvuffacfaafv (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183188 | Malicious code in kidt-avog-uvufacfav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183187 | Malicious code in kidt-avog-uvufacav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183186 | Malicious code in kidt-avog-uufcav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183185 | Malicious code in kidt-avog-uufacav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183184 | Malicious code in kidt-avog-uucav (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2023:3470 | Red Hat Security Advisory: kernel-rt security and bug fix update | 2023-06-06T08:48:57+00:00 | 2025-11-21T18:41:12+00:00 |
| rhsa-2023:3465 | Red Hat Security Advisory: kernel security and bug fix update | 2023-06-06T08:50:56+00:00 | 2025-11-21T18:41:12+00:00 |
| rhsa-2023:3462 | Red Hat Security Advisory: kernel-rt security and bug fix update | 2023-06-06T08:50:30+00:00 | 2025-11-21T18:41:12+00:00 |
| rhsa-2023:3446 | Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (python-flask) security update | 2023-06-05T18:53:09+00:00 | 2025-11-21T18:41:12+00:00 |
| rhsa-2023:3431 | Red Hat Security Advisory: kpatch-patch security update | 2023-06-05T18:54:54+00:00 | 2025-11-21T18:41:12+00:00 |
| rhsa-2023:3461 | Red Hat Security Advisory: kernel security and bug fix update | 2023-06-06T08:53:32+00:00 | 2025-11-21T18:41:11+00:00 |
| rhsa-2023:3460 | Red Hat Security Advisory: curl security update | 2023-06-06T08:36:00+00:00 | 2025-11-21T18:41:11+00:00 |
| rhsa-2023:3428 | Red Hat Security Advisory: cups-filters security update | 2023-06-05T18:52:57+00:00 | 2025-11-21T18:41:11+00:00 |
| rhsa-2023:3433 | Red Hat Security Advisory: webkit2gtk3 security update | 2023-06-05T18:57:13+00:00 | 2025-11-21T18:41:10+00:00 |
| rhsa-2023:3444 | Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-flask) security update | 2023-06-05T18:53:06+00:00 | 2025-11-21T18:41:09+00:00 |
| rhsa-2023:3440 | Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (python-flask) security update | 2023-06-05T18:53:41+00:00 | 2025-11-21T18:41:08+00:00 |
| rhsa-2023:3432 | Red Hat Security Advisory: webkit2gtk3 security update | 2023-06-05T19:04:07+00:00 | 2025-11-21T18:41:07+00:00 |
| rhsa-2023:3429 | Red Hat Security Advisory: cups-filters security update | 2023-06-05T18:53:07+00:00 | 2025-11-21T18:41:07+00:00 |
| rhsa-2023:3427 | Red Hat Security Advisory: cups-filters security update | 2023-06-05T12:52:26+00:00 | 2025-11-21T18:41:06+00:00 |
| rhsa-2023:3426 | Red Hat Security Advisory: cups-filters security update | 2023-06-05T18:53:30+00:00 | 2025-11-21T18:41:06+00:00 |
| rhsa-2023:3425 | Red Hat Security Advisory: cups-filters security update | 2023-06-05T18:52:50+00:00 | 2025-11-21T18:41:05+00:00 |
| rhsa-2023:3424 | Red Hat Security Advisory: cups-filters security update | 2023-06-04T11:06:20+00:00 | 2025-11-21T18:41:05+00:00 |
| rhsa-2023:3423 | Red Hat Security Advisory: cups-filters security update | 2023-06-05T18:53:06+00:00 | 2025-11-21T18:41:05+00:00 |
| rhsa-2023:3403 | Red Hat Security Advisory: pcs security and bug fix update | 2023-05-31T15:47:47+00:00 | 2025-11-21T18:41:04+00:00 |
| rhsa-2023:3397 | Red Hat Security Advisory: qatzip security and bug fix update | 2023-05-31T16:01:04+00:00 | 2025-11-21T18:41:03+00:00 |
| rhsa-2023:3394 | Red Hat Security Advisory: pki-core:10.6 security update | 2023-05-31T16:03:52+00:00 | 2025-11-21T18:41:03+00:00 |
| rhsa-2023:3387 | Red Hat Security Advisory: Satellite 6.13.1 Async Security Update | 2023-05-31T15:31:12+00:00 | 2025-11-21T18:41:01+00:00 |
| rhsa-2023:3382 | Red Hat Security Advisory: git security update | 2023-05-31T13:13:03+00:00 | 2025-11-21T18:41:01+00:00 |
| rhsa-2023:3380 | Red Hat Security Advisory: apr-util security update | 2023-05-31T13:10:56+00:00 | 2025-11-21T18:41:01+00:00 |
| rhsa-2023:3361 | Red Hat Security Advisory: gnutls security update | 2023-05-31T08:48:59+00:00 | 2025-11-21T18:40:59+00:00 |
| rhsa-2023:3360 | Red Hat Security Advisory: apr-util security update | 2023-05-31T08:46:17+00:00 | 2025-11-21T18:40:59+00:00 |
| rhsa-2023:3356 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.5.9 security fixes and container updates | 2023-05-30T21:00:10+00:00 | 2025-11-21T18:40:58+00:00 |
| rhsa-2023:3353 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.9 security fixes and container updates | 2023-05-30T16:47:57+00:00 | 2025-11-21T18:40:58+00:00 |
| rhsa-2023:3351 | Red Hat Security Advisory: kpatch-patch security update | 2023-05-30T15:08:21+00:00 | 2025-11-21T18:40:57+00:00 |
| rhsa-2023:3350 | Red Hat Security Advisory: kernel-rt security and bug fix update | 2023-05-30T15:07:04+00:00 | 2025-11-21T18:40:57+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2020-1720 | A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION" where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function triggers et al. leading to database corruption. This issue affects PostgreSQL versions before 12.2 before 11.7 before 10.12 and before 9.6.17. | 2020-03-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-1712 | A heap use-after-free vulnerability was found in systemd before version v245-rc1 where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges by sending specially crafted dbus messages. | 2020-03-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-1711 | An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host. | 2020-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-16166 | The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c. | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-16092 | In QEMU through 5.0.0 an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c. | 2020-08-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-15863 | hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host resulting in a denial of service or potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555. | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-15859 | QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address. | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-15707 | GRUB2 contained integer overflows when handling the initrd command leading to a heap-based buffer overflow. | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-15706 | GRUB2 contains a race condition leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing. | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-15705 | GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-15469 | In QEMU 4.2.0 a MemoryRegionOps object may lack read/write callback methods leading to a NULL pointer dereference. | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-15393 | In the Linux kernel 4.4 through 5.7.6 usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak aka CID-28ebeb8db770. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14725 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14702 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14697 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14680 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14678 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14663 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14656 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14654 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14651 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14643 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14641 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14634 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14633 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14632 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14631 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Audit). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14624 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14623 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14620 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201609-0300 | Apple Type Services (ATS) in Apple OS X before 10.12 allows remote attackers to execute a… | 2025-04-13T22:25:17.317000Z |
| var-201605-0455 | The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X be… | 2025-04-13T22:25:16.898000Z |
| var-201512-0170 | The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a san… | 2025-04-13T22:25:16.163000Z |
| var-201407-0071 | Use-after-free vulnerability in Safari in Apple iOS before 7.1.2 allows remote attackers … | 2025-04-13T22:25:16.128000Z |
| var-201509-0088 | The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which a… | 2025-04-13T22:25:15.786000Z |
| var-201510-0085 | Apple Online Store Kit in Apple OS X before 10.11 improperly validates iCloud keychain it… | 2025-04-13T22:25:15.456000Z |
| var-201508-0466 | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and … | 2025-04-13T22:25:13.824000Z |
| var-201408-0167 | The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport… | 2025-04-13T22:25:09.209000Z |
| var-201410-1074 | Mail in Apple OS X before 10.10 does not properly recognize the removal of a recipient ad… | 2025-04-13T22:25:07.986000Z |
| var-201404-0203 | WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attacker… | 2025-04-13T22:25:05.700000Z |
| var-201510-0075 | The protected range register in the EFI component in Apple OS X before 10.11 has an incor… | 2025-04-13T22:25:00.915000Z |
| var-201607-0306 | Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS b… | 2025-04-13T22:24:58.810000Z |
| var-201508-0251 | The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause… | 2025-04-13T22:24:26.399000Z |
| var-201609-0349 | The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allo… | 2025-04-13T22:24:24.469000Z |
| var-201409-0517 | The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper… | 2025-04-13T22:24:13.542000Z |
| var-201512-0125 | WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote at… | 2025-04-13T22:24:13.496000Z |
| var-201509-0102 | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to … | 2025-04-13T22:24:13.279000Z |
| var-201509-0037 | Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended cl… | 2025-04-13T22:24:06.304000Z |
| var-201509-0115 | WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execut… | 2025-04-13T22:24:04.679000Z |
| var-201505-0283 | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x … | 2025-04-13T22:24:04.545000Z |
| var-201508-0057 | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux… | 2025-04-13T22:24:04.351000Z |
| var-201507-0078 | Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows a… | 2025-04-13T22:24:03.256000Z |
| var-201510-0188 | The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP he… | 2025-04-13T22:23:58.711000Z |
| var-201605-0447 | CoreStorage in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a … | 2025-04-13T22:23:58.322000Z |
| var-201509-0103 | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to … | 2025-04-13T22:23:57.789000Z |
| var-201502-0410 | The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_work… | 2025-04-13T22:23:57.583000Z |
| var-201506-0087 | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.… | 2025-04-13T22:23:27.525000Z |
| var-201402-0404 | The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows… | 2025-04-13T22:22:50.609000Z |
| var-201404-0197 | Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x befor… | 2025-04-13T22:22:50.040000Z |
| var-201509-0077 | IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a… | 2025-04-13T22:22:49.686000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2020:1898-1 | Security update for MozillaFirefox | 2020-07-13T13:04:55Z | 2020-07-13T13:04:55Z |
| suse-su-2019:1267-3 | Security update for graphviz | 2020-07-13T07:39:19Z | 2020-07-13T07:39:19Z |
| suse-su-2020:1891-1 | Security update for xen | 2020-07-13T07:37:45Z | 2020-07-13T07:37:45Z |
| suse-su-2020:1889-1 | Security update for xen | 2020-07-10T13:51:30Z | 2020-07-10T13:51:30Z |
| suse-su-2020:1888-1 | Security update for xen | 2020-07-10T13:51:15Z | 2020-07-10T13:51:15Z |
| suse-su-2020:1887-1 | Security update for xen | 2020-07-10T13:49:58Z | 2020-07-10T13:49:58Z |
| suse-su-2020:1886-1 | Security update for xen | 2020-07-10T13:49:48Z | 2020-07-10T13:49:48Z |
| suse-su-2020:14421-1 | Security update for MozillaFirefox | 2020-07-08T09:34:44Z | 2020-07-08T09:34:44Z |
| suse-su-2019:2891-2 | Security update for python-ecdsa | 2020-07-08T07:57:01Z | 2020-07-08T07:57:01Z |
| suse-su-2020:1297-2 | Security update for libvpx | 2020-07-08T07:56:16Z | 2020-07-08T07:56:16Z |
| suse-su-2020:1695-2 | Security update for osc | 2020-07-08T07:55:30Z | 2020-07-08T07:55:30Z |
| suse-su-2020:1417-2 | Security update for freetds | 2020-07-08T07:55:12Z | 2020-07-08T07:55:12Z |
| suse-su-2020:0819-2 | Security update for icu | 2020-07-08T07:54:33Z | 2020-07-08T07:54:33Z |
| suse-su-2020:1553-2 | Security update for libexif | 2020-07-08T07:54:11Z | 2020-07-08T07:54:11Z |
| suse-su-2020:1621-2 | Security update for libEMF | 2020-07-08T07:53:58Z | 2020-07-08T07:53:58Z |
| suse-su-2020:1591-2 | Security update for MozillaThunderbird | 2020-07-08T07:53:50Z | 2020-07-08T07:53:50Z |
| suse-su-2019:3192-2 | Security update for opencv | 2020-07-08T07:53:37Z | 2020-07-08T07:53:37Z |
| suse-su-2020:1580-2 | Security update for texlive-filesystem | 2020-07-08T07:53:12Z | 2020-07-08T07:53:12Z |
| suse-su-2019:2425-2 | Security update for nmap | 2020-07-08T07:53:05Z | 2020-07-08T07:53:05Z |
| suse-su-2020:1873-1 | Security update for LibVNCServer | 2020-07-07T15:20:05Z | 2020-07-07T15:20:05Z |
| suse-su-2020:0629-2 | Security update for librsvg | 2020-07-07T11:45:30Z | 2020-07-07T11:45:30Z |
| suse-su-2020:0629-1 | Security update for librsvg | 2020-07-07T11:45:14Z | 2020-07-07T11:45:14Z |
| suse-su-2020:1661-2 | Security update for php7 | 2020-07-07T11:44:27Z | 2020-07-07T11:44:27Z |
| suse-su-2020:1300-2 | Security update for gstreamer-plugins-base | 2020-07-07T11:44:16Z | 2020-07-07T11:44:16Z |
| suse-su-2020:1682-2 | Security update for perl | 2020-07-07T11:43:42Z | 2020-07-07T11:43:42Z |
| suse-su-2020:1164-2 | Security update for LibVNCServer | 2020-07-07T11:43:24Z | 2020-07-07T11:43:24Z |
| suse-su-2019:3184-2 | Security update for ffmpeg | 2020-07-07T11:43:16Z | 2020-07-07T11:43:16Z |
| suse-su-2020:0594-2 | Security update for gd | 2020-07-07T11:43:08Z | 2020-07-07T11:43:08Z |
| suse-su-2020:1511-2 | Security update for java-11-openjdk | 2020-07-07T11:42:58Z | 2020-07-07T11:42:58Z |
| suse-su-2019:2463-2 | Security update for SDL2 | 2020-07-07T11:42:50Z | 2020-07-07T11:42:50Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2024-37580 | NetBox跨站脚本漏洞(CNVD-2024-37580) | 2024-07-12 | 2024-09-06 |
| cnvd-2024-37579 | NetBox跨站脚本漏洞(CNVD-2024-37579) | 2024-07-12 | 2024-09-06 |
| cnvd-2024-37578 | NetBox跨站脚本漏洞(CNVD-2024-37578) | 2024-07-12 | 2024-09-06 |
| cnvd-2024-37502 | Microsoft Edge (Chromium-based)远程代码执行漏洞 | 2024-08-29 | 2024-09-06 |
| cnvd-2024-37501 | Microsoft Edge for Android欺骗漏洞(CNVD-2024-37501) | 2024-08-29 | 2024-09-06 |
| cnvd-2024-37492 | Microsoft Exchange Server欺骗漏洞(CNVD-2024-37492) | 2023-11-16 | 2024-09-06 |
| cnvd-2024-37491 | Microsoft .NET Core和Visual Studio拒绝服务漏洞 | 2024-07-12 | 2024-09-06 |
| cnvd-2024-37479 | SWFTools越界读取漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37478 | SWFTools swfc.c:2602页面缓冲区溢出漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37477 | SWFTools swfc.c:2587页面缓冲区溢出漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37476 | SWFTools swfc.c:2576页面缓冲区溢出漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37475 | SWFTools swf5compiler.flex:327页面缓冲区溢出漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37474 | SWFTools swf_DeleteTag方法内存错误引用漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37473 | SWFTools q.c页面缓冲区溢出漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37472 | SWFTools lex.swf5.c:1321页面缓冲区溢出漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37471 | SWFTools input方法内存错误引用漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37470 | SWFTools bufferWriteData方法内存错误引用漏洞 | 2024-01-24 | 2024-09-06 |
| cnvd-2024-37469 | SWFTools缓冲区溢出漏洞(CNVD-2024-37469) | 2024-02-28 | 2024-09-06 |
| cnvd-2024-37468 | SWFTools拒绝服务漏洞(CNVD-2024-37468) | 2024-03-08 | 2024-09-06 |
| cnvd-2024-37467 | SWFTools swfshape.c拒绝服务漏洞 | 2024-03-08 | 2024-09-06 |
| cnvd-2024-37466 | SWFTools swfc-history.c拒绝服务漏洞 | 2024-03-08 | 2024-09-06 |
| cnvd-2024-37465 | SWFTools swfc.c拒绝服务漏洞 | 2024-03-08 | 2024-09-06 |
| cnvd-2024-37464 | SWFTools actioncompiler.c拒绝服务漏洞 | 2024-03-08 | 2024-09-06 |
| cnvd-2024-36541 | 用友网络科技股份有限公司U8CRM存在SQL注入漏洞(CNVD-2024-36541) | 2024-07-23 | 2024-09-06 |
| cnvd-2024-36535 | 北京亿赛通科技发展有限责任公司亿赛通电子文档安全管理系统存在SQL注入漏洞(CNVD-2024-36535) | 2024-07-23 | 2024-09-06 |
| cnvd-2024-36533 | 帆软软件有限公司多个产品存在命令执行漏洞 | 2024-07-23 | 2024-09-06 |
| cnvd-2024-37707 | Cisco Nexus Dashboard跨站请求伪造漏洞 | 2024-04-10 | 2024-09-05 |
| cnvd-2024-37706 | Cisco Identity Services Engine跨站请求伪造漏洞(CNVD-2024-37706) | 2024-04-10 | 2024-09-05 |
| cnvd-2024-37705 | Cisco Finesse Web管理接口服务端请求伪造漏洞 | 2024-06-11 | 2024-09-05 |
| cnvd-2024-37704 | Cisco Identity Services Engine文件上传漏洞 | 2024-07-24 | 2024-09-05 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2009-avi-519 | Multiples vulnérabilités dans Cacti | 2009-11-26T00:00:00.000000 | 2009-11-26T00:00:00.000000 |
| certa-2009-avi-518 | Vulnérabilité dans la bibliothèque libtool | 2009-11-26T00:00:00.000000 | 2009-11-26T00:00:00.000000 |
| certa-2009-avi-517 | Vulnérabilités dans la bibliothèque libvorbis | 2009-11-26T00:00:00.000000 | 2009-11-26T00:00:00.000000 |
| certa-2009-avi-516 | Multiples vulnérabilités dans les produits Adobe | 2009-11-26T00:00:00.000000 | 2009-11-26T00:00:00.000000 |
| certa-2009-avi-514 | Vulnérabilité dans Symantec Altiris | 2009-11-26T00:00:00.000000 | 2009-11-26T00:00:00.000000 |
| certa-2009-avi-513 | Multiples vulnérabilités dans les produits VMware | 2009-11-24T00:00:00.000000 | 2009-11-24T00:00:00.000000 |
| certa-2009-avi-512 | Vulnérabilités de Kolab | 2009-11-23T00:00:00.000000 | 2009-11-23T00:00:00.000000 |
| certa-2009-avi-511 | Vulnérabilité dans Dovecot | 2009-11-23T00:00:00.000000 | 2009-11-23T00:00:00.000000 |
| certa-2009-avi-509 | Vulnérabilités dans Opera | 2009-11-23T00:00:00.000000 | 2009-11-23T00:00:00.000000 |
| certa-2009-avi-507 | Vulnérabilité dans HP Color LaserJet | 2009-11-20T00:00:00.000000 | 2009-11-20T00:00:00.000000 |
| certa-2009-avi-506 | Vulnérabilité dans HP OpenView Network Node Manager | 2009-11-19T00:00:00.000000 | 2009-11-19T00:00:00.000000 |
| certa-2009-avi-505 | Vulnérabilité dans HP Discovery & Dependency Mapping Inventory | 2009-11-19T00:00:00.000000 | 2009-11-19T00:00:00.000000 |
| certa-2009-avi-504 | Vulnérabilité dans Bugzilla | 2009-11-19T00:00:00.000000 | 2009-11-19T00:00:00.000000 |
| certa-2009-avi-503 | Vulnérabilité dans libexif | 2009-11-17T00:00:00.000000 | 2009-11-17T00:00:00.000000 |
| certa-2009-avi-502 | Vulnérabilité dans XOOPS | 2009-11-17T00:00:00.000000 | 2009-11-17T00:00:00.000000 |
| certa-2009-avi-501 | Vulnérabilité dans IBM WebSphere | 2009-11-16T00:00:00.000000 | 2009-11-16T00:00:00.000000 |
| certa-2009-avi-500 | Vulnérabilité dans Google Chrome | 2009-11-13T00:00:00.000000 | 2009-11-13T00:00:00.000000 |
| certa-2009-avi-499 | Vulnérabilité dans Netgear WNDAP330 | 2009-11-13T00:00:00.000000 | 2009-11-13T00:00:00.000000 |
| certa-2009-avi-498 | Vulnérabilités dans Wordpress | 2009-11-13T00:00:00.000000 | 2009-11-13T00:00:00.000000 |
| certa-2009-avi-497 | Vulnérabilités dans McAfee Network Security Manager | 2009-11-12T00:00:00.000000 | 2009-11-12T00:00:00.000000 |
| certa-2009-avi-496 | Multiples vulnérabilités de Apple Safari | 2009-11-12T00:00:00.000000 | 2009-11-12T00:00:00.000000 |
| certa-2009-avi-495 | Vulnérabilité dans Microsoft Office Word | 2009-11-10T00:00:00.000000 | 2009-11-10T00:00:00.000000 |
| certa-2009-avi-494 | Multiples vulnérabilités dans Microsoft Office Excel | 2009-11-10T00:00:00.000000 | 2009-11-10T00:00:00.000000 |
| certa-2009-avi-493 | Vulnérabilité dans Microsoft Active Directory | 2009-11-10T00:00:00.000000 | 2009-11-10T00:00:00.000000 |
| certa-2009-avi-492 | Vulnérabilités dans le noyau de Microsoft Windows | 2009-11-10T00:00:00.000000 | 2009-11-10T00:00:00.000000 |
| certa-2009-avi-491 | Vulnérabilité dans le serveur d'enregistrement de licences Microsoft | 2009-11-10T00:00:00.000000 | 2009-11-10T00:00:00.000000 |
| certa-2009-avi-490 | Vulnérabilité de Microsoft WSDAPI | 2009-11-10T00:00:00.000000 | 2009-11-10T00:00:00.000000 |
| certa-2009-avi-489 | Vulnérabilité dans CUPS | 2009-11-10T00:00:00.000000 | 2009-11-10T00:00:00.000000 |
| certa-2009-avi-488 | Vulnérabilités dans Xoops | 2009-11-10T00:00:00.000000 | 2009-11-10T00:00:00.000000 |
| certa-2009-avi-487 | Multiples vulnérabilités dans Apple MacOS X | 2009-11-10T00:00:00.000000 | 2009-11-10T00:00:00.000000 |