Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-68885 |
7.1 (3.1)
|
WordPress Custom Post Status plugin <= 1.1.0 - Cross S… |
Page Carbajal |
Custom Post Status |
2025-12-31T05:34:27.042Z | 2026-01-20T14:28:29.095Z |
| CVE-2025-68892 |
6.1 (3.1)
|
WordPress Scroll rss excerpt plugin <= 5.0 - Reflected… |
gopiplus@hotmail.com |
Scroll rss excerpt |
2026-01-08T09:17:54.424Z | 2026-01-20T14:28:29.092Z |
| CVE-2025-68978 |
6.1 (3.1)
|
WordPress DesignThemes Core plugin <= 1.6 - Cross Site… |
designthemes |
DesignThemes Core |
2025-12-30T10:47:48.485Z | 2026-01-20T14:28:29.078Z |
| CVE-2025-68867 |
6.5 (3.1)
|
WordPress Effect Maker plugin <= 1.2.1 - Cross Site Sc… |
anibalwainstein |
Effect Maker |
2026-01-08T09:17:51.313Z | 2026-01-20T14:28:29.078Z |
| CVE-2025-68976 |
8.8 (3.1)
|
WordPress Eagle Booking plugin <= 1.3.4.3 - Settings C… |
Eagle-Themes |
Eagle Booking |
2025-12-30T10:47:48.092Z | 2026-01-20T14:28:29.067Z |
| CVE-2025-68873 |
7.1 (3.1)
|
WordPress PRIMER by chloédigital plugin <= 1.0.25 - Re… |
chloédigital |
PRIMER by chloédigital |
2026-01-08T09:17:51.924Z | 2026-01-20T14:28:29.054Z |
| CVE-2025-68868 |
6.5 (3.1)
|
WordPress Wp Text Slider Widget plugin <= 1.0 - Cross … |
Codeaffairs |
Wp Text Slider Widget |
2025-12-29T16:12:32.664Z | 2026-01-20T14:28:29.039Z |
| CVE-2025-68977 |
6.1 (3.1)
|
WordPress DesignThemes Portfolio Addon plugin <= 1.5 -… |
designthemes |
DesignThemes Portfolio Addon |
2025-12-30T10:47:48.297Z | 2026-01-20T14:28:29.030Z |
| CVE-2025-68602 |
6.1 (3.1)
|
WordPress Accept Donations with PayPal plugin <= 1.5.1… |
Scott Paterson |
Accept Donations with PayPal |
2025-12-24T13:10:47.134Z | 2026-01-20T14:28:29.023Z |
| CVE-2025-68975 |
8.1 (3.1)
|
WordPress Eagle Booking plugin <= 1.3.4.3 - Insecure D… |
Eagle-Themes |
Eagle Booking |
2025-12-30T10:47:47.878Z | 2026-01-20T14:28:29.017Z |
| CVE-2025-68603 |
8.1 (3.1)
|
WordPress Editorial Calendar plugin <= 3.8.8 - Broken … |
Marketing Fire |
Editorial Calendar |
2025-12-24T13:10:47.744Z | 2026-01-20T14:28:29.006Z |
| CVE-2025-68608 |
8.8 (3.1)
|
WordPress Userpro plugin <= 5.1.9 - Broken Access Cont… |
DeluxeThemes |
Userpro |
2025-12-24T12:31:31.259Z | 2026-01-20T14:28:29.001Z |
| CVE-2025-68861 |
7.1 (3.1)
|
WordPress Plugin Optimizer plugin <= 1.3.7 - Broken Ac… |
Plugin Optimizer |
Plugin Optimizer |
2025-12-29T17:23:08.542Z | 2026-01-20T14:28:28.999Z |
| CVE-2025-68870 |
7.5 (3.1)
|
WordPress CookieHint WP plugin <= 1.0.0 - Local File I… |
reDim GmbH |
CookieHint WP |
2025-12-29T16:09:05.270Z | 2026-01-20T14:28:28.988Z |
| CVE-2025-68860 |
9.8 (3.1)
|
WordPress Mobile builder plugin <= 1.4.2 - Broken Auth… |
Mobile Builder |
Mobile builder |
2025-12-29T21:08:56.358Z | 2026-01-20T14:28:28.984Z |
| CVE-2025-68607 |
6.5 (3.1)
|
WordPress Custom Field Template plugin <= 2.7.5 - Cros… |
Hiroaki Miyashita |
Custom Field Template |
2025-12-29T21:10:50.618Z | 2026-01-20T14:28:28.975Z |
| CVE-2025-68865 |
9.3 (3.1)
|
WordPress Infility Global plugin <= 2.14.48 - SQL Inje… |
Infility |
Infility Global |
2026-01-05T10:44:34.184Z | 2026-01-20T14:28:28.951Z |
| CVE-2025-68600 |
9.1 (3.1)
|
WordPress Link Library plugin <= 7.8.4 - Server Side R… |
Yannick Lefebvre |
Link Library |
2025-12-24T13:10:46.548Z | 2026-01-20T14:28:28.926Z |
| CVE-2025-68605 |
5.4 (3.1)
|
WordPress Post Grid and Gutenberg Blocks plugin <= 2.3… |
PickPlugins |
Post Grid and Gutenberg Blocks |
2025-12-24T13:10:48.261Z | 2026-01-20T14:28:28.908Z |
| CVE-2025-68850 |
7.5 (3.1)
|
WordPress Sell Downloads plugin <= 1.1.12 - Broken Ac… |
Codepeople |
Sell Downloads |
2026-01-05T10:43:35.490Z | 2026-01-20T14:28:28.893Z |
| CVE-2025-68601 |
8.8 (3.1)
|
WordPress Five Star Restaurant Reservations plugin <= … |
Rustaurius |
Five Star Restaurant Reservations |
2025-12-24T13:10:46.860Z | 2026-01-20T14:28:28.891Z |
| CVE-2025-68606 |
7.5 (3.1)
|
WordPress PostX plugin <= 5.0.3 - Sensitive Data Expos… |
WPXPO |
PostX |
2025-12-24T13:10:48.784Z | 2026-01-20T14:28:28.845Z |
| CVE-2025-68593 |
8.8 (3.1)
|
WordPress WP Adminify plugin <= 4.0.6.1 - Broken Acces… |
Liton Arefin |
WP Adminify |
2025-12-24T13:10:44.275Z | 2026-01-20T14:28:28.837Z |
| CVE-2025-68598 |
5.4 (3.1)
|
WordPress Page Builder: Live Composer plugin <= 2.0.5 … |
LiveComposer |
Page Builder: Live Composer |
2025-12-24T13:10:45.982Z | 2026-01-20T14:28:28.836Z |
| CVE-2025-68596 |
8.8 (3.1)
|
WordPress Bit Assist plugin <= 1.5.11 - Broken Access … |
Bit Apps |
Bit Assist |
2025-12-24T13:10:45.364Z | 2026-01-20T14:28:28.773Z |
| CVE-2025-68561 |
7.6 (3.1)
|
WordPress AutomatorWP plugin <= 5.2.4 - SQL Injection … |
Ruben Garcia |
AutomatorWP |
2025-12-23T11:34:34.900Z | 2026-01-20T14:28:28.768Z |
| CVE-2025-68560 |
7.5 (3.1)
|
WordPress TheGem Theme Elements (for Elementor) plugin… |
CodexThemes |
TheGem Theme Elements (for Elementor) |
2025-12-23T11:36:26.213Z | 2026-01-20T14:28:28.760Z |
| CVE-2025-68583 |
8.8 (3.1)
|
WordPress Fast User Switching plugin <= 1.4.10 - Cross… |
Tikweb Management |
Fast User Switching |
2025-12-24T13:10:41.121Z | 2026-01-20T14:28:28.749Z |
| CVE-2025-68576 |
7.5 (3.1)
|
WordPress Virusdie plugin <= 1.1.6 - Sensitive Data Ex… |
Virusdie |
Virusdie |
2025-12-24T13:10:38.690Z | 2026-01-20T14:28:28.713Z |
| CVE-2025-68587 |
8.1 (3.1)
|
WordPress Watu Quiz plugin <= 3.4.5 - Broken Access Co… |
Bob |
Watu Quiz |
2025-12-24T13:10:42.440Z | 2026-01-20T14:28:28.675Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-10442 |
10 (3.1)
|
Off-by-one error vulnerability in the transmissio… |
Synology |
Unified Controller (DSMUC) |
2025-03-19T02:14:03.691Z | 2025-03-19T14:13:16.719Z |
| CVE-2025-59529 |
5.5 (3.1)
|
simple protocol server ignores accepts unlimited conne… |
avahi |
avahi |
2025-12-18T20:25:31.499Z | 2025-12-19T22:04:36.268Z |
| CVE-2026-21221 |
7 (3.1)
|
Capability Access Management Service (camsvc) Elevatio… |
Microsoft |
Windows 11 Version 24H2 |
2026-01-13T17:56:50.882Z | 2026-02-26T15:04:25.225Z |
| CVE-2026-21900 |
8.2 (4.0)
|
CryptoLib Has Out-of-Bounds Read in KMC Encrypt Metada… |
nasa |
CryptoLib |
2026-01-10T00:14:33.782Z | 2026-01-13T17:16:34.273Z |
| CVE-2026-22023 |
8.2 (4.0)
|
CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt M… |
nasa |
CryptoLib |
2026-01-10T00:17:03.148Z | 2026-01-13T17:17:39.426Z |
| CVE-2026-22024 |
6.3 (4.0)
|
CryptoLib Memory Leak in KMC Encrypt Function Leads to… |
nasa |
CryptoLib |
2026-01-10T00:19:16.006Z | 2026-01-13T20:08:55.439Z |
| CVE-2026-22026 |
8.2 (4.0)
|
CryptoLib Unbounded Memory Allocation in KMC HTTP Resp… |
nasa |
CryptoLib |
2026-01-10T00:22:35.480Z | 2026-01-13T21:47:52.666Z |
| CVE-2026-22697 |
7.5 (3.1)
|
CryptoLib Has Heap Buffer Overflow Vulnerability in KM… |
nasa |
CryptoLib |
2026-01-10T00:31:11.045Z | 2026-01-13T21:48:38.005Z |
| CVE-2026-22025 |
6.3 (4.0)
|
CryptoLib Memory Leak on HTTP Error Response in KMC Client |
nasa |
CryptoLib |
2026-01-10T00:20:59.338Z | 2026-01-13T20:19:08.707Z |
| CVE-2023-3666 |
3.3 (3.1)
|
Sticky Side Buttons < 2.0.0 - Admin+ Stored XSS |
Unknown |
Sticky Side Buttons |
2025-09-03T06:00:04.025Z | 2025-09-03T19:47:05.988Z |
| CVE-2025-43491 |
7.3 (4.0)
|
Poly Lens Desktop Application – Privilege Escalation |
HP, Inc. |
Poly Lens |
2025-09-09T20:29:47.968Z | 2026-02-26T17:48:49.381Z |
| CVE-2025-2268 |
6.9 (4.0)
|
HP LaserJet MFP M232-M237 Printer Series - Potential D… |
HP Inc. |
HP LaserJet MFP M232-M237 Printer Series |
2025-03-14T13:33:33.887Z | 2025-03-14T14:37:32.621Z |
| CVE-2026-20965 |
7.5 (3.1)
|
Windows Admin Center Elevation of Privilege Vulnerability |
Microsoft |
Windows Admin Center in Azure Portal |
2026-01-13T17:56:06.968Z | 2026-02-26T15:04:41.040Z |
| CVE-2026-20949 |
7.8 (3.1)
|
Microsoft Excel Security Feature Bypass Vulnerability |
Microsoft |
Microsoft 365 Apps for Enterprise |
2026-01-13T17:57:07.146Z | 2026-02-26T15:04:19.178Z |
| CVE-2026-20948 |
7.8 (3.1)
|
Microsoft Word Remote Code Execution Vulnerability |
Microsoft |
Microsoft 365 Apps for Enterprise |
2026-01-13T17:57:06.605Z | 2026-02-26T15:04:19.481Z |
| CVE-2026-20947 |
8.8 (3.1)
|
Microsoft SharePoint Server Remote Code Execution Vuln… |
Microsoft |
Microsoft SharePoint Enterprise Server 2016 |
2026-01-13T17:56:52.105Z | 2026-02-26T15:04:24.921Z |
| CVE-2026-20946 |
7.8 (3.1)
|
Microsoft Excel Remote Code Execution Vulnerability |
Microsoft |
Microsoft 365 Apps for Enterprise |
2026-01-13T17:56:46.499Z | 2026-02-26T15:04:27.420Z |
| CVE-2026-20944 |
8.4 (3.1)
|
Microsoft Word Remote Code Execution Vulnerability |
Microsoft |
Microsoft 365 Apps for Enterprise |
2026-01-13T17:56:45.984Z | 2026-02-26T15:04:27.698Z |
| CVE-2026-20943 |
7 (3.1)
|
Microsoft Office Click-To-Run Remote Code Execution Vu… |
Microsoft |
Microsoft Office 2016 |
2026-01-13T17:56:45.424Z | 2026-02-26T15:04:27.987Z |
| CVE-2026-20941 |
7.8 (3.1)
|
Host Process for Windows Tasks Elevation of Privilege … |
Microsoft |
Windows 11 Version 24H2 |
2026-01-13T17:57:10.464Z | 2026-02-26T15:04:18.056Z |
| CVE-2026-22694 |
6.1 (3.1)
|
AliasVault is Missing Origin Validation in Android Pas… |
aliasvault |
aliasvault |
2026-01-14T16:32:36.007Z | 2026-01-14T16:59:24.012Z |
| CVE-2026-0992 |
2.9 (3.1)
|
Libxml2: libxml2: denial of service via crafted xml catalogs |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-15T14:20:24.934Z | 2026-01-15T16:39:47.982Z |
| CVE-2026-0990 |
5.9 (3.1)
|
Libxml2: libxml2: denial of service via uncontrolled r… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-15T14:20:06.515Z | 2026-01-15T16:39:20.891Z |
| CVE-2026-0989 |
3.7 (3.1)
|
Libxml2: unbounded relaxng include recursion leading t… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-15T14:20:23.274Z | 2026-01-15T16:39:34.311Z |
| CVE-2026-0976 |
3.7 (3.1)
|
Org.keycloak/keycloak-quarkus-server: keycloak: proxy … |
Red Hat |
Red Hat Build of Keycloak |
2026-01-15T12:06:21.251Z | 2026-01-15T14:45:41.540Z |
| CVE-2026-0601 |
5.1 (4.0)
|
Nexus Repository 3 - Cross-Site Scripting |
Sonatype |
Nexus Repository |
2026-01-14T22:05:17.135Z | 2026-01-15T14:43:42.991Z |
| CVE-2026-0600 |
6.2 (4.0)
|
Nexus Repository 3 - Server-Side Request Forgery in Pr… |
Sonatype |
Nexus Repository |
2026-01-14T22:29:09.256Z | 2026-01-15T14:51:42.898Z |
| CVE-2026-0421 |
7 (4.0)
6.5 (3.1)
|
A potential vulnerability was reported in the BIO… |
Lenovo |
ThinkPad L13 Gen 6 BIOS |
2026-01-14T22:18:56.115Z | 2026-02-26T15:04:07.954Z |
| CVE-2025-61973 |
8.8 (3.1)
|
A local privilege escalation vulnerability exists… |
Epic Games |
Epic Games Store |
2026-01-15T15:19:48.838Z | 2026-02-26T15:04:07.661Z |
| CVE-2025-14058 |
2.4 (4.0)
3.2 (3.1)
|
A potential missing authentication vulnerability … |
Lenovo |
Tab M11 TB330FU TB330XU |
2026-01-14T22:20:37.631Z | 2026-01-15T15:56:05.902Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2024-10442 | Off-by-one error vulnerability in the transmission component in Synology Replication Service before… | 2025-03-19T03:15:11.790 | 2026-01-16T16:50:48.027 |
| fkie_cve-2025-59529 | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protoc… | 2025-12-18T21:15:53.637 | 2026-01-16T16:50:20.183 |
| fkie_cve-2026-21221 | Concurrent execution using shared resource with improper synchronization ('race condition') in Capa… | 2026-01-13T18:16:24.723 | 2026-01-16T16:48:12.050 |
| fkie_cve-2026-21900 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Ext… | 2026-01-10T01:16:18.263 | 2026-01-16T16:46:47.517 |
| fkie_cve-2026-22023 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Ext… | 2026-01-10T01:16:18.410 | 2026-01-16T16:45:11.670 |
| fkie_cve-2026-22024 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Ext… | 2026-01-10T01:16:18.553 | 2026-01-16T16:44:36.080 |
| fkie_cve-2026-22026 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Ext… | 2026-01-10T01:16:18.843 | 2026-01-16T16:43:52.067 |
| fkie_cve-2026-22697 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Ext… | 2026-01-10T01:16:19.160 | 2026-01-16T16:42:26.080 |
| fkie_cve-2026-22025 | CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Ext… | 2026-01-10T01:16:18.703 | 2026-01-16T16:39:52.060 |
| fkie_cve-2023-3666 | The Sticky Side Buttons WordPress plugin before 2.0.0 does not sanitise and escape some of its sett… | 2025-09-03T06:15:44.460 | 2026-01-16T16:38:05.313 |
| fkie_cve-2025-43491 | A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow mo… | 2025-09-09T21:15:35.837 | 2026-01-16T16:36:19.900 |
| fkie_cve-2025-2268 | The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a… | 2025-03-14T14:15:20.270 | 2026-01-16T16:33:16.067 |
| fkie_cve-2026-20965 | Improper verification of cryptographic signature in Windows Admin Center allows an authorized attac… | 2026-01-13T18:16:24.417 | 2026-01-16T16:23:11.237 |
| fkie_cve-2026-20949 | Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a secur… | 2026-01-13T18:16:22.487 | 2026-01-16T16:20:58.787 |
| fkie_cve-2026-20948 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute c… | 2026-01-13T18:16:22.327 | 2026-01-16T16:19:15.393 |
| fkie_cve-2026-20947 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft O… | 2026-01-13T18:16:22.167 | 2026-01-16T16:17:12.343 |
| fkie_cve-2026-20946 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | 2026-01-13T18:16:22.007 | 2026-01-16T16:16:28.527 |
| fkie_cve-2026-20944 | Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 2026-01-13T18:16:21.850 | 2026-01-16T16:15:25.740 |
| fkie_cve-2026-20943 | Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally. | 2026-01-13T18:16:21.687 | 2026-01-16T16:14:34.970 |
| fkie_cve-2026-20941 | Improper link resolution before file access ('link following') in Host Process for Windows Tasks al… | 2026-01-13T18:16:21.530 | 2026-01-16T15:55:38.877 |
| fkie_cve-2026-22694 | AliasVault is a privacy-first password manager with built-in email aliasing. AliasVault Android ver… | 2026-01-14T17:16:08.810 | 2026-01-16T15:55:33.063 |
| fkie_cve-2026-0992 | A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occur… | 2026-01-15T15:15:52.657 | 2026-01-16T15:55:33.063 |
| fkie_cve-2026-0990 | A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occu… | 2026-01-15T15:15:52.503 | 2026-01-16T15:55:33.063 |
| fkie_cve-2026-0989 | A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions ar… | 2026-01-15T15:15:52.350 | 2026-01-16T15:55:33.063 |
| fkie_cve-2026-0976 | A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak … | 2026-01-15T13:16:04.910 | 2026-01-16T15:55:33.063 |
| fkie_cve-2026-0601 | A reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthentic… | 2026-01-14T22:15:52.960 | 2026-01-16T15:55:33.063 |
| fkie_cve-2026-0600 | Server-Side Request Forgery (SSRF) vulnerability in Sonatype Nexus Repository 3 versions 3.0.0 and … | 2026-01-14T23:15:56.560 | 2026-01-16T15:55:33.063 |
| fkie_cve-2026-0421 | A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L… | 2026-01-14T23:15:56.397 | 2026-01-16T15:55:33.063 |
| fkie_cve-2025-61973 | A local privilege escalation vulnerability exists during the installation of Epic Games Store via t… | 2026-01-15T16:16:11.320 | 2026-01-16T15:55:33.063 |
| fkie_cve-2025-14058 | A potential missing authentication vulnerability was reported in some Lenovo Tablets that could all… | 2026-01-14T23:15:55.970 | 2026-01-16T15:55:33.063 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-52hx-p4rh-g7pf |
|
In the Linux kernel, the following vulnerability has been resolved: firmware: meson_sm: fix to avo… | 2025-12-30T15:30:35Z | 2025-12-30T15:30:35Z |
| ghsa-4784-9v76-jqjx |
|
In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partne… | 2025-12-30T15:30:35Z | 2025-12-30T15:30:35Z |
| ghsa-3x4v-mgvj-ccrv |
|
In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of… | 2025-12-30T15:30:35Z | 2025-12-30T15:30:35Z |
| ghsa-3j26-wpvv-9xc2 |
|
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with… | 2025-12-30T15:30:35Z | 2025-12-30T15:30:35Z |
| ghsa-3fg3-j45r-7qh2 |
|
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quark_dts: fix… | 2025-12-30T15:30:35Z | 2025-12-30T15:30:35Z |
| ghsa-36j9-v89w-79c6 |
|
In the Linux kernel, the following vulnerability has been resolved: ptp_qoriq: fix memory leak in … | 2025-12-30T15:30:35Z | 2025-12-30T15:30:35Z |
| ghsa-2337-fj37-r35q |
|
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing… | 2025-12-30T15:30:35Z | 2025-12-30T15:30:35Z |
| ghsa-wr38-v9r2-5hhw |
|
In the Linux kernel, the following vulnerability has been resolved: s390/vmem: split pages when de… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-wm5w-7h48-37x2 |
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix an uninit variable a… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-wfjg-crvw-f25h |
|
In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't wake up ks… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-vrgf-cf4x-v6w6 |
|
In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-r3v9-vm52-w2px |
|
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Rework lppaca… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-qq6g-5658-hpx2 |
|
In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-q3xj-c96p-46gm |
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-jxrr-h72w-8m3v |
|
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in ci… | 2025-12-30T15:30:33Z | 2025-12-30T15:30:34Z |
| ghsa-jwmj-482q-j9c2 |
|
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for val… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-jw53-vfm2-vf66 |
|
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref cau… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-jm7j-xgrw-fv67 |
|
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a possible null-… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-jg98-775f-9rrv |
|
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow po… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-j78v-x2hm-xc58 |
|
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 … | 2025-12-30T15:30:33Z | 2025-12-30T15:30:34Z |
| ghsa-hvj9-4j33-rmxc |
|
In the Linux kernel, the following vulnerability has been resolved: sh: dma: Fix DMA channel offse… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-gqhr-h84m-5956 |
|
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint che… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-fp2g-4w3c-p2mv |
|
In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pa… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-fg5h-p8w5-653v |
|
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix memory leak … | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-cphq-rv4m-x79g |
|
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: double free xprt_ctxt … | 2025-12-30T15:30:33Z | 2025-12-30T15:30:34Z |
| ghsa-c9xp-xhgq-2rj5 |
|
In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker … | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-88jr-vfwv-8mp6 |
|
In the Linux kernel, the following vulnerability has been resolved: tty: serial: imx: disable Agei… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-7v8c-h9vh-3q7f |
|
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: init hp… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-76fv-99ww-8hmg |
|
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a p… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ghsa-6jgm-8895-m249 |
|
In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use aft… | 2025-12-30T15:30:34Z | 2025-12-30T15:30:34Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-25072 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.273841Z |
| gsd-2024-25080 | WebMail in Axigen 10.x before 10.3.3.62 allows XSS via the image attachment viewer. | 2024-02-05T06:03:25.273548Z |
| gsd-2024-25090 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.273303Z |
| gsd-2024-25076 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.273059Z |
| gsd-2024-25068 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.272803Z |
| gsd-2024-25064 | Due to insufficient server-side validation, an attacker with login privileges could acces… | 2024-02-05T06:03:25.267996Z |
| gsd-2024-25069 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.266647Z |
| gsd-2024-25081 | Splinefont in FontForge through 20230101 allows command injection via crafted filenames. | 2024-02-05T06:03:25.264273Z |
| gsd-2024-25078 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.261430Z |
| gsd-2024-25077 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.260794Z |
| gsd-2024-25083 | An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. When… | 2024-02-05T06:03:25.259091Z |
| gsd-2024-25073 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.258102Z |
| gsd-2024-25085 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.256175Z |
| gsd-2024-25086 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.255945Z |
| gsd-2024-25066 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.255655Z |
| gsd-2024-25079 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.255413Z |
| gsd-2024-25084 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.252993Z |
| gsd-2024-25065 | Possible path traversal in Apache OFBiz allowing authentication bypass. Users are recomm… | 2024-02-05T06:03:25.252742Z |
| gsd-2024-25075 | An issue was discovered in Softing uaToolkit Embedded before 1.41.1. When a subscription … | 2024-02-05T06:03:25.251832Z |
| gsd-2024-25063 | Due to insufficient server-side validation, a successful exploit of this vulnerability co… | 2024-02-05T06:03:25.250662Z |
| gsd-2024-25089 | Malwarebytes Binisoft Windows Firewall Control before 6.9.9.2 allows remote attackers to … | 2024-02-05T06:03:25.250189Z |
| gsd-2024-25071 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.249858Z |
| gsd-2024-25088 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.248951Z |
| gsd-2024-25067 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.248426Z |
| gsd-2024-25082 | Splinefont in FontForge through 20230101 allows command injection via crafted archives or… | 2024-02-05T06:03:25.248170Z |
| gsd-2024-25062 | An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the… | 2024-02-05T06:03:25.246357Z |
| gsd-2024-25087 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.246003Z |
| gsd-2024-25074 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.245417Z |
| gsd-2024-25070 | The format of the source doesn't require a description, click on the link for more details. | 2024-02-05T06:03:25.244084Z |
| gsd-2024-25091 | Protection mechanism failure issue exists in RevoWorks SCVX prior to scvimage4.10.21_1013… | 2024-02-05T06:03:25.239948Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-183125 | Malicious code in item-atim-kubusaka (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183124 | Malicious code in item-atim-kubuka (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183123 | Malicious code in item-atim-kubuika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183122 | Malicious code in item-atim-kubuaka (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183121 | Malicious code in item-atim-kubu (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183120 | Malicious code in item-atim-ku (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183119 | Malicious code in item-ati-zpooa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183118 | Malicious code in item-ati-zpojozika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183117 | Malicious code in item-ati-zpojozia (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183116 | Malicious code in item-ati-zpojozakuika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183115 | Malicious code in item-ati-zpojozakika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183114 | Malicious code in item-ati-zpojoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183113 | Malicious code in item-ati-zpjozakuika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183112 | Malicious code in item-ati-zjzakuika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183111 | Malicious code in item-ati-zjkuika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183110 | Malicious code in item-ati-za (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183109 | Malicious code in item-ati-lza (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183108 | Malicious code in item-ati-labza (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183107 | Malicious code in item-ati-labiza (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183106 | Malicious code in item-ati-labioza (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183105 | Malicious code in item-ati-labiomza (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183104 | Malicious code in item-ati-labiomizazkapa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183103 | Malicious code in item-ati-labiomizazaa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183102 | Malicious code in item-ati-labiomizaa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183101 | Malicious code in item-ati-labiomiza (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183100 | Malicious code in item-ati-kuika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183099 | Malicious code in item-ati-kubussiduzika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183098 | Malicious code in item-ati-kubusisiduzika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183097 | Malicious code in item-ati-kubusisasiduzika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-183096 | Malicious code in item-ati-kubusiduzika (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2023:2969 | Red Hat Security Advisory: net-snmp security and bug fix update | 2023-05-16T08:37:22+00:00 | 2025-11-21T18:40:28+00:00 |
| rhsa-2023:2948 | Red Hat Security Advisory: device-mapper-multipath security and bug fix update | 2023-05-16T08:31:05+00:00 | 2025-11-21T18:40:28+00:00 |
| rhsa-2023:2873 | Red Hat Security Advisory: gcc-toolset-12-binutils security update | 2023-05-16T08:56:45+00:00 | 2025-11-21T18:40:26+00:00 |
| rhsa-2023:2870 | Red Hat Security Advisory: freeradius:3.0 security update | 2023-05-16T08:26:20+00:00 | 2025-11-21T18:40:26+00:00 |
| rhsa-2023:2863 | Red Hat Security Advisory: ctags security update | 2023-05-16T08:45:26+00:00 | 2025-11-21T18:40:25+00:00 |
| rhsa-2023:2860 | Red Hat Security Advisory: python27:2.7 security update | 2023-05-16T08:33:04+00:00 | 2025-11-21T18:40:25+00:00 |
| rhsa-2023:2859 | Red Hat Security Advisory: git security and bug fix update | 2023-05-16T08:32:51+00:00 | 2025-11-21T18:40:23+00:00 |
| rhsa-2023:2851 | Red Hat Security Advisory: freerdp security update | 2023-05-16T08:59:13+00:00 | 2025-11-21T18:40:23+00:00 |
| rhsa-2023:2830 | Red Hat Security Advisory: tigervnc security and bug fix update | 2023-05-16T08:56:12+00:00 | 2025-11-21T18:40:23+00:00 |
| rhsa-2023:2810 | Red Hat Security Advisory: poppler security update | 2023-05-16T08:30:40+00:00 | 2025-11-21T18:40:23+00:00 |
| rhsa-2023:2806 | Red Hat Security Advisory: xorg-x11-server security and bug fix update | 2023-05-16T08:54:17+00:00 | 2025-11-21T18:40:22+00:00 |
| rhsa-2023:2786 | Red Hat Security Advisory: wayland security, bug fix, and enhancement update | 2023-05-16T08:53:12+00:00 | 2025-11-21T18:40:21+00:00 |
| rhsa-2023:2805 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update | 2023-05-16T09:10:25+00:00 | 2025-11-21T18:40:20+00:00 |
| rhsa-2023:2801 | Red Hat Security Advisory: frr security and bug fix update | 2023-05-16T08:47:58+00:00 | 2025-11-21T18:40:20+00:00 |
| rhsa-2023:2800 | Red Hat Security Advisory: sysstat security and bug fix update | 2023-05-16T08:52:50+00:00 | 2025-11-21T18:40:20+00:00 |
| rhsa-2023:2771 | Red Hat Security Advisory: unbound security and bug fix update | 2023-05-16T08:37:44+00:00 | 2025-11-21T18:40:17+00:00 |
| rhsa-2023:2653 | Red Hat Security Advisory: webkit2gtk3 security update | 2023-05-09T11:50:51+00:00 | 2025-11-21T18:40:12+00:00 |
| rhsa-2023:2652 | Red Hat Security Advisory: pcs security and bug fix update | 2023-05-09T11:39:22+00:00 | 2025-11-21T18:40:11+00:00 |
| rhsa-2023:2650 | Red Hat Security Advisory: curl security update | 2023-05-09T11:16:58+00:00 | 2025-11-21T18:40:11+00:00 |
| rhsa-2023:2645 | Red Hat Security Advisory: openssh security update | 2023-05-09T11:16:56+00:00 | 2025-11-21T18:40:11+00:00 |
| rhsa-2023:2633 | Red Hat Security Advisory: libreswan security update | 2023-05-09T11:16:54+00:00 | 2025-11-21T18:40:10+00:00 |
| rhsa-2023:2621 | Red Hat Security Advisory: mysql security update | 2023-05-09T11:21:27+00:00 | 2025-11-21T18:40:10+00:00 |
| rhsa-2023:2589 | Red Hat Security Advisory: autotrace security update | 2023-05-09T10:11:18+00:00 | 2025-11-21T18:40:09+00:00 |
| rhsa-2023:2582 | Red Hat Security Advisory: lua security update | 2023-05-09T10:03:46+00:00 | 2025-11-21T18:40:09+00:00 |
| rhsa-2023:2532 | Red Hat Security Advisory: libarchive security update | 2023-05-09T10:10:57+00:00 | 2025-11-21T18:40:08+00:00 |
| rhsa-2023:2519 | Red Hat Security Advisory: samba security, bug fix, and enhancement update | 2023-05-09T10:02:55+00:00 | 2025-11-21T18:40:08+00:00 |
| rhsa-2023:2502 | Red Hat Security Advisory: dhcp security and enhancement update | 2023-05-09T09:51:36+00:00 | 2025-11-21T18:40:07+00:00 |
| rhsa-2023:2487 | Red Hat Security Advisory: fwupd security and bug fix update | 2023-05-09T10:03:07+00:00 | 2025-11-21T18:40:07+00:00 |
| rhsa-2023:2459 | Red Hat Security Advisory: device-mapper-multipath security and bug fix update | 2023-05-09T10:04:06+00:00 | 2025-11-21T18:40:06+00:00 |
| rhsa-2023:2453 | Red Hat Security Advisory: libtpms security update | 2023-05-09T10:03:07+00:00 | 2025-11-21T18:40:06+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2019-20175 | An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that implies that the size of successful DMA transfers there must be a multiple of 512 (the size of a sector). NOTE: a member of the QEMU security team disputes the significance of this issue because a "privileged guest user has many ways to cause similar DoS effect without triggering this assert. | 2019-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-18276 | An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default if Bash is run with its effective UID not equal to its real UID it will drop privileges by setting its effective UID to its real UID. However it does so incorrectly. On Linux and other systems that support "saved UID" functionality the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin which can be a shared object that calls setuid() and therefore regains privileges. However binaries running with an effective UID of 0 are unaffected. | 2019-11-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-17451 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c as demonstrated by nm. | 2019-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-17450 | find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | 2019-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-15847 | The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example within a single execution of a program the output of every __builtin_darn() call may be the same. | 2019-09-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14834 | A vulnerability was found in dnsmasq before version 2.81 where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. | 2020-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14444 | apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file as demonstrated by readelf. | 2019-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14250 | An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow. | 2019-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-13012 | The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir NULL NULL) and files using g_file_replace_contents (kfsb->file contents length NULL FALSE G_FILE_CREATE_REPLACE_DESTINATION NULL NULL NULL). Consequently it does not properly restrict directory (and file) permissions. Instead for directories 0777 permissions are used; for files default file permissions are used. This is similar to CVE-2019-12450. | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-12972 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-12439 | bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR) a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code. | 2019-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-20843 | In libexpat in Expat before 2.2.7 XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-20796 | In the GNU C Library (aka glibc or libc6) through 2.29 check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep. | 2019-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-19876 | cairo 1.16.0 in cairo_ft_apply_variations() in cairo-ft-font.c would free memory using a free function incompatible with WebKit's fastMalloc leading to an application crash with a "free(): invalid pointer" error. | 2018-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-19665 | The Bluetooth subsystem in QEMU mishandles negative values for length variables leading to memory corruption. | 2018-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-19591 | In the GNU C Library (aka glibc or libc6) through 2.28 attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function. | 2018-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-16866 | An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-16865 | An allocation of memory without limits that could result in the stack clashing with another memory region was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker or a remote one if systemd-journal-remote is used may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-16864 | An allocation of memory without limits that could result in the stack clashing with another memory region was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-15688 | Out-of-Bounds write in systemd-networkd dhcpv6 option handling | 2018-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-15687 | systemd: chown_one() can dereference symlinks | 2018-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-15686 | systemd: reexec state injection: fgets() on overlong lines leads to line splitting | 2018-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-10896 | The default cloud-init configuration in cloud-init 0.6.2 and newer included "ssh_deletekeys: 0" disabling cloud-init's deletion of ssh host keys. In some environments this could lead to instances created by cloning a golden master or template system sharing ssh host keys and being able to impersonate one another or conduct man-in-the-middle attacks. | 2018-08-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2016-3189 | Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file related to block ends set to before the start of the block. | 2016-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2016-10739 | In the GNU C Library (aka glibc or libc6) through 2.28 the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters which could lead applications to incorrectly assume that it had parsed a valid string without the possibility of embedded HTTP headers or other potentially dangerous substrings. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2015-8370 | Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication obtain sensitive information or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c which trigger an "Off-by-two" or "Out of bounds overwrite" memory error. | 2015-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2015-8100 | The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf which allows local users to obtain sensitive community information by reading this file. | 2015-11-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-1105 | Outlook for Android Spoofing Vulnerability | 2019-06-11T07:00:00.000Z | 2019-06-20T07:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201504-0126 | The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 allows remote atta… | 2025-04-13T22:14:14.084000Z |
| var-201510-0167 | The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a cr… | 2025-04-13T22:14:13.286000Z |
| var-201407-0099 | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5… | 2025-04-13T22:14:09.303000Z |
| var-201409-0473 | IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue … | 2025-04-13T22:14:03.984000Z |
| var-201603-0292 | The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allow… | 2025-04-13T22:13:28.092000Z |
| var-201407-0095 | Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations du… | 2025-04-13T22:13:27.980000Z |
| var-201402-0400 | Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers … | 2025-04-13T22:12:19.469000Z |
| var-201609-0272 | CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion,… | 2025-04-13T22:12:19.344000Z |
| var-201603-0211 | The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not prop… | 2025-04-13T22:12:17.380000Z |
| var-201406-0126 | Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x… | 2025-04-13T22:12:17.266000Z |
| var-201508-0102 | The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to caus… | 2025-04-13T22:12:12.441000Z |
| var-201504-0108 | NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before 7.2 allows remote a… | 2025-04-13T22:11:40.049000Z |
| var-201509-0068 | IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain sensitive kernel mem… | 2025-04-13T22:11:37.271000Z |
| var-201610-0302 | Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a de… | 2025-04-13T22:11:18.322000Z |
| var-201609-0348 | Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before … | 2025-04-13T22:11:14.103000Z |
| var-201609-0295 | The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before … | 2025-04-13T22:11:09.514000Z |
| var-201605-0434 | The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code… | 2025-04-13T22:11:03.398000Z |
| var-201501-0629 | Buffer overflow in the XML parser in Foundation in Apple iOS before 8.1.3, Apple OS X bef… | 2025-04-13T22:11:00.934000Z |
| var-201512-0069 | Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allo… | 2025-04-13T22:11:00.783000Z |
| var-201509-0087 | The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to byp… | 2025-04-13T22:10:23.350000Z |
| var-201512-0122 | WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote at… | 2025-04-13T22:10:22.548000Z |
| var-201512-0163 | OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before … | 2025-04-13T22:10:22.497000Z |
| var-201607-0352 | libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, … | 2025-04-13T22:10:21.840000Z |
| var-201412-0515 | The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8… | 2025-04-13T22:10:21.766000Z |
| var-201411-0258 | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x be… | 2025-04-13T22:09:46.911000Z |
| var-201509-0044 | Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between UR… | 2025-04-13T22:09:45.623000Z |
| var-201512-0160 | The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 a… | 2025-04-13T22:09:43.915000Z |
| var-201609-0291 | WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attack… | 2025-04-13T22:09:06.408000Z |
| var-201407-0384 | Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (… | 2025-04-13T22:09:06.126000Z |
| var-201609-0481 | crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of ser… | 2025-04-13T22:09:05.684000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2020:1713-1 | Security update for the Linux Kernel | 2020-06-23T09:16:06Z | 2020-06-23T09:16:06Z |
| suse-su-2020:1712-1 | Security update for xawtv | 2020-06-23T08:33:48Z | 2020-06-23T08:33:48Z |
| suse-su-2020:1711-1 | Security update for mariadb | 2020-06-23T08:33:39Z | 2020-06-23T08:33:39Z |
| suse-su-2020:1710-1 | Security update for mariadb | 2020-06-23T08:33:12Z | 2020-06-23T08:33:12Z |
| suse-su-2020:1709-1 | Security update for mercurial | 2020-06-23T08:32:50Z | 2020-06-23T08:32:50Z |
| suse-su-2020:1699-1 | Security update for the Linux Kernel | 2020-06-22T07:52:05Z | 2020-06-22T07:52:05Z |
| suse-su-2020:14400-1 | Security update for bind | 2020-06-19T14:11:27Z | 2020-06-19T14:11:27Z |
| suse-su-2020:1695-1 | Security update for osc | 2020-06-19T12:54:52Z | 2020-06-19T12:54:52Z |
| suse-su-2020:1693-1 | Security update for the Linux Kernel | 2020-06-19T12:25:45Z | 2020-06-19T12:25:45Z |
| suse-su-2020:1687-1 | Security update for libgxps | 2020-06-19T07:54:58Z | 2020-06-19T07:54:58Z |
| suse-su-2020:1686-1 | Security update for java-1_8_0-openjdk | 2020-06-19T07:53:48Z | 2020-06-19T07:53:48Z |
| suse-su-2020:1685-1 | Security update for java-1_8_0-ibm | 2020-06-19T07:51:34Z | 2020-06-19T07:51:34Z |
| suse-su-2020:1684-1 | Security update for java-1_8_0-ibm | 2020-06-19T07:49:01Z | 2020-06-19T07:49:01Z |
| suse-su-2020:1683-1 | Security update for java-1_7_1-ibm | 2020-06-19T07:47:45Z | 2020-06-19T07:47:45Z |
| suse-su-2020:1682-1 | Security update for perl | 2020-06-19T07:45:25Z | 2020-06-19T07:45:25Z |
| suse-su-2020:1681-1 | Security update for fwupd | 2020-06-19T07:44:07Z | 2020-06-19T07:44:07Z |
| suse-su-2020:1677-1 | Security update for mozilla-nspr, mozilla-nss | 2020-06-18T16:17:27Z | 2020-06-18T16:17:27Z |
| suse-su-2020:14399-1 | Security update for adns | 2020-06-18T11:43:19Z | 2020-06-18T11:43:19Z |
| suse-su-2020:1672-1 | Security update for dbus-1 | 2020-06-18T11:41:37Z | 2020-06-18T11:41:37Z |
| suse-su-2020:1664-1 | Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork | 2020-06-18T09:19:31Z | 2020-06-18T09:19:31Z |
| suse-su-2020:1663-1 | Security update for the Linux Kernel | 2020-06-18T09:17:44Z | 2020-06-18T09:17:44Z |
| suse-su-2020:1662-1 | Security update for perl | 2020-06-18T09:13:48Z | 2020-06-18T09:13:48Z |
| suse-su-2020:1661-1 | Security update for php7 | 2020-06-18T09:10:30Z | 2020-06-18T09:10:30Z |
| suse-su-2020:1660-1 | Security update for gnuplot | 2020-06-18T09:10:01Z | 2020-06-18T09:10:01Z |
| suse-su-2020:1659-1 | Security update for guile | 2020-06-18T09:09:35Z | 2020-06-18T09:09:35Z |
| suse-su-2020:1658-1 | Security update for gegl | 2020-06-18T09:09:09Z | 2020-06-18T09:09:09Z |
| suse-su-2020:1657-1 | Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork | 2020-06-18T08:49:58Z | 2020-06-18T08:49:58Z |
| suse-su-2020:1656-1 | Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1) | 2020-06-18T08:36:58Z | 2020-06-18T08:36:58Z |
| suse-su-2020:1671-1 | Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP1) | 2020-06-18T08:36:35Z | 2020-06-18T08:36:35Z |
| suse-su-2020:1646-1 | Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP1) | 2020-06-18T08:36:21Z | 2020-06-18T08:36:21Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2024-37427 | Dell EMC Repository Manager访问控制错误漏洞 | 2023-11-20 | 2024-09-04 |
| cnvd-2024-37426 | Dell OS Recovery Tool访问控制错误漏洞(CNVD-2024-3742694) | 2023-11-27 | 2024-09-04 |
| cnvd-2024-37425 | Dell PowerProtect Data Domain命令执行漏洞 | 2023-12-18 | 2024-09-04 |
| cnvd-2024-37424 | Dell PowerScale OneFS加密问题漏洞(CNVD-2024-37424) | 2024-07-05 | 2024-09-04 |
| cnvd-2024-37423 | Dell Edge Gateway缓冲区溢出漏洞(CNVD-2024-37423) | 2024-07-19 | 2024-09-04 |
| cnvd-2024-37422 | Dell Alienware Command Center访问控制错误漏洞(CNVD-2024-37422) | 2024-07-19 | 2024-09-04 |
| cnvd-2024-37421 | Dell Data Lakehouse加密问题漏洞 | 2024-07-24 | 2024-09-04 |
| cnvd-2024-37420 | Adobe Commerce跨站请求伪造漏洞(CNVD-2024-37420) | 2024-08-16 | 2024-09-04 |
| cnvd-2024-37419 | Dell BIOS输入验证错误漏洞(CNVD-2024-37419) | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37418 | Dell Power Manager授权问题漏洞 | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37417 | Kashipara Hotel Management System文件上传漏洞 | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37416 | Kashipara Hotel Management System跨站请求伪造漏洞 | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37415 | Kashipara Hotel Management System访问控制错误漏洞 | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37414 | Kashipara Hotel Management System跨站脚本漏洞 | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37413 | Kashipara Hotel Management System跨站脚本漏洞(CNVD-2024-37413) | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37412 | Kashipara Hotel Management System访问控制错误漏洞(CNVD-2024-37412) | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37411 | Kashipara Hotel Management System跨站脚本漏洞(CNVD-2024-37411) | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37410 | Kashipara Hotel Management System访问控制错误漏洞(CNVD-2024-37410) | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37409 | Kashipara Hotel Management System访问控制错误漏洞(CNVD-2024-37409) | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37348 | Fortinet FortiWAN操作系统命令注入漏洞(CNVD-2024-37348) | 2023-02-20 | 2024-09-04 |
| cnvd-2024-37347 | Fortinet FortiPortal信息泄露漏洞 | 2023-02-20 | 2024-09-04 |
| cnvd-2024-37346 | Fortinet FortiOS加密问题漏洞 | 2023-02-20 | 2024-09-04 |
| cnvd-2024-37341 | Fortinet FortiWebManager授权问题漏洞 | 2024-06-05 | 2024-09-04 |
| cnvd-2024-37340 | Fortinet FortiExtender访问控制错误漏洞(CNVD-2024-37340) | 2024-07-12 | 2024-09-04 |
| cnvd-2024-37339 | Fortinet FortiOS访问控制错误漏洞(CNVD-2024-37339) | 2024-08-29 | 2024-09-04 |
| cnvd-2024-37209 | GTKWave整数溢出漏洞(CNVD-2024-37209) | 2024-01-11 | 2024-09-04 |
| cnvd-2024-37208 | GTKWave代码执行漏洞(CNVD-2024-37208) | 2024-01-11 | 2024-09-04 |
| cnvd-2024-37207 | GTKWave整数溢出漏洞(CNVD-2024-37207) | 2024-01-11 | 2024-09-04 |
| cnvd-2024-37206 | GTKWave整数溢出漏洞(CNVD-2024-37206) | 2024-01-11 | 2024-09-04 |
| cnvd-2024-37205 | GTKWave代码执行漏洞(CNVD-2024-37205) | 2024-01-11 | 2024-09-04 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2009-avi-428 | Multiples vulnérabilités dans Kerberos sous HP-UX | 2009-10-08T00:00:00.000000 | 2009-10-08T00:00:00.000000 |
| certa-2009-avi-427 | Vulnérabilité dans HP Remote Graphics Software | 2009-10-07T00:00:00.000000 | 2009-10-07T00:00:00.000000 |
| certa-2009-avi-426 | Vulnérabilité dans Xen | 2009-10-07T00:00:00.000000 | 2009-10-07T00:00:00.000000 |
| certa-2009-avi-425 | Multiples vulnérabilités de FreeBSD | 2009-10-07T00:00:00.000000 | 2009-10-07T00:00:00.000000 |
| certa-2009-avi-424 | Multiples vulnérabilités dans Apache | 2009-10-07T00:00:00.000000 | 2009-10-07T00:00:00.000000 |
| certa-2009-avi-423 | Multiples vulnérabilités dans Wireshark | 2009-10-06T00:00:00.000000 | 2009-10-06T00:00:00.000000 |
| certa-2009-avi-422 | Vulnérabilité dans Mc Afee Email and Web Security Appliance | 2009-10-06T00:00:00.000000 | 2009-10-06T00:00:00.000000 |
| certa-2009-avi-421 | Vulnérabilité dans OSIsoft PI server | 2009-10-02T00:00:00.000000 | 2009-10-02T00:00:00.000000 |
| certa-2009-avi-419 | Multiples vulnérabilités du logiciel VMware Fusion | 2009-10-02T00:00:00.000000 | 2009-10-02T00:00:00.000000 |
| certa-2009-avi-418 | Vulnérabilité dans IBM Tivoli Composite Application Manager pour WebSphere | 2009-10-02T00:00:00.000000 | 2009-10-02T00:00:00.000000 |
| certa-2009-avi-417 | Vulnérabilités dans IBM AIX | 2009-10-01T00:00:00.000000 | 2009-10-01T00:00:00.000000 |
| certa-2009-avi-416 | Vulnérabilité dans HP StorageWorks | 2009-10-01T00:00:00.000000 | 2009-10-01T00:00:00.000000 |
| certa-2009-avi-415 | Vulnérabilité dans Novell NetWare | 2009-10-01T00:00:00.000000 | 2009-10-01T00:00:00.000000 |
| certa-2009-avi-414 | Vulnérabilité dans le navigateur Google Chrome | 2009-10-01T00:00:00.000000 | 2009-10-01T00:00:00.000000 |
| certa-2009-avi-259 | Vulnérabilité du serveur Samba | 2009-06-30T00:00:00.000000 | 2009-10-01T00:00:00.000000 |
| certa-2009-avi-413 | Vulnérabilités dans HP-UX | 2009-09-30T00:00:00.000000 | 2009-09-30T00:00:00.000000 |
| certa-2009-avi-412 | Vulnérabilités dans IBM DB2 | 2009-09-30T00:00:00.000000 | 2009-09-30T00:00:00.000000 |
| certa-2009-avi-411 | Vulnérabilité dans IBM Informix Dynamic Server | 2009-09-30T00:00:00.000000 | 2009-09-30T00:00:00.000000 |
| certa-2009-avi-410 | Vulnérabilité dans IBM Lotus Connections | 2009-09-29T00:00:00.000000 | 2009-09-29T00:00:00.000000 |
| certa-2009-avi-409 | Vulnérabilité du navigateur du terminal BlackBerry | 2009-09-29T00:00:00.000000 | 2009-09-29T00:00:00.000000 |
| certa-2009-avi-408 | Multiples vulnérabilités dans IBM HTTP Server | 2009-09-25T00:00:00.000000 | 2009-09-25T00:00:00.000000 |
| certa-2009-avi-407 | Vulnérabilité de Apple Xsan | 2009-09-25T00:00:00.000000 | 2009-09-25T00:00:00.000000 |
| certa-2009-avi-406 | Vulnérabilité du noyau Linux | 2009-09-25T00:00:00.000000 | 2009-09-25T00:00:00.000000 |
| certa-2009-avi-405 | Vulnérabilité dans Apple iTunes | 2009-09-25T00:00:00.000000 | 2009-09-25T00:00:00.000000 |
| certa-2009-avi-404 | Vulnérabilité de Snort | 2009-09-25T00:00:00.000000 | 2009-09-25T00:00:00.000000 |
| certa-2009-avi-384 | Vulnérabilité de FreeRADIUS | 2009-09-11T00:00:00.000000 | 2009-09-25T00:00:00.000000 |
| certa-2009-avi-403 | Multiples vulnérabilités de Cisco Unified Communication Manager | 2009-09-24T00:00:00.000000 | 2009-09-24T00:00:00.000000 |
| certa-2009-avi-402 | Multiples vulnérabilités dans Cisco IOS | 2009-09-24T00:00:00.000000 | 2009-09-24T00:00:00.000000 |
| certa-2009-avi-401 | Mutiples vulnérabilités du navigateur Google Chrome | 2009-09-24T00:00:00.000000 | 2009-09-24T00:00:00.000000 |
| certa-2009-avi-400 | Vulnérabilités de Firewall Builder | 2009-09-24T00:00:00.000000 | 2009-09-24T00:00:00.000000 |