Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2000-0409 |
N/A
|
Netscape 4.73 and earlier follows symlinks when i… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.541Z |
| CVE-2000-0410 |
N/A
|
ColdFusion Server 4.5.1 allows remote attackers t… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.539Z |
| CVE-2000-0411 |
N/A
|
Matt Wright's FormMail CGI script allows remote a… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.478Z |
| CVE-2000-0414 |
N/A
|
Vulnerability in shutdown command for HP-UX 11.X … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.501Z |
| CVE-2000-0416 |
N/A
|
NTMail 5.x allows network users to bypass the NTM… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.569Z |
| CVE-2000-0417 |
N/A
|
The HTTP administration interface to the Cayman 3… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.632Z |
| CVE-2000-0418 |
N/A
|
The Cayman 3220-H DSL router allows remote attack… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.506Z |
| CVE-2000-0419 |
N/A
|
The Office 2000 UA ActiveX Control is marked as "… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.483Z |
| CVE-2000-0421 |
N/A
|
The process_bug.cgi script in Bugzilla allows rem… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.507Z |
| CVE-2000-0424 |
N/A
|
The CGI counter 4.0.7 by George Burgyan allows re… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.489Z |
| CVE-2000-0425 |
N/A
|
Buffer overflow in the Web Archives component of … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.546Z |
| CVE-2000-0427 |
N/A
|
The Aladdin Knowledge Systems eToken device allow… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.477Z |
| CVE-2000-0428 |
N/A
|
Buffer overflow in the SMTP gateway for InterScan… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.538Z |
| CVE-2000-0431 |
N/A
|
Cobalt RaQ2 and RaQ3 does not properly set the ac… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.516Z |
| CVE-2000-0432 |
N/A
|
The calender.pl and the calendar_admin.pl calenda… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.678Z |
| CVE-2000-0435 |
N/A
|
The allmanageup.pl file upload CGI script in the … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.706Z |
| CVE-2000-0436 |
N/A
|
MetaProducts Offline Explorer 1.2 and earlier all… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.681Z |
| CVE-2000-0437 |
N/A
|
Buffer overflow in the CyberPatrol daemon "cyberd… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.627Z |
| CVE-2000-0438 |
N/A
|
Buffer overflow in fdmount on Linux systems allow… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.665Z |
| CVE-2000-0439 |
N/A
|
Internet Explorer 4.0 and 5.0 allows a malicious … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.410Z |
| CVE-2000-0441 |
N/A
|
Vulnerability in AIX 3.2.x and 4.x allows local u… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.948Z |
| CVE-2000-0442 |
N/A
|
Qpopper 2.53 and earlier allows local users to ga… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.648Z |
| CVE-2000-0452 |
N/A
|
Buffer overflow in the ESMTP service of Lotus Dom… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.954Z |
| CVE-2000-0453 |
N/A
|
XFree86 3.3.x and 4.0 allows a user to cause a de… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.681Z |
| CVE-2000-0454 |
N/A
|
Buffer overflow in Linux cdrecord allows local us… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.843Z |
| CVE-2000-0455 |
N/A
|
Buffer overflow in xlockmore xlock program versio… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:31.201Z |
| CVE-2000-0456 |
N/A
|
NetBSD 1.4.2 and earlier allows local users to ca… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:31.322Z |
| CVE-2000-0460 |
N/A
|
Buffer overflow in KDE kdesud on Linux allows loc… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.917Z |
| CVE-2000-0461 |
N/A
|
The undocumented semconfig system call in BSD fre… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.555Z |
| CVE-2000-0462 |
N/A
|
ftpd in NetBSD 1.4.2 does not properly parse entr… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.311Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-1352 |
N/A
|
mknod in Linux 2.2 follows symbolic links, which … |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:02.915Z |
| CVE-1999-1350 |
N/A
|
ARCAD Systemhaus 0.078-5 installs critical progra… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:02.855Z |
| CVE-1999-0931 |
N/A
|
Buffer overflow in Mediahouse Statistics Server a… |
n/a |
n/a |
2000-03-22T05:00:00 | 2024-08-01T16:55:29.371Z |
| CVE-1999-0932 |
N/A
|
Mediahouse Statistics Server allows remote attack… |
n/a |
n/a |
2000-10-13T04:00:00 | 2024-08-01T16:55:29.378Z |
| CVE-1999-1469 |
N/A
|
Buffer overflow in w3-auth CGI program in miniSQL… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.232Z |
| CVE-1999-1583 |
N/A
|
Buffer overflow in nslookup for AIX 4.3 allows lo… |
n/a |
n/a |
2005-04-21T04:00:00 | 2024-08-01T17:18:07.559Z |
| CVE-1999-0794 |
N/A
|
Microsoft Excel does not warn a user when a macro… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:48:38.147Z |
| CVE-1999-0877 |
N/A
|
Internet Explorer 5 allows remote attackers to re… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:55:28.747Z |
| CVE-1999-0879 |
N/A
|
Buffer overflow in WU-FTPD and related FTP server… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:55:28.803Z |
| CVE-1999-0880 |
N/A
|
Denial of service in WU-FTPD via the SITE NEWER c… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:55:28.924Z |
| CVE-1999-0933 |
N/A
|
TeamTrack web server allows remote attackers to r… |
n/a |
n/a |
2000-01-04T05:00:00 | 2024-08-01T16:55:29.362Z |
| CVE-1999-1236 |
N/A
|
Internet Anywhere Mail Server 2.3.1 stores passwo… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:02:53.971Z |
| CVE-1999-1500 |
N/A
|
Internet Anywhere POP3 Mail Server 2.3.1 allows r… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.492Z |
| CVE-2000-0016 |
N/A
|
Buffer overflow in Internet Anywhere POP3 Mail Se… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-08T04:58:11.416Z |
| CVE-2000-0047 |
N/A
|
Buffer overflow in Yahoo Pager/Messenger client a… |
n/a |
n/a |
2000-02-04T05:00:00 | 2024-08-08T05:05:53.904Z |
| CVE-1999-0942 |
N/A
|
UnixWare dos7utils allows a local user to gain ro… |
n/a |
n/a |
2000-10-13T04:00:00 | 2024-08-01T16:55:29.614Z |
| CVE-1999-1454 |
N/A
|
Macromedia "The Matrix" screen saver on Windows 9… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:03.382Z |
| CVE-1999-1523 |
N/A
|
Buffer overflow in Sambar Web Server 4.2.1 allows… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.455Z |
| CVE-1999-1540 |
N/A
|
shell-lock in Cactus Software Shell Lock uses wea… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.437Z |
| CVE-1999-1541 |
N/A
|
shell-lock in Cactus Software Shell Lock allows l… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.516Z |
| CVE-1999-1542 |
N/A
|
RPMMail before 1.4 allows remote attackers to exe… |
n/a |
n/a |
2002-03-09T05:00:00 | 2024-08-01T17:18:07.504Z |
| CVE-1999-1344 |
N/A
|
Auto_FTP.pl script in Auto_FTP 0.2 stores usernam… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:03.415Z |
| CVE-1999-1345 |
N/A
|
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:03.038Z |
| CVE-1999-1357 |
N/A
|
Netscape Communicator 4.04 through 4.7 (and possi… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:03.196Z |
| CVE-1999-0791 |
N/A
|
Hybrid Network cable modems do not include an aut… |
n/a |
n/a |
2000-10-13T04:00:00 | 2024-08-01T16:48:38.074Z |
| CVE-1999-1349 |
N/A
|
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows r… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:03.232Z |
| CVE-1999-1346 |
N/A
|
PAM configuration file for rlogin in Red Hat Linu… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:03.000Z |
| CVE-1999-1347 |
N/A
|
Xsession in Red Hat Linux 6.1 and earlier can all… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:11:02.874Z |
| CVE-1999-1522 |
N/A
|
Vulnerability in htmlparse.pike in Roxen Web Serv… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:18:07.485Z |
| CVE-1999-1082 |
N/A
|
Directory traversal vulnerability in Jana proxy w… |
n/a |
n/a |
2001-09-12T04:00:00 | 2024-08-01T17:02:53.679Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-cjjf-94ff-43w7 |
7.5 (3.1)
|
jackson-databind Deserialization of Untrusted Data vulnerability | 2019-03-25T18:03:09Z | 2024-03-01T21:49:04Z |
| ghsa-gwg9-rgvj-4h5j |
9.8 (3.1)
|
Code Injection in morgan | 2019-03-25T18:03:23Z | 2023-09-12T20:50:05Z |
| ghsa-v588-qcp3-jv46 |
7.5 (3.1)
|
Path Traversal in serve | 2019-03-25T18:03:58Z | 2025-07-15T19:34:30Z |
| ghsa-xg75-3277-gvvj |
7.5 (3.1)
|
Directory Traversal in serve | 2019-03-25T18:04:01Z | 2021-09-21T22:30:46Z |
| ghsa-h2f4-v4c4-6wx4 |
7.5 (3.1)
|
Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server | 2019-03-28T18:33:38Z | 2022-09-17T00:33:03Z |
| ghsa-q2xp-75m7-gv52 |
9.8 (3.1)
|
Improper Input Validation in net.sf.robocode:robocode.host allows for external service interaction | 2019-04-02T15:36:49Z | 2025-12-22T18:41:59Z |
| ghsa-jpv3-g4cc-6vfx |
7.5 (3.1)
|
Improper Control of Generation of Code ('Code Injection') in org.apache.activemq:activemq-client | 2019-04-02T15:46:42Z | 2024-03-14T22:09:43Z |
| ghsa-fmpq-w5q6-9vf9 |
6.1 (3.1)
|
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main | 2019-04-02T15:46:48Z | 2021-06-10T23:43:17Z |
| ghsa-72p5-2r6g-fm6v |
6.1 (3.1)
|
Moderate severity vulnerability that affects total.js | 2019-04-02T15:46:52Z | 2021-06-11T14:16:33Z |
| ghsa-rv62-4pmj-xw6h |
6.1 (3.1)
|
Open Redirect vulnerability in jupyterhub and notebook | 2019-04-02T15:46:54Z | 2023-09-05T12:34:54Z |
| ghsa-535v-4x9q-446c |
7.5 (3.1)
|
Improper Authorization in org.apache.hbase:hbase | 2019-04-02T15:47:00Z | 2022-09-17T00:57:03Z |
| ghsa-vqqv-v9m2-48p2 |
9.8 (3.1)
|
Bootstrap-sass contains code execution backdoor | 2019-04-04T16:28:47Z | 2023-08-25T23:39:10Z |
| ghsa-gm29-35c7-8cfw |
|
Cross-Site Scripting in buttle | 2019-04-08T15:18:38Z | 2020-08-31T18:43:56Z |
| ghsa-2hhw-p8mg-jrm6 |
|
Path Traversal in http-live-simulator | 2019-04-08T15:18:40Z | 2020-08-31T18:36:11Z |
| ghsa-r8h9-hq9c-2p5c |
8.1 (3.1)
|
High severity vulnerability that affects com.github.shyiko.ktlint:ktlint-core | 2019-04-08T15:18:54Z | 2021-09-17T14:43:23Z |
| ghsa-c6fm-rgw4-8q73 |
7.5 (3.1)
8.7 (4.0)
|
CoAPthon3 vulnerable to Deserialization of Untrusted Data | 2019-04-08T15:18:57Z | 2024-09-06T15:42:53Z |
| ghsa-5xc6-fpc7-4qvg |
7.5 (3.1)
8.7 (4.0)
|
CoAPthon DoS due to Exceptions | 2019-04-08T15:19:01Z | 2024-09-13T14:31:59Z |
| ghsa-pffw-p2q5-w6vh |
7.5 (3.1)
|
Improper Limitation of a Pathname ('Path Traversal') in org.apache.jspwiki:jspwiki-war | 2019-04-08T16:23:36Z | 2022-09-17T00:13:09Z |
| ghsa-fvpg-qx3g-7mp7 |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:29Z | 2021-09-10T19:58:26Z |
| ghsa-3w9q-c44j-37jj |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:32Z | 2021-08-31T21:35:30Z |
| ghsa-jhx3-2w5x-x39x |
6.5 (3.1)
|
Microsoft.ChakraCore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | 2019-04-09T19:43:38Z | 2022-09-17T00:21:19Z |
| ghsa-8qh8-cv77-h83g |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:46Z | 2021-09-07T20:30:00Z |
| ghsa-7ph8-f946-q5r7 |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:54Z | 2021-09-03T21:01:09Z |
| ghsa-fv38-4c3m-25v8 |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:56Z | 2021-09-10T19:20:26Z |
| ghsa-pjpj-f6r8-56rm |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:59Z | 2021-09-16T18:14:38Z |
| ghsa-6jf5-rmhv-38cw |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:44:03Z | 2021-09-02T16:39:07Z |
| ghsa-rg3q-jxmp-pvjj |
6.1 (3.1)
|
Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation | 2019-04-09T19:44:37Z | 2022-09-17T00:24:09Z |
| ghsa-7752-f4gf-94gc |
6.1 (3.1)
|
Materialize-css vulnerable to Cross-site Scripting in autocomplete component | 2019-04-09T19:44:38Z | 2023-08-28T15:35:45Z |
| ghsa-98f7-p5rc-jx67 |
6.1 (3.1)
|
Materialize-css vulnerable to Cross-site Scripting in tooltip component | 2019-04-09T19:44:40Z | 2023-08-28T15:34:40Z |
| ghsa-926q-wxr6-3crq |
6.1 (3.1)
|
Moderate severity vulnerability that affects roundup | 2019-04-09T19:47:14Z | 2024-10-21T21:43:43Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2021-148 |
|
In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-… | sickrage | 2021-04-12T14:15:00Z | 2021-08-27T03:22:21.656706Z |
| pysec-2021-27 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-04-12T21:15:00Z | 2021-04-21T17:02:00Z |
| pysec-2021-25 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-04-12T22:15:00Z | 2021-04-26T18:40:00Z |
| pysec-2021-26 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-04-12T22:15:00Z | 2021-04-21T16:45:00Z |
| pysec-2021-10 |
|
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.… | django-debug-toolbar | 2021-04-14T18:15:00Z | 2021-04-21T15:05:00Z |
| pysec-2021-24 |
|
### Impact Missing input validation of some parameters on the endpoints used to confirm t… | matrix-sydent | 2021-04-15T18:15:00Z | 2021-04-22T17:17:00Z |
| pysec-2021-21 |
|
Sydent is a reference Matrix identity server. Sydent does not limit the size of requests … | matrix-sydent | 2021-04-15T21:15:00Z | 2021-04-22T17:19:00Z |
| pysec-2021-22 |
|
Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requ… | matrix-sydent | 2021-04-15T21:15:00Z | 2021-04-22T15:27:00Z |
| pysec-2021-23 |
|
Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send… | matrix-sydent | 2021-04-15T21:15:00Z | 2021-04-22T15:25:00Z |
| pysec-2021-114 |
|
Wagtail is a Django content management system. In affected versions of Wagtail, when savi… | wagtail | 2021-04-19T19:15:00Z | 2021-04-29T14:24:00Z |
| pysec-2021-56 |
|
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the … | salt | 2021-04-23T06:15:00Z | 2022-06-21T15:53:31.288525Z |
| pysec-2021-128 |
|
Apache Superset up to and including 1.0.1 allowed for the creation of an external URL tha… | apache-superset | 2021-04-27T10:15:00Z | 2021-08-27T03:21:55.733407Z |
| pysec-2021-1 |
|
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by defa… | ansible | 2021-04-29T16:15:00Z | 2021-05-03T20:43:00Z |
| pysec-2021-64 |
|
django-filter is a generic system for filtering Django QuerySets based on user selections… | django-filter | 2021-04-29T21:15:00Z | 2021-05-10T17:55:00Z |
| pysec-2021-4 |
|
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to … | apache-airflow | 2021-05-02T08:15:00Z | 2021-05-10T20:07:00Z |
| pysec-2021-17 |
|
Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22.… | impacket | 2021-05-05T11:15:00Z | 2021-09-01T08:19:03.897095Z |
| pysec-2021-7 |
|
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, Upl… | django | 2021-05-05T15:15:00Z | 2021-05-13T13:41:00Z |
| pysec-2021-8 |
|
In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+)… | django | 2021-05-06T16:15:00Z | 2021-05-12T08:15:00Z |
| pysec-2021-101 |
|
The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitra… | localstack | 2021-05-07T05:15:00Z | 2021-06-22T04:54:56.080124Z |
| pysec-2021-102 |
|
A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6. | localstack | 2021-05-07T05:15:00Z | 2021-06-22T04:54:56.108960Z |
| pysec-2021-12 |
|
Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memo… | eventlet | 2021-05-07T15:15:00Z | 2021-05-14T17:02:00Z |
| pysec-2021-29 |
|
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it a… | octoprint | 2021-05-11T14:15:00Z | 2021-05-11T15:18:00Z |
| pysec-2021-30 |
|
OctoPrint before 1.6.0 allows XSS because API error messages include the values of input … | octoprint | 2021-05-11T14:15:00Z | 2021-05-11T15:18:00Z |
| pysec-2021-135 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-05-11T15:15:00Z | 2021-08-27T03:22:06.756710Z |
| pysec-2021-47 |
|
Pydantic is a data validation and settings management using Python type hinting. In affec… | pydantic | 2021-05-13T19:15:00Z | 2021-05-13T19:15:00Z |
| pysec-2021-13 |
|
The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, … | flask-caching | 2021-05-13T23:15:00Z | 2023-07-25T00:34:15.721702Z |
| pysec-2021-149 |
|
TensorFlow is an end-to-end open source platform for machine learning. If the `splits` ar… | tensorflow | 2021-05-14T19:15:00Z | 2021-08-27T03:22:23.518786Z |
| pysec-2021-191 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow | 2021-05-14T19:15:00Z | 2021-08-27T03:22:31.001831Z |
| pysec-2021-440 |
|
TensorFlow is an end-to-end open source platform for machine learning. If the `splits` ar… | tensorflow-cpu | 2021-05-14T19:15:00Z | 2021-12-09T06:34:45.216617Z |
| pysec-2021-482 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow-cpu | 2021-05-14T19:15:00Z | 2021-12-09T06:34:51.766391Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2022-6090 | Malicious code in shitshit1 (npm) | 2022-06-20T20:11:01Z | 2022-06-20T20:11:06Z |
| mal-2022-6092 | Malicious code in shitshit2 (npm) | 2022-06-20T20:11:06Z | 2022-06-20T20:11:06Z |
| mal-2022-6383 | Malicious code in synapse-access-control-1 (npm) | 2022-06-20T20:11:06Z | 2022-06-20T20:11:07Z |
| mal-2022-6473 | Malicious code in test-credential (npm) | 2022-06-20T20:11:06Z | 2022-06-20T20:11:07Z |
| mal-2022-2242 | Malicious code in cron-guru (npm) | 2022-06-20T20:11:07Z | 2022-06-20T20:11:08Z |
| mal-2022-2492 | Malicious code in discord-sniper (npm) | 2022-06-20T20:11:07Z | 2022-06-20T20:11:08Z |
| mal-2022-2772 | Malicious code in epic-ue-themes-la (npm) | 2022-06-20T20:11:07Z | 2022-06-20T20:11:08Z |
| mal-2022-4882 | Malicious code in node-cron-master (npm) | 2022-06-20T20:11:07Z | 2022-06-20T20:11:07Z |
| mal-2022-4883 | Malicious code in node-cron-master1 (npm) | 2022-06-20T20:11:07Z | 2022-06-20T20:11:08Z |
| mal-2022-4456 | Malicious code in mailjet-old-react-components (npm) | 2022-06-20T20:11:08Z | 2022-06-20T20:11:08Z |
| mal-2022-4457 | Malicious code in mailjet-react-components (npm) | 2022-06-20T20:11:08Z | 2022-06-20T20:11:08Z |
| mal-2022-7073 | Malicious code in web-pubsub (npm) | 2022-06-20T20:11:08Z | 2022-06-20T20:11:09Z |
| mal-2022-7074 | Malicious code in web-pubsub-express (npm) | 2022-06-20T20:11:08Z | 2022-06-20T20:11:09Z |
| mal-2022-6387 | Malicious code in synapse-spark (npm) | 2022-06-20T20:11:09Z | 2022-06-20T20:11:10Z |
| mal-2022-6914 | Malicious code in video-analyzer-edge (npm) | 2022-06-20T20:11:09Z | 2022-06-20T20:11:10Z |
| mal-2022-6918 | Malicious code in videojs-wistia (npm) | 2022-06-20T20:11:09Z | 2022-06-20T20:11:09Z |
| mal-2022-6315 | Malicious code in storage-queue (npm) | 2022-06-20T20:11:10Z | 2022-06-20T20:11:11Z |
| mal-2022-6382 | Malicious code in synapse-access-control (npm) | 2022-06-20T20:11:10Z | 2022-06-20T20:11:11Z |
| mal-2022-6384 | Malicious code in synapse-artifacts (npm) | 2022-06-20T20:11:10Z | 2022-06-20T20:11:11Z |
| mal-2022-6385 | Malicious code in synapse-managed-private-endpoints (npm) | 2022-06-20T20:11:10Z | 2022-06-20T20:11:10Z |
| mal-2022-6386 | Malicious code in synapse-monitoring (npm) | 2022-06-20T20:11:10Z | 2022-06-20T20:11:10Z |
| mal-2022-5530 | Malicious code in purview-administration (npm) | 2022-06-20T20:11:11Z | 2022-06-20T20:11:12Z |
| mal-2022-5531 | Malicious code in purview-catalog (npm) | 2022-06-20T20:11:11Z | 2022-06-20T20:11:12Z |
| mal-2022-5532 | Malicious code in purview-scanning (npm) | 2022-06-20T20:11:11Z | 2022-06-20T20:11:12Z |
| mal-2022-5561 | Malicious code in quantum-jobs (npm) | 2022-06-20T20:11:11Z | 2022-06-20T20:11:12Z |
| mal-2022-6309 | Malicious code in storage-blob-changefeed (npm) | 2022-06-20T20:11:11Z | 2022-06-20T20:11:11Z |
| mal-2022-4639 | Malicious code in mixed-reality-authentication (npm) | 2022-06-20T20:11:12Z | 2022-06-20T20:11:13Z |
| mal-2022-4640 | Malicious code in mixed-reality-remote-rendering (npm) | 2022-06-20T20:11:12Z | 2022-06-20T20:11:13Z |
| mal-2022-4689 | Malicious code in monitor-opentelemetry-exporter (npm) | 2022-06-20T20:11:12Z | 2022-06-20T20:11:12Z |
| mal-2022-5103 | Malicious code in opentelemetry-instrumentation-azure-sdk (npm) | 2022-06-20T20:11:12Z | 2022-06-20T20:11:12Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2022-0055 | Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen | 2022-01-27T23:00:00.000+00:00 | 2024-07-18T22:00:00.000+00:00 |
| wid-sec-w-2023-2521 | wpa_supplicant: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2022-01-27T23:00:00.000+00:00 | 2025-04-13T22:00:00.000+00:00 |
| wid-sec-w-2022-0056 | vim: Mehrere Schwachstellen | 2022-01-30T23:00:00.000+00:00 | 2025-03-30T22:00:00.000+00:00 |
| wid-sec-w-2022-0318 | OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2022-01-30T23:00:00.000+00:00 | 2025-10-20T22:00:00.000+00:00 |
| wid-sec-w-2022-0843 | MariaDB: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-01-30T23:00:00.000+00:00 | 2023-09-27T22:00:00.000+00:00 |
| wid-sec-w-2022-1030 | xterm: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2022-01-30T23:00:00.000+00:00 | 2025-08-19T22:00:00.000+00:00 |
| wid-sec-w-2022-0057 | vim: Mehrere Schwachstellen | 2022-01-31T23:00:00.000+00:00 | 2023-07-02T22:00:00.000+00:00 |
| wid-sec-w-2022-0146 | Python: Schwachstelle ermöglicht Cross-Site Scripting | 2022-01-31T23:00:00.000+00:00 | 2025-03-19T23:00:00.000+00:00 |
| wid-sec-w-2022-0147 | MariaDB: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-01-31T23:00:00.000+00:00 | 2023-09-27T22:00:00.000+00:00 |
| wid-sec-w-2022-0466 | Samba: Mehrere Schwachstellen | 2022-01-31T23:00:00.000+00:00 | 2023-11-21T23:00:00.000+00:00 |
| wid-sec-w-2023-1524 | IBM Spectrum Protect Plus: Mehrere Schwachstellen | 2022-01-31T23:00:00.000+00:00 | 2023-06-20T22:00:00.000+00:00 |
| wid-sec-w-2024-0089 | KDE: Schwachstelle ermöglicht Privilegieneskalation | 2022-01-31T23:00:00.000+00:00 | 2024-01-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2471 | IBM Spectrum Protect Plus: Mehrere Schwachstellen | 2022-01-31T23:00:00.000+00:00 | 2025-11-03T23:00:00.000+00:00 |
| wid-sec-w-2022-0058 | vim: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Benutzerrechten | 2022-02-01T23:00:00.000+00:00 | 2023-04-18T22:00:00.000+00:00 |
| wid-sec-w-2022-0416 | PostgreSQL JDBC Treiber: Schwachstelle ermöglicht Codeausführung | 2022-02-01T23:00:00.000+00:00 | 2025-03-18T23:00:00.000+00:00 |
| wid-sec-w-2023-2532 | Nvidia Treiber: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-02-01T23:00:00.000+00:00 | 2023-10-03T22:00:00.000+00:00 |
| wid-sec-w-2022-0059 | vim: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Benutzerrechten | 2022-02-02T23:00:00.000+00:00 | 2025-03-30T22:00:00.000+00:00 |
| wid-sec-w-2024-3532 | Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Denial of Service | 2022-02-02T23:00:00.000+00:00 | 2025-04-27T22:00:00.000+00:00 |
| wid-sec-w-2022-0105 | Apache ActiveMQ: Schwachstelle ermöglicht Denial of Service | 2022-02-03T23:00:00.000+00:00 | 2025-04-27T22:00:00.000+00:00 |
| wid-sec-w-2022-0148 | vim: Schwachstelle ermöglicht Denial of Service | 2022-02-03T23:00:00.000+00:00 | 2025-03-31T22:00:00.000+00:00 |
| wid-sec-w-2023-0839 | Xerox FreeFlow Print Server: Mehrere Schwachstellen | 2022-02-03T23:00:00.000+00:00 | 2025-10-06T22:00:00.000+00:00 |
| wid-sec-w-2022-0319 | Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2022-02-06T23:00:00.000+00:00 | 2024-12-10T23:00:00.000+00:00 |
| wid-sec-w-2022-0357 | Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen | 2022-02-06T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2025-2192 | Synology DiskStation Manager: Mehrere Schwachstellen | 2022-02-06T23:00:00.000+00:00 | 2025-10-05T22:00:00.000+00:00 |
| wid-sec-w-2022-0249 | Red Hat Enterprise Linux (aide): Schwachstelle ermöglichen Denial of Service | 2022-02-07T23:00:00.000+00:00 | 2023-11-26T23:00:00.000+00:00 |
| wid-sec-w-2022-0320 | Intel Ethernet Controller: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-02-08T23:00:00.000+00:00 | 2025-03-13T23:00:00.000+00:00 |
| wid-sec-w-2022-0391 | Intel Prozessoren: Mehrere Schwachstellen | 2022-02-08T23:00:00.000+00:00 | 2024-02-18T23:00:00.000+00:00 |
| wid-sec-w-2022-0407 | Grafana: Mehrere Schwachstellen | 2022-02-08T23:00:00.000+00:00 | 2024-01-23T23:00:00.000+00:00 |
| wid-sec-w-2022-2225 | Intel BIOS: Mehrere Schwachstellen | 2022-02-08T23:00:00.000+00:00 | 2022-12-05T23:00:00.000+00:00 |
| wid-sec-w-2025-0368 | Intel Wireless Bluetooth Produkte: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-02-08T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2007:1166 | Red Hat Security Advisory: libexif security update | 2007-12-19T15:40:00+00:00 | 2025-11-21T17:32:44+00:00 |
| rhsa-2007:1157 | Red Hat Security Advisory: mysql security update | 2007-12-19T16:12:00+00:00 | 2025-11-21T17:32:44+00:00 |
| rhsa-2007:1083 | Red Hat Security Advisory: thunderbird security update | 2007-12-19T16:32:00+00:00 | 2025-11-21T17:32:40+00:00 |
| rhsa-2007:1104 | Red Hat Security Advisory: kernel security and bug fix update | 2007-12-19T18:17:00+00:00 | 2026-01-13T22:14:09+00:00 |
| rhsa-2007:1176 | Red Hat Security Advisory: autofs security update | 2007-12-20T19:24:00+00:00 | 2025-11-21T17:32:44+00:00 |
| rhsa-2007:1177 | Red Hat Security Advisory: autofs5 security update | 2007-12-20T19:30:00+00:00 | 2025-11-21T17:32:44+00:00 |
| rhsa-2008:0002 | Red Hat Security Advisory: tog-pegasus security update | 2008-01-07T18:36:00+00:00 | 2025-11-21T17:32:45+00:00 |
| rhsa-2008:0003 | Red Hat Security Advisory: e2fsprogs security update | 2008-01-07T18:55:00+00:00 | 2025-11-21T17:32:45+00:00 |
| rhsa-2008:0032 | Red Hat Security Advisory: libxml2 security update | 2008-01-11T12:27:00+00:00 | 2025-11-21T17:32:48+00:00 |
| rhsa-2008:0038 | Red Hat Security Advisory: postgresql security update | 2008-01-11T12:37:00+00:00 | 2026-01-13T20:58:25+00:00 |
| rhsa-2008:0039 | Red Hat Security Advisory: postgresql security update | 2008-01-11T12:44:00+00:00 | 2025-11-21T17:32:48+00:00 |
| rhsa-2008:0004 | Red Hat Security Advisory: apache security update | 2008-01-15T09:09:00+00:00 | 2026-01-13T22:03:40+00:00 |
| rhsa-2008:0005 | Red Hat Security Advisory: httpd security update | 2008-01-15T09:17:00+00:00 | 2026-01-13T22:40:23+00:00 |
| rhsa-2008:0006 | Red Hat Security Advisory: httpd security update | 2008-01-15T09:25:00+00:00 | 2026-01-13T22:04:40+00:00 |
| rhsa-2008:0007 | Red Hat Security Advisory: httpd security update | 2008-01-15T09:33:00+00:00 | 2025-11-21T17:32:46+00:00 |
| rhsa-2008:0008 | Red Hat Security Advisory: httpd security update | 2008-01-15T09:38:00+00:00 | 2026-01-13T22:09:21+00:00 |
| rhsa-2008:0064 | Red Hat Security Advisory: libXfont security update | 2008-01-17T20:00:00+00:00 | 2025-11-21T17:32:51+00:00 |
| rhsa-2008:0031 | Red Hat Security Advisory: xorg-x11-server security update | 2008-01-17T20:04:00+00:00 | 2025-11-21T17:32:47+00:00 |
| rhsa-2008:0030 | Red Hat Security Advisory: xorg-x11 security update | 2008-01-17T20:21:00+00:00 | 2025-11-21T17:32:47+00:00 |
| rhsa-2008:0029 | Red Hat Security Advisory: XFree86 security update | 2008-01-18T09:42:00+00:00 | 2025-11-21T17:32:47+00:00 |
| rhsa-2008:0058 | Red Hat Security Advisory: wireshark security update | 2008-01-21T08:31:00+00:00 | 2025-11-21T17:32:49+00:00 |
| rhsa-2008:0059 | Red Hat Security Advisory: wireshark security update | 2008-01-21T09:34:00+00:00 | 2025-11-21T17:32:51+00:00 |
| rhsa-2008:0009 | Red Hat Security Advisory: httpd security update | 2008-01-21T09:36:00+00:00 | 2025-11-21T17:32:46+00:00 |
| rhsa-2008:0089 | Red Hat Security Advisory: kernel security and bug fix update | 2008-01-23T15:07:00+00:00 | 2025-11-21T17:32:53+00:00 |
| rhsa-2008:0090 | Red Hat Security Advisory: icu security update | 2008-01-25T13:28:00+00:00 | 2026-01-13T22:03:44+00:00 |
| rhsa-2008:0055 | Red Hat Security Advisory: kernel security and bug fix update | 2008-01-31T18:23:00+00:00 | 2026-01-13T22:11:41+00:00 |
| rhsa-2008:0040 | Red Hat Security Advisory: postgresql security update | 2008-02-01T14:55:00+00:00 | 2026-01-13T20:58:26+00:00 |
| rhsa-2008:0104 | Red Hat Security Advisory: seamonkey security update | 2008-02-08T02:06:00+00:00 | 2025-11-21T17:32:52+00:00 |
| rhsa-2008:0105 | Red Hat Security Advisory: thunderbird security update | 2008-02-08T02:13:00+00:00 | 2025-11-21T17:32:57+00:00 |
| rhsa-2008:0103 | Red Hat Security Advisory: firefox security update | 2008-02-08T02:24:00+00:00 | 2025-11-21T17:32:54+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsma-20-079-01 | Insulet Omnipod | 2020-03-19T00:00:00.000000Z | 2020-03-19T00:00:00.000000Z |
| icsa-20-084-01 | VISAM Automation Base (VBASE) (Update B) | 2020-03-24T00:00:00.000000Z | 2021-11-18T00:00:00.000000Z |
| icsa-20-084-02 | Schneider Electric IGSS SCADA Software | 2020-03-24T00:00:00.000000Z | 2020-03-24T00:00:00.000000Z |
| icsa-20-086-01 | Advantech WebAccess | 2020-03-26T00:00:00.000000Z | 2020-03-26T00:00:00.000000Z |
| icsa-20-091-01 | Hirschmann Automation and Control HiOS and HiSecOS Products | 2020-03-31T00:00:00.000000Z | 2020-03-31T00:00:00.000000Z |
| icsa-20-091-02 | Mitsubishi Electric MELSEC | 2020-03-31T00:00:00.000000Z | 2020-03-31T00:00:00.000000Z |
| icsma-20-091-01 | BD Pyxis MedStation and Pyxis Anesthesia (PAS) ES System | 2020-03-31T00:00:00.000000Z | 2020-03-31T00:00:00.000000Z |
| icsa-20-093-01 | B&R Automation Studio | 2020-04-02T00:00:00.000000Z | 2020-04-02T00:00:00.000000Z |
| icsa-20-098-01 | Advantech WebAccess/NMS | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-098-02 | GE Digital CIMPLICITY | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-098-03 | HMS Networks eWON Flexy and Cosy | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-098-04 | Fuji Electric V-Server Lite | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-098-05 | ICSA-20-098-05_KUKA.Sim Pro | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-100-01 | Rockwell Automation RSLinx Classic | 2020-04-09T00:00:00.000000Z | 2020-04-09T00:00:00.000000Z |
| icsa-20-105-01 | Eaton HMiSoft VU3 | 2020-04-14T00:00:00.000000Z | 2020-04-14T00:00:00.000000Z |
| icsa-20-105-02 | Triangle MicroWorks DNP3 Outstation Libraries | 2020-04-14T00:00:00.000000Z | 2020-04-14T00:00:00.000000Z |
| icsa-20-105-03 | Triangle MicroWorks SCADA Data Gateway | 2020-04-14T00:00:00.000000Z | 2020-04-14T00:00:00.000000Z |
| icsa-20-105-04 | Siemens Climatix (Update A) | 2020-04-14T00:00:00.000000Z | 2021-02-09T00:00:00.000000Z |
| icsa-20-105-05 | Siemens RUGGEDCOM, SCALANCE, SIMATIC, SINEMA (Update B) | 2020-04-14T00:00:00.000000Z | 2020-09-08T00:00:00.000000Z |
| icsa-20-105-06 | Siemens SIMOTICS, Desigo, APOGEE, and TALON | 2020-04-14T00:00:00.000000Z | 2025-06-10T00:00:00.000000Z |
| icsa-20-105-07 | Siemens SCALANCE and SIMATIC (Update H) | 2020-04-14T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-20-105-08 | Siemens KTK, SIDOOR, SIMATIC, and SINAMICS (Update D) | 2020-04-14T00:00:00.000000Z | 2025-07-08T00:00:00.000000Z |
| icsa-20-105-09 | Siemens TIM 3V-IE and 4R-IE Family Devices | 2020-04-14T00:00:00.000000Z | 2020-04-14T00:00:00.000000Z |
| icsa-20-112-01 | Inductive Automation Ignition | 2020-04-21T00:00:00.000000Z | 2020-04-21T00:00:00.000000Z |
| icsa-20-119-01 | LCDS LAquis SCADA | 2020-04-28T00:00:00.000000Z | 2020-04-28T00:00:00.000000Z |
| icsa-20-126-01 | Fazecast jSerialComm | 2020-05-05T00:00:00.000000Z | 2020-05-05T00:00:00.000000Z |
| icsa-20-126-02 | SAE IT-systems FW-50 Remote Telemetry Unit (RTU) | 2020-05-05T00:00:00.000000Z | 2020-05-05T00:00:00.000000Z |
| icsa-20-128-01 | Advantech WebAccess Node | 2020-05-07T00:00:00.000000Z | 2020-05-07T00:00:00.000000Z |
| icsa-20-133-01 | Eaton Intelligent Power Manager | 2020-05-12T00:00:00.000000Z | 2020-05-12T00:00:00.000000Z |
| icsa-20-133-02 | OSIsoft PI System (Update A) | 2020-05-12T00:00:00.000000Z | 2020-06-09T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-anyconnect-profile-7u3perkf | Cisco AnyConnect Secure Mobility Client for Windows Profile Modification Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-asr-dos-zjljfgbf | Cisco StarOS IPv6 Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-asr5k-ipv6-dos-ce3zhf8m | Cisco StarOS IPv6 Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-bgp-erkeqaer | Cisco IOS XR Software Additional Paths Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-10T13:37:52+00:00 |
| cisco-sa-cucm-selfcare-drasc7sr | Cisco Unified Communications Manager Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-cvc-bypass-k99cb2ff | Cisco Cyber Vision Center Software Access Control Bypass Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-dna-info-disc-3bz8bcgr | Cisco DNA Center Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-esa-sma-log-yxq6g2kg | Cisco Email Security Appliance and Cisco Content Security Management Appliance Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-ise-pass-disclosure-k8p2nsgg | Cisco Identity Services Engine Password Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-sbss-ipv6-dos-3blk6va | Cisco Small Business Smart and Managed Switches Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-09-04T14:34:39+00:00 |
| cisco-sa-ucs-director-xss-o7t8oryr | Cisco UCS Director Stored Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-client-g3zevbcp | Cisco Webex Meetings Desktop App Information Disclosure Vulnerabilities | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-makmv4qc | Cisco Webex Meetings User Email Address Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-mttngs-xss-3vbdxduf | Cisco Webex Meetings Reflected Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-smtcreate-ymud5sk | Cisco Webex Meetings Scheduled Meeting Template Creation Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-smtdelete-gjdurogr | Cisco Webex Meetings Scheduled Meeting Template Deletion Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-cdp-memleak-k5z7m55t | Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Memory Leak Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cmx-prvesc-6g37hjal | Cisco Connected Mobile Experiences Privilege Escalation Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cmx-rshell-esc-l6hbwjbg | Cisco Connected Mobile Experiences Restricted Shell Escape Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cvdsd-pathtrv-5tljrrfn | Cisco Vision Dynamic Signage Director Path Traversal Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cvdsd-rbac-y9lm5jw4 | Cisco Vision Dynamic Signage Director Role-Based Access Control Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cvdsd-xss-temmlyur | Cisco Vision Dynamic Signage Director Stored Cross-Site Scripting Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-auth-bypass-myefpfcf | Cisco Data Center Network Manager Authorization Bypass Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-authbypass-yvjzqgk2 | Cisco Data Center Network Manager Authorization Bypass Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-bypass-auth-mvdr6ygt | Cisco Data Center Network Manager Authorization Bypass Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-file-path-6pkonjhe | Cisco Data Center Network Manager Read File Path Traversal Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-infordisc-doaxvvfv | Cisco Data Center Network Manager Information Disclosure Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-pa-trav-bmdfsttq | Cisco Data Center Network Manager Path Traversal Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-patrav-pw9rkhyw | Cisco Data Center Network Manager Path Traversal Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-xss-5tdmjrb3 | Cisco Data Center Network Manager Cross-Site Scripting Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-22922 | When curl is instructed to download content using the metalink feature thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22923 | When curl is instructed to get content using the metalink feature and a user name and password are used to download the metalink XML file those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22924 | libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup.Due to errors in the logic the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*which could lead to libcurl reusing wrong connections.File paths are or can be case sensitive on many systems but not all and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22925 | curl supports the `-t` command line option known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22926 | libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`) a malicious user can create a file name with the same name as the app wants to use by name and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22931 | Node.js before 16.6.0 14.17.4 and 12.22.4 is vulnerable to Remote Code Execution XSS Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22939 | If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter no error was returned and connections to servers with an expired certificate would have been accepted. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22940 | Node.js before 16.6.1 14.17.5 and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption to change process behavior. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28216 | BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. | 2021-08-02T00:00:00.000Z | 2025-09-04T04:00:29.000Z |
| msrc_cve-2021-29923 | Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet which (in some situations) allows attackers to bypass access control that is based on IP addresses because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-32066 | An issue was discovered in Ruby through 2.6.7 2.7.x through 2.7.3 and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command aka a "StartTLS stripping attack." | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32815 | Denial of service due to assertion failure in crwimage_int.cpp | 2021-08-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-33193 | Request splitting via HTTP/2 method injection and mod_proxy | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-33195 | Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers and thus a return value may contain an unsafe injection (e.g. XSS) that does not conform to the RFC1035 format. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-33196 | In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5 a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-33197 | In Go before 1.15.13 and 1.16.x before 1.16.5 some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-33198 | In Go before 1.15.13 and 1.16.x before 1.16.5 there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-34334 | Denial of service due to integer overflow in loop counter | 2021-08-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-34335 | Denial of service due to FPE in Exiv2::Internal::resolveLens0xffff | 2021-08-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-34556 | In the Linux kernel through 5.13.7 an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-35477 | In the Linux kernel through 5.13.7 an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3573 | A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add() hci_sock_blacklist_del() hci_get_conn_info() hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3580 | A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-36221 | Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort. | 2021-08-02T00:00:00.000Z | 2021-08-20T00:00:00.000Z |
| msrc_cve-2021-3634 | A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept and used as an input to new secret_hash. Historically, both of these buffers had shared length variable, which worked as long as these buffers were same. But the key re-exchange operation can also change the key exchange method, which can be based on hash of different size, eventually creating "secret_hash" of different size than the session_id has. This becomes an issue when the session_id memory is zeroed or when it is used again during second key re-exchange. | 2021-08-02T00:00:00.000Z | 2025-10-01T23:11:10.000Z |
| msrc_cve-2021-36370 | An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection the fingerprint of the server is neither checked nor displayed. As a result a user connects to the server without the ability to verify its authenticity. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3655 | A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-36690 | A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g. is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library. | 2021-08-02T00:00:00.000Z | 2022-02-10T00:00:00.000Z |
| msrc_cve-2021-3679 | A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3682 | A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host. | 2021-08-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201706-1121 | Foscamcamera is a webcam that can push messages to mobile phones and directly implement v… | 2022-05-04T09:34:11.790000Z |
| var-201705-4195 | CIIC Xi'an Recruitment System is a resume information storage and entry system. Ther… | 2022-05-04T09:34:15.940000Z |
| var-201703-1380 | DBL Technology (DBL Technology Co., Ltd.) is a communication equipment manufacturer locat… | 2022-05-04T09:34:21.033000Z |
| var-201701-1163 | Guofuan Security Authentication Gateway is a device for user identity authentication, acc… | 2022-05-04T09:34:25.711000Z |
| var-201612-0652 | Huawei Imagine 5 is the smartphone of China Huawei. Huawei enjoys a memory leak vulnerabi… | 2022-05-04T09:34:27.276000Z |
| var-201612-0631 | MPSec-VPN3005S-AC is a security gateway developed by Maipu. The MPSec-VPN3005S-AC model … | 2022-05-04T09:34:27.291000Z |
| var-201611-0405 | There is a weak background password on the Asvision camera, allowing initial password login | 2022-05-04T09:34:27.744000Z |
| var-201610-0731 | Hangzhou Hikvision Digital Technology Co., Ltd. ElisaLiveIPcamera is a network camera. Hi… | 2022-05-04T09:34:28.894000Z |
| var-201610-0710 | AVTECH, founded in 1996, is one of the world's leading manufacturers of CCTV. The main pr… | 2022-05-04T09:34:28.904000Z |
| var-201608-0419 | Yushi SD camera video stream can be accessed without authorization | 2022-05-04T09:34:30.479000Z |
| var-201605-0676 | eFront is an online learning system. eFront has a cross-site scripting vulnerability… | 2022-05-04T09:34:33.949000Z |
| var-201512-0624 | A cross-site scripting vulnerability was found in uCosminexus Portal Framework and Groupm… | 2022-05-04T09:34:38.569000Z |
| var-201402-0584 | OpenVox VoxStack is a series of Asterisk-based analog voice gateways designed for small a… | 2022-05-04T09:34:59.092000Z |
| var-201312-0604 | ZyXEL GS1510-16 intelligent super fast Ethernet switch. ZyXEL GS1510-16 Web-Managed 16-Po… | 2022-05-04T09:34:59.689000Z |
| var-201310-0807 | The JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 conta… | 2022-05-04T09:35:03.661000Z |
| var-201305-0499 | The PlayStation 3 is a home game console developed by Sony Computer Entertainment. A secu… | 2022-05-04T09:35:05.502000Z |
| var-201006-0514 | Collaboration Common Utility, a component of multiple Hitachi products, is vulnerable to … | 2022-05-04T09:35:39.991000Z |
| var-200810-0529 | JP1/File Transmission Server/FTP is an FTP-based file transfer server designed by Hitachi… | 2022-05-04T09:35:56.452000Z |
| var-200809-0456 | Plesk is a comprehensive control panel solution for managing sites. If SHORTNAMES = 1 i… | 2022-05-04T09:35:56.950000Z |
| var-200410-0102 | Java 2 Micro Edition is a Java technology implementation that supports mobile devices. … | 2022-05-04T09:37:14.135000Z |
| var-200303-0129 | D-Link DSL-500 is a DSL broadband router. The D-Link DSL-500 has a default public SNMP … | 2022-05-04T09:37:19.269000Z |
| var-202203-0231 | A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulner… | 2022-05-04T09:37:30.855000Z |
| var-202203-0230 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that… | 2022-05-04T09:37:30.871000Z |
| var-202108-2578 | Huawei HG8240 is an optical modem router integrated machine with routing function. Hu… | 2022-05-04T09:37:40.582000Z |
| var-202108-2557 | DH-SD6C82E-GN is a high-definition network dome camera. Zhejiang Dahua Technology Co.… | 2022-05-04T09:37:40.593000Z |
| var-202108-2536 | MP C6004ex is a color digital copier. Ricoh (China) Investment Co., Ltd. MP C6004ex h… | 2022-05-04T09:37:40.607000Z |
| var-202108-2515 | Established in 1995, TOPSEC Technology Group is the first domestic network security compa… | 2022-05-04T09:37:40.617000Z |
| var-202108-2494 | Cisco IP Phone CP-8861 is an enterprise-class IP phone. Cisco IP Phone CP-8861 has an… | 2022-05-04T09:37:40.630000Z |
| var-202108-2473 | Ricoh (China) Investment Co., Ltd. provides office image processing equipment (such as MF… | 2022-05-04T09:37:40.641000Z |
| var-202108-2452 | SL-M3870FD is an all-in-one printer of Samsung (China) Investment Co., Ltd. Samsung (… | 2022-05-04T09:37:40.656000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-000125 | Apache Struts vulnerable to cross-site scripting | 2015-09-04T15:12+09:00 | 2017-10-02T12:08+09:00 |
| jvndb-2015-000128 | OpenDocMan vulnerable to cross-site scripting | 2015-09-04T18:13+09:00 | 2015-09-09T14:02+09:00 |
| jvndb-2015-000127 | ELPhoneBtnV6 ActiveX control vulnerable to buffer overflow | 2015-09-07T13:38+09:00 | 2015-09-09T14:02+09:00 |
| jvndb-2015-000115 | Japan Connected-free Wi-Fi vulnerable to allow URL whitelist bypass | 2015-09-11T14:16+09:00 | 2016-05-27T14:32+09:00 |
| jvndb-2015-000116 | Japan Connected-free Wi-Fi vulnerable to script injection | 2015-09-11T14:17+09:00 | 2015-09-15T17:17+09:00 |
| jvndb-2015-000129 | PIXMA MG7500 Series vulnerable to cross-site request forgery | 2015-09-11T14:17+09:00 | 2015-09-15T17:17+09:00 |
| jvndb-2015-000130 | applican vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-14T16:30+09:00 |
| jvndb-2015-000131 | Auction Camera vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-09-16T16:58+09:00 |
| jvndb-2015-000132 | MEGAPHONE MUSIC vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-02T17:22+09:00 |
| jvndb-2015-000133 | Koritore vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-02T17:22+09:00 |
| jvndb-2015-000134 | Reversi vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-02T17:18+09:00 |
| jvndb-2015-000135 | Photon vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-02T17:15+09:00 |
| jvndb-2015-000136 | H2O vulnerable to directory traversal | 2015-09-17T13:36+09:00 | 2015-10-05T17:32+09:00 |
| jvndb-2015-000142 | Apache Cordova plugin cordova-plugin-file-transfer vulnerable to HTTP header injection | 2015-09-29T14:04+09:00 | 2015-12-21T17:45+09:00 |
| jvndb-2015-000137 | niconico App for iOS fails to verify SSL server certificates | 2015-09-29T14:05+09:00 | 2018-03-07T12:26+09:00 |
| jvndb-2015-000138 | baserCMS fails to restrict access permissions | 2015-09-30T14:46+09:00 | 2015-10-07T17:38+09:00 |
| jvndb-2015-000139 | baserCMS vulnerable to SQL injection | 2015-09-30T14:46+09:00 | 2015-10-07T17:38+09:00 |
| jvndb-2015-000143 | MATCHA INVOICE vulnerable to SQL injection | 2015-09-30T15:04+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000144 | MATCHA INVOICE vulnerable to code injection | 2015-09-30T15:04+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000145 | MATCHA SNS vulnerable to code injection | 2015-09-30T15:05+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000146 | MATCHA SNS access restriction bypass vulnerability | 2015-09-30T15:05+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000140 | Canary Labs Trend Web Server vulnerable to buffer overflow | 2015-10-01T14:11+09:00 | 2015-10-06T18:00+09:00 |
| jvndb-2015-000141 | Python for Windows may insecurely load dynamic libraries | 2015-10-01T14:11+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000147 | AjaXplorer vulnerable to directory traversal | 2015-10-01T14:11+09:00 | 2015-10-07T17:38+09:00 |
| jvndb-2015-000148 | Dotclear vulnerable to cross-site scripting | 2015-10-02T13:36+09:00 | 2015-10-06T18:02+09:00 |
| jvndb-2015-000149 | gollum vulnerable to file exposure | 2015-10-02T13:36+09:00 | 2015-10-08T15:26+09:00 |
| jvndb-2015-000151 | Multiple PHP code execution vulnerabilitles in Cybozu Garoon | 2015-10-07T14:48+09:00 | 2016-05-30T15:34+09:00 |
| jvndb-2015-000152 | Cybozu Garoon vulnerable to LDAP injection | 2015-10-07T14:48+09:00 | 2016-06-02T19:15+09:00 |
| jvndb-2015-000153 | Dojo Toolkit vulnerable to cross-site scripting | 2015-10-09T14:12+09:00 | 2015-10-14T17:26+09:00 |
| jvndb-2015-000154 | phpRechnung vulnerable to SQL injection | 2015-10-09T14:12+09:00 | 2015-10-14T17:26+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2016:3109-1 | Security update for Linux Kernel Live Patch 13 for SLE 12 | 2016-12-13T11:51:01Z | 2016-12-13T11:51:01Z |
| suse-su-2016:3110-1 | Security update for xorg-x11-libXv | 2016-12-13T11:52:54Z | 2016-12-13T11:52:54Z |
| suse-su-2016:3115-1 | Security update for xorg-x11-libXrender | 2016-12-13T11:54:51Z | 2016-12-13T11:54:51Z |
| suse-su-2016:3117-1 | Security update for Linux Kernel Live Patch 5 for SLE 12 SP1 | 2016-12-13T12:33:02Z | 2016-12-13T12:33:02Z |
| suse-su-2016:3116-1 | Security update for Linux Kernel Live Patch 8 for SLE 12 SP1 | 2016-12-13T12:33:17Z | 2016-12-13T12:33:17Z |
| suse-su-2016:3119-1 | Security update for Linux Kernel Live Patch 11 for SLE 12 | 2016-12-13T13:29:01Z | 2016-12-13T13:29:01Z |
| suse-su-2016:3146-1 | Security update for the Linux Kernel | 2016-12-13T21:35:47Z | 2016-12-13T21:35:47Z |
| suse-su-2016:3148-1 | Security update for flash-player | 2016-12-14T10:10:26Z | 2016-12-14T10:10:26Z |
| suse-su-2016:3156-1 | Security update for xen | 2016-12-14T13:56:32Z | 2016-12-14T13:56:32Z |
| suse-su-2016:3161-1 | Security update for pcre | 2016-12-15T11:42:05Z | 2016-12-15T11:42:05Z |
| suse-su-2016:3162-1 | Security update for pacemaker | 2016-12-15T13:52:25Z | 2016-12-15T13:52:25Z |
| suse-su-2016:3169-1 | Security update for Linux Kernel Live Patch 0 for SLE 12 SP2 | 2016-12-15T22:16:06Z | 2016-12-15T22:16:06Z |
| suse-su-2016:3172-1 | Security update for xorg-x11-libXfixes | 2016-12-16T10:02:09Z | 2016-12-16T10:02:09Z |
| suse-su-2016:3174-1 | Security update for xen | 2016-12-16T12:01:04Z | 2016-12-16T12:01:04Z |
| suse-su-2016:3183-1 | Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 | 2016-12-16T14:27:26Z | 2016-12-16T14:27:26Z |
| suse-su-2016:3188-1 | Security update for the Linux Kernel | 2016-12-16T16:05:14Z | 2016-12-16T16:05:14Z |
| suse-su-2016:3189-1 | Security update for xorg-x11-libs | 2016-12-16T17:05:53Z | 2016-12-16T17:05:53Z |
| suse-su-2016:3193-1 | Security update for ntp | 2016-12-19T16:07:30Z | 2016-12-19T16:07:30Z |
| suse-su-2016:3196-1 | Security update for ntp | 2016-12-19T16:07:40Z | 2016-12-19T16:07:40Z |
| suse-su-2016:3195-1 | Security update for ntp | 2016-12-19T16:08:04Z | 2016-12-19T16:08:04Z |
| suse-su-2016:3197-1 | Security update for Linux Kernel Live Patch 15 for SLE 12 | 2016-12-20T11:23:18Z | 2016-12-20T11:23:18Z |
| suse-su-2016:3199-1 | Security update for dnsmasq | 2016-12-20T12:18:38Z | 2016-12-20T12:18:38Z |
| suse-su-2016:3203-1 | Security update for the Linux Kernel | 2016-12-20T17:25:20Z | 2016-12-20T17:25:20Z |
| suse-su-2016:3206-1 | Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 | 2016-12-21T12:46:59Z | 2016-12-21T12:46:59Z |
| suse-su-2016:3205-1 | Security update for Linux Kernel Live Patch 9 for SLE 12 SP1 | 2016-12-21T12:47:45Z | 2016-12-21T12:47:45Z |
| suse-su-2016:3208-1 | Security update for xen | 2016-12-21T14:48:55Z | 2016-12-21T14:48:55Z |
| suse-su-2016:3207-1 | Security update for xen | 2016-12-21T14:50:13Z | 2016-12-21T14:50:13Z |
| suse-su-2016:3211-1 | Security update for gd | 2016-12-21T15:24:29Z | 2016-12-21T15:24:29Z |
| suse-su-2016:3209-1 | Security update for zlib | 2016-12-21T15:25:07Z | 2016-12-21T15:25:07Z |
| suse-su-2016:3210-1 | Security update for MozillaFirefox | 2016-12-21T15:25:59Z | 2016-12-21T15:25:59Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2020:0912-1 | Security update for unbound | 2020-06-29T18:20:25Z | 2020-06-29T18:20:25Z |
| opensuse-su-2020:0913-1 | Security update for unbound | 2020-06-29T18:20:32Z | 2020-06-29T18:20:32Z |
| opensuse-su-2020:0914-1 | Security update for squid | 2020-06-29T18:20:37Z | 2020-06-29T18:20:37Z |
| opensuse-su-2020:0915-1 | Security update for mutt | 2020-06-29T18:20:43Z | 2020-06-29T18:20:43Z |
| opensuse-su-2020:0917-1 | Security update for opera | 2020-07-02T17:52:52Z | 2020-07-02T17:52:52Z |
| opensuse-su-2020:0925-1 | Security update for Virtualbox | 2020-07-03T12:17:20Z | 2020-07-03T12:17:20Z |
| opensuse-su-2020:0928-1 | Security update for chocolate-doom | 2020-07-05T12:16:18Z | 2020-07-05T12:16:18Z |
| opensuse-su-2020:0931-1 | Security update for python3 | 2020-07-05T16:16:28Z | 2020-07-05T16:16:28Z |
| opensuse-su-2020:0933-1 | Security update for rust, rust-cbindgen | 2020-07-06T12:56:10Z | 2020-07-06T12:56:10Z |
| opensuse-su-2020:0934-1 | Security update for ntp | 2020-07-06T14:39:34Z | 2020-07-06T14:39:34Z |
| opensuse-su-2020:0939-1 | Security update for chocolate-doom | 2020-07-06T22:28:50Z | 2020-07-06T22:28:50Z |
| opensuse-su-2020:0940-1 | Security update for python3 | 2020-07-06T22:29:01Z | 2020-07-06T22:29:01Z |
| opensuse-su-2020:0944-1 | Security update for live555 | 2020-07-06T22:29:21Z | 2020-07-06T22:29:21Z |
| opensuse-su-2020:0945-1 | Security update for rust, rust-cbindgen | 2020-07-07T05:51:07Z | 2020-07-07T05:51:07Z |
| opensuse-su-2020:0947-1 | Security update for chocolate-doom | 2020-07-08T14:26:14Z | 2020-07-08T14:26:14Z |
| opensuse-su-2020:0949-1 | Security update for opera | 2020-07-10T06:37:58Z | 2020-07-10T06:37:58Z |
| opensuse-su-2020:0950-1 | Security update for opera | 2020-07-10T06:38:05Z | 2020-07-10T06:38:05Z |
| opensuse-su-2020:0952-1 | Security update for nasm | 2020-07-13T14:30:07Z | 2020-07-13T14:30:07Z |
| opensuse-su-2020:0953-1 | Security update for mozilla-nss | 2020-07-13T14:30:16Z | 2020-07-13T14:30:16Z |
| opensuse-su-2020:0954-1 | Security update for nasm | 2020-07-13T14:30:22Z | 2020-07-13T14:30:22Z |
| opensuse-su-2020:0955-1 | Security update for mozilla-nss | 2020-07-13T16:28:37Z | 2020-07-13T16:28:37Z |
| opensuse-su-2020:0956-1 | Security update for openldap2 | 2020-07-14T04:27:13Z | 2020-07-14T04:27:13Z |
| opensuse-su-2020:0957-1 | Security update for permissions | 2020-07-14T04:27:19Z | 2020-07-14T04:27:19Z |
| opensuse-su-2020:0958-1 | Security update for hylafax+ | 2020-07-14T04:27:24Z | 2020-07-14T04:27:24Z |
| opensuse-su-2020:0960-1 | Security update for LibVNCServer | 2020-07-14T04:27:36Z | 2020-07-14T04:27:36Z |
| opensuse-su-2020:0965-1 | Security update for xen | 2020-07-15T12:42:14Z | 2020-07-15T12:42:14Z |
| opensuse-su-2020:0967-1 | Security update for MozillaThunderbird | 2020-07-15T12:42:49Z | 2020-07-15T12:42:49Z |
| opensuse-su-2020:0970-1 | Security update for openexr | 2020-07-16T10:49:58Z | 2020-07-16T10:49:58Z |
| opensuse-su-2020:0935-1 | Security update for the Linux Kernel | 2020-07-16T15:02:53Z | 2020-07-16T15:02:53Z |
| opensuse-su-2020:0976-1 | Security update for openldap2 | 2020-07-17T16:29:26Z | 2020-07-17T16:29:26Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2015-01249 | MIT Kerberos拒绝服务漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01250 | Red Hat JBoss Enterprise Application Platform访问限制绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01252 | OpenLDAP双重释放漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01253 | WordPress Elegant Themes Divi主题目录遍历漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01254 | Rsync任意文件写入漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01255 | OpenLDAP拒绝服务漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01256 | Piwigo 'admin.php' SQL注入漏洞(CNVD-2015-01256) | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01257 | Exponent CMS存在多个跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01258 | Android整数溢出漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01259 | Jython访问限制绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01260 | Phusion Passenger符号链接攻击漏洞(CNVD-2015-01260) | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01261 | Red Hat JBoss Enterprise Application Platform Application Server JacORB子系统信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01262 | Red Hat JBoss Weld竞争条件信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01263 | Piwigo 'admin.php'跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01264 | Samsung Security Manager安全绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01265 | Motorola Mobility Scanner SDK本地特权提升漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01266 | Motorola Mobility Scanner SDK存在多个栈缓冲区溢出漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01267 | IBM Flex System Manager本地信息泄露漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01268 | Ogaki Kyoritsu bank Smartphone Passbook for Android信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01269 | Ogaki Kyoritsu bank Smartphone Passbook安全绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01270 | Red Hat JBoss Enterprise Application Platform Role Based Access Control组件安全绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01271 | IBM WebSphere MQ资源管理拒绝服务漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01272 | McAfee Data Loss Prevention Endpoint信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01273 | IBM WebSphere Portal跨站脚本漏洞(CNVD-2015-01273) | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01274 | McAfee Email Gateway跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01275 | McAfee Data Loss Prevention Endpoint跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01276 | McAfee Data Loss Prevention Endpoint SQL注入漏洞(CNVD-2015-01276) | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01277 | WordPress插件Redirection Page存在多个跨站请求伪造漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01278 | WordPress插件Mobile Domain存在多个跨站请求伪造漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01294 | Android 'GraphicBuffer::unflatten'函数整数溢出漏洞 | 2015-02-21 | 2015-02-27 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2005-avi-082 | Vulnérabilité de gFTP | 2005-02-18T00:00:00.000000 | 2005-06-14T00:00:00.000000 |
| certa-2005-avi-083 | Vulnérabilité dans PuTTY | 2005-02-21T00:00:00.000000 | 2005-02-22T00:00:00.000000 |
| certa-2005-avi-084 | Vulnérabilité dans Squid | 2005-02-21T00:00:00.000000 | 2005-06-10T00:00:00.000000 |
| certa-2005-avi-085 | Vulnérabilité de unace | 2005-02-24T00:00:00.000000 | 2005-06-23T00:00:00.000000 |
| certa-2005-avi-086 | Vulnérabilités de phpBB | 2005-02-24T00:00:00.000000 | 2005-02-24T00:00:00.000000 |
| certa-2005-avi-087 | Multiples Vunérabilités dans Cyrus IMAP | 2005-02-28T00:00:00.000000 | 2005-03-07T00:00:00.000000 |
| certa-2005-avi-088 | Vulnérabilité de KCMS sous Solaris | 2005-02-28T00:00:00.000000 | 2005-02-28T00:00:00.000000 |
| certa-2005-avi-089 | Vulnérabilité dans les produits Trend Micro | 2005-02-28T00:00:00.000000 | 2005-02-28T00:00:00.000000 |
| certa-2005-avi-090 | Vulnérabilités du système Cisco ACNS | 2005-02-28T00:00:00.000000 | 2005-02-28T00:00:00.000000 |
| certa-2005-avi-091 | Vulnérabilité dans ftpd sous HP-UX | 2005-02-28T00:00:00.000000 | 2005-02-28T00:00:00.000000 |
| certa-2005-avi-092 | Vulnérabilité dans IBM Hardware Management Console | 2005-02-28T00:00:00.000000 | 2005-02-28T00:00:00.000000 |
| certa-2005-avi-093 | Vulnérabilités dans cURL/libcURL | 2005-03-01T00:00:00.000000 | 2005-03-17T00:00:00.000000 |
| certa-2005-avi-094 | Vulnérabilité de STSF Font Server Daemon | 2005-03-01T00:00:00.000000 | 2005-03-01T00:00:00.000000 |
| certa-2005-avi-095 | Multiples vulnérabilités dans Mozilla | 2005-03-02T00:00:00.000000 | 2005-03-21T00:00:00.000000 |
| certa-2005-avi-096 | Vulnérabilités dans phpBB | 2005-03-02T00:00:00.000000 | 2005-07-11T00:00:00.000000 |
| certa-2005-avi-097 | Vulnérabilité dans UW-imapd | 2005-03-02T00:00:00.000000 | 2005-06-10T00:00:00.000000 |
| certa-2005-avi-098 | Vulnérabilité de kppp | 2005-03-03T00:00:00.000000 | 2005-03-09T00:00:00.000000 |
| certa-2005-avi-099 | Vulnérabilités dans RealOne Player | 2005-03-03T00:00:00.000000 | 2005-03-11T00:00:00.000000 |
| certa-2005-avi-100 | Multiples vulnérabilités dans le logiciel de license de Computer Associates | 2005-03-03T00:00:00.000000 | 2005-03-03T00:00:00.000000 |
| certa-2005-avi-101 | Vulnérabilité de KDE | 2005-03-08T00:00:00.000000 | 2005-03-08T00:00:00.000000 |
| certa-2005-avi-102 | Multiples vulnérabilités dans GAIM | 2005-03-08T00:00:00.000000 | 2005-03-11T00:00:00.000000 |
| certa-2005-avi-371 | Vulnérabilité de Squid | 2005-03-08T00:00:00.000000 | 2005-10-12T00:00:00.000000 |
| certa-2005-avi-103 | Vulnérabilités dans Ethereal | 2005-03-11T00:00:00.000000 | 2005-04-29T00:00:00.000000 |
| certa-2005-avi-104 | Vulnérabilité de libXpm | 2005-03-11T00:00:00.000000 | 2005-06-09T00:00:00.000000 |
| certa-2005-avi-105 | Vulnérabilité de libexif | 2005-03-11T00:00:00.000000 | 2005-11-24T00:00:00.000000 |
| certa-2005-avi-106 | Multiples vulnérabilités de grsecurity | 2005-03-11T00:00:00.000000 | 2005-03-11T00:00:00.000000 |
| certa-2005-avi-107 | Vulnérabilité de xv | 2005-03-11T00:00:00.000000 | 2005-03-25T00:00:00.000000 |
| certa-2005-avi-124 | Multiples vulnérabilités dans le client Telnet | 2005-03-13T00:00:00.000000 | 2005-07-22T00:00:00.000000 |
| certa-2005-avi-108 | Vulnérabilité de Microsoft Exchange Server 2003 | 2005-03-14T00:00:00.000000 | 2005-03-14T00:00:00.000000 |
| certa-2005-avi-109 | Mulitples vulnérabilités dans Novell iChain FTP Server | 2005-03-14T00:00:00.000000 | 2005-03-14T00:00:00.000000 |