Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-23742 |
8.8 (3.1)
|
Skipper arbitrary code execution through lua filters |
zalando |
skipper |
2026-01-16T20:07:46.746Z | 2026-01-16T20:24:12.702Z |
| CVE-2025-13083 |
3.7 (3.1)
|
Drupal core - Moderately critical - Information disclo… |
Drupal |
Drupal core |
2025-11-18T16:55:37.269Z | 2026-01-16T20:14:00.799Z |
| CVE-2026-23727 |
4.8 (4.0)
|
WeGIA has an Open Redirect Vulnerability in control.ph… |
LabRedesCefetRJ |
WeGIA |
2026-01-16T19:41:46.940Z | 2026-01-16T19:49:16.754Z |
| CVE-2026-23535 |
8.1 (3.1)
|
wlc Path traversal: Unsanitized API slugs in download … |
WeblateOrg |
wlc |
2026-01-16T19:08:24.882Z | 2026-01-16T19:21:22.629Z |
| CVE-2025-62291 |
8.1 (3.1)
|
In the eap-mschapv2 plugin (client-side) in stron… |
strongSwan |
strongSwan |
2026-01-16T00:00:00.000Z | 2026-01-16T19:07:43.455Z |
| CVE-2025-68924 |
7.5 (3.1)
|
In Umbraco UmbracoForms through 8.13.16, an authe… |
Umbraco |
Forms |
2026-01-16T00:00:00.000Z | 2026-01-16T19:00:26.430Z |
| CVE-2024-58338 |
8.6 (4.0)
10 (3.1)
|
Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Tra… |
Ateme |
Flamingo XL |
2025-12-30T22:41:45.411Z | 2026-01-16T19:00:19.750Z |
| CVE-2024-58337 |
8.7 (4.0)
4.3 (3.1)
|
Akuvox Smart Intercom S539 Improper Access Control via… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.989Z | 2026-01-16T19:00:19.517Z |
| CVE-2024-58336 |
8.7 (4.0)
5.3 (3.1)
|
Akuvox Smart Intercom S539 Unauthenticated Video Strea… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.569Z | 2026-01-16T19:00:19.275Z |
| CVE-2024-58315 |
8.5 (4.0)
7.8 (3.1)
|
Tosibox Key Service 3.3.0 Local Privilege Escalation v… |
Tosibox Oy |
Tosibox Key Service |
2025-12-30T22:41:44.147Z | 2026-01-16T19:00:19.011Z |
| CVE-2023-54327 |
9.3 (4.0)
9.8 (3.1)
|
Tinycontrol LAN Controller 1.58a Authentication Bypass… |
Tinycontrol |
LAN Controller |
2025-12-30T22:41:43.728Z | 2026-01-16T19:00:18.796Z |
| CVE-2023-54163 |
8.8 (4.0)
7.5 (3.1)
|
NLB mKlik Macedonia 3.3.12 SQL Injection via Internati… |
NLB Banka AD Skopje |
NLB mKlik Makedonija |
2025-12-30T22:41:43.245Z | 2026-01-16T19:00:18.541Z |
| CVE-2023-53983 |
9.3 (4.0)
9.8 (3.1)
|
Anevia Flamingo XL/XS 3.6.20 Default Credentials Authe… |
Ateme |
Anevia Flamingo XL/XS |
2025-12-30T22:41:42.839Z | 2026-01-16T19:00:18.214Z |
| CVE-2023-53982 |
9.3 (4.0)
7.5 (3.1)
|
PMB 7.4.6 SQL Injection Vulnerability via Unsanitized … |
Sigb |
PMB |
2025-12-23T19:34:11.262Z | 2026-01-16T19:00:17.433Z |
| CVE-2023-53964 |
8.8 (4.0)
9.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Fac… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-22T21:37:17.482Z | 2026-01-16T19:00:17.216Z |
| CVE-2023-53962 |
8.8 (4.0)
7.5 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Dir… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-22T21:37:16.671Z | 2026-01-16T19:00:17.015Z |
| CVE-2023-53961 |
5.1 (4.0)
4.3 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Cross-Site Request … |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-22T21:37:16.249Z | 2026-01-16T19:00:16.776Z |
| CVE-2023-53960 |
9.3 (4.0)
9.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x SQL Injection via A… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-22T21:37:15.771Z | 2026-01-16T19:00:16.368Z |
| CVE-2023-53936 |
5.1 (4.0)
4.8 (3.1)
|
Cameleon CMS 2.7.4 Authenticated Persistent Cross-Site… |
tuzitio |
Cameleon CMS |
2025-12-18T19:53:33.354Z | 2026-01-16T19:00:15.747Z |
| CVE-2022-50916 |
8.7 (4.0)
7.2 (3.1)
|
e107 CMS v3.2.1 - Upload restriction bypass (Authentic… |
e107 |
e107 CMS |
2026-01-13T22:51:52.935Z | 2026-01-16T19:00:15.312Z |
| CVE-2022-50907 |
8.6 (4.0)
7.2 (3.1)
|
e107 CMS v3.2.1 - Admin Upload Restriction Bypass + RCE |
e107 |
e107 CMS |
2026-01-13T22:51:49.167Z | 2026-01-16T19:00:14.735Z |
| CVE-2022-50906 |
4.8 (4.0)
4.8 (3.1)
|
e107 CMS v3.2.1 - Admin Upload Restriction Bypass + St… |
e107 |
e107 CMS |
2026-01-13T22:51:48.496Z | 2026-01-16T19:00:14.289Z |
| CVE-2022-50804 |
5.1 (4.0)
8.8 (3.1)
|
JM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:42.422Z | 2026-01-16T19:00:14.014Z |
| CVE-2022-50795 |
8.5 (4.0)
7.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.100Z | 2026-01-16T19:00:12.897Z |
| CVE-2022-50792 |
8.7 (4.0)
7.5 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Fi… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:37.875Z | 2026-01-16T19:00:12.389Z |
| CVE-2022-50791 |
8.5 (4.0)
7.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:37.450Z | 2026-01-16T19:00:10.180Z |
| CVE-2022-50790 |
6.9 (4.0)
7.5 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Ra… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:37.051Z | 2026-01-16T18:59:59.915Z |
| CVE-2022-50789 |
8.5 (4.0)
7.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:36.629Z | 2026-01-16T18:59:59.639Z |
| CVE-2022-50696 |
9.3 (4.0)
9.8 (3.1)
|
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Hardcoded Credenti… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:35.214Z | 2026-01-16T18:59:59.439Z |
| CVE-2019-25279 |
6.8 (4.0)
7.5 (3.1)
|
FaceSentry Access Control System 6.4.8 Cleartext Passw… |
iWT Ltd. |
FaceSentry Access Control System |
2026-01-07T23:10:00.907Z | 2026-01-16T18:59:58.793Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-40978 |
5.1 (4.0)
|
Multiple vulnerabilities in WorkDo products |
WorkDo |
eCommerceGo SaaS |
2026-01-12T11:28:35.332Z | 2026-01-12T12:53:10.833Z |
| CVE-2025-40977 |
5.1 (4.0)
|
Multiple vulnerabilities in WorkDo products |
WorkDo |
eCommerceGo SaaS |
2026-01-12T11:28:01.725Z | 2026-01-12T13:10:34.512Z |
| CVE-2025-40976 |
5.1 (4.0)
|
Multiple vulnerabilities in WorkDo products |
WorkDo |
TicketGo |
2026-01-12T11:27:20.271Z | 2026-01-12T14:37:56.810Z |
| CVE-2025-40975 |
5.1 (4.0)
|
Multiple vulnerabilities in WorkDo products |
WorkDo |
HRMGo |
2026-01-12T11:26:30.574Z | 2026-01-12T14:38:20.788Z |
| CVE-2025-40944 |
7.5 (3.1)
8.7 (4.0)
|
A vulnerability has been identified in SIMATIC ET… |
Siemens |
SIMATIC ET 200AL IM 157-1 PN |
2026-01-13T09:44:05.792Z | 2026-01-13T17:21:36.848Z |
| CVE-2025-40805 |
10 (3.1)
10 (4.0)
|
Affected devices do not properly enforce user aut… |
Siemens |
Industrial Edge Cloud Device (IECD) |
2026-01-13T09:44:03.338Z | 2026-01-13T17:37:40.414Z |
| CVE-2025-15505 |
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
|
Luxul XWR-600 Web Administration cross site scripting |
Luxul |
XWR-600 |
2026-01-11T01:32:07.400Z | 2026-02-23T08:28:56.629Z |
| CVE-2025-14976 |
5.4 (3.1)
|
User Registration & Membership <= 4.4.8 - Cross-Site R… |
wpeverest |
User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin |
2026-01-10T08:22:57.183Z | 2026-01-12T13:08:25.004Z |
| CVE-2025-14948 |
5.3 (3.1)
|
miniOrange OTP Verification and SMS Notification for W… |
cyberlord92 |
miniOrange OTP Verification and SMS Notification for WooCommerce |
2026-01-10T07:03:55.561Z | 2026-01-12T13:08:10.342Z |
| CVE-2025-14943 |
4.3 (3.1)
|
Blog2Social: Social Media Auto Post & Scheduler <= 8.7… |
pr-gateway |
Blog2Social: Social Media Auto Post & Scheduler |
2026-01-10T06:32:34.320Z | 2026-01-12T13:40:35.845Z |
| CVE-2025-14579 |
4.8 (3.1)
|
Quiz Maker < 6.7.0.89 - Admin+ Stored XSS |
Unknown |
Quiz Maker |
2026-01-12T06:00:10.319Z | 2026-01-12T16:23:40.641Z |
| CVE-2025-14555 |
6.4 (3.1)
|
Countdown Timer - Widget Countdown <= 2.7.7 - Authenti… |
wpdevart |
Countdown Timer – Widget Countdown |
2026-01-10T12:23:16.588Z | 2026-01-12T13:10:31.231Z |
| CVE-2025-14506 |
6.4 (3.1)
|
ConvertForce Popup Builder <= 0.0.7 - Stored Cross-Sit… |
imtiazrayhan |
ConvertForce Popup Builder |
2026-01-10T11:22:38.947Z | 2026-01-12T13:10:20.692Z |
| CVE-2025-14279 |
8.1 (3.0)
|
DNS Rebinding Vulnerability in mlflow/mlflow |
mlflow |
mlflow/mlflow |
2026-01-12T08:15:58.607Z | 2026-01-12T14:54:38.693Z |
| CVE-2025-14001 |
5.4 (3.1)
|
WP Duplicate Page <= 1.8 - Missing Authorization to Au… |
ninjateam |
WP Duplicate Page |
2026-01-13T11:21:19.781Z | 2026-01-13T17:18:48.237Z |
| CVE-2025-13457 |
7.5 (3.1)
|
WooCommerce Square <= 5.1.1 - Unauthenticated Insecure… |
woocommerce |
WooCommerce Square |
2026-01-10T03:21:01.113Z | 2026-01-12T16:49:14.896Z |
| CVE-2025-13393 |
4.3 (3.1)
|
Featured Image from URL (FIFU) <= 5.3.1 - Authenticate… |
marceljm |
Featured Image from URL (FIFU) |
2026-01-10T13:47:35.750Z | 2026-01-12T18:28:15.408Z |
| CVE-2025-12379 |
6.4 (3.1)
|
Shortcodes and extra features for Phlox theme <= 2.17.… |
averta |
Shortcodes and extra features for Phlox theme |
2026-01-10T13:47:35.146Z | 2026-01-12T18:29:20.473Z |
| CVE-2025-40569 |
4.8 (3.1)
5.9 (4.0)
|
A vulnerability has been identified in RUGGEDCOM … |
Siemens |
RUGGEDCOM RST2428P |
2025-06-10T15:17:33.607Z | 2026-01-13T09:44:00.704Z |
| CVE-2025-40568 |
4.3 (3.1)
5.3 (4.0)
|
A vulnerability has been identified in RUGGEDCOM … |
Siemens |
RUGGEDCOM RST2428P |
2025-06-10T15:17:31.304Z | 2026-01-13T09:43:59.458Z |
| CVE-2025-40567 |
6.5 (3.1)
7.1 (4.0)
|
A vulnerability has been identified in RUGGEDCOM … |
Siemens |
RUGGEDCOM RST2428P |
2025-06-10T15:17:28.878Z | 2026-01-13T09:43:58.289Z |
| CVE-2024-56840 |
7.2 (3.1)
7.5 (4.0)
|
A vulnerability has been identified in RUGGEDCOM … |
Siemens |
RUGGEDCOM ROX MX5000 |
2025-12-09T10:44:19.188Z | 2026-01-13T09:43:55.345Z |
| CVE-2024-56839 |
7.2 (3.1)
8.6 (4.0)
|
A vulnerability has been identified in RUGGEDCOM … |
Siemens |
RUGGEDCOM ROX MX5000 |
2025-12-09T10:44:18.103Z | 2026-01-13T09:43:54.268Z |
| CVE-2024-56838 |
7.2 (3.1)
8.6 (4.0)
|
A vulnerability has been identified in RUGGEDCOM … |
Siemens |
RUGGEDCOM ROX MX5000 |
2025-12-09T10:44:17.019Z | 2026-01-13T09:43:53.194Z |
| CVE-2024-56837 |
7.2 (3.1)
8.6 (4.0)
|
A vulnerability has been identified in RUGGEDCOM … |
Siemens |
RUGGEDCOM ROX MX5000 |
2025-12-09T10:44:15.934Z | 2026-01-13T09:43:52.096Z |
| CVE-2024-56836 |
7.5 (3.1)
7.7 (4.0)
|
A vulnerability has been identified in RUGGEDCOM … |
Siemens |
RUGGEDCOM ROX MX5000 |
2025-12-09T10:44:14.820Z | 2026-01-13T09:43:50.967Z |
| CVE-2024-56835 |
8.8 (3.1)
8.7 (4.0)
|
A vulnerability has been identified in RUGGEDCOM … |
Siemens |
RUGGEDCOM ROX MX5000 |
2025-12-09T10:44:13.701Z | 2026-01-13T09:43:49.860Z |
| CVE-2024-49775 |
9.8 (3.1)
9.3 (4.0)
|
A vulnerability has been identified in Opcenter E… |
Siemens |
Opcenter Execution Foundation |
2024-12-16T15:06:04.714Z | 2026-01-13T09:43:48.714Z |
| CVE-2025-20748 |
6.7 (3.1)
|
In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:23.128Z | 2026-02-26T17:47:20.093Z |
| CVE-2025-20711 |
8.8 (3.1)
|
In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7916, MT7981, MT7986 |
2025-10-14T09:11:32.571Z | 2026-02-26T17:47:43.179Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-40805 | Affected devices do not properly enforce user authentication on specific API endpoints. This could … | 2026-01-13T10:15:58.047 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-15505 | A vulnerability was found in Luxul XWR-600 up to 4.0.1. The affected element is an unknown function… | 2026-01-11T02:15:58.890 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-14976 | The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Prof… | 2026-01-10T09:15:48.863 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-14948 | The miniOrange OTP Verification and SMS Notification for WooCommerce plugin for WordPress is vulner… | 2026-01-10T07:16:02.673 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-14943 | The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Sensitive… | 2026-01-10T07:16:02.343 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-14579 | The Quiz Maker WordPress plugin before 6.7.0.89 does not sanitise and escape some of its settings, … | 2026-01-12T06:16:10.193 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-14555 | The Countdown Timer – Widget Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scri… | 2026-01-10T13:15:48.353 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-14506 | The ConvertForce Popup Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi… | 2026-01-10T12:15:48.563 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-14279 | MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of … | 2026-01-12T09:15:50.577 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-14001 | The WP Duplicate Page plugin for WordPress is vulnerable to unauthorized modification of data due t… | 2026-01-13T12:15:48.630 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-13457 | The WooCommerce Square plugin for WordPress is vulnerable to Insecure Direct Object Reference in al… | 2026-01-10T04:15:59.540 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-13393 | The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Server-Side Request Forger… | 2026-01-10T14:15:49.907 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-12379 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cros… | 2026-01-10T14:15:49.690 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-40569 | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SC… | 2025-06-10T16:15:38.727 | 2026-01-13T10:15:57.920 |
| fkie_cve-2025-40568 | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SC… | 2025-06-10T16:15:38.537 | 2026-01-13T10:15:57.790 |
| fkie_cve-2025-40567 | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SC… | 2025-06-10T16:15:38.357 | 2026-01-13T10:15:57.643 |
| fkie_cve-2024-56840 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX… | 2025-12-09T16:17:29.500 | 2026-01-13T10:15:57.360 |
| fkie_cve-2024-56839 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX… | 2025-12-09T16:17:29.297 | 2026-01-13T10:15:57.237 |
| fkie_cve-2024-56838 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX… | 2025-12-09T16:17:29.120 | 2026-01-13T10:15:57.100 |
| fkie_cve-2024-56837 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX… | 2025-12-09T16:17:28.940 | 2026-01-13T10:15:56.970 |
| fkie_cve-2024-56836 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX… | 2025-12-09T16:17:28.760 | 2026-01-13T10:15:56.830 |
| fkie_cve-2024-56835 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX… | 2025-12-09T16:17:28.580 | 2026-01-13T10:15:56.650 |
| fkie_cve-2024-49775 | A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), O… | 2024-12-16T15:15:07.173 | 2026-01-13T10:15:56.083 |
| fkie_cve-2025-20748 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T07:15:50.343 | 2026-01-13T06:15:49.650 |
| fkie_cve-2025-20711 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-10-14T10:15:35.580 | 2026-01-13T06:15:49.410 |
| fkie_cve-2025-15070 | Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in … | 2025-12-29T06:15:51.947 | 2026-01-13T05:16:10.880 |
| fkie_cve-2025-15069 | Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue af… | 2025-12-29T06:15:51.783 | 2026-01-13T05:16:09.870 |
| fkie_cve-2025-15068 | Missing Authorization vulnerability in Gmission Web Fax allows Authentication Abuse, Session Creden… | 2025-12-29T06:15:51.533 | 2026-01-13T05:16:06.463 |
| fkie_cve-2026-22837 | Rejected reason: Not used | 2026-01-13T04:15:49.500 | 2026-01-13T04:15:49.500 |
| fkie_cve-2026-22836 | Rejected reason: Not used | 2026-01-13T04:15:49.423 | 2026-01-13T04:15:49.423 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-7fj8-g5x7-m9v3 |
9.3 (4.0)
|
A flaw in the binding process of Govee’s cloud platform and devices allows a remote attacker to bin… | 2025-12-18T12:30:27Z | 2025-12-19T21:30:18Z |
| ghsa-x77x-f67v-g9v4 |
8.8 (3.1)
8.7 (4.0)
|
AVideo versions prior to 20.0 permit any authenticated user to upload comment images to videos owne… | 2025-12-17T21:30:49Z | 2025-12-19T21:30:17Z |
| ghsa-r8vm-wp6w-fxfh |
8.1 (3.1)
5.3 (4.0)
|
AVideo versions prior to 20.0 contain an insecure direct object reference vulnerability allowing us… | 2025-12-17T21:30:49Z | 2025-12-19T21:30:17Z |
| ghsa-pjv2-vrgg-p8qv |
9.1 (3.1)
9.3 (4.0)
|
AVideo versions prior to 20.0 with the ImageGallery plugin enabled is vulnerable to unauthenticated… | 2025-12-17T21:30:48Z | 2025-12-19T21:30:17Z |
| ghsa-9p28-mpwc-hjwf |
8.8 (3.1)
8.7 (4.0)
|
AVideo versions prior to 20.0 allow any authenticated user to upload files into directories belongi… | 2025-12-17T21:30:49Z | 2025-12-19T21:30:17Z |
| ghsa-7m48-2x85-6wq3 |
6.5 (3.1)
8.7 (4.0)
|
AVideo versions prior to 20.0 are vulnerable to an insecure direct object reference (IDOR) that all… | 2025-12-17T21:30:48Z | 2025-12-19T21:30:17Z |
| ghsa-3pgj-h3jv-hj48 |
6.1 (3.1)
4.8 (4.0)
|
AVideo versions prior to 20.0 are vulnerable to an open redirect flaw due to missing validation of … | 2025-12-17T21:30:49Z | 2025-12-19T21:30:17Z |
| ghsa-v4hm-2c9r-89mm |
6.1 (3.1)
5.3 (4.0)
|
MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in … | 2025-12-10T00:30:22Z | 2025-12-19T21:30:16Z |
| ghsa-rgfp-jjhj-3wph |
6.1 (3.1)
8.6 (4.0)
|
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that a… | 2025-12-11T18:30:45Z | 2025-12-19T21:30:16Z |
| ghsa-r6g3-qgx7-w7m3 |
9.8 (3.1)
9.3 (4.0)
|
MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to ch… | 2025-12-09T21:31:49Z | 2025-12-19T21:30:16Z |
| ghsa-ppvc-j5f4-q5rv |
7.5 (3.1)
8.7 (4.0)
|
MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read … | 2025-12-09T21:31:49Z | 2025-12-19T21:30:16Z |
| ghsa-g24h-8xr2-34q6 |
5.3 (3.1)
8.7 (4.0)
|
MiniDVBLinux 5.4 contains an unauthenticated vulnerability in the tv_action.sh script that allows r… | 2025-12-09T21:31:49Z | 2025-12-19T21:30:16Z |
| ghsa-8wjp-8f9v-ph26 |
9.8 (3.1)
6.9 (4.0)
|
MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows r… | 2025-12-09T21:31:49Z | 2025-12-19T21:30:16Z |
| ghsa-xc45-gmq4-mwpv |
6.1 (3.1)
|
Cross Site Scripting (XSS) vulnerability in Kentico before 12.0.75. | 2022-05-24T17:27:41Z | 2025-12-19T21:30:15Z |
| ghsa-rhmr-8qxw-mm32 |
5.4 (3.1)
5.3 (4.0)
|
TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open Obje… | 2025-12-04T21:31:06Z | 2025-12-19T21:30:15Z |
| ghsa-mx46-g635-gjjg |
7.5 (3.1)
8.7 (4.0)
|
MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows remot… | 2025-12-09T21:31:49Z | 2025-12-19T21:30:15Z |
| ghsa-j96r-4w2q-c7qw |
6.5 (3.1)
8.7 (4.0)
|
OpenBMCS 2.4 contains an SQL injection vulnerability that allows authenticated attackers to manipul… | 2025-12-09T21:31:48Z | 2025-12-19T21:30:15Z |
| ghsa-hff9-gq78-65hw |
7.2 (3.1)
6.9 (4.0)
|
OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewal… | 2025-12-09T21:31:48Z | 2025-12-19T21:30:15Z |
| ghsa-9qgr-cjq2-5m82 |
4.3 (3.1)
5.3 (4.0)
|
OpenBMCS 2.4 contains a CSRF vulnerability that allows attackers to perform actions with administra… | 2025-12-09T21:31:48Z | 2025-12-19T21:30:15Z |
| ghsa-94fr-f773-p7wg |
7.5 (3.1)
8.7 (4.0)
|
OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers… | 2025-12-09T21:31:48Z | 2025-12-19T21:30:15Z |
| ghsa-2x34-p5xr-4cq8 |
5.3 (3.1)
6.9 (4.0)
|
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated a… | 2025-12-03T12:30:14Z | 2025-12-19T21:30:15Z |
| ghsa-fq89-6j7c-j6fv |
6.1 (3.1)
|
Kentico Xperience 13.0.44 allows XSS via an XML document to the Media Libraries subsystem. | 2022-01-11T00:01:02Z | 2025-12-19T21:30:14Z |
| ghsa-f28x-5fx8-2j2h |
4.9 (3.1)
|
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an atta… | 2022-04-17T00:00:32Z | 2025-12-19T21:30:14Z |
| ghsa-997h-jrc2-j4f2 |
5.4 (3.1)
|
Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with th… | 2022-05-24T17:02:29Z | 2025-12-19T21:30:14Z |
| ghsa-hp6r-r9vc-q8wx |
6.3 (3.1)
5.4 (4.0)
|
FastAPI SSP is vulnerable to Cross-site Request Forgery (CSRF) through improper OAuth parameter val… | 2025-12-19T06:30:27Z | 2025-12-19T21:08:32Z |
| ghsa-gphj-4h6p-37xq |
4.9 (3.1)
|
Elasticsearch privileged authenticated users can cause DoS through Excessive Resource Allocation | 2025-12-19T00:31:42Z | 2025-12-19T21:07:24Z |
| ghsa-2mj3-6grc-px38 |
6.5 (3.1)
|
Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in D… | 2025-12-19T00:31:42Z | 2025-12-19T21:04:09Z |
| ghsa-qf7c-7r9h-mm92 |
6.5 (3.1)
|
Elasticsearch has Excessive Allocation of Resources via Submission of Oversized User Settings Data | 2025-12-19T00:31:42Z | 2025-12-19T19:23:40Z |
| ghsa-g6qx-wq5w-wr8v |
3.3 (3.1)
|
Mattermost Desktop App exposes sensitive information in its application logs | 2025-12-17T21:30:48Z | 2025-12-19T18:56:35Z |
| ghsa-xjv2-8h6h-m75g |
7.5 (3.1)
|
ArcSearch for iOS versions prior to 1.45.2 could display a different domain in the address bar than… | 2025-12-19T18:31:18Z | 2025-12-19T18:31:18Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-24420 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.958945Z |
| gsd-2024-24540 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.958736Z |
| gsd-2024-24098 | Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection via the News Feed. | 2024-01-26T06:02:25.958529Z |
| gsd-2024-24314 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.958325Z |
| gsd-2024-24172 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.958118Z |
| gsd-2024-24397 | Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.20… | 2024-01-26T06:02:25.957909Z |
| gsd-2024-24617 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.957609Z |
| gsd-2024-24431 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.957403Z |
| gsd-2024-24422 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.957198Z |
| gsd-2024-24060 | springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/user. | 2024-01-26T06:02:25.956989Z |
| gsd-2024-24125 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.956786Z |
| gsd-2024-24032 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.956575Z |
| gsd-2024-24072 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.956363Z |
| gsd-2024-24328 | TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vul… | 2024-01-26T06:02:25.956152Z |
| gsd-2024-24640 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.955949Z |
| gsd-2024-24220 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.955735Z |
| gsd-2024-24159 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.955523Z |
| gsd-2024-24284 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.955289Z |
| gsd-2024-24143 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.955026Z |
| gsd-2024-24609 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.954677Z |
| gsd-2024-24318 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.954467Z |
| gsd-2024-24150 | A memory leak issue discovered in parseSWF_TEXTRECORD in libming v0.4.8 allows attackers … | 2024-01-26T06:02:25.954255Z |
| gsd-2024-24009 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.954043Z |
| gsd-2024-24289 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.953835Z |
| gsd-2024-24093 | SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attacker… | 2024-01-26T06:02:25.953608Z |
| gsd-2024-24320 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.953375Z |
| gsd-2024-24373 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.953162Z |
| gsd-2024-24030 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.952947Z |
| gsd-2024-24656 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.952721Z |
| gsd-2024-24381 | The format of the source doesn't require a description, click on the link for more details. | 2024-01-26T06:02:25.952482Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-181710 | Malicious code in astam-ifut-dakaknuiloaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181709 | Malicious code in astam-ifut-dakaknuiaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181708 | Malicious code in astam-ifut-dakakioba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181707 | Malicious code in astam-ifut-dakaioba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181706 | Malicious code in astam-ifut-dakaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181705 | Malicious code in astam-ifut-dak (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181704 | Malicious code in astam-ifut-dabukaia (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181703 | Malicious code in astam-ifut-dabukaa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181702 | Malicious code in astam-ifut-dabuka (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181701 | Malicious code in astam-ifut-dabualiukaia (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181700 | Malicious code in astam-ifut-dabualiukabia (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181699 | Malicious code in astam-ifut-dabualikaia (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181698 | Malicious code in astam-ifut-dabuakaia (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181697 | Malicious code in astam-ifut-dabua (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181696 | Malicious code in astam-ifut-daba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181695 | Malicious code in astam-ifut-daaba (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181694 | Malicious code in astam-ifut-daaa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181693 | Malicious code in astam-ifut-da (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181692 | Malicious code in astam-ifulit-dakiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181691 | Malicious code in astam-ifukst-daiusikiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181690 | Malicious code in astam-ifuksit-daiusikiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181689 | Malicious code in astam-ifukilsit-dakiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181688 | Malicious code in astam-ifukilsit-daiusikiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181687 | Malicious code in astam-ifukilsit-daiskiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181686 | Malicious code in astam-ifukilsit-daisikiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181685 | Malicious code in astam-ifukilit-dakiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181684 | Malicious code in astam-ifuit-dakiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181683 | Malicious code in astam-ifuilit-dakiula (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181682 | Malicious code in astam-ift-diuhgoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| mal-2025-181681 | Malicious code in astam-ift-diugoa (npm) | 2025-11-12T22:25:03Z | 2025-11-12T22:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2022:0008 | Red Hat Security Advisory: samba security update | 2022-01-04T08:27:50+00:00 | 2025-11-21T18:27:36+00:00 |
| rhsa-2022:0007 | Red Hat Security Advisory: idm:DL1 security update | 2022-01-04T08:19:31+00:00 | 2025-11-21T18:27:36+00:00 |
| rhsa-2021:5227 | Red Hat Security Advisory: kernel security and bug fix update | 2021-12-21T09:47:26+00:00 | 2025-11-21T18:27:35+00:00 |
| rhsa-2021:5269 | Red Hat Security Advisory: rh-maven36-log4j12 security update | 2021-12-22T21:29:25+00:00 | 2025-11-21T18:27:34+00:00 |
| rhsa-2021:5241 | Red Hat Security Advisory: kernel-rt security and bug fix update | 2021-12-21T09:33:40+00:00 | 2025-11-21T18:27:34+00:00 |
| rhsa-2021:5238 | Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update | 2021-12-21T10:02:21+00:00 | 2025-11-21T18:27:34+00:00 |
| rhsa-2021:5236 | Red Hat Security Advisory: postgresql:13 security update | 2021-12-21T10:01:52+00:00 | 2025-11-21T18:27:34+00:00 |
| rhsa-2021:5235 | Red Hat Security Advisory: postgresql:12 security update | 2021-12-21T10:01:23+00:00 | 2025-11-21T18:27:34+00:00 |
| rhsa-2021:5219 | Red Hat Security Advisory: Red Hat Single Sign-On security update on RHEL 8 | 2021-12-20T16:20:57+00:00 | 2025-11-21T18:27:32+00:00 |
| rhsa-2021:5218 | Red Hat Security Advisory: Red Hat Single Sign-On 7.5.0 security update on RHEL 7 | 2021-12-20T16:23:30+00:00 | 2025-11-21T18:27:32+00:00 |
| rhsa-2021:5217 | Red Hat Security Advisory: Red Hat Single Sign-On 7.5.0 security update | 2021-12-20T16:16:21+00:00 | 2025-11-21T18:27:32+00:00 |
| rhsa-2021:5206 | Red Hat Security Advisory: log4j security update | 2021-12-20T09:54:00+00:00 | 2025-11-21T18:27:32+00:00 |
| rhsa-2021:5197 | Red Hat Security Advisory: rh-postgresql12-postgresql security update | 2021-12-16T18:22:54+00:00 | 2025-11-21T18:27:31+00:00 |
| rhsa-2021:5195 | Red Hat Security Advisory: ipa security and bug fix update | 2021-12-16T18:05:24+00:00 | 2025-11-21T18:27:31+00:00 |
| rhsa-2021:5192 | Red Hat Security Advisory: samba security and bug fix update | 2021-12-16T17:23:36+00:00 | 2025-11-21T18:27:31+00:00 |
| rhsa-2021:5191 | Red Hat Security Advisory: Red Hat 3scale API Management 2.11.1 Release - Container Images | 2021-12-16T18:02:46+00:00 | 2025-11-21T18:27:30+00:00 |
| rhsa-2021:5186 | Red Hat Security Advisory: OpenShift Container Platform 4.6.52 security update | 2021-12-16T22:34:47+00:00 | 2025-11-21T18:27:30+00:00 |
| rhsa-2021:5184 | Red Hat Security Advisory: OpenShift Container Platform 4.7.40 security update | 2021-12-16T21:40:28+00:00 | 2025-11-21T18:27:30+00:00 |
| rhsa-2021:5183 | Red Hat Security Advisory: OpenShift Container Platform 4.8.24 security update | 2021-12-16T21:14:49+00:00 | 2025-11-21T18:27:30+00:00 |
| rhsa-2021:5179 | Red Hat Security Advisory: rh-postgresql13-postgresql security update | 2021-12-16T16:38:40+00:00 | 2025-11-21T18:27:30+00:00 |
| rhsa-2021:5142 | Red Hat Security Advisory: idm:DL1 security update | 2021-12-15T08:09:11+00:00 | 2025-11-21T18:27:27+00:00 |
| rhsa-2021:5082 | Red Hat Security Advisory: samba security update | 2021-12-13T08:51:05+00:00 | 2025-11-21T18:27:21+00:00 |
| rhsa-2021:5081 | Red Hat Security Advisory: mailman:2.1 security update | 2021-12-13T08:28:58+00:00 | 2025-11-21T18:27:21+00:00 |
| rhsa-2021:5080 | Red Hat Security Advisory: mailman:2.1 security update | 2021-12-13T08:38:48+00:00 | 2025-11-21T18:27:20+00:00 |
| rhsa-2021:5071 | Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (python-eventlet) security update | 2021-12-09T20:20:27+00:00 | 2025-11-21T18:27:20+00:00 |
| rhsa-2021:5070 | Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (python-django20) security update | 2021-12-09T20:20:29+00:00 | 2025-11-21T18:27:20+00:00 |
| rhsa-2021:5065 | Red Hat Security Advisory: virt:av and virt-devel:av security, bug fix, and enhancement update | 2021-12-09T18:31:19+00:00 | 2025-11-21T18:27:19+00:00 |
| rhsa-2021:5055 | Red Hat Security Advisory: thunderbird security update | 2021-12-09T14:46:28+00:00 | 2025-11-21T18:27:19+00:00 |
| rhsa-2021:5048 | Red Hat Security Advisory: thunderbird security update | 2021-12-09T12:43:59+00:00 | 2025-11-21T18:27:19+00:00 |
| rhsa-2021:5047 | Red Hat Security Advisory: thunderbird security update | 2021-12-09T12:40:03+00:00 | 2025-11-21T18:27:18+00:00 |
| ID | Description | Updated |
|---|---|---|
| var-201407-0442 | Cross-site request forgery (CSRF) vulnerability in php/user_account.php in Silver Peak VX… | 2025-04-12T23:19:53.184000Z |
| var-201408-0035 | LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 … | 2025-04-12T23:19:52.888000Z |
| var-201412-0293 | The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows rem… | 2025-04-12T23:19:50.737000Z |
| var-201502-0113 | The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows re… | 2025-04-12T23:19:46.042000Z |
| var-201505-0173 | Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco Security Manager (CS… | 2025-04-12T23:19:44.786000Z |
| var-201505-0194 | Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server… | 2025-04-12T23:19:44.756000Z |
| var-201507-0545 | Cross-site scripting (XSS) vulnerability in Cisco Hosted Collaboration Solution 10.6(1) a… | 2025-04-12T23:19:43.520000Z |
| var-201508-0482 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse 10.5(1) allow remote… | 2025-04-12T23:19:43.339000Z |
| var-201508-0503 | The Prime Collaboration Deployment component in Cisco Unified Communications Manager 10.5… | 2025-04-12T23:19:43.309000Z |
| var-201509-0216 | The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 al… | 2025-04-12T23:19:43.081000Z |
| var-201509-0215 | The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware bef… | 2025-04-12T23:19:43.042000Z |
| var-201509-0217 | Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrat… | 2025-04-12T23:19:43.003000Z |
| var-201603-0045 | Untrusted search path vulnerability in ABB Panel Builder 800 5.1 allows local users to ga… | 2025-04-12T23:19:40.531000Z |
| var-201604-0563 | The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM)… | 2025-04-12T23:19:36.522000Z |
| var-201610-0319 | A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an u… | 2025-04-12T23:19:34.731000Z |
| var-202405-0485 | Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from… | 2025-04-12T23:19:18.603000Z |
| var-201405-0468 | Cross-site scripting (XSS) vulnerability in the web framework in Cisco Broadcast Access C… | 2025-04-12T23:18:59.767000Z |
| var-201406-0075 | QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS use… | 2025-04-12T23:18:59.603000Z |
| var-201407-0011 | config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9C… | 2025-04-12T23:18:59.298000Z |
| var-201410-0764 | Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet… | 2025-04-12T23:18:57.819000Z |
| var-201412-0292 | Cisco Prime Infrastructure allows remote authenticated users to read device-discovery pas… | 2025-04-12T23:18:56.008000Z |
| var-201502-0150 | The Wireless Intrusion Detection (aka WIDS) functionality on Cisco Wireless LAN Controlle… | 2025-04-12T23:18:54.691000Z |
| var-201503-0167 | Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly impleme… | 2025-04-12T23:18:54.396000Z |
| var-201503-0169 | The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier al… | 2025-04-12T23:18:54.371000Z |
| var-201506-0355 | Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines… | 2025-04-12T23:18:48.829000Z |
| var-201507-0143 | Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0… | 2025-04-12T23:18:48.716000Z |
| var-201507-0142 | Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving … | 2025-04-12T23:18:48.676000Z |
| var-201509-0023 | The Cisco Spark application 2015-07-04 for mobile operating systems does not properly ver… | 2025-04-12T23:18:48.039000Z |
| var-201510-0014 | Cisco Prime Infrastructure 2.2 allows remote attackers to cause a denial of service (daem… | 2025-04-12T23:18:47.563000Z |
| var-201511-0224 | Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco F… | 2025-04-12T23:18:46.630000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2019:1006-1 | Security update for SUSE Manager Server 3.2 | 2019-04-24T10:06:34Z | 2019-04-24T10:06:34Z |
| suse-ru-2019:1006-1 | Security update for SUSE Manager Server 3.2 | 2019-04-24T10:06:34Z | 2019-04-24T10:06:34Z |
| suse-su-2019:1001-1 | Security update for ntfs-3g_ntfsprogs | 2019-04-24T07:41:19Z | 2019-04-24T07:41:19Z |
| suse-su-2019:1000-1 | Security update for ntfs-3g_ntfsprogs | 2019-04-24T07:41:01Z | 2019-04-24T07:41:01Z |
| suse-su-2019:0997-1 | Security update for dovecot23 | 2019-04-23T16:43:38Z | 2019-04-23T16:43:38Z |
| suse-su-2019:0996-1 | Security update for curl | 2019-04-23T16:43:09Z | 2019-04-23T16:43:09Z |
| suse-su-2019:0988-1 | Security update for php72 | 2019-04-23T06:46:19Z | 2019-04-23T06:46:19Z |
| suse-su-2019:0985-1 | Security update for php5 | 2019-04-18T13:09:42Z | 2019-04-18T13:09:42Z |
| suse-su-2019:0977-1 | Security update for xerces-c | 2019-04-17T16:39:03Z | 2019-04-17T16:39:03Z |
| suse-su-2019:0973-1 | Security update for sqlite3 | 2019-04-17T12:44:32Z | 2019-04-17T12:44:32Z |
| suse-su-2019:0972-1 | Security update for python | 2019-04-17T12:44:13Z | 2019-04-17T12:44:13Z |
| suse-su-2019:0971-1 | Security update for python3 | 2019-04-17T12:43:37Z | 2019-04-17T12:43:37Z |
| suse-su-2019:0961-1 | Security update for python3 | 2019-04-16T15:13:45Z | 2019-04-16T15:13:45Z |
| suse-su-2019:0960-1 | Security update for slurm | 2019-04-16T13:02:41Z | 2019-04-16T13:02:41Z |
| suse-su-2019:0113-2 | Security update for krb5 | 2019-04-16T11:50:46Z | 2019-04-16T11:50:46Z |
| suse-su-2019:0956-1 | Security update for wget | 2019-04-16T11:08:08Z | 2019-04-16T11:08:08Z |
| suse-su-2019:0955-1 | Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP2) | 2019-04-16T11:06:42Z | 2019-04-16T11:06:42Z |
| suse-su-2019:0954-1 | Security update for openexr | 2019-04-16T11:06:03Z | 2019-04-16T11:06:03Z |
| suse-su-2018:4236-2 | Security update for MozillaFirefox, mozilla-nspr and mozilla-nss | 2019-04-15T15:37:00Z | 2019-04-15T15:37:00Z |
| suse-su-2019:14018-1 | Security update for python | 2019-04-15T14:36:25Z | 2019-04-15T14:36:25Z |
| suse-su-2019:0950-1 | Security update for SDL2 | 2019-04-15T09:56:40Z | 2019-04-15T09:56:40Z |
| suse-su-2019:0948-1 | Security update for libvirt | 2019-04-15T09:55:42Z | 2019-04-15T09:55:42Z |
| suse-su-2019:0049-2 | Security update for java-1_7_0-openjdk | 2019-04-12T18:44:10Z | 2019-04-12T18:44:10Z |
| suse-su-2019:0425-2 | Security update for systemd | 2019-04-12T18:04:35Z | 2019-04-12T18:04:35Z |
| suse-su-2019:0336-2 | Security update for MozillaFirefox | 2019-04-12T16:05:52Z | 2019-04-12T16:05:52Z |
| suse-su-2019:0941-1 | Security update for openssh | 2019-04-12T13:58:12Z | 2019-04-12T13:58:12Z |
| suse-su-2019:0940-1 | Security update for audiofile | 2019-04-12T11:20:07Z | 2019-04-12T11:20:07Z |
| suse-su-2019:0144-2 | Security update for ghostscript | 2019-04-12T09:29:53Z | 2019-04-12T09:29:53Z |
| suse-su-2019:0936-1 | Security update for libvirt | 2019-04-12T07:06:33Z | 2019-04-12T07:06:33Z |
| suse-su-2019:0249-2 | Security update for curl | 2019-04-12T06:24:04Z | 2019-04-12T06:24:04Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2024-27519 | Oracle MySQL Server存在未明漏洞(CNVD-2024-27519) | 2024-02-22 | 2024-06-19 |
| cnvd-2024-27518 | Oracle MySQL Server存在未明漏洞(CNVD-2024-27518) | 2024-02-22 | 2024-06-19 |
| cnvd-2024-27517 | Oracle MySQL Serve存在未明漏洞(CNVD-2024-27517) | 2023-10-20 | 2024-06-19 |
| cnvd-2024-29337 | Adobe Acrobat Reader缓冲区溢出漏洞(CNVD-2024-29337) | 2024-05-22 | 2024-06-18 |
| cnvd-2024-29336 | Adobe Acrobat Reader资源管理错误漏洞(CNVD-2024-29336) | 2024-05-23 | 2024-06-18 |
| cnvd-2024-27894 | MeterSphere跨站脚本漏洞 | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27893 | SAP Replication Server存在未明漏洞(CNVD-2024-27893) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27892 | SAP PDFViewer存在未明漏洞(CNVD-2024-27892) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27890 | Adobe Experience Manager跨站脚本漏洞(CNVD-2024-27890) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27889 | Adobe Experience Manager跨站脚本漏洞(CNVD-2024-27889) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27888 | Adobe Experience Manager跨站脚本漏洞(CNVD-2024-27888) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27887 | Adobe Experience Manager跨站脚本漏洞(CNVD-2024-27887) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27886 | Adobe Experience Manager跨站脚本漏洞(CNVD-2024-27886) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27885 | Adobe Experience Manager存在未明漏洞(CNVD-2024-27885) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27884 | Adobe Experience Manager跨站脚本漏洞(CNVD-2024-27884) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27883 | Adobe Experience Manager跨站脚本漏洞(CNVD-2024-27883) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27882 | Adobe Experience Manager跨站脚本漏洞(CNVD-2024-27882) | 2024-06-14 | 2024-06-18 |
| cnvd-2024-27563 | FFmpeg缓冲区溢出漏洞(CNVD-2024-27563) | 2024-04-23 | 2024-06-18 |
| cnvd-2024-27562 | FFmpeg缓冲区溢出漏洞(CNVD-2024-27562) | 2024-04-23 | 2024-06-18 |
| cnvd-2024-27561 | FFmpeg缓冲区溢出漏洞(CNVD-2024-27561) | 2024-04-23 | 2024-06-18 |
| cnvd-2024-27560 | FFmpeg缓冲区溢出漏洞(CNVD-2024-27560) | 2024-04-23 | 2024-06-18 |
| cnvd-2024-27559 | TOTOLINK EX1800T setRebootScheCfg接口命令执行漏洞 | 2023-12-29 | 2024-06-18 |
| cnvd-2024-27558 | Cesanta MJS拒绝服务漏洞(CNVD-2024-27558) | 2024-01-08 | 2024-06-18 |
| cnvd-2024-27557 | OneBlog跨站脚本漏洞 | 2024-03-22 | 2024-06-18 |
| cnvd-2024-27556 | AJ-Report SQL注入漏洞(CNVD-2024-27556) | 2024-05-28 | 2024-06-18 |
| cnvd-2024-27555 | J2EEFAST BpmTaskFromMapper.xml文件SQL注入漏洞 | 2024-05-27 | 2024-06-18 |
| cnvd-2024-27554 | TOTOLINK CP900L loginAuth函数缓冲区溢出漏洞 | 2024-05-30 | 2024-06-18 |
| cnvd-2024-27549 | Adobe Substance 3D Painter越界写入漏洞(CNVD-2024-27549) | 2024-05-16 | 2024-06-18 |
| cnvd-2024-27548 | Adobe Aero内存错误引用漏洞 | 2024-05-16 | 2024-06-18 |
| cnvd-2024-27516 | Google Android信息泄露漏洞(CNVD-2024-27516) | 2024-05-11 | 2024-06-18 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2007-avi-179 | Vulnérabilité de Sun Java Web Console | 2007-04-18T00:00:00.000000 | 2007-04-18T00:00:00.000000 |
| certa-2007-avi-178 | Multiples vulnérabilités de produits Oracle | 2007-04-18T00:00:00.000000 | 2007-04-18T00:00:00.000000 |
| certa-2007-avi-172 | Vulnérabilités dans des produits sans-fil Cisco | 2007-04-13T00:00:00.000000 | 2007-04-17T00:00:00.000000 |
| certa-2007-avi-176 | Vulnérabilité dans LANDesk Management Suite | 2007-04-16T00:00:00.000000 | 2007-04-16T00:00:00.000000 |
| certa-2007-avi-175 | Multiples vulnérabilités dans Opera | 2007-04-16T00:00:00.000000 | 2007-04-16T00:00:00.000000 |
| certa-2007-avi-174 | Vulnérabilités dans ClamAV | 2007-04-13T00:00:00.000000 | 2007-04-13T00:00:00.000000 |
| certa-2007-avi-173 | Vulnérabilité dans FreeRADIUS | 2007-04-13T00:00:00.000000 | 2007-04-13T00:00:00.000000 |
| certa-2007-avi-171 | Vulnérabilités sur Dotclear | 2007-04-13T00:00:00.000000 | 2007-04-13T00:00:00.000000 |
| certa-2007-avi-170 | Vulnérabilité dans Adobe ColdFusion MX 7 | 2007-04-11T00:00:00.000000 | 2007-04-11T00:00:00.000000 |
| certa-2007-avi-169 | Vulnérabilité dans le noyau de Microsoft Windows | 2007-04-11T00:00:00.000000 | 2007-04-11T00:00:00.000000 |
| certa-2007-avi-168 | Multiples vulnérabilités de CSRSS dans Microsoft Windows | 2007-04-11T00:00:00.000000 | 2007-04-11T00:00:00.000000 |
| certa-2007-avi-167 | Vulnérabilité de Microsoft Agent dans Windows | 2007-04-11T00:00:00.000000 | 2007-04-11T00:00:00.000000 |
| certa-2007-avi-166 | Vulnérabilité dans le service UPnP de Microsoft Windows | 2007-04-11T00:00:00.000000 | 2007-04-11T00:00:00.000000 |
| certa-2007-avi-164 | Multiples vulnérabilités dans SAP RFC Library | 2007-04-10T00:00:00.000000 | 2007-04-10T00:00:00.000000 |
| certa-2007-avi-163 | Vulnérabilité dans Symantec Enterprise Security Manager | 2007-04-10T00:00:00.000000 | 2007-04-10T00:00:00.000000 |
| certa-2007-avi-068 | Multiples vulnérabilités de Samba | 2007-02-06T00:00:00.000000 | 2007-04-10T00:00:00.000000 |
| certa-2007-avi-162 | Vulnérabilité dans IBM Tivoli Business Service Manager | 2007-04-05T00:00:00.000000 | 2007-04-05T00:00:00.000000 |
| certa-2007-avi-161 | Vulnérabilité des produits Kaspersky | 2007-04-05T00:00:00.000000 | 2007-04-05T00:00:00.000000 |
| certa-2007-avi-160 | Multiples vulnérabilités dans Wordpress | 2007-04-05T00:00:00.000000 | 2007-04-05T00:00:00.000000 |
| certa-2007-avi-157 | Vulnérabilité dans Apache Tomcat | 2007-04-04T00:00:00.000000 | 2007-04-04T00:00:00.000000 |
| certa-2007-avi-156 | Multiples vulnérabilités dans des composants graphiques de Microsoft Windows | 2007-04-03T00:00:00.000000 | 2007-04-03T00:00:00.000000 |
| certa-2007-avi-155 | Vulnérabilités dans Sun Solaris et Sun Java Enterprise System | 2007-04-03T00:00:00.000000 | 2007-04-03T00:00:00.000000 |
| certa-2007-avi-154 | Multiples vulnérabilités de VMware ESX Server | 2007-04-03T00:00:00.000000 | 2007-04-03T00:00:00.000000 |
| certa-2007-avi-153 | Multiples vulnérabilités dans IBM Tivoli Provisioning Manager for OS Deployment | 2007-04-03T00:00:00.000000 | 2007-04-03T00:00:00.000000 |
| certa-2007-avi-152 | Multiples vulnérabilités dans ImageMagick | 2007-04-03T00:00:00.000000 | 2007-04-03T00:00:00.000000 |
| certa-2007-avi-136 | Multiples vulnérabilités dans OpenOffice.org | 2007-03-21T00:00:00.000000 | 2007-04-02T00:00:00.000000 |
| certa-2007-avi-150 | Vulnérabilités dans Cisco Unified CallManager et Presence Server | 2007-03-29T00:00:00.000000 | 2007-03-29T00:00:00.000000 |
| certa-2007-avi-149 | Vulnérabilité de LDAP Account Manager | 2007-03-29T00:00:00.000000 | 2007-03-29T00:00:00.000000 |
| certa-2007-avi-148 | Multiples vulnérabilités dans IBM Lotus Domino | 2007-03-28T00:00:00.000000 | 2007-03-28T00:00:00.000000 |
| certa-2007-avi-147 | Vulnérabilité dans ulogd | 2007-03-28T00:00:00.000000 | 2007-03-28T00:00:00.000000 |