Recent vulnerabilities
Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-35402 |
2.3 (4.0)
|
mcp-neo4j-cypher: SSRF and Data Modification via read_… |
neo4j-contrib |
mcp-neo4j |
2026-04-17T20:34:06.510Z | 2026-04-20T15:51:06.164Z |
| CVE-2026-33436 |
3.1 (3.1)
|
Stirling-PDF: Reflected XSS through crafted filename i… |
Stirling-Tools |
Stirling-PDF |
2026-04-17T20:29:43.262Z | 2026-04-20T16:20:16.137Z |
| CVE-2026-40286 |
7.5 (3.1)
|
WeGIA has Cross-Site Scripting in Controle de Contribuição |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:27:59.131Z | 2026-04-20T15:49:44.569Z |
| CVE-2026-23500 |
9.4 (4.0)
|
Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_P… |
Dolibarr |
dolibarr |
2026-04-17T20:25:49.843Z | 2026-04-18T03:06:20.406Z |
| CVE-2026-40285 |
8.8 (3.1)
|
WeGIA has SQL Injection via Session Variable Override … |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:25:33.185Z | 2026-04-20T16:21:07.084Z |
| CVE-2026-40527 |
8.5 (4.0)
7.8 (3.1)
|
radare2 Command Injection via DWARF Parameter Names |
radareorg |
radare2 |
2026-04-17T20:25:20.143Z | 2026-04-20T14:20:04.639Z |
| CVE-2026-40284 |
6.8 (3.1)
|
WeGIA has stored XSS in listar_despachos.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:24:10.282Z | 2026-04-20T16:26:32.113Z |
| CVE-2026-35512 |
8.7 (4.0)
|
xrdp: Heap buffer overflow in EGFX channel |
neutrinolabs |
xrdp |
2026-04-17T20:21:59.868Z | 2026-04-22T03:55:37.686Z |
| CVE-2026-40282 |
6.4 (4.0)
|
WeGIA has stored XSS in intercorrencia_visualizar.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:16:46.878Z | 2026-04-20T14:57:55.798Z |
| CVE-2026-33689 |
8.7 (4.0)
|
xrdp: Pre-authentication out-of-bounds reads in channe… |
neutrinolabs |
xrdp |
2026-04-17T20:16:31.248Z | 2026-04-20T16:21:39.933Z |
| CVE-2026-33145 |
6.3 (3.1)
|
xrdp: Authenticated RCE via unsanitized AlternateShell… |
neutrinolabs |
xrdp |
2026-04-17T20:14:14.048Z | 2026-04-22T13:57:26.244Z |
| CVE-2026-40283 |
6.8 (3.1)
|
WeGIA has stored XSS in profile_paciente.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:03:14.016Z | 2026-04-20T14:58:05.365Z |
| CVE-2026-32624 |
6.3 (4.0)
|
xrdp: Heap buffer overflow in xrdp_sec_process_logon_i… |
neutrinolabs |
xrdp |
2026-04-17T19:58:08.687Z | 2026-04-20T16:22:13.525Z |
| CVE-2026-33516 |
7.7 (4.0)
|
xrdp: Pre-authentication out-of-bounds reads in RDP ca… |
neutrinolabs |
xrdp |
2026-04-17T19:56:11.990Z | 2026-04-20T15:43:53.801Z |
| CVE-2026-32650 |
7.5 (3.1)
|
Anviz CrossChex Standard Algorithm Downgrade |
Anviz |
Anviz CrossChex Standard |
2026-04-17T19:52:45.308Z | 2026-04-17T20:26:17.922Z |
| CVE-2026-40434 |
8.1 (3.1)
|
Anviz CrossChex Standard Improper Verification of Sour… |
Anviz |
Anviz CrossChex Standard |
2026-04-17T19:49:28.099Z | 2026-04-17T20:28:02.785Z |
| CVE-2026-35682 |
8.8 (3.1)
|
Anviz CX2 Lite Command Injection |
Anviz |
Anviz CX2 Lite Firmware |
2026-04-17T19:46:26.716Z | 2026-04-17T20:30:18.510Z |
| CVE-2026-32623 |
7.7 (4.0)
|
xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly |
neutrinolabs |
xrdp |
2026-04-17T19:43:58.682Z | 2026-04-22T03:55:35.336Z |
| CVE-2026-40066 |
8.8 (3.1)
|
Anviz Products Download of Code Without Integrity Check |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:43:20.709Z | 2026-04-17T20:00:36.786Z |
| CVE-2026-35546 |
9.8 (3.1)
|
Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:39:25.110Z | 2026-04-17T20:05:28.411Z |
| CVE-2026-40461 |
7.5 (3.1)
|
Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:36:29.842Z | 2026-04-17T20:03:18.872Z |
| CVE-2026-32648 |
5.3 (3.1)
|
Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:34:21.522Z | 2026-04-17T20:09:05.861Z |
| CVE-2026-33569 |
6.5 (3.1)
|
Anviz Products Cleartext Transmission of Sensitive Inf… |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:30:46.066Z | 2026-04-17T20:32:48.104Z |
| CVE-2026-32105 |
9.3 (4.0)
|
xrdp: RDP MAC signature (dataSignature) never verified… |
neutrinolabs |
xrdp |
2026-04-17T19:27:39.809Z | 2026-04-20T16:22:50.262Z |
| CVE-2026-32107 |
8.8 (3.1)
|
xrdp: Fail-open privilege drop in sesexec — child proc… |
neutrinolabs |
xrdp |
2026-04-17T19:25:20.274Z | 2026-04-22T03:55:34.190Z |
| CVE-2026-31927 |
4.9 (3.1)
|
Anviz CX7 Firmware Relative Path Traversal |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:24:53.893Z | 2026-04-17T20:34:41.679Z |
| CVE-2026-40342 |
10 (3.1)
|
Firebird: Path Traversal + Arbitrary File Write Leads … |
FirebirdSQL |
firebird |
2026-04-17T19:22:46.644Z | 2026-04-22T13:56:49.927Z |
| CVE-2026-32324 |
7.7 (3.1)
|
Anviz CX7 Firmware Use of Hard-coded Cryptographic Key |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:22:12.097Z | 2026-04-17T20:10:48.189Z |
| CVE-2026-35061 |
5.3 (3.1)
|
Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:19:25.884Z | 2026-04-17T20:07:00.826Z |
| CVE-2026-33093 |
5.3 (3.1)
|
Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:17:15.274Z | 2026-04-17T19:54:36.104Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-40305 |
4.3 (3.1)
|
DNN has Force Friend Request Acceptance |
dnnsoftware |
Dnn.Platform |
2026-04-17T21:06:09.237Z | 2026-04-20T13:36:06.644Z |
| CVE-2026-40304 |
5.3 (3.1)
|
zrok's broken ownership check in DELETE /api/v2/unacce… |
openziti |
zrok |
2026-04-17T21:04:23.648Z | 2026-04-20T14:57:24.486Z |
| CVE-2026-40258 |
9.1 (3.1)
|
Gramps Web API has Zip Slip Path Traversal in Media Ar… |
gramps-project |
gramps-web-api |
2026-04-17T21:12:54.226Z | 2026-04-20T15:48:41.690Z |
| CVE-2026-29013 |
8.8 (4.0)
|
libcoap Out-of-Bounds Read in OSCORE CBOR Unwrap Handling |
libcoap |
libcoap |
2026-04-17T21:11:38.137Z | 2026-04-20T16:46:56.223Z |
| CVE-2026-40527 |
8.5 (4.0)
7.8 (3.1)
|
radare2 Command Injection via DWARF Parameter Names |
radareorg |
radare2 |
2026-04-17T20:25:20.143Z | 2026-04-20T14:20:04.639Z |
| CVE-2026-40303 |
7.5 (3.1)
|
zrok allows unauthenticated DoS via unbounded memory a… |
openziti |
zrok |
2026-04-17T21:01:51.899Z | 2026-04-20T16:19:07.291Z |
| CVE-2026-40302 |
6.1 (3.1)
|
zrok has reflected XSS in GitHub OAuth callback via un… |
openziti |
zrok |
2026-04-17T20:56:08.368Z | 2026-04-18T03:07:10.092Z |
| CVE-2026-40301 |
4.7 (3.1)
|
rhukster/dom-sanitizer: SVG <style> tag allows CSS inj… |
rhukster |
dom-sanitizer |
2026-04-17T20:51:37.226Z | 2026-04-20T14:57:39.192Z |
| CVE-2026-40299 |
6.9 (4.0)
|
next-intl has an open redirect vulnerability |
amannn |
next-intl |
2026-04-17T20:49:05.642Z | 2026-04-20T15:58:51.149Z |
| CVE-2026-40293 |
6.5 (3.1)
|
OpenFGA Playground Preshared Key Exposure |
openfga |
openfga |
2026-04-17T20:47:06.804Z | 2026-04-20T16:19:40.914Z |
| CVE-2026-40286 |
7.5 (3.1)
|
WeGIA has Cross-Site Scripting in Controle de Contribuição |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:27:59.131Z | 2026-04-20T15:49:44.569Z |
| CVE-2026-40285 |
8.8 (3.1)
|
WeGIA has SQL Injection via Session Variable Override … |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:25:33.185Z | 2026-04-20T16:21:07.084Z |
| CVE-2026-40284 |
6.8 (3.1)
|
WeGIA has stored XSS in listar_despachos.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:24:10.282Z | 2026-04-20T16:26:32.113Z |
| CVE-2026-40282 |
6.4 (4.0)
|
WeGIA has stored XSS in intercorrencia_visualizar.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:16:46.878Z | 2026-04-20T14:57:55.798Z |
| CVE-2026-40196 |
8.1 (3.1)
|
HomeBox has Unauthorized API Access via Retained defau… |
sysadminsmedia |
homebox |
2026-04-17T21:01:18.530Z | 2026-04-20T13:36:06.776Z |
| CVE-2026-40155 |
5.4 (3.1)
|
Auth0 Next.js SDK has Improper Proxy Cache Lookup |
auth0 |
nextjs-auth0 |
2026-04-17T20:54:38.958Z | 2026-04-20T14:57:32.023Z |
| CVE-2026-35603 |
5.4 (4.0)
|
Claude Code: Insecure System-Wide Configuration Loadin… |
anthropics |
claude-code |
2026-04-17T20:38:49.901Z | 2026-04-20T14:57:47.669Z |
| CVE-2026-35512 |
8.7 (4.0)
|
xrdp: Heap buffer overflow in EGFX channel |
neutrinolabs |
xrdp |
2026-04-17T20:21:59.868Z | 2026-04-22T03:55:37.686Z |
| CVE-2026-35402 |
2.3 (4.0)
|
mcp-neo4j-cypher: SSRF and Data Modification via read_… |
neo4j-contrib |
mcp-neo4j |
2026-04-17T20:34:06.510Z | 2026-04-20T15:51:06.164Z |
| CVE-2026-33689 |
8.7 (4.0)
|
xrdp: Pre-authentication out-of-bounds reads in channe… |
neutrinolabs |
xrdp |
2026-04-17T20:16:31.248Z | 2026-04-20T16:21:39.933Z |
| CVE-2026-33436 |
3.1 (3.1)
|
Stirling-PDF: Reflected XSS through crafted filename i… |
Stirling-Tools |
Stirling-PDF |
2026-04-17T20:29:43.262Z | 2026-04-20T16:20:16.137Z |
| CVE-2026-33145 |
6.3 (3.1)
|
xrdp: Authenticated RCE via unsanitized AlternateShell… |
neutrinolabs |
xrdp |
2026-04-17T20:14:14.048Z | 2026-04-22T13:57:26.244Z |
| CVE-2026-23500 |
9.4 (4.0)
|
Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_P… |
Dolibarr |
dolibarr |
2026-04-17T20:25:49.843Z | 2026-04-18T03:06:20.406Z |
| CVE-2026-40461 |
7.5 (3.1)
|
Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:36:29.842Z | 2026-04-17T20:03:18.872Z |
| CVE-2026-40434 |
8.1 (3.1)
|
Anviz CrossChex Standard Improper Verification of Sour… |
Anviz |
Anviz CrossChex Standard |
2026-04-17T19:49:28.099Z | 2026-04-17T20:28:02.785Z |
| CVE-2026-40342 |
10 (3.1)
|
Firebird: Path Traversal + Arbitrary File Write Leads … |
FirebirdSQL |
firebird |
2026-04-17T19:22:46.644Z | 2026-04-22T13:56:49.927Z |
| CVE-2026-40283 |
6.8 (3.1)
|
WeGIA has stored XSS in profile_paciente.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:03:14.016Z | 2026-04-20T14:58:05.365Z |
| CVE-2026-40066 |
8.8 (3.1)
|
Anviz Products Download of Code Without Integrity Check |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:43:20.709Z | 2026-04-17T20:00:36.786Z |
| CVE-2026-35682 |
8.8 (3.1)
|
Anviz CX2 Lite Command Injection |
Anviz |
Anviz CX2 Lite Firmware |
2026-04-17T19:46:26.716Z | 2026-04-17T20:30:18.510Z |
| CVE-2026-35546 |
9.8 (3.1)
|
Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:39:25.110Z | 2026-04-17T20:05:28.411Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-ffw8-fwxp-h64w |
7.1 (3.1)
|
WWBN AVideo has Multiple CSRF Vulnerabilities in Admin JSON Endpoints (Category CRUD, Plugin Update… | 2026-04-14T23:12:39Z | 2026-04-14T23:12:39Z |
| ghsa-vvfw-4m39-fjqf |
8.3 (3.1)
|
WWBN AVideo has CSRF in configurationUpdate.json.php Enables Full Site Configuration Takeover Inclu… | 2026-04-14T23:12:30Z | 2026-04-14T23:12:30Z |
| ghsa-8q5w-mmxf-48jg |
5.3 (4.0)
|
SiYuan has incomplete fix for CVE-2026-33066: XSS | 2026-04-14T23:12:18Z | 2026-04-14T23:12:19Z |
| ghsa-7qx6-f23w-3w7f |
0.0 (3.1)
|
Unauthenticated Open Redirect, Arbitrary HTTP Response Header Injection, Missing CSRF, and Invisibl… | 2026-04-14T22:53:33Z | 2026-04-14T22:53:34Z |
| ghsa-gph2-j4c9-vhhr |
10.0 (3.1)
|
WWBN AVideo YPTSocket WebSocket Broadcast Relay Leads to Unauthenticated Cross-User JavaScript Exec… | 2026-04-14T22:50:05Z | 2026-04-14T22:50:05Z |
| ghsa-6rc6-p838-686f |
8.7 (3.1)
|
WWBN AVideo has a Path Traversal in Locale Save Endpoint Enables Arbitrary PHP File Write to Any We… | 2026-04-14T22:49:48Z | 2026-04-14T22:49:48Z |
| ghsa-52hf-63q4-r926 |
5.3 (3.1)
|
WWBN AVideo has an Unauthenticated Information Disclosure via git.json.php Exposes Developer Emails… | 2026-04-14T22:49:25Z | 2026-04-14T22:49:25Z |
| ghsa-gpgp-w4x2-h3h7 |
6.5 (3.1)
|
WWBN AVideo has an IDOR in Live Restreams list.json.php Exposes Other Users' Stream Keys and OAuth Tokens | 2026-04-14T22:49:05Z | 2026-04-14T22:49:05Z |
| ghsa-77fj-vx54-gvh7 |
7.5 (3.1)
|
Go Markdown has an Out-of-bounds Read in SmartypantsRenderer | 2026-04-14T22:38:20Z | 2026-04-15T21:18:37Z |
| ghsa-9pp3-53p2-ww9v |
9.1 (3.1)
|
@vendure/core has a SQL Injection vulnerability | 2026-04-14T22:38:01Z | 2026-04-15T21:18:33Z |
| ghsa-rggm-jjmc-3394 |
8.5 (3.1)
|
Kyverno has SSRF via CEL http.Get/http.Post in NamespacedValidatingPolicy allows cross-namespace da… | 2026-04-14T22:37:20Z | 2026-04-14T22:37:20Z |
| ghsa-mrqg-xmgm-rc5g |
6.9 (4.0)
|
XWiki's REST APIs can list all pages/spaces, leading to unavailability | 2026-04-14T22:34:04Z | 2026-04-14T22:34:04Z |
| ghsa-w4fj-87j5-f25c |
6.5 (4.0)
|
XWiki has Reflected Cross-Site Scripting (XSS) in page history compare | 2026-04-14T22:33:56Z | 2026-04-14T22:33:56Z |
| ghsa-jf4f-rr2c-9m58 |
6.0 (3.1)
|
SpiceDB's SPICEDB_DATASTORE_CONN_URI is leaked on startup logs | 2026-04-14T22:33:06Z | 2026-04-14T22:33:06Z |
| ghsa-pj97-4p9w-gx3q |
7.1 (3.1)
|
Zarf has a Path Traversal via Malicious Package Metadata.Name — Arbitrary File Write | 2026-04-14T22:32:53Z | 2026-04-14T22:32:53Z |
| ghsa-458g-q4fh-mj6r |
7.2 (3.1)
|
Serendipity has a Host Header Injection allows SMTP header injection via unvalidated HTTP_HOST in M… | 2026-04-14T22:32:38Z | 2026-04-14T22:32:38Z |
| ghsa-4m6c-649p-f6gf |
6.9 (3.1)
|
Serendipity has a Host Header Injection allows authentication cookie scoping to attacker-controlled… | 2026-04-14T22:32:29Z | 2026-04-15T21:14:19Z |
| ghsa-4xqg-gf5c-ghwq |
8.3 (3.1)
|
MCP Server Kubernetes has an Argument Injection in port_forward tool via space-splitting | 2026-04-14T22:32:15Z | 2026-04-15T21:17:47Z |
| ghsa-7mqr-33rv-p3mp |
9.9 (3.1)
|
Expression Injection in OpenRemote | 2026-04-14T22:31:36Z | 2026-04-14T22:31:36Z |
| ghsa-5hvv-m4w4-gf6v |
9.1 (3.1)
|
OAuth2 Proxy's Health Check User-Agent Matching Bypasses Authentication in auth_request Mode | 2026-04-14T22:31:19Z | 2026-04-15T21:06:37Z |
| ghsa-f24x-5g9q-753f |
3.5 (3.1)
|
OAuth2 Proxy's session cookies are not cleared when rendering sign-in page | 2026-04-14T22:31:03Z | 2026-04-15T21:06:34Z |
| ghsa-hc8w-h2mf-hp59 |
4.0 (4.0)
|
PowerShell Command Injection in Podman HyperV Machine | 2026-04-14T22:30:24Z | 2026-04-15T21:06:29Z |
| ghsa-gcqv-f29m-67gr |
5.3 (4.0)
|
October Rain has Stored XSS via SVG Filter Bypass | 2026-04-14T22:29:50Z | 2026-04-14T22:29:50Z |
| ghsa-g6v3-wv4j-x9hg |
4.9 (3.1)
|
October Rain has Environment Variable Exfiltration via INI Parser Interpolation | 2026-04-14T22:29:41Z | 2026-04-14T22:29:41Z |
| ghsa-7h3j-592v-jcrp |
7.7 (4.0)
|
goshs's public collaborator feed leaks .goshs ACL credentials and enables unauthorized access | 2026-04-14T22:28:54Z | 2026-04-15T21:18:16Z |
| ghsa-jrq5-hg6x-j6g3 |
6.1 (4.0)
|
goshs has CSRF in state-changing GET routes enables authenticated file deletion and directory creation | 2026-04-14T22:28:44Z | 2026-04-15T21:17:55Z |
| ghsa-c29w-qq4m-2gcv |
9.8 (3.1)
|
goshs has an empty-username SFTP password authentication bypass | 2026-04-14T22:28:30Z | 2026-04-15T21:18:12Z |
| ghsa-5h6h-7rc9-3824 |
8.7 (4.0)
|
SFTP root escape via prefix-based path validation in goshs | 2026-04-14T22:28:17Z | 2026-04-15T21:14:50Z |
| ghsa-w5xj-99cg-rccm |
7.5 (3.1)
|
Decidim amendments can be accepted or rejected by anyone | 2026-04-14T22:22:58Z | 2026-04-15T21:14:42Z |
| ghsa-9fhw-q4vh-f5xw |
7.8 (3.1)
|
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when p… | 2026-04-14T21:31:49Z | 2026-04-14T21:31:49Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2021-472 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:50.195889Z |
| pysec-2021-471 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:50.046503Z |
| pysec-2021-470 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:49.894355Z |
| pysec-2021-469 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:49.747683Z |
| pysec-2021-468 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:49.596439Z |
| pysec-2021-467 |
|
TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_op… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:49.452107Z |
| pysec-2021-466 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:49.257791Z |
| pysec-2021-465 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:49.104886Z |
| pysec-2021-464 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:48.953620Z |
| pysec-2021-463 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:48.800365Z |
| pysec-2021-462 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:48.648836Z |
| pysec-2021-461 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:48.500169Z |
| pysec-2021-460 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can fo… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:48.349137Z |
| pysec-2021-459 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:48.199089Z |
| pysec-2021-458 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:48.047849Z |
| pysec-2021-457 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:47.879310Z |
| pysec-2021-456 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:47.721328Z |
| pysec-2021-455 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:47.577181Z |
| pysec-2021-454 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:47.426864Z |
| pysec-2021-453 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:47.241877Z |
| pysec-2021-452 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:47.095784Z |
| pysec-2021-451 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:46.920888Z |
| pysec-2021-450 |
|
TensorFlow is an end-to-end open source platform for machine learning. The `tf.raw_ops.Co… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:46.764419Z |
| pysec-2021-449 |
|
TensorFlow is an end-to-end open source platform for machine learning. Specifying a negat… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:46.609278Z |
| pysec-2021-448 |
|
TensorFlow is an end-to-end open source platform for machine learning. Missing validation… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:46.522398Z |
| pysec-2021-447 |
|
TensorFlow is an end-to-end open source platform for machine learning. The API of `tf.raw… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:46.373650Z |
| pysec-2021-446 |
|
TensorFlow is an end-to-end open source platform for machine learning. In eager mode (def… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:46.214930Z |
| pysec-2021-445 |
|
TensorFlow is an end-to-end open source platform for machine learning. A malicious user c… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:46.030158Z |
| pysec-2021-444 |
|
TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_op… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:45.869282Z |
| pysec-2021-443 |
|
TensorFlow is an end-to-end open source platform for machine learning. The implementation… | tensorflow-cpu | 2021-05-14T20:15:00Z | 2021-12-09T06:34:45.694528Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-1325 | Malicious code in synapseml-utils (PyPI) | 2026-03-10T17:57:54Z | 2026-03-10T17:57:54Z |
| mal-2026-1324 | Malicious code in test-logsmodule-v-zisko (npm) | 2026-03-10T17:00:26Z | 2026-03-23T05:16:31Z |
| mal-2026-1323 | Malicious code in bluelite-bot-manager (npm) | 2026-03-10T17:00:26Z | 2026-03-23T05:16:25Z |
| mal-2026-1322 | Malicious code in rtxnode-sass22 (npm) | 2026-03-10T12:00:23Z | 2026-03-23T05:16:30Z |
| mal-2026-1321 | Malicious code in @openclaw-ai/openclawai (npm) | 2026-03-10T09:32:02Z | 2026-03-23T05:16:24Z |
| mal-2026-1318 | Malicious code in @web-monorepo/fetchers (npm) | 2026-03-10T08:31:27Z | 2026-03-23T05:16:25Z |
| mal-2026-1317 | Malicious code in @augmentor/experiences (npm) | 2026-03-10T08:29:47Z | 2026-03-23T05:16:24Z |
| mal-2026-1319 | Malicious code in alinet-w (npm) | 2026-03-10T08:29:15Z | 2026-03-23T05:16:25Z |
| mal-2026-1320 | Malicious code in chain-promised-await (npm) | 2026-03-10T08:24:44Z | 2026-04-24T05:18:59Z |
| mal-2026-1315 | Malicious code in iron-signals (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:28Z |
| mal-2026-1314 | Malicious code in iron-selector (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:28Z |
| mal-2026-1313 | Malicious code in iron-pages (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:28Z |
| mal-2026-1312 | Malicious code in iron-overlay-behavior (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:28Z |
| mal-2026-1311 | Malicious code in iron-menu-behavior (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:28Z |
| mal-2026-1309 | Malicious code in iron-localstorage (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:28Z |
| mal-2026-1307 | Malicious code in iron-fit-behavior (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:28Z |
| mal-2026-1306 | Malicious code in falcologgerinternalstate (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:27Z |
| mal-2026-1305 | Malicious code in collab-library (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:26Z |
| mal-2026-1304 | Malicious code in amt-package-united-icons (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:25Z |
| mal-2026-1303 | Malicious code in @rothaus/falcologgerinternalstate (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:24Z |
| mal-2026-1302 | Malicious code in @platform-growth/guidance-channel-provider (npm) | 2026-03-10T01:04:15Z | 2026-04-01T12:28:00Z |
| mal-2026-1301 | Malicious code in @mmm-otrade/transaction-adapter (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:24Z |
| mal-2026-1300 | Malicious code in @mmm-otrade/transaction (npm) | 2026-03-10T01:04:15Z | 2026-03-23T05:16:24Z |
| mal-2026-1316 | Malicious code in xc-input-toggle (npm) | 2026-03-10T01:04:14Z | 2026-03-23T05:16:32Z |
| mal-2026-1310 | Malicious code in iron-media-query (npm) | 2026-03-10T01:04:14Z | 2026-03-23T05:16:28Z |
| mal-2026-1308 | Malicious code in iron-image (npm) | 2026-03-10T01:04:14Z | 2026-03-23T05:16:28Z |
| mal-2026-1299 | Malicious code in monoping (npm) | 2026-03-10T00:29:16Z | 2026-03-23T05:16:29Z |
| mal-2026-1298 | Malicious code in jsonify-core (npm) | 2026-03-09T22:44:51Z | 2026-04-01T12:28:02Z |
| mal-2026-1297 | Malicious code in json-merge-tool (npm) | 2026-03-09T22:44:51Z | 2026-04-01T12:28:02Z |
| mal-2026-1453 | Malicious code in hxq-misc-utils-0379 (PyPI) | 2026-03-09T20:03:54Z | 2026-03-09T20:03:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-1494 | Ivanti Endpoint Manager Mobile: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-07-08T22:00:00.000+00:00 | 2025-07-08T22:00:00.000+00:00 |
| wid-sec-w-2025-1493 | Microsoft SQL Server: Mehrere Schwachstellen | 2025-07-08T22:00:00.000+00:00 | 2025-07-13T22:00:00.000+00:00 |
| wid-sec-w-2025-1492 | Microsoft Azure Service Fabric und Monitor Agent: Mehrere Schwachstellen | 2025-07-08T22:00:00.000+00:00 | 2025-07-13T22:00:00.000+00:00 |
| wid-sec-w-2025-1491 | Microsoft Office: Mehrere Schwachstellen | 2025-07-08T22:00:00.000+00:00 | 2025-07-22T22:00:00.000+00:00 |
| wid-sec-w-2025-1490 | Fortinet FortiOS: Schwachstelle ermöglicht Codeausführung | 2025-07-08T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2025-1489 | Fortinet FortiWeb: Schwachstelle ermöglicht SQL Injection | 2025-07-08T22:00:00.000+00:00 | 2025-07-20T22:00:00.000+00:00 |
| wid-sec-w-2025-1488 | Fortinet FortiVoice: Schwachstelle ermöglicht Codeausführung | 2025-07-08T22:00:00.000+00:00 | 2025-10-14T22:00:00.000+00:00 |
| wid-sec-w-2025-1487 | Fortinet FortiSandbox: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-07-08T22:00:00.000+00:00 | 2025-07-17T22:00:00.000+00:00 |
| wid-sec-w-2025-1486 | Fortinet FortiOS / FortiProxy: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen | 2025-07-08T22:00:00.000+00:00 | 2025-07-08T22:00:00.000+00:00 |
| wid-sec-w-2025-1485 | Microsoft Developer Tools und git: Mehrere Schwachstellen | 2025-07-08T22:00:00.000+00:00 | 2025-10-26T23:00:00.000+00:00 |
| wid-sec-w-2025-1484 | Fortinet FortiAnalyzer / FortiManager: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-07-08T22:00:00.000+00:00 | 2025-07-08T22:00:00.000+00:00 |
| wid-sec-w-2025-1483 | Microsoft Apps (PC Manager): Schwachstelle ermöglicht Erlangen von Administratorrechten | 2025-07-08T22:00:00.000+00:00 | 2025-07-08T22:00:00.000+00:00 |
| wid-sec-w-2025-1482 | MongoDB: Mehrere Schwachstellen | 2025-07-07T22:00:00.000+00:00 | 2025-07-07T22:00:00.000+00:00 |
| wid-sec-w-2025-1481 | Linux Kernel: Mehrere Schwachstellen | 2025-07-07T22:00:00.000+00:00 | 2026-03-04T23:00:00.000+00:00 |
| wid-sec-w-2025-1480 | Red Hat Enterprise Linux (jq): Mehrere Schwachstellen ermöglichen Denial of Service | 2025-07-07T22:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-1479 | SAP Patchday Juli 2025: Mehrere Schwachstellen | 2025-07-07T22:00:00.000+00:00 | 2025-07-07T22:00:00.000+00:00 |
| wid-sec-w-2025-1478 | Siemens SIPROTEC: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-07-07T22:00:00.000+00:00 | 2025-07-07T22:00:00.000+00:00 |
| wid-sec-w-2025-1477 | Siemens TIA Portal: Schwachstelle ermöglicht Denial of Service | 2025-07-07T22:00:00.000+00:00 | 2025-07-07T22:00:00.000+00:00 |
| wid-sec-w-2025-1476 | Samsung Android: Mehrere Schwachstellen | 2025-07-07T22:00:00.000+00:00 | 2025-09-04T22:00:00.000+00:00 |
| wid-sec-w-2025-1475 | Dell Client-Plattform (Qualcomm Wi-Fi- und Bluetooth-Driver): Mehrere Schwachstellen ermöglichen Denial of Service | 2025-07-07T22:00:00.000+00:00 | 2025-07-07T22:00:00.000+00:00 |
| wid-sec-w-2025-1474 | IBM SAN Volume Controller: Schwachstelle ermöglicht Privilegieneskalation | 2025-07-07T22:00:00.000+00:00 | 2025-07-07T22:00:00.000+00:00 |
| wid-sec-w-2025-1473 | Splunk Enterprise und Cloud-Plattform: Mehrere Schwachstellen | 2025-07-07T22:00:00.000+00:00 | 2025-09-30T22:00:00.000+00:00 |
| wid-sec-w-2025-1472 | Ruby: Schwachstelle ermöglicht Denial of Service | 2025-07-07T22:00:00.000+00:00 | 2026-01-04T23:00:00.000+00:00 |
| wid-sec-w-2025-1471 | IBM Integration Bus: Schwachstelle ermöglicht Privilegieneskalation | 2025-07-07T22:00:00.000+00:00 | 2025-07-07T22:00:00.000+00:00 |
| wid-sec-w-2025-1470 | Python (CPython): Schwachstelle ermöglicht Denial of Service | 2025-07-07T22:00:00.000+00:00 | 2026-01-08T23:00:00.000+00:00 |
| wid-sec-w-2025-1469 | Dell BIOS: Schwachstelle ermöglicht Codeausführung | 2025-07-07T22:00:00.000+00:00 | 2025-07-07T22:00:00.000+00:00 |
| wid-sec-w-2025-1468 | Apache Tomcat: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-07-07T22:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2025-1466 | Red Hat Enterprise Linux (socat): Schwachstelle ermöglicht Manipulation von Dateien | 2025-07-06T22:00:00.000+00:00 | 2025-08-06T22:00:00.000+00:00 |
| wid-sec-w-2025-1465 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-07-06T22:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2025-1464 | Samsung Exynos: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-07-06T22:00:00.000+00:00 | 2025-07-06T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-22-104-07 | Siemens Mendix | 2022-04-12T00:00:00.000000Z | 2022-07-12T00:00:00.000000Z |
| icsa-22-104-06 | Siemens PROFINET Stack Integrated on Interniche Stack | 2022-04-12T00:00:00.000000Z | 2025-01-14T00:00:00.000000Z |
| icsa-22-102-05 | Aethon TUG Home Base Server | 2022-04-12T00:00:00.000000Z | 2022-04-12T00:00:00.000000Z |
| icsa-22-102-04 | Mitsubishi Electric GT25-WLAN | 2022-04-12T00:00:00.000000Z | 2022-05-12T00:00:00.000000Z |
| icsa-22-102-03 | Inductive Automation Ignition | 2022-04-12T00:00:00.000000Z | 2022-04-12T00:00:00.000000Z |
| icsa-22-102-02 | Mitsubishi Electric MELSEC-Q Series C Controller Module | 2022-04-12T00:00:00.000000Z | 2022-04-12T00:00:00.000000Z |
| icsa-22-102-01 | Valmet DNA | 2022-04-12T00:00:00.000000Z | 2022-04-12T00:00:00.000000Z |
| icsa-22-097-02 | ABB SPIET800 and PNI800 | 2022-04-07T00:00:00.000000Z | 2022-04-07T00:00:00.000000Z |
| icsa-22-097-01 | Pepperl+Fuchs WirelessHART-Gateway | 2022-04-07T00:00:00.000000Z | 2022-04-07T00:00:00.000000Z |
| icsma-22-095-01 | LifePoint Informatics Patient Portal | 2022-04-05T00:00:00.000000Z | 2022-04-05T00:00:00.000000Z |
| icsa-22-095-02 | Johnson Controls Metasys | 2022-04-05T00:00:00.000000Z | 2022-04-05T00:00:00.000000Z |
| icsa-22-095-01 | Rockwell Automation ISaGRAF | 2022-04-05T00:00:00.000000Z | 2022-04-05T00:00:00.000000Z |
| icsa-22-090-07 | Rockwell Automation Studio 5000 Logix Designer | 2022-03-31T00:00:00.000000Z | 2022-03-31T00:00:00.000000Z |
| icsa-22-090-06 | General Electric Renewable Energy MDS Radios | 2022-03-31T00:00:00.000000Z | 2022-03-31T00:00:00.000000Z |
| icsa-22-090-05 | Rockwell Automation Logix Controllers | 2022-03-31T00:00:00.000000Z | 2022-03-31T00:00:00.000000Z |
| icsa-22-090-04 | Mitsubishi Electric FA Products | 2022-03-31T00:00:00.000000Z | 2022-05-31T00:00:00.000000Z |
| icsa-22-090-03 | Fuji Electric Alpha5 | 2022-03-31T00:00:00.000000Z | 2022-03-31T00:00:00.000000Z |
| icsa-22-090-02 | Hitachi Energy e-mesh EMS | 2022-03-31T00:00:00.000000Z | 2022-03-31T00:00:00.000000Z |
| icsa-22-090-01 | Schneider Electric SCADAPack Workbench | 2022-03-31T00:00:00.000000Z | 2022-03-31T00:00:00.000000Z |
| icsma-22-088-01 | Philips e-Alert | 2022-03-29T00:00:00.000000Z | 2022-03-29T00:00:00.000000Z |
| icsa-22-088-04 | Modbus Tools Modbus Slave | 2022-03-29T00:00:00.000000Z | 2022-03-29T00:00:00.000000Z |
| icsa-22-088-03 | Hitachi Energy LinkOne WebView | 2022-03-29T00:00:00.000000Z | 2022-03-29T00:00:00.000000Z |
| icsa-22-088-02 | Omron CX-Position | 2022-03-29T00:00:00.000000Z | 2022-03-29T00:00:00.000000Z |
| icsa-22-088-01 | Rockwell Automation ISaGRAF | 2022-03-29T00:00:00.000000Z | 2022-03-29T00:00:00.000000Z |
| icsa-22-083-02 | mySCADA myPRO | 2022-03-24T00:00:00.000000Z | 2022-03-24T00:00:00.000000Z |
| icsa-22-083-01 | Yokogawa CENTUM and Exaopc | 2022-03-24T00:00:00.000000Z | 2022-03-24T00:00:00.000000Z |
| icsa-22-081-01 | Delta Electronics DIAEnergie (Update C) | 2022-03-22T00:00:00.000000Z | 2022-04-28T00:00:00.000000Z |
| icsa-22-074-01 | ABB OPC Server for AC 800M | 2022-03-15T00:00:00.000000Z | 2022-03-15T00:00:00.000000Z |
| icsa-22-069-13 | Siemens Mendix | 2022-03-08T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-069-12 | Siemens RUGGEDCOM ROS | 2022-03-08T00:00:00.000000Z | 2025-08-12T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-20191016-spa-ui-disclosure | Cisco SPA100 Series Analog Telephone Adapters Web-Based Management Interface File Disclosure Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-spa-running-config | Cisco SPA100 Series Analog Telephone Adapters Running Configuration Information Disclosure Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-spa-reflected-xss | Cisco SPA100 Series Analog Telephone Adapters Reflected Cross-Site Scripting Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-spa-rce | Multiple Cisco Analog Telephone Adapters Remote Code Execution Vulnerabilities | 2019-10-16T16:00:00+00:00 | 2019-12-02T16:40:47+00:00 |
| cisco-sa-20191016-spa-dhcp-xss | Cisco SPA122 ATA with Router Devices DHCP Services Cross-Site Scripting Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-spa-credentials | Cisco SPA100 Series Analog Telephone Adapters Administrative Credentials Information Disclosure Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-sbss-xss | Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-sbss-csrf | Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery Vulnerability | 2019-10-16T16:00:00+00:00 | 2020-01-27T14:22:59+00:00 |
| cisco-sa-20191016-ise-xss | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-ise-stored-xss | Cisco Identity Services Engine Multiple Stored Cross-Site Scripting Vulnerabilities | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-ise-store-xss | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-ise-infodis | Cisco Identity Services Engine Information Disclosure Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-fpwr-xss | Cisco Firepower Management Center Software Stored Cross-Site Scripting Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-firepwr-xss | Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-firepwr-stored-xss | Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-11-05T17:11:11+00:00 |
| cisco-sa-20191016-airo-unauth-access | Cisco Aironet Access Points Unauthorized Access Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-airo-pptp-dos | Cisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-airo-dos | Cisco Aironet Access Points Bridge Protocol Data Unit Port Disable Denial of Service Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191016-airo-capwap-dos | Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability | 2019-10-16T16:00:00+00:00 | 2019-10-16T16:00:00+00:00 |
| cisco-sa-20191002-ucm-secbypass | Cisco Unified Communications Manager Security Bypass Vulnerability | 2019-10-02T16:00:00+00:00 | 2019-10-23T18:01:54+00:00 |
| cisco-sa-20191002-uccx-http | Cisco Unified Contact Center Express HTTP Response Splitting Vulnerability | 2019-10-02T16:00:00+00:00 | 2019-10-02T16:00:00+00:00 |
| cisco-sa-20191002-sm-java-deserial | Cisco Security Manager Java Deserialization Vulnerability | 2019-10-02T16:00:00+00:00 | 2019-10-02T16:00:00+00:00 |
| cisco-sa-20191002-pi-xss-12713 | Cisco Prime Infrastructure Cross-Site Scripting Vulnerability | 2019-10-02T16:00:00+00:00 | 2020-06-08T20:15:05+00:00 |
| cisco-sa-20191002-pi-xss-12712 | Cisco Prime Infrastructure Cross-Site Scripting Vulnerability | 2019-10-02T16:00:00+00:00 | 2019-10-02T16:00:00+00:00 |
| cisco-sa-20191002-ise-xss | Cisco Identity Services Engine Cross-Site Scripting Vulnerability | 2019-10-02T16:00:00+00:00 | 2019-11-13T00:06:43+00:00 |
| cisco-sa-20191002-ic3000-icg-dos | Cisco IC3000 Industrial Compute Gateway Denial of Service Vulnerability | 2019-10-02T16:00:00+00:00 | 2019-10-02T16:00:00+00:00 |
| cisco-sa-20191002-fxos-cmd-inject | Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities | 2019-10-02T16:00:00+00:00 | 2019-10-02T16:00:00+00:00 |
| cisco-sa-20191002-ftd-fpmc-dos | Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability | 2019-10-02T16:00:00+00:00 | 2019-10-09T14:08:32+00:00 |
| cisco-sa-20191002-ftd-container-esc | Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities | 2019-10-02T16:00:00+00:00 | 2019-10-02T16:00:00+00:00 |
| cisco-sa-20191002-ftd-cmdinj | Cisco Firepower Threat Defense Software Command Injection Vulnerability | 2019-10-02T16:00:00+00:00 | 2019-10-02T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-61661 | Grub2: grub2: out-of-bounds write via malicious usb device | 2025-11-02T00:00:00.000Z | 2026-01-08T14:40:36.000Z |
| msrc_cve-2025-60876 | BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20). | 2025-11-02T00:00:00.000Z | 2026-03-31T14:36:56.000Z |
| msrc_cve-2025-60753 | An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash). | 2025-11-02T00:00:00.000Z | 2026-02-18T03:06:43.000Z |
| msrc_cve-2025-59777 | NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition. | 2025-11-02T00:00:00.000Z | 2025-11-19T14:35:32.000Z |
| msrc_cve-2025-58436 | OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack | 2025-11-02T00:00:00.000Z | 2026-02-21T04:08:24.000Z |
| msrc_cve-2025-54771 | Grub2: use-after-free in grub_file_close() | 2025-11-02T00:00:00.000Z | 2025-11-21T01:03:19.000Z |
| msrc_cve-2025-54770 | Grub2: use-after-free in net_set_vlan | 2025-11-02T00:00:00.000Z | 2025-11-21T01:03:27.000Z |
| msrc_cve-2025-52881 | runc: LSM labels can be bypassed with malicious config using dummy procfs files | 2025-11-02T00:00:00.000Z | 2026-01-13T01:41:05.000Z |
| msrc_cve-2025-52565 | container escape due to /dev/console mount and related races | 2025-11-02T00:00:00.000Z | 2025-12-02T01:39:36.000Z |
| msrc_cve-2025-47913 | Potential denial of service in golang.org/x/crypto/ssh/agent | 2025-11-02T00:00:00.000Z | 2025-11-25T01:37:18.000Z |
| msrc_cve-2025-40211 | ACPI: video: Fix use-after-free in acpi_video_switch_brightness() | 2025-11-02T00:00:00.000Z | 2025-12-02T14:35:54.000Z |
| msrc_cve-2025-40210 | Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" | 2025-11-02T00:00:00.000Z | 2025-11-25T01:39:58.000Z |
| msrc_cve-2025-40207 | media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() | 2025-11-02T00:00:00.000Z | 2025-12-07T01:51:24.000Z |
| msrc_cve-2025-40206 | netfilter: nft_objref: validate objref and objrefmap expressions | 2025-11-02T00:00:00.000Z | 2025-12-07T01:52:17.000Z |
| msrc_cve-2025-40205 | btrfs: avoid potential out-of-bounds in btrfs_encode_fh() | 2025-11-02T00:00:00.000Z | 2025-12-07T01:52:11.000Z |
| msrc_cve-2025-40204 | sctp: Fix MAC comparison to be constant-time | 2025-11-02T00:00:00.000Z | 2025-12-07T01:35:42.000Z |
| msrc_cve-2025-40202 | ipmi: Rework user message limit handling | 2025-11-02T00:00:00.000Z | 2025-12-07T01:35:54.000Z |
| msrc_cve-2025-40201 | kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths | 2025-11-02T00:00:00.000Z | 2025-12-07T01:51:54.000Z |
| msrc_cve-2025-40200 | Squashfs: reject negative file sizes in squashfs_read_inode() | 2025-11-02T00:00:00.000Z | 2025-12-07T01:51:30.000Z |
| msrc_cve-2025-40198 | ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() | 2025-11-02T00:00:00.000Z | 2025-12-07T01:51:18.000Z |
| msrc_cve-2025-40197 | media: mc: Clear minor number before put device | 2025-11-02T00:00:00.000Z | 2025-12-07T01:52:22.000Z |
| msrc_cve-2025-40195 | mount: handle NULL values in mnt_ns_release() | 2025-11-02T00:00:00.000Z | 2025-12-07T01:51:37.000Z |
| msrc_cve-2025-40194 | cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() | 2025-11-02T00:00:00.000Z | 2025-12-07T01:52:05.000Z |
| msrc_cve-2025-40193 | xtensa: simdisk: add input size check in proc_write_simdisk | 2025-11-02T00:00:00.000Z | 2025-12-07T01:35:30.000Z |
| msrc_cve-2025-40192 | Revert "ipmi: fix msg stack when IPMI is disconnected" | 2025-11-02T00:00:00.000Z | 2025-12-07T01:52:27.000Z |
| msrc_cve-2025-40190 | ext4: guard against EA inode refcount underflow in xattr update | 2025-11-02T00:00:00.000Z | 2025-12-07T01:52:00.000Z |
| msrc_cve-2025-40188 | pwm: berlin: Fix wrong register in suspend/resume | 2025-11-02T00:00:00.000Z | 2025-11-25T01:41:17.000Z |
| msrc_cve-2025-40187 | net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() | 2025-11-02T00:00:00.000Z | 2025-12-07T01:51:43.000Z |
| msrc_cve-2025-40180 | mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop | 2025-11-02T00:00:00.000Z | 2026-03-31T14:37:24.000Z |
| msrc_cve-2025-40179 | ext4: verify orphan file size is not too big | 2025-11-02T00:00:00.000Z | 2025-12-07T01:51:03.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2025:14884-1 | nodejs-electron-33.4.4-1.1 on GA media | 2025-03-12T00:00:00Z | 2025-03-12T00:00:00Z |
| opensuse-su-2025:14883-1 | nebula-1.9.5-2.1 on GA media | 2025-03-12T00:00:00Z | 2025-03-12T00:00:00Z |
| opensuse-su-2025:14882-1 | bsdtar-3.7.7-3.1 on GA media | 2025-03-12T00:00:00Z | 2025-03-12T00:00:00Z |
| opensuse-su-2025:14881-1 | forgejo-runner-6.2.2-3.1 on GA media | 2025-03-12T00:00:00Z | 2025-03-12T00:00:00Z |
| opensuse-su-2025:14880-1 | ffmpeg-4-4.4.5-7.1 on GA media | 2025-03-12T00:00:00Z | 2025-03-12T00:00:00Z |
| opensuse-su-2025:14879-1 | erlang-27.2.4-2.1 on GA media | 2025-03-12T00:00:00Z | 2025-03-12T00:00:00Z |
| opensuse-su-2025:14878-1 | dool-1.3.4-2.1 on GA media | 2025-03-12T00:00:00Z | 2025-03-12T00:00:00Z |
| opensuse-su-2025:14877-1 | distrobuilder-3.1-2.1 on GA media | 2025-03-12T00:00:00Z | 2025-03-12T00:00:00Z |
| opensuse-su-2025:14876-1 | ruby3.4-rubygem-rack-2.2-2.2.13-1.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14875-1 | ruby3.4-rubygem-rack-3.1.12-1.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14874-1 | restic-0.17.3-2.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14873-1 | python312-3.12.9-2.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14872-1 | python311-3.11.11-4.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14871-1 | podman-5.4.0-3.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14870-1 | google-osconfig-agent-20250115.01-3.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14869-1 | google-guest-agent-20250116.00-3.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14868-1 | fake-gcs-server-1.52.2-1.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14867-1 | amazon-ssm-agent-3.3.1957.0-2.1 on GA media | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| opensuse-su-2025:14866-1 | libtinyxml2-10-10.1.0-1.1 on GA media | 2025-03-10T00:00:00Z | 2025-03-10T00:00:00Z |
| opensuse-su-2025:14865-1 | grafana-11.5.2-1.1 on GA media | 2025-03-10T00:00:00Z | 2025-03-10T00:00:00Z |
| opensuse-su-2025:14864-1 | gerbera-2.5.0-1.1 on GA media | 2025-03-10T00:00:00Z | 2025-03-10T00:00:00Z |
| opensuse-su-2025:0084-1 | Security update for chromium | 2025-03-07T10:03:34Z | 2025-03-07T10:03:34Z |
| opensuse-su-2025:14863-1 | teleport-17.3.3-1.1 on GA media | 2025-03-07T00:00:00Z | 2025-03-07T00:00:00Z |
| opensuse-su-2025:14862-1 | less-668-2.1 on GA media | 2025-03-07T00:00:00Z | 2025-03-07T00:00:00Z |
| opensuse-su-2025:14861-1 | MozillaFirefox-136.0-1.1 on GA media | 2025-03-07T00:00:00Z | 2025-03-07T00:00:00Z |
| opensuse-su-2025:14860-1 | xen-4.20.0_08-4.1 on GA media | 2025-03-06T00:00:00Z | 2025-03-06T00:00:00Z |
| opensuse-su-2025:14859-1 | ruby3.4-rubygem-rack-2.2-2.2.12-1.1 on GA media | 2025-03-06T00:00:00Z | 2025-03-06T00:00:00Z |
| opensuse-su-2025:14858-1 | python311-GitPython-3.1.44-1.1 on GA media | 2025-03-06T00:00:00Z | 2025-03-06T00:00:00Z |
| opensuse-su-2025:14857-1 | grype-0.88.0-1.1 on GA media | 2025-03-06T00:00:00Z | 2025-03-06T00:00:00Z |
| opensuse-su-2025:14856-1 | go1.24-1.24.1-1.1 on GA media | 2025-03-06T00:00:00Z | 2025-03-06T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:23309 | Red Hat Security Advisory: php:8.3 security update | 2025-12-18T13:20:27+00:00 | 2026-03-18T03:07:54+00:00 |
| rhsa-2025:23323 | Red Hat Security Advisory: python3.12 security update | 2025-12-18T13:19:52+00:00 | 2026-04-13T20:00:06+00:00 |
| rhsa-2025:23400 | Red Hat Security Advisory: binutils security update | 2025-12-18T13:18:49+00:00 | 2026-04-13T20:00:09+00:00 |
| rhsa-2025:23336 | Red Hat Security Advisory: gcc-toolset-13-binutils security update | 2025-12-18T13:18:49+00:00 | 2026-04-13T20:00:08+00:00 |
| rhsa-2025:23326 | Red Hat Security Advisory: skopeo security update | 2025-12-18T13:18:48+00:00 | 2026-04-14T07:56:40+00:00 |
| rhsa-2025:23394 | Red Hat Security Advisory: skopeo security update | 2025-12-18T13:16:28+00:00 | 2026-04-14T07:56:41+00:00 |
| rhsa-2025:23374 | Red Hat Security Advisory: container-tools:rhel8 security update | 2025-12-18T13:15:55+00:00 | 2026-04-14T07:56:40+00:00 |
| rhsa-2025:23382 | Red Hat Security Advisory: binutils security update | 2025-12-18T13:15:25+00:00 | 2026-04-13T20:00:08+00:00 |
| rhsa-2025:23383 | Red Hat Security Advisory: curl security update | 2025-12-18T13:14:50+00:00 | 2026-04-13T20:00:09+00:00 |
| rhsa-2025:23359 | Red Hat Security Advisory: binutils security update | 2025-12-18T12:02:01+00:00 | 2026-04-13T20:00:08+00:00 |
| rhsa-2025:23644 | Red Hat Security Advisory: Red Hat multicluster global hub 1.4.3 security update | 2025-12-18T10:46:11+00:00 | 2026-04-02T16:24:10+00:00 |
| rhsa-2025:23306 | Red Hat Security Advisory: binutils security update | 2025-12-18T10:23:33+00:00 | 2026-04-13T20:00:06+00:00 |
| rhsa-2025:23628 | Red Hat Security Advisory: keylime security update | 2025-12-18T10:20:07+00:00 | 2026-03-19T15:39:01+00:00 |
| rhsa-2025:23295 | Red Hat Security Advisory: podman security update | 2025-12-18T10:17:02+00:00 | 2026-04-14T07:56:39+00:00 |
| rhsa-2025:23294 | Red Hat Security Advisory: skopeo security update | 2025-12-18T10:13:42+00:00 | 2026-04-14T07:56:39+00:00 |
| rhsa-2025:23405 | Red Hat Security Advisory: binutils security update | 2025-12-18T10:12:37+00:00 | 2026-04-13T20:00:14+00:00 |
| rhsa-2025:23347 | Red Hat Security Advisory: podman security update | 2025-12-18T10:09:41+00:00 | 2026-04-14T07:56:40+00:00 |
| rhsa-2025:23348 | Red Hat Security Advisory: skopeo security update | 2025-12-18T10:08:06+00:00 | 2026-04-14T07:56:40+00:00 |
| rhsa-2025:23583 | Red Hat Security Advisory: webkitgtk4 security update | 2025-12-18T09:30:34+00:00 | 2026-04-13T08:44:48+00:00 |
| rhsa-2025:23591 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-12-18T09:21:56+00:00 | 2026-04-13T08:44:49+00:00 |
| rhsa-2025:23457 | Red Hat Security Advisory: audiofile security update | 2025-12-18T08:05:51+00:00 | 2026-03-18T03:14:31+00:00 |
| rhsa-2025:23483 | Red Hat Security Advisory: libssh security update | 2025-12-18T08:04:21+00:00 | 2026-03-20T20:06:05+00:00 |
| rhsa-2025:23543 | Red Hat Security Advisory: container-tools:rhel8 security update | 2025-12-18T04:34:31+00:00 | 2026-04-14T02:01:59+00:00 |
| rhsa-2025:23530 | Red Hat Security Advisory: python39:3.9 security update | 2025-12-18T01:35:54+00:00 | 2026-04-13T20:00:11+00:00 |
| rhsa-2025:23550 | Red Hat Security Advisory: RHSA 4.8.7 security and bug fix update | 2025-12-17T20:50:30+00:00 | 2026-04-13T20:13:55+00:00 |
| rhsa-2025:23484 | Red Hat Security Advisory: libssh security update | 2025-12-17T18:40:13+00:00 | 2026-03-20T20:06:03+00:00 |
| rhsa-2025:23546 | Red Hat Security Advisory: Red Hat Quay 3.16.0 | 2025-12-17T18:13:48+00:00 | 2026-04-14T07:56:42+00:00 |
| rhsa-2025:23450 | Red Hat Security Advisory: kernel security update | 2025-12-17T17:44:18+00:00 | 2026-03-18T03:13:32+00:00 |
| rhsa-2025:23481 | Red Hat Security Advisory: openssh security update | 2025-12-17T17:42:18+00:00 | 2026-04-13T20:00:11+00:00 |
| rhsa-2025:23480 | Red Hat Security Advisory: openssh security update | 2025-12-17T16:48:13+00:00 | 2026-04-13T20:00:11+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:0018-1 | Security update for glib2 | 2026-01-05T10:52:26Z | 2026-01-05T10:52:26Z |
| suse-su-2026:0017-1 | Security update for libsoup | 2026-01-05T10:52:01Z | 2026-01-05T10:52:01Z |
| suse-su-2026:0016-1 | Security update for pgadmin4 | 2026-01-05T10:48:08Z | 2026-01-05T10:48:08Z |
| suse-su-2026:0015-1 | Security update for pgadmin4 | 2026-01-05T10:40:59Z | 2026-01-05T10:40:59Z |
| suse-su-2026:0014-1 | Security update for buildah | 2026-01-05T10:39:01Z | 2026-01-05T10:39:01Z |
| suse-su-2026:0013-1 | Security update for ImageMagick | 2026-01-05T10:36:11Z | 2026-01-05T10:36:11Z |
| suse-su-2026:0012-1 | Security update for xen | 2026-01-05T10:31:27Z | 2026-01-05T10:31:27Z |
| suse-su-2026:0011-1 | Security update for ImageMagick | 2026-01-05T10:28:55Z | 2026-01-05T10:28:55Z |
| suse-su-2026:0010-1 | Security update for python-tornado6 | 2026-01-05T10:26:32Z | 2026-01-05T10:26:32Z |
| suse-su-2026:20019-1 | Security update for sssd | 2026-01-02T16:58:52Z | 2026-01-02T16:58:52Z |
| suse-su-2026:20014-1 | Security update for sssd | 2026-01-02T16:58:52Z | 2026-01-02T16:58:52Z |
| suse-su-2026:0005-1 | Security update for rsync | 2026-01-02T12:30:51Z | 2026-01-02T12:30:51Z |
| suse-su-2026:20058-1 | Security update for rsync | 2026-01-02T11:13:05Z | 2026-01-02T11:13:05Z |
| suse-su-2026:20057-1 | Security update for libmicrohttpd | 2026-01-02T11:07:26Z | 2026-01-02T11:07:26Z |
| suse-ru-2026:20056-1 | Recommended update for shim | 2026-01-01T13:54:36Z | 2026-01-01T13:54:36Z |
| suse-su-2025:4539-1 | Security update for python36 | 2025-12-31T15:05:33Z | 2025-12-31T15:05:33Z |
| suse-su-2025:4538-1 | Security update for python3 | 2025-12-31T15:05:25Z | 2025-12-31T15:05:25Z |
| suse-su-2025:4536-1 | Security update for podman | 2025-12-31T10:35:17Z | 2025-12-31T10:35:17Z |
| suse-su-2026:20036-1 | Security update for dpdk | 2025-12-30T20:51:25Z | 2025-12-30T20:51:25Z |
| suse-su-2026:20037-1 | Security update for ovmf | 2025-12-30T20:33:17Z | 2025-12-30T20:33:17Z |
| suse-su-2026:20035-1 | Security update for podman | 2025-12-30T20:16:23Z | 2025-12-30T20:16:23Z |
| suse-su-2026:20055-1 | Security update for dpdk | 2025-12-30T20:05:16Z | 2025-12-30T20:05:16Z |
| suse-su-2026:20054-1 | Security update for capstone | 2025-12-30T20:03:14Z | 2025-12-30T20:03:14Z |
| suse-ru-2026:20004-1 | Recommended update for shim | 2025-12-30T16:20:45Z | 2025-12-30T16:20:45Z |
| suse-su-2025:4534-1 | Security update for dpdk22 | 2025-12-29T16:15:13Z | 2025-12-29T16:15:13Z |
| suse-su-2025:4533-1 | Security update for libpng16 | 2025-12-29T16:11:25Z | 2025-12-29T16:11:25Z |
| suse-su-2025:4532-1 | Security update for apache2-mod_auth_openidc | 2025-12-29T13:53:59Z | 2025-12-29T13:53:59Z |
| suse-su-2025:4530-1 | Security update for the Linux Kernel | 2025-12-29T10:48:23Z | 2025-12-29T10:48:23Z |
| suse-su-2025:4528-1 | Security update for webkit2gtk3 | 2025-12-26T14:52:35Z | 2025-12-26T14:52:35Z |
| suse-su-2025:4527-1 | Security update for webkit2gtk3 | 2025-12-26T14:49:08Z | 2025-12-26T14:49:08Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2024:3233 | Low: libssh security update | 2024-05-22T00:00:00Z | 2024-05-29T14:44:28Z |
| alsa-2024:3214 | Moderate: gmp security update | 2024-05-22T00:00:00Z | 2024-05-29T14:44:28Z |
| alsa-2024:3211 | Moderate: traceroute security update | 2024-05-22T00:00:00Z | 2024-05-29T14:39:43Z |
| alsa-2024:3203 | Moderate: systemd security update | 2024-05-22T00:00:00Z | 2024-05-29T14:46:53Z |
| alsa-2024:3184 | Moderate: grub2 security update | 2024-05-22T00:00:00Z | 2024-05-29T14:49:09Z |
| alsa-2024:3178 | Important: linux-firmware security update | 2024-05-22T00:00:00Z | 2024-05-29T14:50:26Z |
| alsa-2024:3166 | Moderate: openssh security update | 2024-05-22T00:00:00Z | 2024-05-29T14:44:59Z |
| alsa-2024:3163 | Moderate: pam security update | 2024-05-22T00:00:00Z | 2024-05-29T14:42:42Z |
| alsa-2024:3139 | Moderate: squashfs-tools security update | 2024-05-22T00:00:00Z | 2024-05-29T14:39:42Z |
| alsa-2024:3138 | Moderate: kernel security, bug fix, and enhancement update | 2024-05-22T00:00:00Z | 2024-05-29T14:48:53Z |
| alsa-2024:3128 | Moderate: perl:5.32 security update | 2024-05-22T00:00:00Z | 2024-05-29T14:53:34Z |
| alsa-2024:3127 | Moderate: zziplib security update | 2024-05-22T00:00:00Z | 2024-05-29T14:41:09Z |
| alsa-2024:3121 | Moderate: httpd:2.4 security update | 2024-05-22T00:00:00Z | 2024-05-29T14:47:45Z |
| alsa-2024:3120 | Moderate: freeglut security update | 2024-05-22T00:00:00Z | 2024-05-29T14:42:33Z |
| alsa-2024:3105 | Moderate: python3.11-cryptography security update | 2024-05-22T00:00:00Z | 2024-05-29T14:39:40Z |
| alsa-2024:3102 | Moderate: python-jinja2 security update | 2024-05-22T00:00:00Z | 2024-05-29T14:42:32Z |
| alsa-2024:3095 | Moderate: vorbis-tools security update | 2024-05-22T00:00:00Z | 2024-05-29T14:39:40Z |
| alsa-2024:3094 | Moderate: perl-CPAN security update | 2024-05-22T00:00:00Z | 2024-05-29T14:42:32Z |
| alsa-2024:3089 | Moderate: gstreamer1-plugins-good security update | 2024-05-22T00:00:00Z | 2024-05-29T14:42:31Z |
| alsa-2024:3088 | Moderate: gstreamer1-plugins-base security update | 2024-05-22T00:00:00Z | 2024-05-29T14:42:27Z |
| alsa-2024:3067 | Moderate: tigervnc security update | 2024-05-22T00:00:00Z | 2024-05-29T16:18:05Z |
| alsa-2024:3066 | Moderate: exempi security update | 2024-05-22T00:00:00Z | 2024-05-29T14:40:00Z |
| alsa-2024:3062 | Moderate: python3.11 security update | 2024-05-22T00:00:00Z | 2024-05-29T14:46:15Z |
| alsa-2024:3061 | Moderate: pki-core:10.6 and pki-deps:10.6 security update | 2024-05-22T00:00:00Z | 2024-05-29T14:51:14Z |
| alsa-2024:3060 | Moderate: gstreamer1-plugins-bad-free security update | 2024-05-22T00:00:00Z | 2024-05-29T14:39:57Z |
| alsa-2024:3059 | Moderate: libtiff security update | 2024-05-22T00:00:00Z | 2024-05-29T14:42:13Z |
| alsa-2024:3058 | Moderate: mutt security update | 2024-05-22T00:00:00Z | 2024-05-29T14:39:37Z |
| alsa-2024:3056 | Moderate: qt5-qtbase security update | 2024-05-22T00:00:00Z | 2024-05-29T14:48:04Z |
| alsa-2024:3049 | Moderate: perl-Convert-ASN1 security update | 2024-05-22T00:00:00Z | 2024-05-29T14:42:11Z |
| alsa-2024:3047 | Moderate: 389-ds:1.4 security update | 2024-05-22T00:00:00Z | 2024-05-29T14:45:45Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2022-108 | Heap-buffer-overflow in void apply_string<GSUBProxy> | 2022-01-31T00:01:43.533565Z | 2022-07-18T02:26:29.025862Z |
| osv-2022-105 | Heap-buffer-overflow in parse_object | 2022-01-31T00:00:44.191266Z | 2022-04-13T03:04:39.854288Z |
| osv-2022-104 | Heap-use-after-free in hb_bit_set_invertible_t::intersects | 2022-01-31T00:00:41.139177Z | 2022-04-13T03:04:33.186304Z |
| osv-2022-102 | Segv on unknown address in pdfi_array_get | 2022-01-30T00:00:20.319324Z | 2022-04-13T03:04:34.502434Z |
| osv-2022-101 | Heap-double-free in flb_sds_destroy | 2022-01-30T00:00:16.518467Z | 2022-04-13T03:04:38.367382Z |
| osv-2022-100 | Stack-buffer-overflow in sgets | 2022-01-30T00:00:08.379078Z | 2022-04-13T03:04:34.508334Z |
| osv-2022-99 | UNKNOWN WRITE in helper_shl_cc_arm | 2022-01-29T00:01:34.585336Z | 2022-04-13T03:23:15.899637Z |
| osv-2022-97 | Heap-buffer-overflow in gs_interpret | 2022-01-29T00:00:27.567705Z | 2022-04-13T03:04:34.418274Z |
| osv-2022-96 | Heap-buffer-overflow in sequence_compression_api.c | 2022-01-29T00:00:24.594329Z | 2022-04-13T03:04:31.675527Z |
| osv-2022-94 | Heap-buffer-overflow in cli_strlcat | 2022-01-27T00:02:12.465969Z | 2026-03-05T14:29:46.831320Z |
| osv-2022-93 | Heap-buffer-overflow in strtol | 2022-01-27T00:00:50.546211Z | 2022-04-13T03:04:39.865451Z |
| osv-2022-91 | Heap-buffer-overflow in pixCountArbInRect | 2022-01-26T00:01:54.834091Z | 2022-04-13T03:04:32.660483Z |
| osv-2021-1806 | Stack-buffer-overflow in pdfi_open_CIDFont_substitute_file | 2022-01-26T00:01:49.919350Z | 2022-04-13T03:04:34.288933Z |
| osv-2022-87 | Heap-use-after-free in zend_std_get_property_ptr_ptr | 2022-01-24T00:01:39.876775Z | 2022-04-13T03:04:33.651611Z |
| osv-2022-85 | UNKNOWN READ in pdfi_setcolorN | 2022-01-24T00:00:56.571243Z | 2022-04-13T03:04:34.722894Z |
| osv-2022-84 | Heap-buffer-overflow in Core::Stream::File::open_path | 2022-01-24T00:00:39.186446Z | 2022-04-13T03:04:32.119317Z |
| osv-2022-83 | Heap-use-after-free in gx_monitor_free | 2022-01-24T00:00:35.150378Z | 2022-04-13T03:04:34.797554Z |
| osv-2022-82 | Heap-buffer-overflow in generic_unpack | 2022-01-24T00:00:34.740260Z | 2022-04-13T03:04:37.189553Z |
| osv-2022-81 | Global-buffer-overflow in get_space_object | 2022-01-24T00:00:28.385382Z | 2022-04-13T03:04:34.752188Z |
| osv-2022-80 | Null-dereference READ in gstate_clone_core | 2022-01-24T00:00:19.630777Z | 2022-04-13T03:04:34.647038Z |
| osv-2022-79 | Segv on unknown address in gp_semaphore_close | 2022-01-24T00:00:12.635637Z | 2022-04-13T03:04:34.603551Z |
| osv-2021-1805 | Heap-buffer-overflow in ndpi_search_kerberos | 2022-01-23T00:00:37.838585Z | 2022-04-13T03:04:36.014290Z |
| osv-2021-1804 | Heap-buffer-overflow in ndpi_workflow_process_packet | 2022-01-23T00:00:25.006190Z | 2022-04-13T03:04:36.242722Z |
| osv-2022-77 | Heap-buffer-overflow in hufDecode | 2022-01-23T00:00:10.014207Z | 2022-04-13T03:04:37.150888Z |
| osv-2022-73 | Heap-use-after-free in pdfi_cspace_free_callback | 2022-01-22T00:00:41.413569Z | 2026-03-18T14:24:03.137574Z |
| osv-2022-69 | Stack-buffer-overflow in pixCountPixels | 2022-01-21T00:01:32.742217Z | 2022-04-13T03:04:32.687605Z |
| osv-2022-67 | Heap-buffer-overflow in cli_bcomp_freemeta | 2022-01-21T00:00:45.048694Z | 2022-04-13T03:04:39.425407Z |
| osv-2022-62 | Stack-buffer-overflow in load_regex_matcher | 2022-01-21T00:00:07.079980Z | 2022-04-13T03:04:39.385734Z |
| osv-2022-61 | Heap-buffer-overflow in cli_loadcrt | 2022-01-21T00:00:05.087581Z | 2022-04-13T03:04:39.408377Z |
| osv-2022-58 | Heap-buffer-overflow in internal_huf_decompress | 2022-01-19T00:01:46.235163Z | 2022-04-13T03:04:37.212914Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-gitlab-2023-5117 | Exposure of Sensitive Information Due to Incompatible Policies in GitLab | 2024-12-27T07:25:54.433Z | 2025-05-20T10:02:07.006Z |
| bit-kafka-2024-56128 | Apache Kafka: SCRAM authentication vulnerable to replay attacks when used without encryption | 2024-12-24T19:12:41.492Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2024-49765 | Bypass of Discourse Connect using other login paths if enabled in Discourse | 2024-12-23T19:10:38.115Z | 2025-08-27T09:06:48.117Z |
| bit-discourse-2024-52589 | Moderators can view Screened emails even when the “moderators view emails” option is disabled in Discourse | 2024-12-23T19:10:30.112Z | 2025-08-27T09:06:48.117Z |
| bit-discourse-2024-52794 | Magnific lightbox susceptible to Cross-site Scripting in Discourse | 2024-12-23T19:10:22.128Z | 2025-08-27T09:06:48.117Z |
| bit-discourse-2024-53991 | Potential Backup file leaked via Nginx in Discourse | 2024-12-23T19:10:14.117Z | 2025-08-27T09:06:48.117Z |
| bit-rails-2024-26142 | Rails possible ReDoS vulnerability in Accept header parsing in Action Dispatch | 2024-12-20T09:50:24.319Z | 2025-05-20T10:02:07.006Z |
| bit-rails-2024-26143 | Rails Possible XSS Vulnerability in Action Controller | 2024-12-20T09:50:15.432Z | 2025-05-20T10:02:07.006Z |
| bit-rails-2024-26144 | Possible Sensitive Session Information Leak in Active Storage | 2024-12-20T09:50:06.835Z | 2025-05-20T10:02:07.006Z |
| bit-rails-2024-28103 | Action Pack is missing security headers on non-HTML responses | 2024-12-20T09:49:58.439Z | 2025-10-06T09:29:51.512Z |
| bit-rails-2024-32464 | ActionText ContentAttachment can Contain Unsanitized HTML | 2024-12-20T09:49:50.531Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2024-53269 | Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy | 2024-12-20T07:08:41.110Z | 2025-08-29T09:06:49.175Z |
| bit-envoy-2024-53270 | HTTP/1: sending overload crashes when the request is reset beforehand in envoy | 2024-12-20T07:08:32.803Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2024-53271 | HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy | 2024-12-20T07:08:24.205Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-12539 | Elasticsearch Incorrect Authorization | 2024-12-19T07:08:44.980Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-8116 | Incorrect Authorization in GitLab | 2024-12-18T07:12:29.491Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-8650 | Incorrect Authorization in GitLab | 2024-12-18T07:10:27.388Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-10043 | Incorrect Authorization in GitLab | 2024-12-16T07:24:22.581Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-11274 | URL Redirection to Untrusted Site ('Open Redirect') in GitLab | 2024-12-16T07:24:08.091Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-12292 | Insertion of Sensitive Information into Log File in GitLab | 2024-12-16T07:23:47.892Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-12570 | Privilege Context Switching Error in GitLab | 2024-12-16T07:23:37.577Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-8179 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2024-12-16T07:12:48.900Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-8233 | Inefficient Algorithmic Complexity in GitLab | 2024-12-16T07:12:33.876Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-8647 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab | 2024-12-16T07:11:23.983Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-9367 | Allocation of Resources Without Limits or Throttling in GitLab | 2024-12-16T07:10:23.699Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2024-9387 | URL Redirection to Untrusted Site ('Open Redirect') in GitLab | 2024-12-16T07:10:15.986Z | 2025-05-20T10:02:07.006Z |
| bit-python-2023-6597 | 2024-12-13T12:41:26.412Z | 2025-11-06T13:25:46.476Z | |
| bit-python-2024-0450 | Quoted zip-bomb protection for zipfile | 2024-12-13T12:41:10.011Z | 2025-11-06T13:25:46.476Z |
| bit-python-2024-9287 | Virtual environment (venv) activation scripts don't quote paths | 2024-12-13T12:39:42.210Z | 2025-11-06T13:25:46.476Z |
| bit-wordpress-2023-23814 | 2024-12-11T07:22:41.801Z | 2024-12-11T07:36:45.271Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0955 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-11-08T00:00:00.000000 | 2024-11-08T00:00:00.000000 |
| certfr-2024-avi-0954 | Multiples vulnérabilités dans Microsoft Edge | 2024-11-08T00:00:00.000000 | 2024-11-08T00:00:00.000000 |
| certfr-2024-avi-0953 | Multiples vulnérabilités dans Moxa EDS-P510 Series | 2024-11-08T00:00:00.000000 | 2024-11-08T00:00:00.000000 |
| certfr-2024-avi-0952 | Vulnérabilité dans les produits F5 | 2024-11-08T00:00:00.000000 | 2024-11-08T00:00:00.000000 |
| certfr-2024-avi-0951 | Multiples vulnérabilités dans Google Pixel | 2024-11-07T00:00:00.000000 | 2024-11-07T00:00:00.000000 |
| certfr-2024-avi-0950 | Multiples vulnérabilités dans les produits Cisco | 2024-11-07T00:00:00.000000 | 2024-11-07T00:00:00.000000 |
| certfr-2024-avi-0949 | Vulnérabilité dans Veeam Backup & Replication | 2024-11-07T00:00:00.000000 | 2024-11-07T00:00:00.000000 |
| certfr-2024-avi-0948 | Multiples vulnérabilités dans les produits Symfony | 2024-11-06T00:00:00.000000 | 2024-11-06T00:00:00.000000 |
| certfr-2024-avi-0947 | Vulnérabilité dans NetApp ONTAP Select Deploy administration utility | 2024-11-06T00:00:00.000000 | 2024-11-06T00:00:00.000000 |
| certfr-2024-avi-0946 | Multiples vulnérabilités dans Google Chrome | 2024-11-06T00:00:00.000000 | 2024-11-06T00:00:00.000000 |
| certfr-2024-avi-0945 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2024-11-06T00:00:00.000000 | 2024-11-06T00:00:00.000000 |
| certfr-2024-avi-0944 | Multiples vulnérabilités dans Google Android | 2024-11-05T00:00:00.000000 | 2024-11-05T00:00:00.000000 |
| certfr-2024-avi-0943 | Vulnérabilité dans Qnap QuRouter | 2024-11-05T00:00:00.000000 | 2024-11-05T00:00:00.000000 |
| certfr-2024-avi-0942 | Vulnérabilité dans les produits Broadcom | 2024-11-04T00:00:00.000000 | 2024-11-04T00:00:00.000000 |
| certfr-2024-avi-0941 | Multiples vulnérabilités dans Microsoft Edge | 2024-11-04T00:00:00.000000 | 2024-11-04T00:00:00.000000 |
| certfr-2024-avi-0940 | Multiples vulnérabilités dans les produits Moxa | 2024-11-04T00:00:00.000000 | 2024-11-04T00:00:00.000000 |
| certfr-2024-avi-0939 | Multiples vulnérabilités dans les produits IBM | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0938 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0937 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0936 | Multiples vulnérabilités dans les produits Splunk | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0935 | Vulnérabilité dans Tenable Sensor Proxy | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0934 | Multiples vulnérabilités dans les produits Mozilla | 2024-10-30T00:00:00.000000 | 2024-10-30T00:00:00.000000 |
| certfr-2024-avi-0933 | Multiples vulnérabilités dans les produits Qnap | 2024-10-30T00:00:00.000000 | 2024-10-30T00:00:00.000000 |
| certfr-2024-avi-0932 | Multiples vulnérabilités dans les produits Apple | 2024-10-30T00:00:00.000000 | 2024-10-30T00:00:00.000000 |
| certfr-2024-avi-0931 | Multiples vulnérabilités dans Google Chrome | 2024-10-30T00:00:00.000000 | 2024-10-30T00:00:00.000000 |
| certfr-2024-avi-0930 | Vulnérabilité dans MongoDB | 2024-10-29T00:00:00.000000 | 2024-10-29T00:00:00.000000 |
| certfr-2024-avi-0929 | Multiples vulnérabilités dans les produits Apple | 2024-10-29T00:00:00.000000 | 2024-10-29T00:00:00.000000 |
| certfr-2024-avi-0928 | Vulnérabilité dans Squid | 2024-10-28T00:00:00.000000 | 2024-10-28T00:00:00.000000 |
| certfr-2024-avi-0927 | Multiples vulnérabilités dans les produits Synology | 2024-10-28T00:00:00.000000 | 2024-10-28T00:00:00.000000 |
| certfr-2024-avi-0926 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-10-25T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2016-000093 | Cybozu Garoon function "Portlets" vulnerable to access restriction bypass | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000085 | Cybozu Garoon fails to restrict access permissions | 2016-05-30T16:18+09:00 | 2016-06-23T17:43+09:00 |
| jvndb-2016-000084 | Cybozu Garoon vulnerable to cross-site scripting | 2016-05-30T16:18+09:00 | 2016-06-23T17:09+09:00 |
| jvndb-2016-000083 | Cybozu Garoon vulnerable to cross-site scripting | 2016-05-30T16:18+09:00 | 2016-06-23T17:05+09:00 |
| jvndb-2016-000082 | Cybozu Garoon fails to restrict access permissions | 2016-05-30T16:18+09:00 | 2016-06-23T17:35+09:00 |
| jvndb-2016-000081 | Cybozu Garoon vulnerable to open redirect | 2016-05-30T16:18+09:00 | 2016-06-23T17:06+09:00 |
| jvndb-2016-000080 | Cybozu Garoon vulnerable to denial-of-service (DoS) | 2016-05-30T16:18+09:00 | 2017-05-23T16:23+09:00 |
| jvndb-2016-000079 | Cybozu Garoon vulnerable to information disclosure | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000078 | Cybozu Garoon function "Files" vulnerable to directory traversal | 2016-05-30T16:18+09:00 | 2016-06-23T17:40+09:00 |
| jvndb-2016-000077 | Cybozu Garoon mail function vulnerable to access restriction bypass | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000092 | DMM.com Securities FX Apps for Android fail to verify SSL server certificates | 2016-05-30T14:21+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000090 | Source code of Old_GSI_Maps prior to January, 2015 vulnerable to directory traversal | 2016-05-30T14:07+09:00 | 2016-06-23T15:13+09:00 |
| jvndb-2016-000072 | WebARENA formmail vulnerable to cross-site scripting | 2016-05-27T13:54+09:00 | 2016-06-08T17:47+09:00 |
| jvndb-2016-000087 | Multiple Buffalo wireless LAN routers vulnerable to information disclosure | 2016-05-27T13:53+09:00 | 2016-06-27T14:59+09:00 |
| jvndb-2016-000086 | Multiple Buffalo wireless LAN routers vulnerable to directory traversal | 2016-05-27T13:53+09:00 | 2016-06-27T14:58+09:00 |
| jvndb-2016-000076 | Japan Connected-free Wi-Fi vulnerable to API execution | 2016-05-27T13:51+09:00 | 2016-06-23T17:38+09:00 |
| jvndb-2016-000091 | H2O use-after-free vulnerability | 2016-05-27T13:46+09:00 | 2016-06-23T17:23+09:00 |
| jvndb-2016-000075 | NetCommons vulnerable to privilege escalation | 2016-05-26T14:30+09:00 | 2016-06-23T15:13+09:00 |
| jvndb-2016-000071 | WordPress plugin "Markdown on Save Improved" vulnerable to cross-site scripting | 2016-05-25T14:37+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-002716 | Cross-site Scripting Vulnerability in Hitachi Tuning Manager | 2016-05-24T16:43+09:00 | 2016-08-03T16:09+09:00 |
| jvndb-2016-002715 | Information Disclosure Vulnerability in Hitachi Command Suite | 2016-05-24T16:43+09:00 | 2016-08-03T16:09+09:00 |
| jvndb-2016-000067 | Jetstar App for iOS fails to verify SSL server certificates | 2016-05-24T13:36+09:00 | 2017-05-29T11:45+09:00 |
| jvndb-2016-000070 | php-contact-form vulnerable to cross-site scripting | 2016-05-24T12:27+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-000068 | HumHub vulnerable to cross-site scripting | 2016-05-24T12:24+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-000069 | MP Form Mail CGI Professional Edition vulnerable to directory traversal | 2016-05-20T14:22+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-000066 | Web Mailing List vulnerable to cross-site scripting | 2016-05-19T13:37+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-000065 | 105 BANK App fails to verify SSL server certificates | 2016-05-18T15:26+09:00 | 2017-05-29T11:45+09:00 |
| jvndb-2016-000060 | Cybozu KUNAI App fails to verify SSL server certificates | 2016-05-16T16:14+09:00 | 2017-05-23T16:23+09:00 |
| jvndb-2016-000047 | a-blog cms vulnerable to session management | 2016-05-16T14:48+09:00 | 2017-05-23T13:44+09:00 |
| jvndb-2016-000046 | a-blog cms vulnerable to cross-site scripting | 2016-05-16T14:48+09:00 | 2017-05-23T13:44+09:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-03542 | Blood Bank Management System login.php组件跨站脚本漏洞 | 2025-12-03 | 2026-01-15 |
| cnvd-2026-03541 | Blood Bank Management System hprofile.php组件跨站脚本漏洞 | 2025-12-03 | 2026-01-15 |
| cnvd-2026-03540 | Blood Bank Management System cancel.php组件SQL注入漏洞 | 2025-12-03 | 2026-01-15 |
| cnvd-2026-03539 | Blood Bank Management System blooddinfo.php组件跨站脚本漏洞 | 2025-12-03 | 2026-01-15 |
| cnvd-2026-03538 | Blood Bank Management System abs.php组件跨站脚本漏洞 | 2025-12-03 | 2026-01-15 |
| cnvd-2026-03537 | Blood Bank Management System abs.php组件SQL注入漏洞 | 2025-12-03 | 2026-01-15 |
| cnvd-2026-00140 | Huawei HarmonyOS/EMUI释放后重用漏洞 | 2025-12-03 | 2026-01-05 |
| cnvd-2026-00139 | Huawei HarmonyOS/EMUI访问无效内存漏洞 | 2025-12-03 | 2026-01-05 |
| cnvd-2026-00138 | Huawei HarmonyOS/EMUI权限控制漏洞(CNVD-2026-00138) | 2025-12-03 | 2026-01-05 |
| cnvd-2026-00023 | Apache Kvrocks权限提升漏洞 | 2025-12-03 | 2026-01-04 |
| cnvd-2026-00022 | Apache bRPC拒绝服务漏洞(CNVD-2026-00022) | 2025-12-03 | 2026-01-04 |
| cnvd-2025-30579 | Apache Kvrocks信息泄露漏洞 | 2025-12-03 | 2025-12-12 |
| cnvd-2025-30566 | Apache SkyWalking跨站脚本漏洞(CNVD-2025-30566) | 2025-12-03 | 2025-12-12 |
| cnvd-2025-30565 | Apache CloudStack访问控制错误漏洞(CNVD-2025-30565) | 2025-12-03 | 2025-12-12 |
| cnvd-2025-30511 | LIVE555 Streaming Media空指针取消引用漏洞 | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30510 | LIVE555 Streaming Media释放后重用漏洞(CNVD-2025-30510) | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30509 | LIVE555 Streaming Media堆缓冲区溢出漏洞(CNVD-2025-30509) | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30508 | LIVE555 Streaming Media缓冲区溢出漏洞 | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30507 | LIVE555 Streaming Media释放后重用漏洞 | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30463 | Socomec Easy Config System身份认证绕过漏洞 | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30462 | Socomec DIRIS Digiware M-70明文传输漏洞 | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30461 | Socomec DIRIS Digiware M-70跨站请求伪造漏洞 | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30460 | Socomec DIRIS Digiware M-70缓冲区溢出漏洞 | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30459 | Socomec DIRIS Digiware M-70拒绝服务漏洞(CNVD-2025-30459) | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30458 | Socomec DIRIS Digiware M-70拒绝服务漏洞(CNVD-2025-30458) | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30457 | Socomec DIRIS Digiware M-70拒绝服务漏洞(CNVD-2025-30457) | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30456 | Socomec DIRIS Digiware M-70拒绝服务漏洞(CNVD-2025-30456) | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30455 | Socomec DIRIS Digiware M-70拒绝服务漏洞(CNVD-2025-30455) | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30454 | Socomec DIRIS Digiware M-70拒绝服务漏洞(CNVD-2025-30454) | 2025-12-03 | 2025-12-11 |
| cnvd-2025-30453 | Socomec DIRIS Digiware M-70拒绝服务漏洞(CNVD-2025-30453) | 2025-12-03 | 2025-12-11 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2025-16318 | Уязвимость библиотеки Russh языка программирования Rust для взаимодействия с протоколом S… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16317 | Уязвимость модуля arch/powerpc/kernel/rtas_flash.c ядра операционной системы Linux, позво… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16316 | Уязвимость модуля проверки стилей HTML почтового клиента RoundCube Webmail, позволяющая н… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16315 | Уязвимость функции run_unpack() компонента ntfs3 ядра операционной системы Linux, позволя… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16314 | Уязвимость демона snmptrapd набора программного обеспечения для развёртывания и использов… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16313 | Уязвимость системы сбора и анализа событий IBM QRadar SIEM, связанная с хранением аутенти… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16312 | Уязвимость инструмента автоматизации на основе искусственного интеллекта IBM Concert Soft… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16311 | Уязвимость веб-интерфейса программного обеспечения IBM Planning Analytics Local, позволяю… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16310 | Уязвимость функции dbAllocDmapLev() ядра операционной системы Linux, позволяющая нарушите… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16309 | Уязвимость программного обеспечения IBM Planning Analytics Local, связанная с неправильно… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16308 | Уязвимость системы планирования ресурсов предприятия SAP S/4HANA, связанная с неверным ог… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16307 | Уязвимость программной интеграционной платформы SAP NetWeaver Application Server ABAP, св… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16306 | Уязвимость программной интеграционной платформы SAP NetWeaver ABAP, связанная с отсутстви… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16305 | Уязвимость программной интеграционной платформы SAP NetWeaver Application Server ABAP, св… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16304 | Уязвимость программной интеграционной платформы SAP NetWeaver ABAP, связанная с недостато… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16303 | Уязвимость фреймворка SAP FICA ODN, связанная с неверным управлением генерацией кода, поз… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16302 | Уязвимость приложения для мониторинга и сбора данных с различных источников Splunk Univer… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16301 | Уязвимость платформы для операционного анализа Splunk Enterprise, связанная с неправильны… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16300 | Уязвимость платформы для операционного анализа Splunk Enterprise, связанная с недостаточн… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16299 | Уязвимость платформы для операционного анализа Splunk Enterprise, связанная с недостаточн… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16298 | Уязвимость модуля net/core/skbuff.c ядра операционной системы Linux, позволяющая нарушите… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16297 | Уязвимость платформы для операционного анализа Splunk Enterprise, связанная с недостаточн… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16296 | Уязвимость платформы для операционного анализа Splunk Enterprise, связанная с непринятием… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16295 | Уязвимость платформы для операционного анализа Splunk Enterprise, связанная с неправильно… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16294 | Уязвимость компонента Views Dashboard платформы для операционного анализа Splunk Enterpri… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16293 | Уязвимость приложения для обработки и анализа данных Splunk MCP Server, связанная с ошибк… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16292 | Уязвимость платформы анализа данных Qlik Sense Enterprise, связанная с утечкой информации… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16291 | Уязвимость микропрограммного обеспечения устройства для интеграции и управления промышле… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16290 | Уязвимость веб-сервера микропрограммного обеспечения устройства для интеграции и управле… | 24.12.2025 | 24.12.2025 |
| bdu:2025-16289 | Уязвимость микропрограммного обеспечения устройства для интеграции и управления промышле… | 24.12.2025 | 24.12.2025 |
| ID | Description | Updated |
|---|---|---|
| var-202512-0065 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 … | 2025-12-19T19:39:42.981000Z |
| var-202512-0339 | Tenda AX3 v16.03.12.11 contains a stack overflow in formSetIptv via the iptvType paramete… | 2025-12-19T19:39:42.661000Z |
| var-202512-1517 | In Modem, there is a possible system crash due to incorrect error handling. This could le… | 2025-12-19T19:39:41.933000Z |
| var-202512-1836 | Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadF… | 2025-12-19T19:39:41.738000Z |
| var-202205-0923 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do… | 2025-12-18T21:25:07.419000Z |
| var-202306-0889 | A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3… | 2025-12-18T21:23:56.971000Z |
| var-202205-0925 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices us… | 2025-12-18T21:12:01.269000Z |
| var-202306-0890 | A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3… | 2025-12-18T20:36:55.495000Z |
| var-201910-1498 | The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_p… | 2025-12-18T20:35:29.166000Z |
| var-202205-0929 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do… | 2025-12-18T20:16:19.348000Z |
| var-202107-1010 | <p>A remote code execution vulnerability exists when the Windows Print Spooler service im… | 2025-12-18T20:12:56.323000Z |
| var-202205-0928 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do… | 2025-12-18T20:05:33.352000Z |
| var-201901-0011 | In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, … | 2025-12-18T19:58:23.250000Z |
| var-202205-0927 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do… | 2025-12-18T19:57:45.946000Z |
| var-200609-1696 | Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, whe… | 2025-12-18T19:57:01.390000Z |
| var-202205-0924 | A vulnerability has been identified in SICAM T (All versions < V3.0). The web based manag… | 2025-12-18T19:53:52.320000Z |
| var-202205-0921 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do… | 2025-12-18T19:52:03.601000Z |
| var-202510-4394 | The NPort 5150A is a device server. Mosa Technology (Shanghai) Co., Ltd.'s NPort 5150A c… | 2025-12-18T19:40:07.874000Z |
| var-202512-0181 | A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Fu… | 2025-12-18T19:40:06.918000Z |
| var-202512-0182 | A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Fu… | 2025-12-18T19:40:06.805000Z |
| var-202512-0223 | A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). … | 2025-12-18T19:40:06.780000Z |
| var-202512-0222 | A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). … | 2025-12-18T19:40:06.768000Z |
| var-202512-0224 | A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). … | 2025-12-18T19:40:06.756000Z |
| var-202512-0221 | A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). … | 2025-12-18T19:40:06.745000Z |
| var-202512-0219 | A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). … | 2025-12-18T19:40:06.732000Z |
| var-202512-0220 | A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). … | 2025-12-18T19:40:06.720000Z |
| var-202512-1045 | Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The v… | 2025-12-18T19:40:06.183000Z |
| var-202106-1909 | NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstra… | 2025-12-18T00:37:35.903000Z |
| var-202308-2836 | Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time paramete… | 2025-12-18T00:37:33.030000Z |
| var-202308-3470 | Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via … | 2025-12-18T00:36:37.595000Z |