Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-1999-0312
N/A
HP ypbind allows attackers with root privileges t… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.825Z
CVE-1999-0313
N/A
disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/On… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.029Z
CVE-1999-0314
N/A
ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 al… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.863Z
CVE-1999-0315
N/A
Buffer overflow in Solaris fdformat command gives… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.825Z
CVE-1999-0316
N/A
Buffer overflow in Linux splitvt command gives ro… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.899Z
CVE-1999-0320
N/A
SunOS rpc.cmsd allows attackers to obtain root ac… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.888Z
CVE-1999-0321
N/A
Buffer overflow in Solaris kcms_configure command… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.884Z
CVE-1999-0324
N/A
ppl program in HP-UX allows local users to create… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.022Z
CVE-1999-0325
N/A
vhe_u_mnt program in HP-UX allows local users to … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.870Z
CVE-1999-0326
N/A
Vulnerability in HP-UX mediainit program. n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.900Z
CVE-1999-0327
N/A
SGI syserr program allows local users to corrupt files. n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.020Z
CVE-1999-0328
N/A
SGI permissions program allows local users to gai… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.857Z
CVE-1999-0329
N/A
SGI mediad program allows local users to gain roo… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.838Z
CVE-1999-0332
N/A
Buffer overflow in NetMeeting allows denial of se… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.949Z
CVE-1999-0334
N/A
In Solaris 2.2 and 2.3, when fsck fails on startu… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.960Z
CVE-1999-0335
N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage N/A N/A 1999-09-29T04:00:00.000Z 2022-08-17T02:55:29.000Z
CVE-1999-0337
N/A
AIX batch queue (bsh) allows local and remote use… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.945Z
CVE-1999-0338
N/A
AIX Licensed Program Product performance tools al… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.900Z
CVE-1999-0339
N/A
Buffer overflow in the libauth library in Solaris… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.798Z
CVE-1999-0340
N/A
Buffer overflow in Linux Slackware crond program … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.895Z
CVE-1999-0341
N/A
Buffer overflow in the Linux mail program "delive… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.965Z
CVE-1999-0342
N/A
Linux PAM modules allow local users to gain root … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.020Z
CVE-1999-0344
N/A
NT users can gain debug-level access on a system … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.918Z
CVE-1999-0346
N/A
CGI PHP mlog script allows an attacker to read an… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.881Z
CVE-1999-0348
N/A
IIS ASP caching problem releases sensitive inform… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.967Z
CVE-1999-0349
N/A
A buffer overflow in the FTP list (ls) command in… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.021Z
CVE-1999-0350
N/A
Race condition in the db_loader program in ClearC… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.902Z
CVE-1999-0351
N/A
FTP PASV "Pizza Thief" denial of service and unau… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.976Z
CVE-1999-0353
N/A
rpc.pcnfsd in HP gives remote root access by chan… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.019Z
CVE-1999-0355
N/A
Local or remote users can force ControlIT 4.5 to … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.893Z
ID CVSS Description Vendor Product Published Updated
CVE-1999-0511
N/A
IP forwarding is enabled on a machine which is no… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.609Z
CVE-1999-0517
N/A
An SNMP community name is the default (e.g. publi… n/a
 n/a
 2000-02-04T05:00:00.000Z 2025-03-17T15:03:23.650Z
CVE-1999-0518
N/A
A NETBIOS/SMB share password is guessable. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.137Z
CVE-1999-0519
N/A
A NETBIOS/SMB share password is the default, null… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.441Z
CVE-1999-0521
N/A
An NIS domain name is easily guessable. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.511Z
CVE-1999-0525
N/A
IP traceroute is allowed from arbitrary hosts. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.266Z
CVE-1999-0534
N/A
A Windows NT user has inappropriate rights or pri… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.562Z
CVE-1999-0535
N/A
A Windows NT account policy for passwords has ina… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.607Z
CVE-1999-0550
N/A
A router's routing tables can be obtained from ar… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.663Z
CVE-1999-0562
N/A
The registry in Windows NT can be accessed remote… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.690Z
CVE-1999-0572
N/A
.reg files are associated with the Windows NT reg… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.516Z
CVE-1999-0575
N/A
A Windows NT system's user audit policy does not … n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.675Z
CVE-1999-0576
N/A
A Windows NT system's file audit policy does not … n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.649Z
CVE-1999-0582
N/A
A Windows NT account policy has inappropriate, se… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:41:45.690Z
CVE-1999-0626
N/A
A version of rusers is running that exposes valid… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:41:45.689Z
CVE-1999-1120
N/A
netprint in SGI IRIX 6.4 and earlier trusts the P… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:02:53.679Z
CVE-1999-0051
N/A
Arbitrary file creation and program execution usi… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.441Z
CVE-1999-1249
N/A
movemail in HP-UX 10.20 has insecure permissions,… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:02:53.951Z
CVE-1999-1145
N/A
Vulnerability in Glance programs in GlancePlus fo… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:02:53.744Z
CVE-1999-1311
N/A
Vulnerability in dtlogin and dtsession in HP-UX 1… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:02.967Z
CVE-1999-0049
N/A
Csetup under IRIX allows arbitrary file creation … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:56.698Z
CVE-1999-1088
N/A
Vulnerability in chsh command in HP-UX 9.X throug… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:02:53.594Z
CVE-1999-0081
N/A
wu-ftp allows files to be overwritten via the rnf… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.447Z
CVE-1999-0048
N/A
Talkd, when given corrupt DNS information, can be… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.128Z
CVE-1999-0966
N/A
Buffer overflow in Solaris getopt in libc allows … n/a
 n/a
 2000-03-22T05:00:00.000Z 2024-08-01T16:55:29.315Z
CVE-1999-0047
N/A
MIME conversion buffer overflow in sendmail versi… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.134Z
CVE-1999-1144
N/A
Certain files in MPower in HP-UX 10.x are install… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:02:53.751Z
CVE-1999-0174
N/A
The view-source CGI program allows remote attacke… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.740Z
CVE-1999-0309
N/A
HP-UX vgdisplay program gives root access to loca… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.856Z
CVE-1999-0369
N/A
The Sun sdtcm_convert calendar utility for OpenWi… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.102Z
ID Description Published Updated
ID Severity Description Published Updated
ghsa-3f5c-4qxj-vmpf
7.5 (3.1)
Next.js Directory Traversal Vulnerability 2017-12-05T02:04:14Z 2024-04-22T19:49:35Z
ghsa-2w67-526p-gm73
9.8 (3.1)
redis-store deserializes untrusted data 2017-12-06T16:41:25Z 2023-03-14T21:11:23Z
ghsa-x27v-x225-gq8g
9.8 (3.1)
Recurly gem Server-Side Request Forgery in Resource#find method 2017-12-06T16:43:00Z 2023-08-29T15:38:45Z
ghsa-8c56-cpmw-89x7
7.5 (3.1)
Out-of-bounds read in nokogiri 2017-12-13T21:38:24Z 2021-06-30T18:05:23Z
ghsa-vx5c-87qx-cv6c
9.8 (3.1)
Arbitrary Code Execution in mathjs 2017-12-18T22:27:45Z 2021-06-10T20:06:12Z
ghsa-pv8x-p9hq-j328
9.8 (3.1)
Arbitrary Code Execution in mathjs 2017-12-18T22:27:53Z 2023-09-12T18:41:33Z
ghsa-3rpr-mg43-xhq4
7.5 (3.1)
auth0-js Privilege Escalation Vulnerability 2017-12-21T00:47:20Z 2023-09-13T22:14:09Z
ghsa-gj4p-3wh3-2rmf
7.5 (3.1)
Arbitrary file read vulnerability in yard server 2017-12-21T00:47:25Z 2023-07-05T17:53:08Z
ghsa-7fpw-cfc4-3p2c
8.1 (3.1)
Duplicate advisory: High severity vulnerability that affects passport-wsfed-saml2 2017-12-28T22:51:45Z 2023-06-21T22:00:08Z
ghsa-h9mj-fghc-664w
6.5 (3.1)
Denial of Service in mqtt 2017-12-28T22:51:58Z 2021-09-14T17:16:40Z
ghsa-pm9p-9926-w68m
7.5 (3.1)
Denial of Service in ecstatic 2017-12-28T22:52:47Z 2021-09-16T18:15:09Z
ghsa-8jjf-w7j6-323c
7.5 (3.1)
Samlify vulnerable to Authentication Bypass by allowing tokens to be reused with different usernames 2018-01-04T21:03:33Z 2023-08-18T21:00:53Z
ghsa-crmx-v835-hcp4
Moderate severity vulnerability that affects marked 2018-01-04T21:04:09Z 2021-12-02T22:47:59Z
ghsa-7px7-7xjx-hxm8
6.1 (3.1)
Marked vulnerable to XSS from data URIs 2018-01-04T21:04:19Z 2023-09-07T22:53:21Z
ghsa-m7p8-9w66-9frm
5.9 (3.1)
net-ldap Improper Certificate Validation vulnerability 2018-01-06T01:11:34Z 2023-01-23T21:24:13Z
ghsa-mvw8-v767-qhjm
5.4 (3.1)
Radiant CMS vulnerable to Cross-site Scripting 2018-01-06T01:11:52Z 2023-01-26T21:19:48Z
ghsa-5jcf-c5rg-rmm8
9.8 (3.1)
paperclip Server-Side Request Forgery vulnerability 2018-01-22T13:31:34Z 2023-01-26T20:24:38Z
ghsa-rmxg-73gg-4p98
6.1 (3.1)
Cross-Site Scripting (XSS) in jquery 2018-01-22T13:32:06Z 2021-09-17T18:58:18Z
ghsa-mhpp-875w-9cpv
7.5 (3.1)
Denial of Service in jquery 2018-01-22T13:32:42Z 2025-09-02T22:35:01Z
ghsa-6x45-86q6-rcmr
5.5 (3.1)
Gyazo allows local users to write arbitrary files 2018-01-22T23:17:39Z 2023-07-31T20:50:46Z
ghsa-rhgq-vv9x-j4p5
7.8 (3.1)
lawn-login exposes database password to unauthorized users 2018-01-22T23:45:33Z 2023-07-31T20:48:53Z
ghsa-w222-53c6-c86p
8.8 (3.1)
Remote Code Execution in electron 2018-01-23T03:57:44Z 2021-06-10T19:55:43Z
ghsa-94cq-7ccq-cmcm
7.8 (3.1)
lynx doesn't properly sanitize user input and exposes database password to unauthorized users 2018-01-24T17:10:45Z 2023-01-23T20:52:59Z
ghsa-m34x-wgrh-g897
7.5 (3.1)
Directory traversal vulnerability in Next.js 2018-01-24T19:38:52Z 2022-04-28T20:13:30Z
ghsa-9pr6-grf4-x2fr
7.5 (3.1)
Omniauth allows POST parameters to be stored in session 2018-01-29T15:45:28Z 2022-04-25T22:27:19Z
ghsa-832h-xg76-4gv6
7.5 (3.1)
ReDoS in brace-expansion 2018-01-29T15:50:46Z 2021-09-03T22:10:24Z
ghsa-h29f-7f56-j8wh
5.3 (3.1)
Sinatra Path Traversal vulnerability 2018-02-20T19:23:20Z 2023-01-23T21:16:39Z
ghsa-wfwm-chj7-w59r
5.5 (3.1)
Ox gem stack overflow in sax_parse 2018-03-05T18:29:32Z 2023-08-29T14:59:54Z
ghsa-446m-mv8f-q348
7.5 (3.1)
Regular Expression Denial of Service in moment 2018-03-05T18:35:09Z 2021-08-31T21:44:15Z
ghsa-6x77-rpqf-j6mw
7.5 (3.1)
ejs vulnerable to DoS due to weak input validation 2018-03-05T18:54:33Z 2023-09-08T21:00:26Z
ID Severity Description Package Published Updated
pysec-2014-84
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, wh… logilab-common 2014-03-11T19:37:00Z 2021-08-27T03:22:06.108554Z
pysec-2014-113
The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly p… nova 2014-03-25T16:55:00Z 2024-11-25T18:35:18.357593Z
pysec-2014-105
The memcache token backend in OpenStack Identity (Keystone) 2013.1 through 2.013.1.4, 201… keystone 2014-04-01T06:35:00Z 2024-11-25T18:35:18.357593Z
pysec-2014-96
Cross-site scripting (XSS) vulnerability in Roundup before 1.4.20 allows remote attackers… roundup 2014-04-10T20:29:00Z 2021-08-27T03:22:19.707650Z
pysec-2014-15
Cross-site scripting (XSS) vulnerability in the history display in Roundup before 1.4.20 … roundup 2014-04-11T15:55:00Z 2021-07-05T00:01:25.790750Z
pysec-2014-16
Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.20 allows… roundup 2014-04-11T15:55:00Z 2021-07-05T00:01:25.823373Z
pysec-2014-106
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before ic… keystone 2014-04-15T14:55:00Z 2024-11-25T18:35:18.357593Z
pysec-2014-70
The auth_token middleware in the OpenStack Python client library for Keystone (aka python… python-keystoneclient 2014-04-15T14:55:00Z 2021-07-25T23:34:52.050807Z
pysec-2014-22
The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePl… pillow 2014-04-17T14:55:00Z 2021-07-15T02:22:16.928376Z
pysec-2014-23
The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL… pillow 2014-04-17T14:55:00Z 2021-07-15T02:22:17.008543Z
pysec-2014-1
The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6… django 2014-04-23T15:55:00Z 2021-07-05T00:01:18.476528Z
pysec-2014-2
The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, an… django 2014-04-23T15:55:00Z 2021-07-05T00:01:18.594368Z
pysec-2014-3
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field clas… django 2014-04-23T15:55:00Z 2021-07-05T00:01:18.748183Z
pysec-2014-87
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers … pillow 2014-04-27T20:55:00Z 2021-08-27T03:22:10.225452Z
pysec-2014-98
Cross-site scripting (XSS) vulnerability in plugins/main/content/js/ajenti.coffee in Euge… ajenti 2014-04-30T23:58:00Z 2021-12-13T06:35:03.047936Z
pysec-2014-72
Transifex command-line client before 0.10 does not validate X.509 certificates for data t… transifex-client 2014-05-02T01:59:00Z 2021-07-25T23:34:56.578427Z
pysec-2014-65
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to ob… plone 2014-05-02T14:55:00Z 2021-07-25T23:34:47.572941Z
pysec-2014-66
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators … plone 2014-05-02T14:55:00Z 2021-07-25T23:34:47.632910Z
pysec-2014-67
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to ob… products-cmfplone 2014-05-02T14:55:00Z 2021-07-25T23:34:50.035277Z
pysec-2014-68
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators … products-cmfplone 2014-05-02T14:55:00Z 2021-07-25T23:34:50.085881Z
pysec-2014-93
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which a… pywbem 2014-05-05T17:06:00Z 2021-08-27T03:22:18.674694Z
pysec-2014-94
PyWBEM 0.7 and earlier does not verify that the server hostname matches a domain name in … pywbem 2014-05-05T17:06:00Z 2021-08-27T03:22:18.708966Z
pysec-2014-112
The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse … nova 2014-05-08T14:29:00Z 2024-11-25T18:35:18.357593Z
pysec-2014-9
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 all… lxml 2014-05-14T19:55:00Z 2021-07-05T00:01:22.415943Z
pysec-2014-19
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does n… django 2014-05-16T15:55:00Z 2021-09-01T08:18:55.376993Z
pysec-2014-20
The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, … django 2014-05-16T15:55:00Z 2021-09-01T08:18:55.675902Z
pysec-2014-8
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does… jinja2 2014-05-19T14:55:00Z 2021-07-05T00:01:22.043149Z
pysec-2014-82
FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, w… jinja2 2014-05-19T14:55:00Z 2021-08-27T03:22:05.027573Z
pysec-2014-85
The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, w… oauth2 2014-05-20T14:55:00Z 2021-08-27T03:22:09.637359Z
pysec-2014-86
The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo … oauth2 2014-05-20T14:55:00Z 2021-08-27T03:22:09.666793Z
ID Description Updated
ID Description Published Updated
mal-2022-367 Malicious code in @iwcp/nebula-ui (npm) 2022-05-31T13:38:50Z 2022-05-31T13:38:51Z
mal-2022-3280 Malicious code in gatsby-plugin-conecad (npm) 2022-05-31T13:41:09Z 2022-05-31T13:41:09Z
mal-2022-6360 Malicious code in support-colors (npm) 2022-06-01T09:02:23Z 2022-06-01T09:02:29Z
mal-2022-6388 Malicious code in sync-colors (npm) 2022-06-01T09:02:23Z 2022-06-01T09:02:24Z
mal-2022-6587 Malicious code in titles (npm) 2022-06-01T09:02:23Z 2022-06-01T09:02:29Z
mal-2022-2018 Malicious code in colors-support (npm) 2022-06-01T09:02:24Z 2022-06-01T09:02:25Z
mal-2022-3549 Malicious code in hach-package-manager-bounty-hunter (npm) 2022-06-01T09:02:55Z 2022-06-01T09:02:56Z
mal-2022-5389 Malicious code in pocjenkircetest (npm) 2022-06-01T09:07:44Z 2022-06-01T09:07:45Z
mal-2022-94 Malicious code in @azure-test2/test2 (npm) 2022-06-01T09:08:19Z 2022-06-01T09:08:20Z
mal-2022-2429 Malicious code in depedence-confusion (npm) 2022-06-01T09:10:16Z 2022-06-01T09:10:16Z
mal-2022-4205 Malicious code in kntl-digital3 (npm) 2022-06-01T09:11:57Z 2022-06-01T09:11:57Z
mal-2022-72 Malicious code in @amcdc/backend-api-swagger (npm) 2022-06-01T09:12:30Z 2022-06-01T09:12:38Z
mal-2022-569 Malicious code in @s3p-js-deep-purple/utils (npm) 2022-06-01T09:14:30Z 2022-06-01T09:14:30Z
mal-2022-5678 Malicious code in react-transition-group-community-version (npm) 2022-06-01T09:15:36Z 2022-06-01T09:15:37Z
mal-2022-705 Malicious code in @visiology-public-utilities/language-utils (npm) 2022-06-01T09:16:27Z 2022-06-01T09:16:27Z
mal-2022-644 Malicious code in @tilliwilli/npm-lifecycles (npm) 2022-06-01T09:17:16Z 2022-06-01T09:17:17Z
mal-2022-352 Malicious code in @image-process-library/blob-to-base64 (npm) 2022-06-01T09:19:16Z 2022-06-01T09:19:16Z
mal-2022-2441 Malicious code in dependencyconfusioncve (npm) 2022-06-01T09:21:16Z 2022-06-01T09:21:17Z
mal-2022-2442 Malicious code in dependencyconfusioncve2 (npm) 2022-06-01T09:21:16Z 2022-06-01T09:21:16Z
mal-2022-59 Malicious code in @adam_baldwin/sample_4 (npm) 2022-06-01T09:24:03Z 2022-06-01T09:24:03Z
mal-2022-3917 Malicious code in inv-cyber (npm) 2022-06-01T09:25:12Z 2022-06-01T09:25:12Z
mal-2022-3918 Malicious code in inv-cyber-core (npm) 2022-06-01T09:25:12Z 2022-06-01T09:25:12Z
mal-2022-60 Malicious code in @adam_baldwin/tag-tmp (npm) 2022-06-01T09:25:44Z 2022-06-01T09:25:45Z
mal-2022-1660 Malicious code in bounty-plz (npm) 2022-06-01T09:26:02Z 2022-06-01T09:26:03Z
mal-2022-3297 Malicious code in gc-gsl-editor (npm) 2022-06-01T09:26:52Z 2022-06-01T09:26:53Z
mal-2022-3300 Malicious code in gctor-storage (npm) 2022-06-01T09:26:52Z 2022-06-01T09:26:58Z
mal-2022-5068 Malicious code in omniprotocol (npm) 2022-06-01T09:26:52Z 2022-06-01T09:26:52Z
mal-2022-58 Malicious code in @adam_baldwin/pingback (npm) 2022-06-01T09:27:08Z 2022-06-01T09:27:08Z
mal-2022-1362 Malicious code in azure-pipelines-dependency-track (npm) 2022-06-01T09:27:58Z 2022-06-01T09:27:58Z
mal-2022-3476 Malicious code in grunt-import-html (npm) 2022-06-01T09:27:58Z 2022-06-01T09:28:03Z
ID Description Published Updated
ID Description Published Updated
wid-sec-w-2023-1648 cURL: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes 2017-06-15T22:00:00.000+00:00 2023-07-04T22:00:00.000+00:00
wid-sec-w-2023-2719 PHP: Mehrere Schwachstellen 2017-06-18T22:00:00.000+00:00 2025-04-16T22:00:00.000+00:00
wid-sec-w-2022-2037 expat: Schwachstelle ermöglicht Denial of Service 2017-06-26T22:00:00.000+00:00 2023-06-05T22:00:00.000+00:00
wid-sec-w-2023-0999 Cisco IOS: Mehrere Schwachstellen 2017-06-29T22:00:00.000+00:00 2023-04-18T22:00:00.000+00:00
wid-sec-w-2025-1191 Internet Systems Consortium BIND: Mehrere Schwachstellen 2017-06-29T22:00:00.000+00:00 2025-05-29T22:00:00.000+00:00
wid-sec-w-2024-0960 Red Hat Enterprise Virtualization (Ansible): Schwachstelle ermöglicht Umgehung von Sicherheitsrichtlinien 2017-07-06T22:00:00.000+00:00 2024-05-06T22:00:00.000+00:00
wid-sec-w-2023-2718 PHP: Mehrere Schwachstellen 2017-07-09T22:00:00.000+00:00 2023-12-04T23:00:00.000+00:00
wid-sec-w-2024-2021 QEMU: Schwachstelle ermöglicht Denial of Service 2017-07-09T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2023-2157 ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service 2017-07-10T22:00:00.000+00:00 2024-03-19T23:00:00.000+00:00
wid-sec-w-2023-3200 poppler: Mehrere Schwachstellen 2017-07-10T22:00:00.000+00:00 2023-12-21T23:00:00.000+00:00
wid-sec-w-2024-2020 QEMU: Schwachstelle ermöglicht Denial of Service 2017-07-16T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2024-2019 QEMU: Schwachstelle ermöglicht Denial of Service 2017-07-17T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2022-2355 International Components for Unicode (icu): Mehrere Schwachstellen 2017-07-18T22:00:00.000+00:00 2025-10-26T23:00:00.000+00:00
wid-sec-w-2025-1210 Oracle Java SE: Mehrere Schwachstellen 2017-07-18T22:00:00.000+00:00 2025-06-02T22:00:00.000+00:00
wid-sec-w-2023-2264 docker: Schwachstelle ermöglicht Denial of Service 2017-07-26T22:00:00.000+00:00 2023-09-04T22:00:00.000+00:00
wid-sec-w-2023-3162 IBM InfoSphere Information Server: Mehrere Schwachstellen 2017-08-01T22:00:00.000+00:00 2023-12-17T23:00:00.000+00:00
wid-sec-w-2024-0172 ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service 2017-08-06T22:00:00.000+00:00 2024-08-22T22:00:00.000+00:00
wid-sec-w-2025-0597 SAP: Mehrere Schwachstellen 2017-08-07T22:00:00.000+00:00 2025-03-19T23:00:00.000+00:00
wid-sec-w-2023-1647 cURL: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen 2017-08-08T22:00:00.000+00:00 2023-07-04T22:00:00.000+00:00
wid-sec-w-2025-1211 Mozilla Firefox: Mehrere Schwachstellen 2017-08-08T22:00:00.000+00:00 2025-06-02T22:00:00.000+00:00
wid-sec-w-2025-0269 Linux Kernel: Mehrere Schwachstellen 2017-08-10T22:00:00.000+00:00 2025-02-04T23:00:00.000+00:00
wid-sec-w-2024-2018 QEMU: Schwachstelle ermöglicht Denial of Service 2017-08-21T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2024-0171 ImageMagick: Mehrere Schwachstellen 2017-08-22T22:00:00.000+00:00 2024-03-19T23:00:00.000+00:00
wid-sec-w-2022-0308 Linux Kernel: Mehrere Schwachstellen 2017-08-27T22:00:00.000+00:00 2025-06-02T22:00:00.000+00:00
wid-sec-w-2024-0207 OpenSSL: Schwachstelle ermöglicht Offenlegung von Informationen 2017-08-29T22:00:00.000+00:00 2025-10-20T22:00:00.000+00:00
wid-sec-w-2024-0284 JasPer: Mehrere Schwachstelle ermöglicht Denial of Service 2017-08-29T22:00:00.000+00:00 2024-02-04T23:00:00.000+00:00
wid-sec-w-2024-2017 QEMU: Schwachstelle ermöglicht Denial of Service 2017-08-29T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2024-2016 QEMU: Mehrere Schwachstellen ermöglichen Denial of Service 2017-08-30T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2025-0116 Linux Kernel: Schwachstelle ermöglicht Denial of Service 2017-08-30T22:00:00.000+00:00 2025-01-19T23:00:00.000+00:00
wid-sec-w-2024-3165 OpenLDAP: Schwachstelle ermöglicht Denial of Service 2017-09-05T22:00:00.000+00:00 2024-10-14T22:00:00.000+00:00
ID Description Published Updated
icsa-13-079-03 Siemens WinCC TIA Portal Vulnerabilities 2013-12-22T07:00:00.000000Z 2025-06-06T15:58:50.552597Z
icsa-13-084-01 Siemens CP 1604 and CP 1616 Improper Access Control 2013-12-27T07:00:00.000000Z 2025-06-06T22:53:49.627883Z
icsa-14-091-01 Ecava IntegraXor Guest Account Information Disclosure Vulnerability 2014-01-02T07:00:00.000000Z 2025-06-09T19:47:25.741463Z
icsa-14-093-01 Schneider Electric OPC Factory Server Buffer Overflow 2014-01-04T07:00:00.000000Z 2025-06-09T19:47:31.991088Z
icsa-14-098-01 OSIsoft PI Interface for DNP3 Improper Input Validation 2014-01-09T07:00:00.000000Z 2025-06-09T19:47:38.220384Z
icsa-14-098-02 WellinTech KingSCADA Stack-Based Buffer Overflow 2014-01-09T07:00:00.000000Z 2025-06-09T19:47:50.675225Z
icsa-14-098-03 Siemens Ruggedcom WIN Products BEAST Attack Vulnerability 2014-01-09T07:00:00.000000Z 2025-06-09T19:47:56.923899Z
icsa-14-100-01 IOServer Out of Bounds Read Vulnerability 2014-01-11T07:00:00.000000Z 2025-06-09T19:48:03.239416Z
icsa-14-105-01 Progea Movicon SCADA Information Disclosure Vulnerability 2014-01-16T07:00:00.000000Z 2025-06-12T18:44:24.886887Z
icsa-14-105-02a Innominate mGuard OpenSSL HeartBleed Vulnerability 2014-01-16T07:00:00.000000Z 2025-06-06T22:55:58.996445Z
icsa-14-105-03b Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B) 2014-01-16T07:00:00.000000Z 2025-06-09T19:48:09.507058Z
icsa-14-107-01 Siemens SINEMA Vulnerabilities 2014-01-18T07:00:00.000000Z 2025-06-06T18:44:58.592001Z
icsa-14-107-02 InduSoft Web Studio Directory Traversal Vulnerability 2014-01-18T07:00:00.000000Z 2025-06-06T18:45:17.946852Z
icsa-14-114-01 Certec atvise scada OpenSSL Heartbleed Vulnerability 2014-01-25T07:00:00.000000Z 2025-06-06T18:45:24.365433Z
icsa-14-114-02 Siemens SIMATIC S7-1200 CPU Web Vulnerabilities 2014-01-25T07:00:00.000000Z 2025-06-06T18:45:30.985803Z
icsa-14-121-01 AMTELCO miSecure Vulnerabilities 2014-02-01T07:00:00.000000Z 2025-06-09T19:48:15.910849Z
icsa-14-126-01a ABB Relion 650 Series OpenSSL Vulnerability (Update A) 2014-02-06T07:00:00.000000Z 2025-06-09T19:48:28.398218Z
icsa-14-128-01 Digi International OpenSSL Vulnerability 2014-02-08T07:00:00.000000Z 2025-06-09T19:48:34.797683Z
icsa-14-133-01 Yokogawa Multiple Products Vulnerabilities 2014-02-13T07:00:00.000000Z 2025-06-09T19:48:41.450208Z
icsa-14-133-02 Emerson DeltaV Vulnerabilities 2014-02-13T07:00:00.000000Z 2025-06-09T19:49:06.355363Z
icsa-14-135-01 CSWorks Software SQL Injection Vulnerability 2014-02-15T07:00:00.000000Z 2025-06-09T19:49:19.141034Z
icsa-14-135-02 Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability 2014-02-15T07:00:00.000000Z 2025-06-09T19:49:25.382123Z
icsa-14-135-03a Siemens RuggedCom ROX-based Devices Certificate Verification Vulnerability (Update A) 2014-02-15T07:00:00.000000Z 2025-06-09T19:49:31.780137Z
icsa-14-135-04 Unified Automation OPC SDK OpenSSL Vulnerability 2014-02-15T07:00:00.000000Z 2025-06-09T19:49:38.008876Z
icsa-14-135-05 OpenSSL Vulnerability 2014-02-15T07:00:00.000000Z 2025-06-09T19:49:44.423856Z
icsa-14-149-01 Triangle MicroWorks Uncontrolled Resource Consumption 2014-03-01T07:00:00.000000Z 2025-06-09T19:49:50.848677Z
icsa-14-149-02 Cogent DataHub Vulnerabilities 2014-03-01T07:00:00.000000Z 2025-06-09T19:50:03.330208Z
icsa-14-154-01 COPA-DATA Improper Input Validation 2014-03-06T07:00:00.000000Z 2025-06-09T19:50:22.034930Z
icsa-14-175-01 Honeywell FALCON XLWeb Controllers Vulnerabilities 2014-03-27T06:00:00.000000Z 2025-06-09T19:50:34.818730Z
icsa-14-189-01 Yokogawa Centum Buffer Overflow Vulnerability 2014-04-10T06:00:00.000000Z 2025-06-09T19:50:47.578955Z
ID Description Published Updated
cisco-sa-20180516-dna Cisco Digital Network Architecture Center Unauthorized Access Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-dna2 Cisco Digital Network Architecture Center Authentication Bypass Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-dnac Cisco Digital Network Architecture Center Static Credentials Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-firepwr-pb Cisco Firepower Threat Defense Software Policy Bypass Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-fnd Cisco IoT Field Network Director Cross-Site Request Forgery Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-ident-se-xss Cisco Identity Services Engine Cross-Site Scripting Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-ip-phone-dos Cisco IP Phone 7800 Series and 8800 Series and Cisco Wireless IP Phone 8821 Denial of Service Vulnerability 2018-05-16T16:00:00+00:00 2018-08-16T14:14:00+00:00
cisco-sa-20180516-ise-xss Cisco Identity Services Engine Logs Cross-Site Scripting Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-iseeap Cisco Identity Services Engine EAP TLS Certificate Denial of Service Vulnerability 2018-05-16T16:00:00+00:00 2018-09-24T21:17:00+00:00
cisco-sa-20180516-msms Cisco Meeting Server Media Services Denial of Service Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-nfvis Cisco Enterprise NFV Infrastructure Software Linux Shell Access Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-nfvis-cli-command-injection Cisco Enterprise NFV Infrastructure Software CLI Command Injection Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T17:46:00+00:00
cisco-sa-20180516-nfvis-path-traversal Cisco Enterprise NFV Infrastructure Software Web Management Interface Path Traversal Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T18:05:00+00:00
cisco-sa-20180516-socmin-dos Cisco SocialMiner Notification System Denial of Service Vulnerability 2018-05-16T16:00:00+00:00 2018-05-16T16:00:00+00:00
cisco-sa-20180516-telepres-xfs Cisco TelePresence IX5000 Series and TelePresence TX9000 Series Cross-Frame Scripting Vulnerability 2018-05-16T16:00:00+00:00 2018-08-24T13:57:00+00:00
cisco-sa-20180521-cpusidechannel CPU Side-Channel Information Disclosure Vulnerabilities: May 2018 2018-05-22T01:00:00+00:00 2018-08-31T20:24:00+00:00
cisco-sa-20180606-aaa Cisco IOS XE Software Authentication, Authorization, and Accounting Login Authentication Remote Code Execution Vulnerability 2018-06-06T16:00:00+00:00 2018-06-08T13:55:00+00:00
cisco-sa-20180606-anyconnect-cert-bypass Cisco AnyConnect Secure Mobility Client Certificate Bypass Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-asaftd Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability 2018-06-06T16:00:00+00:00 2019-09-24T17:49:53+00:00
cisco-sa-20180606-cms-id Cisco Meeting Server Information Disclosure Vulnerability 2018-06-06T16:00:00+00:00 2018-06-11T20:52:00+00:00
cisco-sa-20180606-cpcp-id Cisco Prime Collaboration Provisioning Cleartext Passwords Written to World-Readable File Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-cuc-xss Cisco Unity Connection Cross-Site Scripting Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-cucm-xfs Cisco Unified Communications Manager Cross-Frame Scripting Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-diskdos Multiple Cisco Products Disk Utilization Denial of Service Vulnerability 2018-06-06T16:00:00+00:00 2018-07-02T14:32:00+00:00
cisco-sa-20180606-firesight-vpn-bypass Cisco FireSIGHT System VPN Policy Bypass Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-ip-phone-dos Cisco Unified IP Phone Software Denial of Service Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T18:02:00+00:00
cisco-sa-20180606-ise-xss Cisco Identity Services Engine Cross-Site Scripting Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-multiplatform-sip Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-nso Cisco Network Services Orchestrator Arbitrary Command Execution Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-prime-access Cisco Prime Collaboration Provisioning Access Control Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
ID Description Published Updated
msrc_cve-2017-12613 When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input. 2017-10-02T00:00:00.000Z 2025-10-01T23:10:55.000Z
msrc_cve-2017-15042 An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was documented to do so. In 2013, upstream issue #5184, this was changed so that the server may decide whether PLAIN is acceptable. The result is that if you set up a man-in-the-middle SMTP server that doesn't advertise STARTTLS and does advertise that PLAIN auth is OK, the smtp.PlainAuth implementation sends the username and password. 2017-10-02T00:00:00.000Z 2026-02-18T14:49:38.000Z
msrc_cve-2017-15370 There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. 2017-10-02T00:00:00.000Z 2024-09-11T00:00:00.000Z
msrc_cve-2017-15371 There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. 2017-10-02T00:00:00.000Z 2024-09-11T00:00:00.000Z
msrc_cve-2017-1000232 A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors. 2017-11-02T00:00:00.000Z 2022-08-04T00:00:00.000Z
msrc_cve-2017-14176 Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands 2017-11-02T00:00:00.000Z 2025-10-01T23:10:55.000Z
msrc_cve-2017-14992 Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0 1.10.3 17.03.0 17.03.1 17.03.2 17.06.0 17.06.1 17.06.2 17.09.0 and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload aka gzip bombing. 2017-11-02T00:00:00.000Z 2021-07-16T00:00:00.000Z
msrc_cve-2017-15275 Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. 2017-11-02T00:00:00.000Z 2024-10-15T00:00:00.000Z
msrc_cve-2017-16754 Bolt before 3.3.6 does not properly restrict access to _profiler routes 2017-11-02T00:00:00.000Z 2025-10-01T23:10:55.000Z
msrc_cve-2017-16844 Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size a different vulnerability than CVE-2014-3618. 2017-11-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2017-11697 The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file. 2017-12-02T00:00:00.000Z 2026-02-18T14:50:03.000Z
msrc_cve-2017-17522 Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting 2017-12-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2012-6708 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions jQuery only deems the input to be HTML if it explicitly starts with the '<' character limiting exploitability only to attackers who can control the beginning of a string which is far less common. 2018-01-02T00:00:00.000Z 2026-02-18T03:07:24.000Z
msrc_cve-2015-9251 jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option causing text/javascript responses to be executed. 2018-01-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2017-17969 Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive. 2018-01-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2018-5996 Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive. 2018-01-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2004-2779 id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS). 2018-02-02T00:00:00.000Z 2025-03-14T00:00:00.000Z
msrc_cve-2014-5282 Docker before 1.3 does not properly validate image IDs which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'. 2018-02-02T00:00:00.000Z 2021-07-16T00:00:00.000Z
msrc_cve-2018-1000026 Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM.. 2018-02-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2018-1000035 A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution. 2018-02-02T00:00:00.000Z 2026-02-20T22:52:19.000Z
msrc_cve-2018-6951 An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault associated with a NULL pointer dereference leading to a denial of service in the intuit_diff_type function in pch.c aka a "mangled rename" issue. 2018-02-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2018-6952 A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. 2018-02-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2018-7263 The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service 2018-02-02T00:00:00.000Z 2025-03-14T00:00:00.000Z
msrc_cve-2017-18207 The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions. 2018-03-02T00:00:00.000Z 2025-05-27T00:00:00.000Z
msrc_cve-2017-18214 The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string a different vulnerability than CVE-2016-4055. 2018-03-02T00:00:00.000Z 2026-02-18T14:22:17.000Z
msrc_cve-2018-1000097 Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack appear to be exploitable via Victim have to run unshar command on a specially crafted file.. 2018-03-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2018-1000110 An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users. 2018-03-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2018-1050 All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash. 2018-03-02T00:00:00.000Z 2022-01-19T00:00:00.000Z
msrc_cve-2018-1057 On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords including administrative users and privileged service accounts (eg Domain Controllers). 2018-03-02T00:00:00.000Z 2022-01-19T00:00:00.000Z
msrc_cve-2018-9057 aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform Amazon Web Services (AWS) provider through v1.12.0 has an inappropriate PRNG algorithm and seeding which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password. 2018-03-02T00:00:00.000Z 2022-04-02T00:00:00.000Z
ID Description Published Updated
ncsc-2024-0427 Kwetsbaarheden verholpen in Google Chrome 2024-10-30T11:36:05.615865Z 2024-10-30T11:36:05.615865Z
ncsc-2024-0428 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2024-10-30T11:39:26.910666Z 2024-10-30T11:39:26.910666Z
ncsc-2024-0429 Kwetsbaarheden verholpen in Google Android en Samsung Mobile 2024-11-05T14:09:27.373651Z 2024-11-05T14:09:27.373651Z
ncsc-2024-0430 Kwetsbaarheid verholpen in Cisco Catalyst Access points 2024-11-07T08:47:41.650502Z 2024-11-07T08:47:41.650502Z
ncsc-2024-0431 Kwetsbaarheden verholpen in Aruba Networks ArubaOS 2024-11-07T08:51:16.689034Z 2024-11-07T08:51:16.689034Z
ncsc-2024-0432 Kwetsbaarheden verholpen in Cisco Identity Services Engine 2024-11-07T08:55:49.899244Z 2024-11-07T08:55:49.899244Z
ncsc-2024-0433 Kwetsbaarheden verholpen in Siemens producten 2024-11-12T14:19:20.051128Z 2024-11-12T14:19:20.051128Z
ncsc-2024-0434 Kwetsbaarheden verholpen in Microsoft Windows 2024-11-12T18:53:07.914094Z 2024-11-12T18:53:07.914094Z
ncsc-2024-0435 Kwetsbaarheden verholpen in Microsoft Developer Tools 2024-11-12T18:54:00.107773Z 2024-11-12T18:54:00.107773Z
ncsc-2024-0436 Kwetsbaarheden verholpen in Microsoft Azure 2024-11-12T18:54:41.456199Z 2024-11-12T18:54:41.456199Z
ncsc-2024-0437 Kwetsbaarheden verholpen in Microsoft SQL Server 2024-11-12T18:55:39.363057Z 2024-11-12T18:55:39.363057Z
ncsc-2024-0438 Kwetsbaarheid verholpen in Microsoft Exchange Server 2024-11-12T18:56:25.729148Z 2024-11-12T18:56:25.729148Z
ncsc-2024-0439 Kwetsbaarheden verholpen in Microsoft Office 2024-11-12T18:57:09.604321Z 2024-11-12T18:57:09.604321Z
ncsc-2024-0440 Kwetsbaarheden verholpen in Citrix Session Recording 2024-11-13T08:51:17.257998Z 2024-11-13T08:51:17.257998Z
ncsc-2024-0441 Kwetsbaarheden verholpen in Ivanti Endpoint Manager 2024-11-13T10:42:35.387490Z 2024-11-13T10:42:35.387490Z
ncsc-2024-0442 Kwetsbaarheden verholpen in Ivanti Connect Secure en Policy Secure 2024-11-13T12:38:13.252957Z 2024-11-13T12:38:13.252957Z
ncsc-2024-0443 Kwetsbaarheden verholpen in Citrix NetScaler ADC en NetScaler Gateway 2024-11-13T15:10:45.265209Z 2024-11-13T15:10:45.265209Z
ncsc-2024-0444 Kwetsbaarheden verholpen in Palo Alto PAN-OS 2024-11-14T12:38:50.941039Z 2024-11-14T12:38:50.941039Z
ncsc-2024-0445 Kwetsbaarheden verholpen in Fortinet FortiClient 2024-11-14T12:42:00.899040Z 2024-11-14T12:42:00.899040Z
ncsc-2024-0446 Kwetsbaarheid verholpen in Schneider Electric Ecostruxture 2024-11-14T12:46:16.737874Z 2024-11-14T12:46:16.737874Z
ncsc-2024-0447 Kwetsbaarheden verholpen in GitLab CE/EE 2024-11-15T12:29:35.775993Z 2024-11-15T12:29:35.775993Z
ncsc-2024-0448 Kwetsbaarheden verholpen in Adobe Illustrator 2024-11-18T11:08:38.687476Z 2024-11-18T11:08:38.687476Z
ncsc-2024-0449 Kwetsbaarheden verholpen in Adobe InDesign 2024-11-18T11:14:49.456205Z 2024-11-18T11:14:49.456205Z
ncsc-2024-0450 Kwetsbaarheid verholpen in Adobe Photoshop 2024-11-18T11:18:22.537372Z 2024-11-18T11:18:22.537372Z
ncsc-2024-0451 Kwetsbaarheden verholpen in Palo Alto PAN-OS 2024-11-18T16:00:29.206286Z 2024-11-20T08:41:37.309906Z
ncsc-2024-0452 Kwetsbaarheden verholpen in Siemens Tecnomatix Plant Simulation 2024-11-19T08:19:24.590425Z 2024-11-19T08:19:24.590425Z
ncsc-2024-0453 Kwetsbaarheid verholpen in Oracle Agile PLM Framework 2024-11-19T09:41:05.945149Z 2024-11-19T09:41:05.945149Z
ncsc-2024-0454 Kwetsbaarheid verholpen in GitHub CLI 2024-11-19T15:03:48.421618Z 2024-11-19T15:03:48.421618Z
ncsc-2024-0455 Kwetsbaarheid verholpen in Trend Micro Deep Security 2024-11-20T09:04:14.183257Z 2024-11-20T09:04:14.183257Z
ncsc-2024-0456 Kwetsbaarheden verholpen in Apple macOS en Safari 2024-11-20T10:00:42.593160Z 2024-11-20T10:00:42.593160Z
ID Description Published Updated
ID Description Published Updated
opensuse-su-2019:0095-1 Security update for singularity 2019-01-29T08:15:08Z 2019-01-29T08:15:08Z
opensuse-su-2019:0107-1 Security update for pdns-recursor 2019-01-31T13:36:30Z 2019-01-31T13:36:30Z
opensuse-su-2019:0131-1 Security update for pdns-recursor 2019-02-04T12:59:24Z 2019-02-04T12:59:24Z
opensuse-su-2019:0169-1 Security update for python-slixmpp 2019-02-13T16:50:17Z 2019-02-13T16:50:17Z
opensuse-su-2019:0170-1 Security update for runc 2019-02-13T16:51:49Z 2019-02-13T16:51:49Z
opensuse-su-2019:0171-1 Security update for uriparser 2019-02-13T17:02:43Z 2019-02-13T17:02:43Z
opensuse-su-2019:0206-1 Security update for chromium 2019-02-18T16:59:22Z 2019-02-18T16:59:22Z
opensuse-su-2019:0216-1 Security update for chromium 2019-02-19T10:08:13Z 2019-02-19T10:08:13Z
opensuse-su-2019:0235-1 Security update for GraphicsMagick 2019-02-22T16:23:13Z 2019-02-22T16:23:13Z
opensuse-su-2019:0237-1 Security update for mosquitto 2019-02-23T08:03:59Z 2019-02-23T08:03:59Z
opensuse-su-2019:0238-1 Security update for ansible 2019-02-23T08:23:03Z 2019-02-23T08:23:03Z
opensuse-su-2019:0239-1 Security update for python-python-gnupg 2019-02-23T15:47:12Z 2019-02-23T15:47:12Z
opensuse-su-2019:0240-1 Security update for pspp, spread-sheet-widget 2019-02-24T18:19:35Z 2019-02-24T18:19:35Z
opensuse-su-2019:0244-1 Security update for python-Jinja2 2019-02-25T17:32:38Z 2019-02-25T17:32:38Z
opensuse-su-2019:0247-1 Security update for kauth 2019-02-26T05:15:30Z 2019-02-26T05:15:30Z
opensuse-su-2019:0249-1 Security update for MozillaThunderbird 2019-02-26T09:44:25Z 2019-02-26T09:44:25Z
opensuse-su-2019:0322-1 Security update for hiawatha 2019-03-09T13:08:17Z 2019-03-09T13:08:17Z
opensuse-su-2019:0328-1 Security update for libcomps 2019-03-15T06:33:59Z 2019-03-15T06:33:59Z
opensuse-su-2019:0329-1 Security update for obs-service-tar_scm 2019-03-15T06:52:27Z 2019-03-15T06:52:27Z
opensuse-su-2019:0054-1 Security update for gitolite 2019-03-23T09:56:50Z 2019-03-23T09:56:50Z
opensuse-su-2019:1-1 Security update for GraphicsMagick 2019-03-23T10:38:52Z 2019-03-23T10:38:52Z
opensuse-su-2019:0008-1 Security update for libraw 2019-03-23T10:42:07Z 2019-03-23T10:42:07Z
opensuse-su-2019:0009-1 Security update for singularity 2019-03-23T10:42:10Z 2019-03-23T10:42:10Z
opensuse-su-2019:0010-1 Security update for polkit 2019-03-23T10:42:34Z 2019-03-23T10:42:34Z
opensuse-su-2019:0019-1 Security update for discount 2019-03-23T10:42:59Z 2019-03-23T10:42:59Z
opensuse-su-2019:0020-1 Security update for gpg2 2019-03-23T10:43:09Z 2019-03-23T10:43:09Z
opensuse-su-2019:0048-1 Security update for irssi 2019-03-23T10:44:22Z 2019-03-23T10:44:22Z
opensuse-su-2019:0043-1 Security update for java-1_8_0-openjdk 2019-03-23T10:45:25Z 2019-03-23T10:45:25Z
opensuse-su-2019:0044-1 Security update for haproxy 2019-03-23T10:45:51Z 2019-03-23T10:45:51Z
opensuse-su-2019:0053-1 Security update for LibVNCServer 2019-03-23T10:46:24Z 2019-03-23T10:46:24Z
ID Description Published Updated
ID Description Published Updated
rhsa-2003:146 Red Hat Security Advisory: kdebase security update 2003-05-22T16:50:00+00:00 2025-11-21T17:25:59+00:00
rhsa-2003:081 Red Hat Security Advisory: zlib security update 2003-05-22T17:13:00+00:00 2025-11-21T17:25:43+00:00
rhsa-2003:161 Red Hat Security Advisory: xinetd security update 2003-05-22T17:29:00+00:00 2025-11-21T17:26:03+00:00
rhsa-2003:150 Red Hat Security Advisory: LPRng security update 2003-05-22T17:32:00+00:00 2025-11-21T17:25:59+00:00
rhsa-2003:180 Red Hat Security Advisory: sharutils security update 2003-05-23T14:48:00+00:00 2025-11-21T17:26:06+00:00
rhsa-2003:145 Red Hat Security Advisory: Updated kernel fixes security vulnerabilities and updates drivers 2003-05-27T18:52:00+00:00 2025-11-21T17:26:02+00:00
rhsa-2003:187 Red Hat Security Advisory: : Updated 2.4 kernel fixes vulnerabilities and driver bugs 2003-06-03T10:40:00+00:00 2025-11-21T17:26:07+00:00
rhsa-2003:047 Red Hat Security Advisory: : Updated kon2 packages fix buffer overflow 2003-06-03T13:17:00+00:00 2025-11-21T17:25:33+00:00
rhsa-2003:192 Red Hat Security Advisory: : Updated KDE packages fix security issue 2003-06-05T08:59:00+00:00 2025-11-21T17:26:08+00:00
rhsa-2003:070 Red Hat Security Advisory: : : : Updated hanterm packages provide security fixes 2003-06-06T07:45:00+00:00 2025-11-21T17:25:40+00:00
rhsa-2003:151 Red Hat Security Advisory: tcpdump security update 2003-06-09T13:44:00+00:00 2025-11-21T17:25:59+00:00
rhsa-2003:050 Red Hat Security Advisory: kon2 security update 2003-06-09T13:46:00+00:00 2025-11-21T17:25:34+00:00
rhsa-2003:167 Red Hat Security Advisory: lv security update 2003-06-13T13:39:00+00:00 2025-11-21T17:26:05+00:00
rhsa-2003:193 Red Hat Security Advisory: kdelibs security update 2003-06-17T19:38:00+00:00 2025-11-21T17:26:08+00:00
rhsa-2003:182 Red Hat Security Advisory: ghostscript security update 2003-06-17T19:47:00+00:00 2025-11-21T17:26:08+00:00
rhsa-2003:083 Red Hat Security Advisory: apache security update for Stronghold 2003-06-18T10:49:00+00:00 2025-11-21T17:25:44+00:00
rhsa-2003:197 Red Hat Security Advisory: xpdf security update 2003-06-18T17:27:00+00:00 2025-11-21T17:26:09+00:00
rhsa-2003:196 Red Hat Security Advisory: : Updated Xpdf packages fix security vulnerability. 2003-06-18T17:32:00+00:00 2025-11-21T17:26:08+00:00
rhsa-2003:154 Red Hat Security Advisory: : : : Updated bind packages fix buffer overflow in resolver library 2003-06-18T22:19:00+00:00 2025-11-21T17:26:01+00:00
rhsa-2003:195 Red Hat Security Advisory: kernel security update 2003-06-19T13:55:00+00:00 2026-01-13T20:57:17+00:00
rhsa-2003:026 Red Hat Security Advisory: : Updated Netscape packages are now available 2003-06-20T18:32:00+00:00 2025-11-21T17:25:26+00:00
rhsa-2003:176 Red Hat Security Advisory: gnupg security update 2003-06-23T12:24:00+00:00 2025-11-21T17:26:06+00:00
rhsa-2003:205 Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities 2003-06-23T17:37:00+00:00 2025-11-21T17:26:11+00:00
rhsa-2003:156 Red Hat Security Advisory: : : : Updated gaim client fixes vulnerabilities 2003-06-23T22:10:00+00:00 2025-11-21T17:26:01+00:00
rhsa-2003:209 Red Hat Security Advisory: : : : updated ghostscript packages fix vulnerabilities 2003-06-24T22:24:00+00:00 2025-11-21T17:26:12+00:00
rhsa-2003:065 Red Hat Security Advisory: XFree86 security update 2003-06-25T12:23:00+00:00 2026-01-13T22:03:42+00:00
rhsa-2003:173 Red Hat Security Advisory: : Updated ypserv packages fix a denial of service vulnerability 2003-06-25T12:32:00+00:00 2025-11-21T17:26:05+00:00
rhsa-2003:067 Red Hat Security Advisory: : Updated XFree86 packages provide security and bug fixes 2003-06-25T12:49:00+00:00 2026-01-13T22:12:22+00:00
rhsa-2003:201 Red Hat Security Advisory: ypserv security update 2003-06-25T15:45:00+00:00 2025-11-21T17:26:10+00:00
rhsa-2003:064 Red Hat Security Advisory: : Updated XFree86 4.1.0 packages are available 2003-06-25T15:51:00+00:00 2026-01-13T22:39:28+00:00
ID Description Published Updated
sevd-2024-282-08 EcoStruxure EV Charging Expert 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-05 EcoStruxure™ Power Monitoring Expert (PME) 2024-10-08T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2024-317-01 PowerLogic PM5300 Series 2024-11-12T00:00:00.000Z 2024-11-12T00:00:00.000Z
sevd-2024-317-02 Modicon Controllers M340 / Momentum / MC80 & EcoStruxure™ Control Expert 2024-11-12T00:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2024-317-04 EcoStruxure™ IT Gateway 2024-11-12T00:00:00.000Z 2024-11-12T00:00:00.000Z
sevd-2024-317-03 Modicon Controllers M340 / Momentum / MC80 2024-11-12T05:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2024-345-01 PowerChute Serial Shutdown 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
sevd-2024-345-02 Harmony HMI and Pro-face HMI products 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
sevd-2024-345-03 Modicon M241 / M251 / M258 / LMC058 2024-12-10T05:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-014-02 Pro-face GP-Pro EX and Remote HMI 2025-01-14T00:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-014-04 Web Designer for Modicon Communication Modules 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2025-014-05 Web Server on Modicon M340, Modbus/TCP Ethernet Modicon M340 module, Modbus/TCP Ethernet Modicon M340 FactoryCast module and Ethernet / Serial RTU communication modules 2025-01-14T00:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2025-014-06 RemoteConnect and SCADAPack™ x70 Utilities 2025-01-14T00:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-014-08 Power Logic HDPM6000 High-Density Metering System 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2025-014-09 EcoStruxure™ Power Build Rapsody 2025-01-14T00:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-014-01 Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC 2025-01-14T05:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-014-03 Wind River VxWorks DHCP Server Vulnerability 2025-01-14T05:00:00.000Z 2025-08-12T04:00:00.000Z
sevd-2025-014-07 FlexNet Publisher Vulnerability 2025-01-14T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-042-02 Improper Input Validation Vulnerability in Uni-Telway Driver 2025-02-11T05:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-042-01 ASCO 5310 / 5350 Remote Annunciator 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-03 EcoStruxure™ Process Expert, EcoStruxure™ Process Expert for AVEVA System Platform 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-04 Enerlin'X IFE and eIFE 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-070-01 EcoStruxure™ Panel Server 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-02 EPAS-UI & EcoSUI 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-03 WebHMI Component For EcoStruxure™ Power Automation System User Interface and EcoStruxure™ Microgrid Operation Large 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-098-01 ConneXium Network Manager Software 2025-04-08T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-098-02 Trio™ Q Licensed Data Radios 2025-04-08T04:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-133-01 Modicon Controllers M241/M251/M258/LMC058 2025-05-13T04:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-133-02 Wiser Home Automation 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-03 EcoStruxure Power Build Rapsody 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
ID Description Published Updated
ID Description Published Updated
ssa-414513 SSA-414513: Information Disclosure Vulnerability in Mendix 2022-04-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-446448 SSA-446448: Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack 2022-04-12T00:00:00Z 2025-01-14T00:00:00Z
ssa-557541 SSA-557541: Denial-of-Service Vulnerability in SIMATIC S7-400 CPUs 2022-04-12T00:00:00Z 2023-04-11T00:00:00Z
ssa-655554 SSA-655554: Multiple Vulnerabilities in SIMATIC Energy Manager before V7.3 Update 1 2022-04-12T00:00:00Z 2022-04-12T00:00:00Z
ssa-711829 SSA-711829: Denial of Service Vulnerability in TIA Administrator 2022-04-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-836527 SSA-836527: Multiple Vulnerabilities in SCALANCE X-300 Switch Family Devices 2022-04-12T00:00:00Z 2022-04-12T00:00:00Z
ssa-870917 SSA-870917: Improper Access Control Vulnerability in Mendix 2022-04-12T00:00:00Z 2022-04-12T00:00:00Z
ssa-998762 SSA-998762: File Parsing Vulnerabilities in Simcenter Femap before V2022.1.2 2022-04-12T00:00:00Z 2022-04-12T00:00:00Z
ssa-254054 SSA-254054: Spring Framework Vulnerability (Spring4Shell or SpringShell, CVE-2022-22965) - Impact to Siemens Products 2022-04-19T00:00:00Z 2022-10-11T00:00:00Z
ssa-162616 SSA-162616: File Parsing Vulnerabilities in Simcenter Femap before V2022.2 2022-05-10T00:00:00Z 2022-05-10T00:00:00Z
ssa-165073 SSA-165073: Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices 2022-05-10T00:00:00Z 2022-05-10T00:00:00Z
ssa-285795 SSA-285795: Denial of Service in OPC-UA in Industrial Products 2022-05-10T00:00:00Z 2023-10-10T00:00:00Z
ssa-321292 SSA-321292: Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products 2022-05-10T00:00:00Z 2024-10-08T00:00:00Z
ssa-363107 SSA-363107: An Improper Initialization Vulnerability Affects SIMATIC WinCC Kiosk Mode 2022-05-10T00:00:00Z 2023-11-14T00:00:00Z
ssa-480937 SSA-480937: Denial of Service Vulnerability in CP 44x-1 RNA before V1.5.18 2022-05-10T00:00:00Z 2022-05-10T00:00:00Z
ssa-553086 SSA-553086: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization 2022-05-10T00:00:00Z 2022-05-10T00:00:00Z
ssa-626968 SSA-626968: Multiple Webserver Vulnerabilities in Desigo PXC and DXR Devices 2022-05-10T00:00:00Z 2022-06-14T00:00:00Z
ssa-662649 SSA-662649: Denial of Service Vulnerability in Desigo DXR and PXC Controllers 2022-05-10T00:00:00Z 2022-06-14T00:00:00Z
ssa-732250 SSA-732250: Libcurl Vulnerabilities in Industrial Devices 2022-05-10T00:00:00Z 2022-08-09T00:00:00Z
ssa-736385 SSA-736385: Memory Corruption Vulnerability in OpenV2G 2022-05-10T00:00:00Z 2022-05-10T00:00:00Z
ssa-789162 SSA-789162: Vulnerabilities in Teamcenter 2022-05-10T00:00:00Z 2022-08-09T00:00:00Z
ssa-330556 SSA-330556: PwnKit Vulnerability in SCALANCE LPE9403 and SINUMERIK Edge Products (CVE-2021-4034) 2022-06-14T00:00:00Z 2022-06-14T00:00:00Z
ssa-388239 SSA-388239: Default Password Leakage affecting the Component Shared HIS used in Spectrum Power Systems 2022-06-14T00:00:00Z 2022-06-14T00:00:00Z
ssa-401167 SSA-401167: Cross-site scripting Vulnerability in Teamcenter Active Workspace 2022-06-14T00:00:00Z 2022-06-14T00:00:00Z
ssa-484086 SSA-484086: Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.1 2022-06-14T00:00:00Z 2024-07-09T00:00:00Z
ssa-631336 SSA-631336: Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6 2022-06-14T00:00:00Z 2025-11-11T00:00:00Z
ssa-685781 SSA-685781: Multiple Vulnerabilities in Apache HTTP Server Affecting Siemens Products 2022-06-14T00:00:00Z 2022-10-11T00:00:00Z
ssa-693555 SSA-693555: Memory Corruption Vulnerability in EN100 Ethernet Module 2022-06-14T00:00:00Z 2022-06-14T00:00:00Z
ssa-712929 SSA-712929: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products 2022-06-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-988345 SSA-988345: Local Privilege Escalation Vulnerability in Xpedition Designer 2022-06-14T00:00:00Z 2023-06-13T00:00:00Z
ID Description Published Updated
suse-su-2015:0832-1 Security update for kgraft-patch-SLE12_Update_1, kgraft-patch-SLE12_Update_2 2015-04-01T14:12:12Z 2015-04-01T14:12:12Z
suse-su-2015:0701-1 Security update for xen 2015-04-01T15:24:09Z 2015-04-01T15:24:09Z
suse-su-2015:0884-1 Security update for spice 2015-04-02T09:43:08Z 2015-04-02T09:43:08Z
suse-su-2015:0884-2 Security update for spice 2015-04-02T09:43:08Z 2015-04-02T09:43:08Z
suse-su-2015:0706-1 Security update for Mozilla Firefox 2015-04-02T12:17:21Z 2015-04-02T12:17:21Z
suse-su-2015:0776-1 Security update for subversion 2015-04-02T12:57:32Z 2015-04-02T12:57:32Z
suse-su-2015:0704-1 Security update for MozillaFirefox 2015-04-02T14:42:06Z 2015-04-02T14:42:06Z
suse-su-2015:0704-2 Security update for MozillaFirefox 2015-04-02T14:42:07Z 2015-04-02T14:42:07Z
suse-su-2015:0787-1 Security update for rubygem-sprockets-2_11 2015-04-09T18:13:42Z 2015-04-09T18:13:42Z
suse-su-2015:0974-1 Security update for apache2 2015-04-10T12:24:10Z 2015-04-10T12:24:10Z
suse-su-2015:0887-1 Security update for openldap2 2015-04-13T12:35:26Z 2015-04-13T12:35:26Z
suse-su-2015:0722-1 Security update for Adobe Flash Player 2015-04-15T06:50:02Z 2015-04-15T06:50:02Z
suse-ru-2015:0952-1 Recommended update for vsftpd 2015-04-19T22:34:39Z 2015-04-19T22:34:39Z
suse-su-2015:0417-1 Recommended update for vsftpd 2015-04-19T22:34:39Z 2015-04-19T22:34:39Z
suse-su-2015:1013-1 Security update for wpa_supplicant 2015-04-21T14:30:27Z 2015-04-21T14:30:27Z
suse-su-2015:0777-1 Security update for python-Pillow 2015-04-22T14:27:27Z 2015-04-22T14:27:27Z
suse-su-2015:0839-1 Security update for DirectFB 2015-04-23T10:30:39Z 2015-04-23T10:30:39Z
suse-su-2015:0789-1 Security update for java-1_7_0-openjdk, java-1_7_0-openjdk-bootstrap 2015-04-23T14:27:30Z 2015-04-23T14:27:30Z
suse-su-2015:0942-1 Security update for gstreamer-0_10-plugins-bad 2015-04-24T15:04:46Z 2015-04-24T15:04:46Z
suse-su-2015:0921-1 Security update for gstreamer-0_10-plugins-bad 2015-04-27T13:17:57Z 2015-04-27T13:17:57Z
suse-su-2015:0904-1 Security update for libtasn1 2015-04-27T15:58:58Z 2015-04-27T15:58:58Z
suse-su-2015:0865-1 Security update for ntp 2015-04-28T12:17:23Z 2015-04-28T12:17:23Z
suse-su-2015:0868-1 Security update for php5 2015-04-28T14:21:26Z 2015-04-28T14:21:26Z
suse-su-2015:0979-1 Security update for dnsmasq 2015-04-28T15:39:11Z 2015-04-28T15:39:11Z
suse-su-2015:0979-2 Security update for dnsmasq 2015-04-28T16:45:15Z 2015-04-28T16:45:15Z
suse-su-2015:0990-1 Security update for curl 2015-04-29T18:22:39Z 2015-04-29T18:22:39Z
suse-su-2015:0863-1 Security update for SUSE Studio 2015-05-05T23:49:58Z 2015-05-05T23:49:58Z
suse-su-2015:0922-1 Security update for OpenSLP 2015-05-05T23:56:46Z 2015-05-05T23:56:46Z
suse-su-2015:0882-1 Security update for clamav 2015-05-11T07:27:32Z 2015-05-11T07:27:32Z
suse-su-2015:0882-2 Security update for clamav 2015-05-11T07:27:32Z 2015-05-11T07:27:32Z
ID Description Published Updated
alsa-2021:4042 Important: flatpak security update 2021-11-01T13:11:58Z 2021-11-12T10:20:56Z
alsa-2021:4056 Important: kernel security, bug fix, and enhancement update 2021-11-02T07:47:41Z 2021-11-02T18:48:59Z
alsa-2021:4058 Moderate: samba security update 2021-11-02T07:48:59Z 2021-11-03T08:35:17Z
alsa-2021:4060 Moderate: libsolv security update 2021-11-02T07:49:29Z 2021-11-03T08:35:17Z
alsa-2021:4123 Important: firefox security update 2021-11-03T19:23:08Z 2021-11-12T10:20:56Z
alsa-2021:4130 Important: thunderbird security update 2021-11-04T16:03:41Z 2021-11-12T10:20:56Z
alsa-2021:4139 Moderate: resource-agents security, bug fix, and enhancement update 2021-11-09T08:20:04Z 2021-11-12T10:21:02Z
alsa-2021:4142 Low: pcs security, bug fix, and enhancement update 2021-11-09T08:21:49Z 2021-11-12T10:21:02Z
alsa-2021:4149 Moderate: python-pillow security update 2021-11-09T08:24:34Z 2021-11-12T10:20:56Z
alsa-2021:4150 Moderate: python36:3.6 security and bug fix update 2021-11-09T08:24:37Z 2021-11-09T12:44:54Z
alsa-2021:4151 Moderate: python27:2.7 security update 2021-11-09T08:24:39Z 2021-11-09T12:45:07Z
alsa-2021:4153 Moderate: dnsmasq security and bug fix update 2021-11-09T08:24:48Z 2021-11-12T10:20:56Z
alsa-2021:4154 Moderate: container-tools:rhel8 security, bug fix, and enhancement update 2021-11-09T08:24:51Z 2022-02-02T17:58:49Z
alsa-2021:4156 Moderate: go-toolset:rhel8 security, bug fix, and enhancement update 2021-11-09T08:25:49Z 2021-12-16T11:29:11Z
alsa-2021:4158 Moderate: python-lxml security update 2021-11-09T08:26:20Z 2021-11-12T10:20:56Z
alsa-2021:4160 Moderate: python39:3.9 and python39-devel:3.9 security update 2021-11-09T08:26:25Z 2021-11-09T12:46:25Z
alsa-2021:4161 Moderate: python-jinja2 security update 2021-11-09T08:26:43Z 2021-11-12T10:20:56Z
alsa-2021:4172 Moderate: qt5 security, bug fix, and enhancement update 2021-11-09T08:31:20Z 2021-11-12T10:21:01Z
alsa-2021:4173 Moderate: exiv2 security, bug fix, and enhancement update 2021-11-09T08:31:22Z 2021-11-12T10:21:01Z
alsa-2021:4179 Low: file-roller security update 2021-11-09T08:32:50Z 2021-11-12T10:20:56Z
alsa-2021:4181 Moderate: mutt security, bug fix, and enhancement update 2021-11-09T08:33:45Z 2021-11-12T10:20:56Z
alsa-2021:4191 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update 2021-11-09T08:35:34Z 2021-12-23T15:15:26Z
alsa-2021:4198 Moderate: edk2 security, bug fix, and enhancement update 2021-11-09T08:37:02Z 2021-11-12T10:20:56Z
alsa-2021:4201 Moderate: babel security and bug fix update 2021-11-09T08:37:19Z 2021-11-12T10:20:56Z
alsa-2021:4213 Moderate: php:7.4 security, bug fix, and enhancement update 2021-11-09T08:42:20Z 2021-11-09T12:52:36Z
alsa-2021:4221 Moderate: container-tools:2.0 security update 2021-11-09T08:45:58Z 2021-11-09T12:54:00Z
alsa-2021:4222 Moderate: container-tools:3.0 security and bug fix update 2021-11-09T08:46:34Z 2022-02-02T18:04:53Z
alsa-2021:4226 Moderate: grafana security, bug fix, and enhancement update 2021-11-09T08:46:47Z 2021-11-12T10:20:56Z
alsa-2021:4231 Moderate: libwebp security update 2021-11-09T08:47:24Z 2021-11-12T10:20:56Z
alsa-2021:4235 Moderate: jasper security update 2021-11-09T08:48:32Z 2021-11-12T10:21:01Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
osv-2020-357 Heap-buffer-overflow in r_read_le32 2020-07-01T00:00:04.961488Z 2022-04-13T03:04:36.567512Z
osv-2020-360 Heap-use-after-free in read_chunks_after_idat 2020-07-01T00:00:05.129333Z 2022-04-13T03:04:33.682982Z
osv-2020-364 Stack-use-after-return in ihevcd_process_thread 2020-07-01T00:00:05.352256Z 2023-04-20T22:35:28.979054Z
osv-2020-365 UNKNOWN READ in fuzzshark_ip_proto-udp 2020-07-01T00:00:05.383535Z 2022-04-13T03:04:37.870514Z
osv-2020-366 UNKNOWN READ in bebytes2ushort 2020-07-01T00:00:05.421205Z 2022-04-13T03:04:41.559197Z
osv-2020-369 UNKNOWN READ in ot::TimerScheduler::Remove 2020-07-01T00:00:05.571696Z 2022-04-13T03:04:38.951596Z
osv-2020-370 Heap-use-after-free in ih264_inter_pred_luma_horz_hpel_vert_qpel_ssse3 2020-07-01T00:00:05.612589Z 2022-04-13T03:36:38.304614Z
osv-2020-372 Heap-buffer-overflow in circular_memcpy 2020-07-01T00:00:05.776845Z 2022-04-13T03:04:41.152670Z
osv-2020-373 UNKNOWN READ in url_decode 2020-07-01T00:00:05.814415Z 2022-04-13T03:04:31.715630Z
osv-2020-374 Heap-use-after-free in wmem_strbuf_get_str 2020-07-01T00:00:05.857808Z 2022-04-13T03:04:37.811763Z
osv-2020-376 Heap-buffer-overflow in perfetto::trace_processor::fuchsia_trace_utils::ReadTimestamp 2020-07-01T00:00:05.968178Z 2023-02-24T01:37:02.630745Z
osv-2020-377 Heap-buffer-overflow in symbols 2020-07-01T00:00:06.002017Z 2022-04-13T03:04:36.709304Z
osv-2020-379 Heap-buffer-overflow in UA_unbase64 2020-07-01T00:00:06.148009Z 2022-04-13T03:04:41.369625Z
osv-2020-380 Stack-buffer-overflow in ot::MeshCoP::ChannelMaskEntry::GetMask 2020-07-01T00:00:06.263172Z 2022-04-13T03:04:39.008953Z
osv-2020-381 Use-of-uninitialized-value in crc32 2020-07-01T00:00:06.294878Z 2022-04-13T03:04:40.514300Z
osv-2020-383 Stack-buffer-overflow in ot::NetworkData::Leader::IsStableUpdated 2020-07-01T00:00:06.392501Z 2022-04-13T03:04:39.050756Z
osv-2020-384 Heap-buffer-overflow in agentx_parse_string 2020-07-01T00:00:06.466746Z 2022-04-13T03:04:35.805999Z
osv-2020-386 Heap-buffer-overflow in OPENSSL_strlcpy 2020-07-01T00:00:06.528477Z 2022-04-13T03:04:38.742191Z
osv-2020-388 Stack-use-after-return in bool OT::Coverage::serialize<hb_map_iter_t<hb_map_iter_t<hb_filter_iter_t<OT::Co 2020-07-01T00:00:06.690091Z 2022-04-13T03:04:33.050351Z
osv-2020-389 Use-of-uninitialized-value in smtp_state_ehlo_resp 2020-07-01T00:00:06.761801Z 2022-04-13T03:04:42.827258Z
osv-2020-391 Use-of-uninitialized-value in mprint 2020-07-01T00:00:06.825617Z 2022-04-13T03:04:30.780960Z
osv-2020-392 Stack-buffer-overflow in nc4_get_att 2020-07-01T00:00:06.889412Z 2022-04-13T03:04:42.107611Z
osv-2020-393 Heap-buffer-overflow in Elf32_r_bin_elf_compiler 2020-07-01T00:00:06.928110Z 2022-04-13T03:04:36.630830Z
osv-2020-394 Global-buffer-overflow in parse_headers 2020-07-01T00:00:06.992887Z 2022-04-13T03:04:31.696233Z
osv-2020-396 UNKNOWN READ in ot::TaskletScheduler::PopTasklet 2020-07-01T00:00:07.092682Z 2022-04-13T03:04:38.909313Z
osv-2020-398 Stack-buffer-overflow in ihevcd_ref_list 2020-07-01T00:00:07.241400Z 2022-04-13T03:04:31.010237Z
osv-2020-399 Heap-use-after-free in sdb_free 2020-07-01T00:00:07.312045Z 2022-04-13T03:04:36.584151Z
osv-2020-405 Stack-buffer-overflow in ZSTD_decodeLiteralsBlock 2020-07-01T00:00:07.677115Z 2022-04-13T03:19:42.457329Z
osv-2020-406 Global-buffer-overflow in lwan_strbuf_append_str 2020-07-01T00:00:07.709109Z 2022-04-13T03:04:31.720558Z
osv-2020-407 Heap-double-free in opt_cleanup 2020-07-01T00:00:07.757751Z 2022-04-13T03:04:38.725198Z
ID Description Published Updated
rustsec-2020-0084 crate has been superseded by `sn_client` 2020-12-07T12:00:00Z 2020-12-07T17:22:02Z
rustsec-2020-0085 crate has been renamed to `sn_node` 2020-12-07T12:00:00Z 2020-12-07T17:22:02Z
rustsec-2020-0086 crate has been renamed to `sn_client` 2020-12-07T12:00:00Z 2020-12-07T17:22:02Z
rustsec-2020-0090 Thex<T> allows data races of non-Send types across threads 2020-12-08T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0104 ImageChunkMut needs bounds on its Send and Sync traits 2020-12-08T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0118 Future<T> lacks bounds on Send and Sync. 2020-12-08T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0124 ArcGuard's Send and Sync should have bounds on RC 2020-12-08T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0089 nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers 2020-12-09T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0139 dces' World type can cause data races 2020-12-09T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0091 Dangling reference in `access::Map` with Constant 2020-12-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0097 Soundness issue with base::Error 2020-12-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0099 Aovec<T> lacks bound on its Send and Sync traits allowing data races 2020-12-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0141 MvccRwLock allows data races & aliasing violations 2020-12-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0148 Multiple soundness issues in `Ptr` 2020-12-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0093 Async-h1 request smuggling possible with long unread bodies 2020-12-17T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0150 RingBuffer can create multiple mutable references and cause data races 2020-12-17T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0098 UsbContext trait did not require implementers to be Send and Sync. 2020-12-18T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0112 ButtplugFutureStateShared allows data race to (!Send|!Sync) objects 2020-12-18T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0127 SyncRef's clone() and debug() allow data races 2020-12-18T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0129 ShmWriter allows sending non-Send type across threads 2020-12-18T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0152 ImmediateIO and TransactionalIO can cause data races 2020-12-18T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0106 Queues allow non-Send types to be sent to other threads, allowing data races 2020-12-19T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0095 difference is unmaintained 2020-12-20T12:00:00Z 2025-08-30T06:09:56Z
rustsec-2020-0108 Soundness issue: Input<R> can be misused to create data race to an object 2020-12-20T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0105 Update unsound DrainFilter and RString::retain 2020-12-21T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0101 conquer-once's OnceCell lacks Send bound for its Sync trait. 2020-12-22T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0109 stderr is unmaintained; use eprintln instead 2020-12-22T12:00:00Z 2021-01-20T19:29:04Z
rustsec-2020-0114 `Demuxer` can carry non-Send types across thread boundaries 2020-12-22T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0143 Queues allow non-Send types to be sent to other threads, allowing data races 2020-12-25T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0155 `Read` on uninitialized buffer in `fill_buf()` and `read_up_to()` 2020-12-27T12:00:00Z 2023-06-13T13:10:24Z
ID Description Published Updated
bit-gitlab-2024-0456 Direct Request ('Forced Browsing') in GitLab 2024-03-06T10:53:14.072Z 2025-05-20T10:02:07.006Z
bit-gradle-2023-26053 Gradle usage of long IDs for PGP keys opens potential for collision attacks 2024-03-06T10:53:14.075Z 2025-05-20T10:02:07.006Z
bit-golang-2023-44487 2024-03-06T10:53:14.274Z 2026-02-11T09:09:18.507Z
bit-grafana-2023-2801 2024-03-06T10:53:15.069Z 2025-04-03T14:40:37.652Z
bit-apache-2022-26377 mod_proxy_ajp: Possible request smuggling 2024-03-06T10:53:16.477Z 2025-05-20T10:02:07.006Z
bit-influxdb-2022-36640 2024-03-06T10:53:17.690Z 2025-04-03T14:40:37.652Z
bit-dotnet-2023-36794 Visual Studio Remote Code Execution Vulnerability 2024-03-06T10:53:17.695Z 2025-05-20T10:02:07.006Z
bit-django-2022-23833 2024-03-06T10:53:17.707Z 2025-04-03T14:40:37.652Z
bit-drupal-2022-25274 2024-03-06T10:53:18.690Z 2025-04-03T14:40:37.652Z
bit-airflow-2023-40712 Apache Airflow: Secrets can be unmasked in the "Rendered Template" 2024-03-06T10:53:19.281Z 2025-05-20T10:02:07.006Z
bit-discourse-2023-45131 Unauthenticated access to new private chat messages in Discourse 2024-03-06T10:53:19.376Z 2025-11-06T13:25:46.476Z
bit-envoy-2023-35941 Envoy vulnerable to OAuth2 credentials exploit with permanent validity 2024-03-06T10:53:21.084Z 2025-05-20T10:02:07.006Z
bit-jaeger-2020-10750 2024-03-06T10:53:21.198Z 2025-04-03T14:40:37.652Z
bit-consul-2021-32574 2024-03-06T10:53:21.700Z 2025-04-03T14:40:37.652Z
bit-helm-2022-36055 Denial of service in Helm 2024-03-06T10:53:21.994Z 2025-05-20T10:02:07.006Z
bit-gitea-2022-1928 Cross-site Scripting (XSS) - Stored in go-gitea/gitea 2024-03-06T10:53:22.292Z 2025-05-20T10:02:07.006Z
bit-elasticsearch-2021-22144 2024-03-06T10:53:22.503Z 2025-04-03T14:40:37.652Z
bit-ghost-2022-47194 2024-03-06T10:53:22.782Z 2025-11-06T13:25:46.476Z
bit-golang-2023-39326 Denial of service via chunk extensions in net/http 2024-03-06T10:53:23.071Z 2025-05-20T10:02:07.006Z
bit-gitlab-2024-0410 Improper Enforcement of Behavioral Workflow in GitLab 2024-03-06T10:53:23.990Z 2025-05-20T10:02:07.006Z
bit-gradle-2022-31156 Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed 2024-03-06T10:53:24.270Z 2025-05-20T10:02:07.006Z
bit-grafana-2023-22462 Stored XSS in Grafana Text plugin 2024-03-06T10:53:25.170Z 2025-05-20T10:02:07.006Z
bit-harbor-2022-46463 2024-03-06T10:53:25.383Z 2025-04-03T14:40:37.652Z
bit-apache-2022-23943 mod_sed: Read/write beyond bounds 2024-03-06T10:53:25.496Z 2025-05-20T10:02:07.006Z
bit-haproxy-2023-25950 2024-03-06T10:53:25.686Z 2025-04-03T14:40:37.652Z
bit-dotnet-2023-36793 Visual Studio Remote Code Execution Vulnerability 2024-03-06T10:53:27.694Z 2025-05-20T10:02:07.006Z
bit-drupal-2022-25273 2024-03-06T10:53:28.666Z 2025-04-03T14:40:37.652Z
bit-django-2022-22818 2024-03-06T10:53:28.699Z 2025-04-03T14:40:37.652Z
bit-airflow-2023-40611 Apache Airflow Dag Runs Broken Access Control Vulnerability 2024-03-06T10:53:28.968Z 2025-05-20T10:02:07.006Z
bit-discourse-2023-44391 Prevent unauthorized access to summary details in Discourse 2024-03-06T10:53:30.809Z 2025-11-06T13:25:46.476Z
ID Description Published Updated
cleanstart-2026-zm84646 Within HostnameError 2026-01-30T16:20:55.488130Z 2026-01-29T18:58:54Z
cleanstart-2026-nd18869 tar 2026-01-30T16:20:55.683557Z 2026-01-29T18:58:54Z
cleanstart-2026-ml51665 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:20:55.711028Z 2026-01-29T18:58:54Z
cleanstart-2026-ui65993 Within HostnameError 2026-01-30T16:21:25.457624Z 2026-01-29T18:58:54Z
cleanstart-2026-xo49545 Within HostnameError 2026-01-30T16:21:25.500719Z 2026-01-29T18:58:54Z
cleanstart-2026-nr68832 libexpat in Expat before 2 2026-01-30T16:22:25.447471Z 2026-01-29T18:58:54Z
cleanstart-2026-pt11267 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:22:25.604414Z 2026-01-29T18:58:54Z
cleanstart-2026-yd87381 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:22:55.178631Z 2026-01-29T18:58:54Z
cleanstart-2026-qe58701 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:22:55.193625Z 2026-01-29T18:58:54Z
cleanstart-2026-cq38405 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:23:55.161893Z 2026-01-29T18:58:54Z
cleanstart-2026-ek72220 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:24:55.137022Z 2026-01-29T18:58:54Z
cleanstart-2026-sw55801 Within HostnameError 2026-01-30T16:24:55.642434Z 2026-01-29T18:58:54Z
cleanstart-2026-fn12833 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security) 2026-01-30T16:25:25.422564Z 2026-01-29T18:58:54Z
cleanstart-2026-rn77098 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:25:55.300453Z 2026-01-29T18:58:54Z
cleanstart-2026-mb75553 vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record 2026-01-30T16:26:25.443727Z 2026-01-29T18:58:54Z
cleanstart-2026-on55906 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:26:25.467484Z 2026-01-29T18:58:54Z
cleanstart-2026-gq48460 Cancelling a query (e 2026-01-30T16:26:55.253385Z 2026-01-29T18:58:54Z
cleanstart-2026-dj71086 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access 2026-01-30T16:26:55.342548Z 2026-01-29T18:58:54Z
cleanstart-2026-ai42483 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access 2026-01-30T16:26:55.732852Z 2026-01-29T18:58:54Z
cleanstart-2026-rg55910 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:27:25.253140Z 2026-01-29T18:58:54Z
cleanstart-2026-an66259 attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests 2026-01-30T16:28:25.281484Z 2026-01-29T18:58:54Z
cleanstart-2026-kd20596 Cancelling a query (e 2026-01-30T16:28:55.316811Z 2026-01-29T18:58:54Z
cleanstart-2026-ma27248 Cancelling a query (e 2026-01-30T16:28:55.356497Z 2026-01-29T18:58:54Z
cleanstart-2026-ul17352 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:29:25.464127Z 2026-01-29T18:58:54Z
cleanstart-2026-nv82543 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:29:25.549030Z 2026-01-29T18:58:54Z
cleanstart-2026-tf33105 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process 2026-01-30T16:29:25.639055Z 2026-01-29T18:58:54Z
cleanstart-2026-wg18689 attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests 2026-01-30T16:29:25.690410Z 2026-01-29T18:58:54Z
cleanstart-2026-au31441 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:29:25.997506Z 2026-01-29T18:58:54Z
cleanstart-2026-ib84500 security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion 2026-01-30T16:29:55.343868Z 2026-01-29T18:58:54Z
cleanstart-2026-rt10702 Within HostnameError 2026-01-30T16:30:25.697056Z 2026-01-29T18:58:54Z
ID Description Published Updated
drupal-contrib-2023-028 2023-06-28T17:21:37.000Z 2023-07-31T21:17:11.000Z
drupal-contrib-2023-029 2023-06-28T17:34:47.000Z 2023-07-31T21:18:37.000Z
drupal-contrib-2023-030 2023-07-12T18:19:42.000Z 2023-07-12T18:39:39.000Z
drupal-contrib-2023-031 2023-07-26T19:15:46.000Z 2023-07-27T16:05:03.000Z
drupal-contrib-2023-032 2023-07-26T19:19:38.000Z 2023-07-26T20:00:09.000Z
drupal-contrib-2023-033 2023-08-02T18:59:27.000Z 2023-08-02T19:52:35.000Z
drupal-contrib-2023-034 2023-08-23T14:51:16.000Z 2023-08-23T18:45:47.000Z
drupal-contrib-2023-035 2023-08-23T14:54:52.000Z 2023-08-23T18:45:59.000Z
drupal-contrib-2023-037 2023-08-23T16:54:32.000Z 2023-08-23T18:29:48.000Z
drupal-contrib-2023-038 2023-08-23T17:00:14.000Z 2023-08-23T18:47:17.000Z
drupal-contrib-2023-039 2023-08-23T17:06:18.000Z 2023-08-23T18:28:35.000Z
drupal-contrib-2023-040 2023-08-23T17:24:02.000Z 2023-08-23T18:28:12.000Z
drupal-contrib-2023-041 2023-08-30T16:22:06.000Z 2023-08-30T18:51:23.000Z
drupal-contrib-2023-042 2023-08-30T16:23:18.000Z 2023-08-30T18:51:57.000Z
drupal-contrib-2023-043 2023-09-06T15:23:32.000Z 2023-09-06T16:48:26.000Z
drupal-contrib-2023-044 2023-09-06T16:33:36.000Z 2023-09-18T14:27:44.000Z
drupal-contrib-2023-045 2023-09-13T15:47:17.000Z 2023-09-13T17:42:33.000Z
drupal-contrib-2023-047 2023-09-27T16:33:34.000Z 2023-09-28T21:17:46.000Z
drupal-contrib-2023-048 2023-10-04T15:41:34.000Z 2023-10-04T16:35:18.000Z
drupal-contrib-2023-049 2023-11-01T16:56:37.000Z 2023-11-06T14:25:23.000Z
drupal-contrib-2023-050 2023-11-08T15:30:45.000Z 2023-11-08T17:10:18.000Z
drupal-contrib-2023-051 2023-11-08T15:33:12.000Z 2023-11-08T17:10:24.000Z
drupal-contrib-2023-052 2023-11-15T14:24:12.000Z 2023-11-15T17:19:15.000Z
drupal-contrib-2023-053 2023-11-29T15:27:05.000Z 2023-11-29T18:08:04.000Z
drupal-contrib-2023-054 2023-12-06T16:16:28.000Z 2023-12-07T02:47:34.000Z
drupal-contrib-2023-055 2023-12-20T17:02:51.000Z 2023-12-20T17:53:15.000Z
drupal-contrib-2024-002 2024-01-10T18:00:05.000Z 2025-02-20T18:40:20.000Z
drupal-contrib-2024-003 2024-01-24T15:42:46.000Z 2025-02-20T18:39:54.000Z
drupal-contrib-2024-004 2024-01-24T15:45:49.000Z 2025-02-20T18:39:20.000Z
drupal-contrib-2024-005 2024-01-24T15:47:36.000Z 2025-02-20T18:38:57.000Z
ID Description Updated
ID Description Published Updated
certfr-2015-ale-005 Vulnérabilité dans Adobe Flash Player 2015-07-08T00:00:00.000000 2015-07-10T00:00:00.000000
certfr-2015-ale-006 Vulnérabilité dans Adobe Flash Player 2015-07-11T00:00:00.000000 2015-07-20T00:00:00.000000
certfr-2015-ale-007 Vulnérabilité dans Oracle Java SE 2015-07-13T00:00:00.000000 2015-07-20T00:00:00.000000
certfr-2015-ale-008 Vulnérabilité dans le pilote de gestion des polices de caractères de Microsoft Windows 2015-07-20T00:00:00.000000 2015-07-30T00:00:00.000000
certfr-2015-ale-009 Vulnérabilité dans Apple Mac OS X 2015-07-24T00:00:00.000000 2015-12-22T00:00:00.000000
certfr-2015-ale-010 Multiples vulnérabilités dans Google Android 2015-07-28T00:00:00.000000 2015-10-06T00:00:00.000000
certfr-2015-ale-011 Vulnérabilité dans Adobe Flash Player 2015-10-14T00:00:00.000000 2015-10-19T00:00:00.000000
certfr-2015-ale-012 Campagne de messages électroniques non sollicités de type Dridex 2015-10-23T00:00:00.000000 2015-11-26T00:00:00.000000
certfr-2015-ale-013 Vulnérabilité dans Joomla! 2015-12-14T00:00:00.000000 2016-08-01T00:00:00.000000
certfr-2015-ale-014 Vulnérabilité dans Juniper ScreenOS 2015-12-18T00:00:00.000000 2016-04-11T00:00:00.000000
certfr-2015-ale-015 Campagne de messages électroniques non sollicités de type TeslaCrypt 2015-12-21T00:00:00.000000 2016-03-10T00:00:00.000000
certfr-2016-ale-001 Campagne de messages électroniques non sollicités de type Locky 2016-02-19T00:00:00.000000 2016-04-07T00:00:00.000000
certfr-2016-ale-002 Vulnérabilité dans Adobe Flash Player 2016-04-06T00:00:00.000000 2016-04-08T00:00:00.000000
certfr-2016-ale-003 Vulnérabilité dans Adobe Flash Player 2016-05-11T00:00:00.000000 2016-05-12T00:00:00.000000
certfr-2016-ale-004 Vulnérabilité dans Adobe Flash Player 2016-06-15T00:00:00.000000 2016-06-16T00:00:00.000000
certfr-2016-ale-005 Multiples vulnérabilités dans les pare-feux Cisco 2016-08-18T00:00:00.000000 2016-09-05T00:00:00.000000
certfr-2016-ale-006 Campagne de messages électroniques non sollicités de type Zepto/Odin 2016-09-05T00:00:00.000000 2016-11-17T00:00:00.000000
certfr-2016-ale-007 Vulnérabilité dans Cisco IOS, IOS XE et IOS XR 2016-09-19T00:00:00.000000 2016-09-19T00:00:00.000000
certfr-2016-ale-008 Vulnérabilité dans Microsoft Windows 2016-11-02T00:00:00.000000 2016-11-09T00:00:00.000000
certfr-2016-ale-009 Campagne d'attaque contre des routeurs DSL 2016-12-01T00:00:00.000000 2017-01-26T00:00:00.000000
certfr-2016-ale-010 Vulnérabilité dans les routeurs Netgear 2016-12-13T00:00:00.000000 2016-12-26T00:00:00.000000
certfr-2017-ale-001 Vulnérabilité dans Cisco WebEx 2017-01-25T00:00:00.000000 2017-01-31T00:00:00.000000
certfr-2017-ale-002 Vulnérabilité dans Microsoft Windows 2017-02-20T00:00:00.000000 2017-03-15T00:00:00.000000
certfr-2017-ale-003 Vulnérabilité dans les navigateurs Microsoft 2017-02-27T00:00:00.000000 2017-03-15T00:00:00.000000
certfr-2017-ale-004 Vulnérabilité dans Apache Struts 2017-03-10T00:00:00.000000 2017-05-10T00:00:00.000000
certfr-2017-ale-005 Vulnérabilité dans les commutateurs Cisco 2017-03-20T00:00:00.000000 2017-05-10T00:00:00.000000
certfr-2017-ale-006 Multiples vulnérabilités dans SCADA Siemens RUGGEDCOM ROX I 2017-03-29T00:00:00.000000 2017-03-29T00:00:00.000000
certfr-2017-ale-007 Vulnérabilité dans Microsoft Office 2017-04-10T00:00:00.000000 2017-04-12T00:00:00.000000
certfr-2017-ale-008 Multiples vulnérabilités dans Microsoft Windows XP et Windows Server 2003 2017-04-14T00:00:00.000000 2017-09-06T00:00:00.000000
certfr-2017-ale-009 Vulnérabilité dans Microsoft Malware Protection Engine 2017-05-09T00:00:00.000000 2017-05-15T00:00:00.000000
ID Description Published Updated
certa-2001-avi-118 Vulnérabilité dans login sous Linux 2001-10-19T00:00:00.000000 2001-11-02T00:00:00.000000
certa-2001-avi-119 Vulnérabilité de l'interface Web du serveur Novell GroupWise 2001-10-19T00:00:00.000000 2001-10-19T00:00:00.000000
certa-2001-avi-120 Vulnérabilité dans Xlock sous Solaris 2001-10-19T00:00:00.000000 2001-10-19T00:00:00.000000
certa-2001-avi-121 Vulnérabilité des Cisco IOS et CatOS sous le protocole CDP 2001-10-19T00:00:00.000000 2001-10-19T00:00:00.000000
certa-2001-avi-122 Déni de service sur Citrix MetaFrame 2001-10-19T00:00:00.000000 2001-10-19T00:00:00.000000
certa-2001-avi-123 Vulnérabilités dans procmail 2001-10-22T00:00:00.000000 2001-10-22T00:00:00.000000
certa-2001-avi-124 Vulnérabilités dans le noyau linux (2.2.x et 2.4.x) 2001-10-23T00:00:00.000000 2001-11-22T00:00:00.000000
certa-2001-avi-125 Débordement de mémoire de Oracle 9iAS Web Cache 2001-10-24T00:00:00.000000 2001-10-24T00:00:00.000000
certa-2001-avi-126 Vulnérabilité dans le protocole RDP sous Windows 2000 et NT Server 2001-10-24T00:00:00.000000 2001-10-24T00:00:00.000000
certa-2001-avi-127 Vulnérabilité sous Mac OS X 2001-10-24T00:00:00.000000 2001-10-24T00:00:00.000000
certa-2001-avi-128 Vulnérabilité d'Internet Explorer 5.1 sous Mac OS X 2001-10-26T00:00:00.000000 2001-10-26T00:00:00.000000
certa-2001-avi-129 Vulnérabilité dans la machine virtuelle java (JRE) de SUN. 2001-10-26T00:00:00.000000 2001-10-26T00:00:00.000000
certa-2001-avi-130 Vulnérabilité d'IGMP sous SGI Irix 2001-10-26T00:00:00.000000 2001-10-26T00:00:00.000000
certa-2001-avi-131 Vulnérabilités du serveur Apache 2001-10-26T00:00:00.000000 2001-10-26T00:00:00.000000
certa-2001-avi-132 Vulnérabilités de webalizer 2001-10-26T00:00:00.000000 2001-10-26T00:00:00.000000
certa-2001-avi-133 Vulnérabilité de ufsrestore sous Solaris. 2001-10-29T00:00:00.000000 2001-10-29T00:00:00.000000
certa-2001-avi-134 Multiples vulnérabilités dans le SGBD Oracle 2001-10-31T00:00:00.000000 2001-10-31T00:00:00.000000
certa-2001-avi-135 Vulnérabilité dans sdiff 2001-10-31T00:00:00.000000 2001-10-31T00:00:00.000000
certa-2001-avi-136 Vulnérabilités dans Oracle Label Security 2001-10-31T00:00:00.000000 2001-10-31T00:00:00.000000
certa-2001-avi-137 Vulnérabilité de UPnP sous Windows 2001-11-06T00:00:00.000000 2001-11-06T00:00:00.000000
certa-2001-avi-138 Vulnérabilité des SYNCOOKIES dans le noyau Linux 2001-11-07T00:00:00.000000 2001-11-07T00:00:00.000000
certa-2001-avi-139 Vulnérabilité de CDE 2001-11-13T00:00:00.000000 2002-03-27T00:00:00.000000
certa-2001-avi-140 Vulnérabilités dans Internet Explorer 2001-11-15T00:00:00.000000 2001-11-15T00:00:00.000000
certa-2001-avi-141 Vulnérabilités de Lotus domino Server 5.x 2001-11-15T00:00:00.000000 2001-11-15T00:00:00.000000
certa-2001-avi-142 Vulnérabilité des utilitaires 'ppp' 2001-11-16T00:00:00.000000 2001-11-16T00:00:00.000000
certa-2001-avi-143 Vulnérabilité dans les routeurs Cisco 2001-11-16T00:00:00.000000 2001-11-16T00:00:00.000000
certa-2001-avi-144 Vulnérabilités liées aux ACL dans les routeurs CISCO 12000 2001-11-20T00:00:00.000000 2001-11-20T00:00:00.000000
certa-2001-avi-145 Vulnérabilités dans le service d'impression lpsched sous IRIX 2001-11-20T00:00:00.000000 2001-11-20T00:00:00.000000
certa-2001-avi-146 Vulnérabilité dans Windows Media Player 2001-11-20T00:00:00.000000 2001-11-20T00:00:00.000000
certa-2001-avi-147 Corruption de cache ARP des équipements CISCO 2001-11-22T00:00:00.000000 2001-11-22T00:00:00.000000
ID Description Published Updated
jvndb-2007-000260 Shihonkanri Plus Ver2 GOOUT directory traversal vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000290 InfoBarrier4 self-decrypted file vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000295 APOP password recovery vulnerability 2008-05-21T00:00+09:00 2009-08-06T11:39+09:00
jvndb-2007-000297 Apache Tomcat Accept-Language Header Cross-Site Scripting Vulnerability 2008-05-21T00:00+09:00 2008-07-11T13:47+09:00
jvndb-2007-000301 Canon Network Camera Server VB100 Series vulnerable to cross-site scripting 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000322 Lunascape RSS reader arbitrary script execution vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000329 Java Web Start vulnerable to execution of unauthorized system classes 2008-05-21T00:00+09:00 2008-06-06T16:22+09:00
jvndb-2007-000395 Homepage Builder sample CGI programs vulnerable to OS command injection 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000400 Advance-Flow cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000420 HP System Management Homepage cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000429 Meneame cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000434 ADPLAN cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000446 Internet Explorer vulnerable in MHTML handling 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000447 Internet Explorer vulnerable in handling MHTML protocol 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000454 dotProject cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000456 Apache Tomcat sample web application cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-07-11T13:48+09:00
jvndb-2007-000457 Apache Tomcat cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-07-11T13:48+09:00
jvndb-2007-000471 RaidenHTTPD cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000476 Hiki arbitrary file deletion vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000486 rktSNS cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000487 sHTTPd cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000491 Lhaca LHZ Archive Extended Header Size Processing Buffer Overflow Vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000494 KDDI sample CGI download program directory traversal vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000507 Flash Player allows to send arbitrary Referer headers 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000548 Nessus report function vulnerable to arbitrary script execution 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000551 Aruba Mobility Controller Series cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000559 Yayoi Kaikei improper handling of credential information 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000560 Safari URL spoofing vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000572 WebCart cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000598 Apache Tomcat Host Manager cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
ID Description Published Updated
cnvd-2015-00098 HumHub SQL注入漏洞 2015-01-07 2015-01-08
cnvd-2015-00099 Apache POI拒绝服务漏洞 2015-01-07 2015-01-08
cnvd-2015-00100 Apache Solr跨站脚本漏洞 2015-01-07 2015-01-08
cnvd-2015-00101 McAfee ePolicy Orchestrator 'conditionXML'参数XML外部实体注入漏洞 2015-01-07 2015-01-08
cnvd-2015-00102 Xen拒绝服务漏洞(CNVD-2015-00102) 2015-01-07 2015-01-08
cnvd-2015-00103 FlexPaper 'FlexPaperViewer.swf'跨站脚本漏洞 2015-01-07 2015-01-08
cnvd-2015-00104 FlexPaper ‘FlexPaperViewer.swf'’内容欺骗漏洞 2015-01-07 2015-01-08
cnvd-2015-00105 Sefrengo CMS 'main.php'存在多个SQL注入漏洞 2015-01-07 2015-01-08
cnvd-2015-00106 Sefrengo CMS 'main.php'跨站脚本漏洞 2015-01-07 2015-01-08
cnvd-2015-00148 Microsoft Dynamics CRM跨站脚本漏洞 2015-01-07 2015-01-09
cnvd-2015-00144 e107 ' e107_admin/users.php'跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00145 Hex-Rays IDA Pro缓冲区溢出漏洞 2015-01-08 2015-01-09
cnvd-2015-00146 Ruby RedCloth library跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00147 Easy File Sharing Web Server跨站脚本漏洞(CNVD-2015-00147) 2015-01-08 2015-01-09
cnvd-2015-00151 SAP NetWeaver Business Client存在多个跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00152 ZOHO ManageEngine ADSelfService Plus跨站脚本漏洞(CNVD-2015-00152) 2015-01-08 2015-01-09
cnvd-2015-00153 CGManager本地信息泄露漏洞 2015-01-08 2015-01-09
cnvd-2015-00154 Strongswan IKEv2 Payloads远程拒绝服务漏洞 2015-01-08 2015-01-09
cnvd-2015-00155 D-Bus本地权限提升漏洞 2015-01-08 2015-01-09
cnvd-2015-00156 Asuswrt 'infosvr'远程命令执行漏洞 2015-01-08 2015-01-09
cnvd-2015-00157 Open-Xchange Server/OX App Suite存在未明HTML注入漏洞 2015-01-08 2015-01-09
cnvd-2015-00158 WordPress插件Banner Effect Header 'options-general.php'跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00159 Kajona 'admin.php'跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00160 TYPO3存在未明漏洞 2015-01-08 2015-01-09
cnvd-2015-00161 TYPO3 Url任意域修改漏洞 2015-01-08 2015-01-09
cnvd-2015-00162 Smoothwall Express存在多个跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00163 Smoothwall Express跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00164 Smoothwall Express存在多个跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00165 WordPress插件Simplelife存在多个跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00166 WordPress插件SimpleFlickr存在多个跨站请求伪造漏洞 2015-01-08 2015-01-09
ID Description Published Updated
bdu:2015-02601 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02602 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02603 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02604 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02605 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02606 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02607 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02608 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02609 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02610 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02611 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02612 Уязвимость программной библиотеки для анализа XML-документов Libxml2, связанная с выходом… 28.04.2015 29.03.2021
bdu:2015-02613 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02614 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02615 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02616 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02617 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02618 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02619 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02620 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02621 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02622 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02623 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02624 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02625 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02626 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02627 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02628 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02629 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02630 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
ID Description Updated
var-201903-1633 Kodak video conference terminal console exists Cookie Stored in plaintext password vulner… 2022-05-04T08:36:23.987000Z
var-201901-1691 ESPCMS is a set of enterprise website management system based on LAMP development and con… 2022-05-04T08:36:32.541000Z
var-201811-1129 Shanghai Feixun Data Communication Technology Co., Ltd. is a technologically innovative e… 2022-05-04T08:36:54.996000Z
var-201810-1611 The Sunell camera is a camera produced by Shenzhen Jingyang Technology Co., Ltd. An auth… 2022-05-04T08:36:57.873000Z
var-201809-1342 The NSG ™ 9000-6G high-density universal edgeQAM system is a highly integrated digital vi… 2022-05-04T08:37:13.933000Z
var-201808-1085 Wenzhou Dongkun Technology Co., Ltd. is a high-tech enterprise integrating design, resear… 2022-05-04T08:37:20.498000Z
var-201806-1887 Skyworth Group Co., Ltd. is a technology listed company that produces consumer electronic… 2022-05-04T08:37:46.513000Z
var-201804-1732 Shenzhen Tongwei Digital Technology Co., Ltd. (TVT) is a world-class product and system s… 2022-05-04T08:38:03.623000Z
var-201803-2362 The Play Library SDK is developed based on Dahua's proprietary stream encapsulation proto… 2022-05-04T08:38:30.750000Z
var-201801-1842 pelco Sarix Professional is a video camera. There is an unauthorized access vulnerabilit… 2022-05-04T08:38:52.086000Z
var-201801-1821 pelco Sarix Professional is a video camera. There is a login bypass vulnerability in the… 2022-05-04T08:38:52.097000Z
var-201712-0144 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1… 2022-05-04T08:39:09.657000Z
var-201709-1254 Delllaptop is a portable computer from Dell Corporation of the United States. WavesAudioW… 2022-05-04T08:39:26.418000Z
var-201708-1646 The DIR series is a series of cloud router products from D-Link. A remote command executi… 2022-05-04T08:39:29.740000Z
var-201706-1132 Dahua Alarm Management Platform is a comprehensive system solution with alarm reception a… 2022-05-04T08:39:57.924000Z
var-201706-1111 Foscamcamera is a webcam that can push messages to mobile phones and directly implement v… 2022-05-04T08:39:57.935000Z
var-201702-1098 Shenzhen Haishilian Technology Co., Ltd. is a comprehensive technology enterprise integra… 2022-05-04T08:40:32.175000Z
var-201701-1167 Modicon M218 is a compact programmable logic controller produced by Schneider Electric of… 2022-05-04T08:40:40.276000Z
var-201612-0654 SamsungDVR is a small PC for recording TV broadcast, cable TV or DirectTV transmission. S… 2022-05-04T08:40:56.806000Z
var-201611-0420 D-Link DIR-890L is a wireless cloud router. A buffer overflow vulnerability exists in th… 2022-05-04T08:41:29.674000Z
var-201611-0399 Hisense camera has weak password, allowing initial password login 2022-05-04T08:41:29.685000Z
var-201610-0723 Zhongke Dayang 3GLive Multimedia is based on 3G network technology and provides a brand n… 2022-05-04T08:41:35.320000Z
var-201501-0782 Netcore is a manufacturer of network communications in Shenzhen Leike. Its main products … 2022-05-04T08:43:39.336000Z
var-201405-0648 Cisco NX-OS is a data center-class operating system that embodies modular design, resilie… 2022-05-04T08:44:10.408000Z
var-201312-0607 ASUS WL520gu Wireless Router is a wireless router device. The ASUS WL520gu Wireless Route… 2022-05-04T08:44:26.610000Z
var-201208-0033 Race condition in Comodo Internet Security before 4.1.149672.916 on Windows XP allows loc… 2022-05-04T08:45:24.663000Z
var-201208-0026 ** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allow… 2022-05-04T08:45:24.696000Z
var-201003-0524 RCA Digital Cable Modem DCM425 is a modem that provides a high-speed two-way connection b… 2022-05-04T08:47:52.941000Z
var-200104-0018 When the length of a certain type of Web request exceeds a certain value, the Web Proxy S… 2022-05-04T08:51:35.094000Z
var-202202-0283 A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Script… 2022-05-04T08:51:45.760000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated