Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-1999-0357
N/A
Windows 98 and other operating systems allows rem… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.899Z
CVE-1999-0362
N/A
WS_FTP server remote denial of service through cw… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.069Z
CVE-1999-0363
N/A
SuSE 5.2 PLP lpc program has a buffer overflow th… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.119Z
CVE-1999-0365
N/A
The metamail package allows remote command execut… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.099Z
CVE-1999-0366
N/A
In some cases, Service Pack 4 for Windows NT 4.0 … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.127Z
CVE-1999-0367
N/A
NetBSD netstat command allows local users to acce… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.886Z
CVE-1999-0368
N/A
Buffer overflows in wuarchive ftpd (wu-ftpd) and … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.941Z
CVE-1999-0369
N/A
The Sun sdtcm_convert calendar utility for OpenWi… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.102Z
CVE-1999-0371
N/A
Lynx allows a local user to overwrite sensitive f… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.961Z
CVE-1999-0372
N/A
The installer for BackOffice Server includes acco… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.089Z
CVE-1999-0373
N/A
Buffer overflow in the "Super" utility in Debian … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.034Z
CVE-1999-0374
N/A
Debian GNU/Linux cfengine package is susceptible … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.020Z
CVE-1999-0375
N/A
Buffer overflow in webd in Network Flight Recorde… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.160Z
CVE-1999-0376
N/A
Local users in Windows NT can obtain administrato… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.169Z
CVE-1999-0377
N/A
Process table attack in Unix systems allows a rem… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.942Z
CVE-1999-0379
N/A
Microsoft Taskpads allows remote web sites to exe… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.036Z
CVE-1999-0382
N/A
The screen saver in Windows NT does not verify th… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.882Z
CVE-1999-0383
N/A
ACC Tigris allows public access without a login. n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.948Z
CVE-1999-0384
N/A
The Forms 2.0 ActiveX control (included with Visu… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.891Z
CVE-1999-0385
N/A
The LDAP bind function in Exchange 5.5 has a buff… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.137Z
CVE-1999-0386
N/A
Microsoft Personal Web Server and FrontPage Perso… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.942Z
CVE-1999-0388
N/A
DataLynx suGuard trusts the PATH environment vari… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.030Z
CVE-1999-0391
N/A
The cryptographic challenge of SMB authentication… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.955Z
CVE-1999-0392
N/A
Buffer overflow in Thomas Boutell's cgic library … n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.030Z
CVE-1999-0396
N/A
A race condition between the select() and accept(… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.090Z
CVE-1999-0402
N/A
wget 1.5.3 follows symlinks to change permissions… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.088Z
CVE-1999-0404
N/A
Buffer overflow in the Mail-Max SMTP server for W… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.159Z
CVE-1999-0405
N/A
A buffer overflow in lsof allows local users to o… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:52.138Z
CVE-1999-0410
N/A
The cancel command in Solaris 2.6 (i386) has a bu… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:41:44.195Z
CVE-1999-0412
N/A
In IIS and other web servers, an attacker can att… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:41:44.212Z
ID CVSS Description Vendor Product Published Updated
CVE-1999-0959
N/A
IRIX startmidi program allows local users to modi… n/a
 n/a
 2000-07-12T04:00:00.000Z 2024-08-01T16:55:29.368Z
CVE-1999-1160
N/A
Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:02:53.764Z
CVE-1999-1299
N/A
rcp on various Linux systems including Red Hat 4.… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:01.725Z
CVE-1999-0298
N/A
ypbind with -ypset and -ypsetme options activated… n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:34:51.864Z
CVE-1999-0046
N/A
Buffer overflow of rlogin program using TERM envi… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.114Z
CVE-1999-0228
N/A
Denial of service in RPCSS.EXE program (RPC Locat… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.505Z
CVE-1999-0109
N/A
Buffer overflow in ffbconfig in Solaris 2.5.1. n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.326Z
CVE-1999-0041
N/A
Buffer overflow in NLS (Natural Language Service). n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-09-17T14:25:15.473Z
CVE-1999-0868
N/A
ucbmail allows remote attackers to execute comman… n/a
 n/a
 2000-01-04T05:00:00.000Z 2024-08-01T16:55:29.019Z
CVE-1999-0105
N/A
finger allows recursive searches by using a long … n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:27:57.570Z
CVE-1999-0106
N/A
Finger redirection allows finger bombs. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:27:57.430Z
CVE-1999-0165
N/A
NFS cache poisoning. n/a
 n/a
 2000-02-04T05:00:00.000Z 2024-08-01T16:27:57.763Z
CVE-1999-0318
N/A
Buffer overflow in xmcd 2.0p12 allows local users… n/a
 n/a
 2000-01-04T05:00:00.000Z 2024-08-01T16:34:51.883Z
CVE-1999-0612
N/A
A version of finger is running that exposes valid… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:41:45.686Z
CVE-1999-1128
N/A
Internet Explorer 3.01 on Windows 95 allows remot… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:02:53.742Z
CVE-1999-1489
N/A
Buffer overflow in TestChip function in XFree86 S… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:18:07.321Z
CVE-1999-0299
N/A
Buffer overflow in FreeBSD lpd through long DNS h… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.882Z
CVE-1999-1408
N/A
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:03.153Z
CVE-1999-1525
N/A
Macromedia Shockwave before 6.0 allows a maliciou… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:18:07.571Z
CVE-1999-0280
N/A
Remote command execution in Microsoft Internet Ex… n/a
 n/a
 2000-01-04T05:00:00.000Z 2024-08-01T16:34:51.880Z
CVE-1999-0292
N/A
Denial of service through Winpopup using large us… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.902Z
CVE-1999-0315
N/A
Buffer overflow in Solaris fdformat command gives… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:34:51.825Z
CVE-1999-1387
N/A
Windows NT 4.0 SP2 allows remote attackers to cau… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:03.030Z
CVE-1999-0042
N/A
Buffer overflow in University of Washington's imp… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.030Z
CVE-1999-1298
N/A
Sysinstall in FreeBSD 2.2.1 and earlier, when con… n/a
 n/a
 2002-03-09T05:00:00.000Z 2024-08-01T17:11:01.725Z
CVE-1999-0058
N/A
Buffer overflow in PHP cgi program, php.cgi allow… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.281Z
CVE-1999-0149
N/A
The wrap CGI program in IRIX allows remote attack… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:57.767Z
CVE-1999-0038
8.4 (3.1)
Buffer overflow in xlock program allows local use… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-09-12T14:37:48.860Z
CVE-1999-1296
N/A
Buffer overflow in Kerberos IV compatibility libr… n/a
 n/a
 2001-09-12T04:00:00.000Z 2024-08-01T17:11:01.877Z
CVE-1999-0040
N/A
Buffer overflow in Xt library of X Windowing Syst… n/a
 n/a
 1999-09-29T04:00:00.000Z 2024-08-01T16:27:56.678Z
ID Description Published Updated
ID Severity Description Published Updated
ghsa-w7q9-xr2x-wh7x
6.1 (3.1)
delayed_job_web Cross-site Scripting vulnerability 2018-03-05T19:06:00Z 2023-08-29T11:24:57Z
ghsa-6jqp-j69q-pm62
7.5 (3.1)
AWS Lambda parser is vulnerable to Regular Expression Denial of Service 2018-03-05T19:16:56Z 2022-04-25T22:28:16Z
ghsa-vqcm-7f7f-r539
7.8 (3.1)
brbackup exposes database password to unauthorized users 2018-03-05T19:32:06Z 2022-04-25T22:09:39Z
ghsa-8p2p-p8mg-x3cw
5.3 (3.1)
Insight API transaction broadcast endpoint can result in Full Path Disclosure 2018-03-05T19:33:54Z 2022-04-25T22:32:08Z
ghsa-pxr8-w3jq-rcwj
6.1 (3.1)
rails_admin ruby gem XSS 2018-03-05T19:37:23Z 2023-07-03T21:59:02Z
ghsa-h6rj-8r3c-9gpj
9.8 (3.1)
bson is vulnerable to denial of service due to incorrect regex validation 2018-03-05T19:43:21Z 2022-04-25T22:38:49Z
ghsa-325j-24f4-qv5x
5.9 (3.1)
Regular Expression Denial of Service in ssri 2018-03-07T22:22:20Z 2021-08-31T20:21:06Z
ghsa-688c-3x49-6rqj
5.9 (3.1)
rack-protection gem timing attack vulnerability when validating CSRF token 2018-03-07T22:22:22Z 2023-08-29T15:23:28Z
ghsa-wpq7-q8j4-72jg
8.8 (3.1)
Auth0-js bypasses CSRF checks 2018-03-07T22:22:24Z 2022-04-25T22:40:41Z
ghsa-6wpv-cj6x-v3jw
5.9 (3.1)
http vulnerable to Exposure of Sensitive Information to an Unauthorized Actor 2018-03-13T16:15:57Z 2026-04-17T19:00:58Z
ghsa-82gw-pqf7-q3j2
8.8 (3.1)
pym.js CSRF Vulnerability 2018-03-13T20:38:51Z 2023-09-11T18:19:05Z
ghsa-7h42-5vj2-cq39
8.1 (3.1)
tiny-json-http missing SSL certificate validation 2018-03-13T20:42:00Z 2023-09-13T22:19:39Z
ghsa-hwhh-2fwm-cfgw
6.1 (3.1)
Doorkeeper is vulnerable to stored XSS and code execution 2018-03-13T20:44:48Z 2022-04-26T17:36:10Z
ghsa-pcm6-g2qp-9gw8
7.8 (3.1)
Cap-Strap gem for Ruby places credentials on the useradd command line 2018-03-16T01:13:46Z 2023-07-03T23:45:19Z
ghsa-7f42-p84j-f58p
7.5 (3.1)
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting 2018-03-21T11:56:32Z 2023-01-23T20:47:11Z
ghsa-x7rv-cr6v-4vm4
6.1 (3.1)
Cross-site Scripting in loofah 2018-03-21T11:57:11Z 2023-07-05T20:45:55Z
ghsa-8xwg-wv7v-4vqp
8.1 (3.1)
Electron Vulnerable to Code Execution by Re-Enabling Node.js Integration 2018-03-26T16:41:17Z 2023-09-13T19:06:52Z
ghsa-fjqr-fx3f-g4rv
8.8 (3.1)
Electron protocol handler browser vulnerable to Command Injection 2018-03-26T16:41:20Z 2022-04-26T14:35:22Z
ghsa-882p-jqgm-f45g
6.5 (3.1)
Uncontrolled resource consumption in nokogiri 2018-04-13T16:17:46Z 2023-05-04T19:56:39Z
ghsa-vpch-rxw3-fgx8
6.1 (3.1)
Cross-Site Scripting in @risingstack/protect 2018-04-25T14:30:43Z 2021-09-20T22:10:09Z
ghsa-jp4x-w63m-7wgm
8.8 (3.1)
Prototype Pollution in hoek 2018-04-26T15:25:17Z 2025-05-29T22:49:49Z
ghsa-px3r-jm9g-c8w8
6.1 (3.1)
rails-html-sanitizer Cross-site Scripting vulnerability 2018-04-26T15:41:10Z 2023-03-01T18:54:07Z
ghsa-gvpx-9459-w3mj
6.1 (3.1)
Cross-Site Scripting in @ckeditor/ckeditor5-link 2018-05-23T20:37:46Z 2021-09-13T13:35:54Z
ghsa-mq35-wqvf-r23c
6.1 (3.1)
Sinatra Cross-site Scripting vulnerability 2018-06-05T21:32:06Z 2023-01-23T21:24:55Z
ghsa-3pxp-6963-46r9
9.8 (3.1)
Command Injection in pdfinfojs 2018-06-07T19:43:00Z 2023-01-31T01:38:38Z
ghsa-4662-j96g-mv46
Arbitrary Code Injection in reduce-css-calc 2018-06-07T19:43:06Z 2020-08-31T18:12:20Z
ghsa-vwjc-q9px-r9vq
Denial of Service in ecstatic 2018-06-07T19:43:11Z 2023-05-22T15:35:11Z
ghsa-rc8h-3fv6-pxv8
Denial of Service in hapi 2018-06-07T19:43:15Z 2020-08-31T18:09:46Z
ghsa-39pj-gq8q-9pfj
7.5 (3.1)
Authentication Weakness in keystone 2018-06-07T19:43:20Z 2021-08-31T20:54:56Z
ghsa-vwrf-r5r4-7775
Incorrect handling of CORS preflight request headers in hapi 2018-06-07T19:43:25Z 2020-08-31T18:09:06Z
ID Severity Description Package Published Updated
pysec-2014-110
Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_fo… mayan-edms 2014-05-27T13:55:00Z 2024-11-21T14:22:54.240407Z
pysec-2014-100
The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNT… freeipa 2014-05-29T14:19:00Z 2024-11-21T14:22:50.537629Z
pysec-2014-103
The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNT… ipa 2014-05-29T14:19:00Z 2024-11-21T14:22:51.957056Z
pysec-2014-89
python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary command… python-gnupg 2014-06-09T19:55:00Z 2021-08-27T03:22:18.100904Z
pysec-2014-78
Cross-site scripting (XSS) vulnerability in util/templatetags/djblets_js.py in Djblets be… djblets 2014-06-16T18:55:00Z 2021-08-27T03:22:03.219875Z
pysec-2014-79
Cross-site scripting (XSS) vulnerability in gravatars/templatetags/gravatars.py in Djblet… djblets 2014-06-16T18:55:00Z 2021-08-27T03:22:03.303468Z
pysec-2014-99
Multiple cross-site scripting (XSS) vulnerabilities in the respond_error function in rout… ajenti 2014-06-18T14:55:00Z 2021-12-13T06:35:03.086455Z
pysec-2014-114
Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows rem… ntopng 2014-06-19T10:50:00Z 2024-11-21T14:22:57.09034Z
pysec-2014-21
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket re… ipython 2014-08-07T11:13:00Z 2021-11-10T21:26:51.333186Z
pysec-2014-18
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local… salt 2014-08-22T17:55:00Z 2021-07-05T00:01:26.140564Z
pysec-2014-10
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x … pillow 2014-08-25T14:55:00Z 2021-07-05T00:01:23.718339Z
pysec-2014-107
The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Ju… keystone 2014-08-25T14:55:00Z 2024-11-25T18:35:18.357593Z
pysec-2014-108
The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Ju… keystone 2014-08-25T14:55:00Z 2024-11-25T18:35:18.357593Z
pysec-2014-109
OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not … keystone 2014-08-25T14:55:00Z 2024-11-25T18:35:18.357593Z
pysec-2014-4
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x… django 2014-08-26T14:55:00Z 2021-07-05T00:01:18.862505Z
pysec-2014-5
The default configuration for the file upload handling system in Django before 1.4.14, 1.… django 2014-08-26T14:55:00Z 2021-07-05T00:01:18.973883Z
pysec-2014-6
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.… django 2014-08-26T14:55:00Z 2021-07-05T00:01:19.085708Z
pysec-2014-7
The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9,… django 2014-08-26T14:55:00Z 2021-07-05T00:01:19.203370Z
pysec-2014-115
The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using… portage 2014-09-29T22:55:00Z 2024-11-21T14:22:59.10272Z
pysec-2014-27
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers … plone 2014-09-30T14:55:00Z 2021-09-01T08:44:28.919312Z
pysec-2014-28
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3… plone 2014-09-30T14:55:00Z 2021-07-25T23:34:43.396566Z
pysec-2014-29
The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before b… plone 2014-09-30T14:55:00Z 2021-09-01T08:44:29.087946Z
pysec-2014-30
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to … plone 2014-09-30T14:55:00Z 2021-09-01T08:44:29.194034Z
pysec-2014-31
The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13… plone 2014-09-30T14:55:00Z 2021-09-01T08:44:29.299631Z
pysec-2014-32
Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 bef… plone 2014-09-30T14:55:00Z 2021-09-01T08:44:29.407022Z
pysec-2014-33
z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to… plone 2014-09-30T14:55:00Z 2021-09-01T08:44:29.513262Z
pysec-2014-34
uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obt… plone 2014-09-30T14:55:00Z 2021-09-01T08:44:29.620104Z
pysec-2014-35
gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users wit… plone 2014-09-30T14:55:00Z 2021-09-01T08:44:29.732595Z
pysec-2014-36
Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone before 4.2.3 and 4… plone 2014-09-30T14:55:00Z 2021-09-01T08:44:29.835907Z
pysec-2014-37
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to … plone 2014-09-30T14:55:00Z 2021-09-01T08:44:29.952455Z
ID Description Updated
ID Description Published Updated
mal-2022-6067 Malicious code in sg-dome (npm) 2022-06-01T09:27:58Z 2022-06-01T09:27:58Z
mal-2022-6068 Malicious code in sg-orbit (npm) 2022-06-01T09:27:58Z 2022-06-01T09:28:03Z
mal-2022-618 Malicious code in @superbet-group/testsandbox (npm) 2022-06-01T09:30:48Z 2022-06-01T09:30:48Z
mal-2022-1056 Malicious code in apnic-bootstrap4 (npm) 2022-06-02T09:02:44Z 2022-06-02T09:02:45Z
mal-2022-4290 Malicious code in lexical-monorepo (npm) 2022-06-02T10:28:04Z 2022-06-02T10:28:05Z
mal-2022-2320 Malicious code in dai-pg (npm) 2022-06-02T10:38:35Z 2022-06-02T10:38:36Z
mal-2022-3849 Malicious code in insights-explorer (npm) 2022-06-02T10:38:35Z 2022-06-02T10:38:36Z
mal-2022-5059 Malicious code in olx-hubot (npm) 2022-06-02T10:38:35Z 2022-06-02T10:38:36Z
mal-2022-6963 Malicious code in volcan0x (npm) 2022-06-02T10:38:35Z 2022-06-02T10:38:41Z
mal-2022-7230 Malicious code in wormhole-client (npm) 2022-06-02T10:38:35Z 2022-06-02T10:38:36Z
mal-2022-4465 Malicious code in makerdao-governance-bot (npm) 2022-06-02T10:38:36Z 2022-06-02T10:38:41Z
mal-2022-7231 Malicious code in wormhole-icco (npm) 2022-06-02T10:38:36Z 2022-06-02T10:38:37Z
mal-2022-4947 Malicious code in npmbulabula (npm) 2022-06-02T10:41:59Z 2022-06-02T10:41:59Z
mal-2022-6909 Malicious code in vfdp-ui-framework (npm) 2022-06-02T10:43:40Z 2022-06-02T10:43:41Z
mal-2022-168 Malicious code in @chegg-me-components/header (npm) 2022-06-02T10:47:20Z 2022-06-02T10:47:20Z
mal-2022-200 Malicious code in @design-components/customer (npm) 2022-06-02T10:47:20Z 2022-06-02T10:47:20Z
mal-2022-503 Malicious code in @pixiv-vroid-hub/vroid-hub-viewer (npm) 2022-06-02T10:47:20Z 2022-06-02T10:47:20Z
mal-2022-7068 Malicious code in web-excess (npm) 2022-06-02T10:49:17Z 2022-06-02T10:49:17Z
mal-2022-2770 Malicious code in epic-ue-fonts (npm) 2022-06-02T10:50:08Z 2022-06-02T10:50:08Z
mal-2022-2524 Malicious code in discordjs-selfbotjs (npm) 2022-06-02T10:58:04Z 2022-06-02T10:58:05Z
mal-2022-1998 Malicious code in color-xzibit (npm) 2022-06-02T10:58:54Z 2022-06-02T10:58:55Z
mal-2022-6342 Malicious code in stylis-ifl4 (npm) 2022-06-02T11:02:35Z 2022-06-02T11:02:36Z
mal-2022-1043 Malicious code in api-token-admin (npm) 2022-06-02T11:02:51Z 2022-06-02T11:02:51Z
mal-2022-4780 Malicious code in nab-packages-react-utils-nab (npm) 2022-06-03T00:00:00Z 2023-09-05T02:23:23Z
mal-2022-2379 Malicious code in ddd-demo (npm) 2022-06-08T08:19:30Z 2022-06-08T08:19:30Z
mal-2022-2380 Malicious code in ddd-demo2 (npm) 2022-06-08T08:19:30Z 2022-06-08T08:19:30Z
mal-2022-2381 Malicious code in ddd-demo3 (npm) 2022-06-08T08:19:45Z 2022-06-08T08:19:54Z
mal-2022-2307 Malicious code in d2l-rubric (npm) 2022-06-08T08:33:40Z 2022-06-08T08:33:41Z
mal-2022-2308 Malicious code in d2l-rubric-polymer (npm) 2022-06-08T08:33:40Z 2022-06-08T08:33:41Z
mal-2022-4659 Malicious code in mock-solc-0.6 (npm) 2022-06-08T08:37:55Z 2022-06-08T08:37:55Z
ID Description Published Updated
ID Description Published Updated
wid-sec-w-2023-1086 libarchive: Schwachstelle ermöglicht Denial of Service 2017-09-06T22:00:00.000+00:00 2023-04-26T22:00:00.000+00:00
wid-sec-w-2024-2015 QEMU: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes 2017-09-07T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2025-0992 MongoDB: Schwachstelle ermöglicht Denial of Service 2017-09-10T22:00:00.000+00:00 2025-05-11T22:00:00.000+00:00
wid-sec-w-2025-0423 Apache Tomcat: Mehrere Schwachstellen 2017-09-19T22:00:00.000+00:00 2025-02-20T23:00:00.000+00:00
wid-sec-w-2025-0370 Apple Mac OS: Mehrere Schwachstellen 2017-09-25T22:00:00.000+00:00 2025-02-13T23:00:00.000+00:00
wid-sec-w-2024-2078 Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation 2017-09-26T22:00:00.000+00:00 2025-01-19T23:00:00.000+00:00
wid-sec-w-2025-0513 OpenVPN: Schwachstelle ermöglicht Denial of Service 2017-09-28T22:00:00.000+00:00 2025-03-10T23:00:00.000+00:00
wid-sec-w-2023-1646 libcurl: Schwachstelle ermöglicht Denial of Service 2017-10-03T22:00:00.000+00:00 2023-07-04T22:00:00.000+00:00
wid-sec-w-2025-0422 Apache Tomcat: Schwachstelle ermöglicht Codeausführung 2017-10-03T22:00:00.000+00:00 2025-02-20T23:00:00.000+00:00
wid-sec-w-2024-2014 QEMU: Schwachstelle ermöglicht Offenlegung von Informationen 2017-10-08T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2024-2013 QEMU: Schwachstelle ermöglicht Denial of Service 2017-10-11T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2024-2012 QEMU: Schwachstelle ermöglicht Denial of Service 2017-10-12T22:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2025-0369 IEEE WPA2: Mehrere Schwachstellen 2017-10-15T22:00:00.000+00:00 2025-02-16T23:00:00.000+00:00
wid-sec-w-2025-1659 International Components for Unicode (icu): Schwachstelle ermöglicht Denial of Service 2017-10-16T22:00:00.000+00:00 2025-10-26T23:00:00.000+00:00
wid-sec-w-2025-1427 Google Chrome: Mehrere Schwachstellen 2017-10-18T22:00:00.000+00:00 2025-06-30T22:00:00.000+00:00
wid-sec-w-2024-1038 Red Hat Enterprise Linux Server: Schwachstelle ermöglicht Offenlegung von Informationen 2017-10-19T22:00:00.000+00:00 2024-11-11T23:00:00.000+00:00
wid-sec-w-2023-1645 libcurl: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes 2017-10-22T22:00:00.000+00:00 2023-07-04T22:00:00.000+00:00
wid-sec-w-2025-2405 Google Chrome: Schwachstelle ermöglicht Codeausführung 2017-10-26T22:00:00.000+00:00 2025-10-26T23:00:00.000+00:00
wid-sec-w-2023-0720 Red Hat JBoss: Mehrere Schwachstellen 2017-11-02T23:00:00.000+00:00 2023-03-22T23:00:00.000+00:00
wid-sec-w-2024-0206 OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2017-11-02T23:00:00.000+00:00 2025-10-20T22:00:00.000+00:00
wid-sec-w-2025-2505 Shadow: Schwachstelle ermöglicht Privilegieneskalation 2017-11-08T23:00:00.000+00:00 2025-11-06T23:00:00.000+00:00
wid-sec-w-2024-0143 PostgreSQL: Mehrere Schwachstellen 2017-11-09T23:00:00.000+00:00 2025-07-31T22:00:00.000+00:00
wid-sec-w-2024-2011 QEMU: Schwachstelle ermöglicht Offenlegung von Informationen 2017-11-16T23:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
wid-sec-w-2025-0268 Perl: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Administratorrechten 2017-11-19T23:00:00.000+00:00 2025-02-04T23:00:00.000+00:00
wid-sec-w-2023-0880 Oracle Berkeley DB: Schwachstelle ermöglicht Offenlegung von Informationen 2017-11-21T23:00:00.000+00:00 2023-04-05T22:00:00.000+00:00
wid-sec-w-2023-1158 libxml2: Mehrere Schwachstellen ermöglichen Denial of Service 2017-11-23T23:00:00.000+00:00 2025-06-30T22:00:00.000+00:00
wid-sec-w-2024-0876 RPM: Schwachstelle ermöglicht Privilegieneskalation 2017-11-23T23:00:00.000+00:00 2024-04-11T22:00:00.000+00:00
wid-sec-w-2023-0891 cURL: Mehrere Schwachstellen 2017-11-29T23:00:00.000+00:00 2023-07-04T22:00:00.000+00:00
wid-sec-w-2025-0961 libTIFF: Schwachstelle ermöglicht Codeausführung 2017-12-03T23:00:00.000+00:00 2025-11-09T23:00:00.000+00:00
wid-sec-w-2024-2010 QEMU: Schwachstelle ermöglicht Denial of Service 2017-12-05T23:00:00.000+00:00 2024-09-02T22:00:00.000+00:00
ID Description Published Updated
icsa-14-189-02 Innominate mGuard Unauthorized Leakage of System Data 2014-04-10T06:00:00.000000Z 2025-06-06T22:45:43.410774Z
icsa-14-196-01 SubSTATION Server Telegyr 8979 Master Vulnerabilities 2014-04-17T06:00:00.000000Z 2025-06-06T22:45:50.215260Z
icsa-14-198-01 Cogent DataHub Code Injection Vulnerability 2014-04-19T06:00:00.000000Z 2025-06-06T22:45:56.681631Z
icsa-14-198-02 Advantech WebAccess Vulnerabilities 2014-04-19T06:00:00.000000Z 2025-06-06T22:46:03.132898Z
icsa-14-202-01a OleumTech WIO Family Vulnerabilities 2014-04-23T06:00:00.000000Z 2025-06-06T18:45:43.946744Z
icsa-14-203-01 Omron NS Series HMI Vulnerabilities 2014-04-24T06:00:00.000000Z 2025-06-06T22:46:35.467432Z
icsa-14-205-01 Morpho Itemiser 3 Hard-Coded Credential 2014-04-26T06:00:00.000000Z 2025-06-06T18:46:03.252742Z
icsa-14-205-02a Siemens SIMATIC WinCC Vulnerabilities (Update A) 2014-04-26T06:00:00.000000Z 2025-06-12T18:44:31.147692Z
icsa-14-224-01 Ecava Integraxor SCADA Server Vulnerabilities 2014-05-15T06:00:00.000000Z 2025-06-06T22:47:21.277370Z
icsa-14-226-01 Siemens SIMATIC S7-1500 CPU Denial of Service 2014-05-17T06:00:00.000000Z 2025-06-06T22:47:47.106108Z
icsa-14-238-01 CG Automation Improper Input Validation 2014-05-29T06:00:00.000000Z 2025-06-06T22:47:53.555337Z
icsa-14-238-02 Schneider Electric Wonderware Vulnerabilities 2014-05-29T06:00:00.000000Z 2025-06-06T18:46:09.707282Z
icsa-14-247-01a Sensys Networks Traffic Sensor Vulnerabilities (Update A) 2014-06-07T06:00:00.000000Z 2025-06-06T22:48:06.463498Z
icsa-14-254-01 Schneider Electric VAMPSET Buffer Overflow 2014-06-14T06:00:00.000000Z 2025-06-06T22:48:19.541393Z
icsa-14-254-02 Rockwell Micrologix 1400 DNP3 DOS Vulnerability 2014-06-14T06:00:00.000000Z 2025-06-06T22:48:25.978305Z
icsa-14-259-01a Schneider Electric SCADA Expert ClearSCADA Vulnerabilities (Update A) 2014-06-19T06:00:00.000000Z 2025-06-06T22:48:32.407633Z
icsa-14-260-01a Yokogawa CENTUM and Exaopc Vulnerability (Update A) 2014-06-20T06:00:00.000000Z 2025-06-06T22:48:51.805857Z
icsa-14-261-01 Advantech WebAccess Vulnerabilities 2014-06-21T06:00:00.000000Z 2025-06-06T22:48:58.295004Z
icsa-14-269-01a Bash Command Injection Vulnerability 2014-06-29T06:00:00.000000Z 2025-06-06T18:46:41.883464Z
icsa-14-269-02 Fox DataDiode Proxy Server CSRF Vulnerability 2014-06-29T06:00:00.000000Z 2025-06-06T22:49:50.228012Z
icsa-14-273-01 SchneiderWEB Server Directory Traversal Vulnerability 2014-07-03T06:00:00.000000Z 2025-06-06T18:46:48.565481Z
icsa-14-275-01 Meinberg Radio Clocks LANTIME M-Series XSS 2014-07-05T06:00:00.000000Z 2025-06-06T22:49:56.704328Z
icsa-14-275-02 Accuenergy Acuvim II Authentication Vulnerabilities 2014-07-05T06:00:00.000000Z 2025-06-06T22:50:03.174225Z
icsa-14-287-01 GE Proficy HMI/SCADA DNP3 Driver Input Validation 2014-07-17T06:00:00.000000Z 2025-06-06T22:50:16.095529Z
icsa-14-288-01 CareFusion Pyxis SupplyStation System Vulnerabilities 2014-07-18T06:00:00.000000Z 2025-06-06T22:50:22.557418Z
icsa-14-289-01 IOServer Resource Exhaustion Vulnerability 2014-07-19T06:00:00.000000Z 2025-06-06T22:50:48.380867Z
icsa-14-289-02 GE Proficy HMI/SCADA CIMPLICITY CimView Memory Access Violation 2014-07-19T06:00:00.000000Z 2025-06-06T22:50:54.817836Z
icsa-14-294-01 Rockwell Automation Connected Components Workbench ActiveX Component Vulnerabilities 2014-07-24T06:00:00.000000Z 2025-06-06T22:51:01.469791Z
icsa-14-303-01 Nordex NC2 XSS Vulnerability 2014-08-02T06:00:00.000000Z 2025-06-06T22:51:07.945182Z
icsa-14-303-02 Elipse SCADA DNP3 Denial of Service 2014-08-02T06:00:00.000000Z 2025-06-06T22:51:14.375678Z
ID Description Published Updated
cisco-sa-20180606-prime-bypass Cisco Prime Collaboration Provisioning Access Control Bypass Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-prime-escalation Cisco Prime Collaboration Provisioning Access Control Deficiency in Batch Function Privilege Escalation Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-prime-password-recovery Cisco Prime Collaboration Provisioning Unauthorized Password Recovery Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-prime-password-reset Cisco Prime Collaboration Provisioning Unauthorized Password Reset Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-prime-rmi Cisco Prime Collaboration Provisioning Unauthenticated Remote Method Invocation Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-prime-sql Cisco Prime Collaboration Provisioning SQL Injection Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-ucm-xss Cisco Unified Communications Manager Cross-Site Scripting Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-ucs-access Cisco Unified Computing System Role-Based Access Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-ucsdimcs Cisco Integrated Management Controller Supervisor and Cisco UCS Director DOM Stored Cross-Site Scripting Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-waas-priv-escalation Cisco Wide Area Application Services Software Scripts Privilege Escalation Vulnerability 2018-06-06T16:00:00+00:00 2019-01-24T17:17:00+00:00
cisco-sa-20180606-waas-snmp Cisco Wide Area Application Services Software Static SNMP Credentials Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-webex-xss Cisco WebEx Cross-Site Scripting Vulnerability 2018-06-06T16:00:00+00:00 2018-06-06T16:00:00+00:00
cisco-sa-20180606-webex-xss1 Cisco WebEx Cross-Site Scripting Vulnerability 2018-06-06T16:00:00+00:00 2018-06-11T20:47:00+00:00
cisco-sa-20180606-wsa Cisco Web Security Appliance Layer 4 Traffic Monitor Security Bypass Vulnerability 2018-06-06T16:00:00+00:00 2018-06-08T14:26:00+00:00
cisco-sa-20180620-anyconnect-dos Cisco AnyConnect Secure Mobility Client for Windows Desktop Denial of Service Vulnerability 2018-06-20T16:00:00+00:00 2018-06-20T16:00:00+00:00
cisco-sa-20180620-cms-sf Cisco Meeting Server Session Fixation Vulnerability 2018-06-20T16:00:00+00:00 2018-06-20T16:00:00+00:00
cisco-sa-20180620-encs-ucs-bios-auth-bypass Cisco 5000 Series Enterprise Network Compute System and Cisco UCS E-Series Servers BIOS Authentication Bypass Vulnerability 2018-06-20T16:00:00+00:00 2018-07-05T20:41:00+00:00
cisco-sa-20180620-firepower-csrf Cisco Firepower Management Center Cross-Site Request Forgery Vulnerability 2018-06-20T16:00:00+00:00 2018-06-20T16:00:00+00:00
cisco-sa-20180620-firepwr-pt Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal Vulnerability 2018-06-20T16:00:00+00:00 2018-07-05T21:11:00+00:00
cisco-sa-20180620-fx-os-cli-execution Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability 2018-06-20T16:00:00+00:00 2018-07-05T21:11:00+00:00
cisco-sa-20180620-fx-os-fabric-dos Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability 2018-06-20T16:00:00+00:00 2018-07-05T21:11:00+00:00
cisco-sa-20180620-fx-os-fabric-execution Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability 2018-06-20T16:00:00+00:00 2018-07-05T21:11:00+00:00
cisco-sa-20180620-fxnxos-ace Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability 2018-06-20T16:00:00+00:00 2018-07-12T18:43:00+00:00
cisco-sa-20180620-fxnxos-dos Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution Vulnerability 2018-06-20T16:00:00+00:00 2018-07-05T21:11:00+00:00
cisco-sa-20180620-fxnxos-fab-ace Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability 2018-06-20T16:00:00+00:00 2018-07-05T21:11:00+00:00
cisco-sa-20180620-fxos-ace Cisco FXOS Software and UCS Fabric Interconnect Arbitrary Code Execution Vulnerability 2018-06-20T16:00:00+00:00 2018-07-05T21:12:00+00:00
cisco-sa-20180620-fxos-dos Cisco FXOS Software and UCS Fabric Interconnect Web UI Denial of Service Vulnerability 2018-06-20T16:00:00+00:00 2018-07-05T21:12:00+00:00
cisco-sa-20180620-meeting-server-dos Cisco Meeting Server Web Admin Interface Denial of Service Vulnerability 2018-06-20T16:00:00+00:00 2018-06-20T16:00:00+00:00
cisco-sa-20180620-n3k-n9k-clisnmp Cisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling Denial of Service Vulnerability 2018-06-20T16:00:00+00:00 2018-07-10T20:19:00+00:00
cisco-sa-20180620-n4k-snmp-dos Cisco Nexus 4000 Series Switch Simple Network Management Protocol Polling Denial of Service Vulnerability 2018-06-20T16:00:00+00:00 2018-06-20T16:00:00+00:00
ID Description Published Updated
msrc_cve-2018-1000156 GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. 2018-04-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2018-10392 mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. 2018-04-02T00:00:00.000Z 2022-01-19T00:00:00.000Z
msrc_cve-2018-10393 bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. 2018-04-02T00:00:00.000Z 2022-01-19T00:00:00.000Z
msrc_cve-2018-1000168 nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1. 2018-05-02T00:00:00.000Z 2021-06-06T00:00:00.000Z
msrc_cve-2018-10689 blktrace (aka Block IO Tracing) 1.2.0 as used with the Linux kernel and Android has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small as demonstrated by an invalid free when using the btt program with a crafted file. 2018-05-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2018-11439 The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. 2018-05-02T00:00:00.000Z 2022-01-19T00:00:00.000Z
msrc_cve-2018-7159 The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete. 2018-05-02T00:00:00.000Z 2025-12-07T01:36:21.000Z
msrc_cve-2017-16046 `mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. 2018-06-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2018-1000182 A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. 2018-06-02T00:00:00.000Z 2020-09-25T00:00:00.000Z
msrc_cve-2018-1000500 Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file". 2018-06-02T00:00:00.000Z 2020-10-25T00:00:00.000Z
msrc_cve-2018-11694 An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. 2018-06-02T00:00:00.000Z 2023-08-01T00:00:00.000Z
msrc_cve-2018-7161 All versions of Node.js 8.x 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug where objects are used in native code after they are no longer available. This has been addressed by updating the http2 implementation. 2018-06-02T00:00:00.000Z 2021-06-06T00:00:00.000Z
msrc_cve-2018-7162 All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node process which provides an http server supporting TLS server to crash. This can be accomplished by sending duplicate/unexpected messages during the handshake. This vulnerability has been addressed by updating the TLS implementation. 2018-06-02T00:00:00.000Z 2021-06-06T00:00:00.000Z
msrc_cve-2018-7164 Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by sending tiny chunks of data in short succession. This vulnerability was restored by reverting to the prior behaviour. 2018-06-02T00:00:00.000Z 2021-06-06T00:00:00.000Z
msrc_cve-2018-7167 Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in these cases. All versions of Node.js 6.x (LTS "Boron") 8.x (LTS "Carbon") and 9.x are vulnerable. All versions of Node.js 10.x (Current) are NOT vulnerable. 2018-06-02T00:00:00.000Z 2021-06-06T00:00:00.000Z
msrc_cve-2017-12150 It was found that samba before 4.4.16 4.5.x before 4.5.14 and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. 2018-07-02T00:00:00.000Z 2024-10-15T00:00:00.000Z
msrc_cve-2018-10906 In fuse before versions 2.9.8 and 3.x before 3.2.5 fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system accessible by other users and trick them into accessing files on that file system possibly causing Denial of Service or other unspecified effects. 2018-07-02T00:00:00.000Z 2026-02-18T02:16:05.000Z
msrc_cve-2018-1129 A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable. 2018-07-02T00:00:00.000Z 2026-02-18T03:12:02.000Z
msrc_cve-2018-13139 A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. 2018-07-02T00:00:00.000Z 2021-01-28T00:00:00.000Z
msrc_cve-2018-13410 Info-ZIP Zip 3.0 when the -T and -TT command-line options are used allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an untrusted party controls the -TT value given that the entire purpose of -TT is execution of arbitrary commands 2018-07-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2018-13419 An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue 2018-07-02T00:00:00.000Z 2021-01-28T00:00:00.000Z
msrc_cve-2018-13420 Google gperftools 2.7 has a memory leak in malloc_extension.cc related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program 2018-07-02T00:00:00.000Z 2021-12-16T00:00:00.000Z
msrc_cve-2018-14040 In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attributeIn Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute 2018-07-02T00:00:00.000Z 2026-02-18T02:10:28.000Z
msrc_cve-2018-14042 In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. 2018-07-02T00:00:00.000Z 2025-09-03T23:08:20.000Z
msrc_cve-2018-1999023 The Battle for Wesnoth Project contains a Code Injection that can result in code execution outside the sandbox 2018-07-02T00:00:00.000Z 2024-06-30T07:00:00.000Z
msrc_cve-2018-1999024 MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability 2018-07-02T00:00:00.000Z 2025-09-03T22:22:20.000Z
msrc_cve-2017-9118 PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. 2018-08-02T00:00:00.000Z 2025-10-01T23:11:00.000Z
msrc_cve-2017-9120 PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string. 2018-08-02T00:00:00.000Z 2025-10-01T23:11:00.000Z
msrc_cve-2018-1000215 Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service 2018-08-02T00:00:00.000Z 2026-02-18T02:03:25.000Z
msrc_cve-2018-1000216 Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could be either local or over a network. This vulnerability appears to have been fixed in 1.7.3. 2018-08-02T00:00:00.000Z 2025-09-03T20:53:58.000Z
ID Description Published Updated
ncsc-2024-0457 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2024-11-20T10:01:35.437557Z 2024-11-20T10:01:35.437557Z
ncsc-2024-0458 Kwetsbaarheden ontdekt in Veritas Enterprise Vault 2024-11-25T09:04:34.013551Z 2024-11-25T09:04:34.013551Z
ncsc-2024-0459 Kwetsbaarheden verholpen in VMware Aria Operations 2024-11-26T13:25:37.944485Z 2024-11-26T13:25:37.944485Z
ncsc-2024-0460 Kwetsbaarheid verholpen in Zabbix 2024-11-28T14:24:11.654121Z 2024-11-28T14:24:11.654121Z
ncsc-2024-0461 Kwetsbaarheden verholpen in IBM Security Verify Access Appliance 2024-12-02T10:55:14.978137Z 2024-12-02T10:55:14.978137Z
ncsc-2024-0462 Kwetsbaarheden verholpen in Zabbix 2024-12-02T12:51:47.361749Z 2024-12-02T12:51:47.361749Z
ncsc-2024-0463 Kwetsbaarheden verholpen in Veeam Backup & Replication 2024-12-06T11:47:19.699742Z 2024-12-06T11:47:19.699742Z
ncsc-2024-0464 Kwetsbaarheden verholpen in SonicWall SMA100 SSLVPN 2024-12-06T11:48:08.461746Z 2024-12-06T11:48:08.461746Z
ncsc-2024-0465 Kwetsbaarheden verholpen in ABB ASPECT, NEXUS Series en MATRIX Series 2024-12-06T11:49:21.695542Z 2024-12-06T11:49:21.695542Z
ncsc-2024-0466 Kwetsbaarheden verholpen in Atlassian producten 2024-12-06T13:05:55.904619Z 2024-12-06T13:05:55.904619Z
ncsc-2024-0467 Kwetsbaarheden verholpen in QNAP besturingssystemen 2024-12-09T13:36:33.362104Z 2024-12-09T13:36:33.362104Z
ncsc-2024-0468 Kwetsbaarheden verholpen in Mitel MiCollab 2024-12-09T13:37:33.039167Z 2024-12-09T13:37:33.039167Z
ncsc-2024-0469 Kwetsbaarheden verholpen in Qlik Sense Enterprise voor Windows 2024-12-09T13:38:50.887753Z 2024-12-09T13:38:50.887753Z
ncsc-2024-0470 Kwetsbaarheden verholpen in Microsoft Windows 2024-12-10T19:32:38.846024Z 2025-01-06T07:30:29.655717Z
ncsc-2024-0471 Kwetsbaarheden verholpen in Microsoft Office 2024-12-10T19:33:29.415423Z 2024-12-10T19:33:29.415423Z
ncsc-2024-0472 Kwetsbaarheden verholpen in SAP producten 2024-12-10T19:34:10.105945Z 2024-12-10T19:34:10.105945Z
ncsc-2024-0473 Kwetsbaarheden verholpen in Siemens producten 2024-12-10T19:34:53.515240Z 2024-12-10T19:34:53.515240Z
ncsc-2024-0474 Kwetsbaarheden verholpen in Drupal Core 2024-12-10T19:35:37.345875Z 2024-12-10T19:35:37.345875Z
ncsc-2024-0475 Kwetsbaarheid verholpen in Adobe Framemaker 2024-12-11T08:06:34.387394Z 2024-12-11T08:06:34.387394Z
ncsc-2024-0476 Kwetsbaarheid verholpen in Adobe Premiere Pro 2024-12-11T08:12:35.655333Z 2024-12-11T08:12:35.655333Z
ncsc-2024-0477 Kwetsbaarheid verholpen in Adobe Photoshop 2024-12-11T08:17:46.923581Z 2024-12-11T08:17:46.923581Z
ncsc-2024-0478 Kwetsbaarheden verholpen in Adobe InDesign Desktop 2024-12-11T08:20:20.778758Z 2024-12-11T08:20:20.778758Z
ncsc-2024-0479 Kwetsbaarheden verholpen in Animate 2024-12-11T08:31:02.174506Z 2024-12-11T08:31:02.174506Z
ncsc-2024-0480 Kwetsbaarheid verholpen in Adobe After Effects 2024-12-11T08:34:49.812349Z 2024-12-11T08:34:49.812349Z
ncsc-2024-0481 Kwetsbaarheden verholpen in Adobe Illustrator 2024-12-11T08:37:21.228987Z 2024-12-11T08:37:21.228987Z
ncsc-2024-0482 Kwetsbaarheden verholpen in Adobe Acrobat Reader 2024-12-11T08:42:21.663200Z 2024-12-11T08:42:21.663200Z
ncsc-2024-0483 Kwetsbaarheden verholpen in Adobe Connect 2024-12-11T08:46:09.788540Z 2024-12-11T08:46:09.788540Z
ncsc-2024-0484 Kwetsbaarheden verholpen in Ivanti Connect Secure en Policy Secure 2024-12-11T08:50:15.463062Z 2025-01-08T11:00:21.273985Z
ncsc-2024-0485 Kwetsbaarheid verholpen in Splunk Enterprise 2024-12-11T08:53:56.285002Z 2024-12-11T08:53:56.285002Z
ncsc-2024-0486 Kwetsbaarheden verholpen in Ivanti Cloud Security Appliance 2024-12-11T08:58:00.974296Z 2024-12-11T08:58:00.974296Z
ID Description Published Updated
ID Description Published Updated
opensuse-su-2019:0065-1 Security update for the Linux Kernel 2019-03-23T10:47:17Z 2019-03-23T10:47:17Z
opensuse-su-2019:0063-1 Security update for krb5 2019-03-23T10:47:35Z 2019-03-23T10:47:35Z
opensuse-su-2019:0081-1 Security update for webkit2gtk3 2019-03-23T10:47:50Z 2019-03-23T10:47:50Z
opensuse-su-2019:0057-1 Security update for wget 2019-03-23T10:47:55Z 2019-03-23T10:47:55Z
opensuse-su-2019:0058-1 Security update for live555 2019-03-23T10:48:15Z 2019-03-23T10:48:15Z
opensuse-su-2019:0082-1 Security update for ntpsec 2019-03-23T10:49:23Z 2019-03-23T10:49:23Z
opensuse-su-2019:0086-1 Security update for soundtouch 2019-03-23T10:49:28Z 2019-03-23T10:49:28Z
opensuse-su-2019:0087-1 Security update for zeromq 2019-03-23T10:49:33Z 2019-03-23T10:49:33Z
opensuse-su-2019:0089-1 Security update for nodejs8 2019-03-23T10:49:42Z 2019-03-23T10:49:42Z
opensuse-su-2019:0091-1 Security update for openssh 2019-03-23T10:50:30Z 2019-03-23T10:50:30Z
opensuse-su-2019:0092-1 Security update for wireshark 2019-03-23T10:50:32Z 2019-03-23T10:50:32Z
opensuse-su-2019:0094-1 Security update for libraw 2019-03-23T10:50:41Z 2019-03-23T10:50:41Z
opensuse-su-2019:0098-1 Security update for systemd 2019-03-23T10:50:44Z 2019-03-23T10:50:44Z
opensuse-su-2019:0100-1 Security update for pdns-recursor 2019-03-23T10:50:57Z 2019-03-23T10:50:57Z
opensuse-su-2019:0104-1 Security update for ghostscript 2019-03-23T10:51:18Z 2019-03-23T10:51:18Z
opensuse-su-2019:0129-1 Security update for python-paramiko 2019-03-23T10:52:45Z 2019-03-23T10:52:45Z
opensuse-su-2019:0139-1 Security update for krb5 2019-03-23T10:53:07Z 2019-03-23T10:53:07Z
opensuse-su-2019:0152-1 Security update for openssl-1_1 2019-03-23T10:54:21Z 2019-03-23T10:54:21Z
opensuse-su-2019:0153-1 Security update for subversion 2019-03-23T10:54:25Z 2019-03-23T10:54:25Z
opensuse-su-2019:0143-1 Security update for python-python-gnupg 2019-03-23T10:54:32Z 2019-03-23T10:54:32Z
opensuse-su-2019:0132-1 Security update for MozillaFirefox 2019-03-23T10:54:56Z 2019-03-23T10:54:56Z
opensuse-su-2019:0155-1 Security update for python3 2019-03-23T10:55:06Z 2019-03-23T10:55:06Z
opensuse-su-2019:0161-1 Security update for java-11-openjdk 2019-03-23T10:55:18Z 2019-03-23T10:55:18Z
opensuse-su-2019:0165-1 Security update for uriparser 2019-03-23T10:56:57Z 2019-03-23T10:56:57Z
opensuse-su-2019:0166-1 Security update for haproxy 2019-03-23T10:57:10Z 2019-03-23T10:57:10Z
opensuse-su-2019:0194-1 Security update for phpMyAdmin 2019-03-23T10:57:13Z 2019-03-23T10:57:13Z
opensuse-su-2019:0167-1 Security update for spice 2019-03-23T10:57:40Z 2019-03-23T10:57:40Z
opensuse-su-2019:0163-1 Security update for python-slixmpp 2019-03-23T10:57:52Z 2019-03-23T10:57:52Z
opensuse-su-2019:0174-1 Security update for curl 2019-03-23T10:58:25Z 2019-03-23T10:58:25Z
opensuse-su-2019:0175-1 Security update for lua53 2019-03-23T10:58:33Z 2019-03-23T10:58:33Z
ID Description Published Updated
ID Description Published Updated
rhsa-2003:066 Red Hat Security Advisory: : Updated XFree86 packages provide security and bug fixes 2003-06-25T15:52:00+00:00 2026-01-13T22:09:56+00:00
rhsa-2003:190 Red Hat Security Advisory: : : : Updated 2.4 kernel for pSeries and iSeries fixes vulnerabilities 2003-06-25T17:45:00+00:00 2025-11-21T17:26:07+00:00
rhsa-2003:212 Red Hat Security Advisory: : : : Updated glibc packages fix vulnerabilities 2003-06-26T22:28:00+00:00 2025-11-21T17:26:18+00:00
rhsa-2003:159 Red Hat Security Advisory: : : : New PHP packages fix vulnerabilities 2003-06-30T14:37:00+00:00 2025-11-21T17:26:03+00:00
rhsa-2003:214 Red Hat Security Advisory: : : : Updated tcpdump packages fix various vulnerabilities 2003-06-30T16:10:00+00:00 2025-11-21T17:26:13+00:00
rhsa-2003:216 Red Hat Security Advisory: : : : Updated Xpdf packages fix security vulnerability 2003-06-30T22:36:00+00:00 2025-11-21T17:26:14+00:00
rhsa-2003:199 Red Hat Security Advisory: : Updated unzip packages fix trojan vulnerability 2003-07-01T09:16:00+00:00 2025-11-21T17:26:10+00:00
rhsa-2003:200 Red Hat Security Advisory: unzip security update 2003-07-01T15:24:00+00:00 2025-11-21T17:26:10+00:00
rhsa-2003:218 Red Hat Security Advisory: : : : Updated unzip and tar packages that fix vulnerabilities are now available 2003-07-01T20:10:00+00:00 2026-01-13T22:21:10+00:00
rhsa-2003:158 Red Hat Security Advisory: : : : Updated mm packages fix temporary file handling 2003-07-02T14:26:00+00:00 2025-11-21T17:26:03+00:00
rhsa-2003:203 Red Hat Security Advisory: : Updated Ethereal packages fix security issues 2003-07-03T08:31:00+00:00 2025-11-21T17:26:10+00:00
rhsa-2003:208 Red Hat Security Advisory: : : : Updated openldap packages available for iSeries and pSeries 2003-07-07T19:58:00+00:00 2025-11-21T17:26:12+00:00
rhsa-2003:071 Red Hat Security Advisory: hanterm-xf security update 2003-07-08T19:44:00+00:00 2025-11-21T17:25:40+00:00
rhsa-2003:077 Red Hat Security Advisory: ethereal security update 2003-07-08T19:59:00+00:00 2025-11-21T17:25:48+00:00
rhsa-2003:227 Red Hat Security Advisory: : : : Updated sendmail packages fix vulnerabilities 2003-07-08T20:37:00+00:00 2025-11-21T17:26:17+00:00
rhsa-2003:027 Red Hat Security Advisory: netscape security update 2003-07-09T07:57:00+00:00 2025-11-21T17:25:26+00:00
rhsa-2003:229 Red Hat Security Advisory: : : : Updated ypserv packages fix various vulnerabilities 2003-07-14T16:00:00+00:00 2025-11-21T17:26:18+00:00
rhsa-2003:207 Red Hat Security Advisory: nfs-utils security update 2003-07-14T16:08:00+00:00 2025-11-21T17:26:12+00:00
rhsa-2003:206 Red Hat Security Advisory: : : : Updated nfs-utils packages fix denial of service vulnerability 2003-07-14T16:10:00+00:00 2025-11-21T17:26:12+00:00
rhsa-2003:225 Red Hat Security Advisory: : : : Updated LPRng packages fix psbanner vulnerability 2003-07-14T16:12:00+00:00 2025-11-21T17:26:16+00:00
rhsa-2003:228 Red Hat Security Advisory: : : : Updated xinetd packages fix denial-of-service attacks and other bugs 2003-07-14T19:33:00+00:00 2025-11-21T17:26:17+00:00
rhsa-2003:162 Red Hat Security Advisory: : : : Updated Mozilla packages fix security vulnerability. 2003-07-15T07:42:00+00:00 2025-11-21T17:26:04+00:00
rhsa-2003:226 Red Hat Security Advisory: : : : Updated samba packages fix security vulnerabilities 2003-07-15T16:51:00+00:00 2025-11-21T17:26:20+00:00
rhsa-2003:238 Red Hat Security Advisory: : : : Updated 2.4 kernel fixes vulnerabilities 2003-07-21T15:36:00+00:00 2025-11-21T17:26:20+00:00
rhsa-2003:234 Red Hat Security Advisory: : Updated semi packages fix vulnerability 2003-07-23T16:33:00+00:00 2025-11-21T17:26:24+00:00
rhsa-2003:221 Red Hat Security Advisory: : Updated stunnel packages fix signal vulnerability 2003-07-25T13:14:00+00:00 2025-11-21T17:26:14+00:00
rhsa-2003:223 Red Hat Security Advisory: stunnel security update 2003-07-25T13:17:00+00:00 2025-11-21T17:26:15+00:00
rhsa-2003:224 Red Hat Security Advisory: openssh security update 2003-07-29T07:27:00+00:00 2025-11-21T17:26:16+00:00
rhsa-2003:222 Red Hat Security Advisory: : Updated openssh packages available 2003-07-29T16:06:00+00:00 2025-11-21T17:26:14+00:00
rhsa-2003:236 Red Hat Security Advisory: kdelibs security update 2003-07-30T20:48:00+00:00 2025-11-21T17:26:20+00:00
ID Description Published Updated
sevd-2025-133-04 Schneider Electric PrismaSeT Active - Wireless Panel Server 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-05 Galaxy VS, Galaxy VL, Galaxy VXL 2025-05-13T04:00:00.000Z 2025-09-24T04:00:00.000Z
sevd-2025-161-01 Insight Home and Insight Facility 2025-06-10T04:00:00.000Z 2025-06-10T04:00:00.000Z
sevd-2025-161-02 Modicon Controllers M241/M251/M258/LMC058/M262 2025-06-10T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-161-03 EVLink WallBox 2025-06-10T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-189-01 EcoStruxure™ IT Data Center Expert 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-189-02 System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-189-03 EcoStruxure™ Power Operation 2025-07-08T04:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-189-04 EcoStruxure™ Power Monitoring Expert (PME) and EcoStruxure™ Power Operation (EPO) with Advanced Reporting and Dashboards 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-224-01 Saitel DR & Saitel DP Remote Terminal Unit 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-02 EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO) 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-03 Schneider Electric Software Update 2025-08-12T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-224-04 EcoStruxure™ Building Operation Enterprise Server, EcoStruxure™ Building Operation Enterprise Central, and EcoStruxure™ Workstation 2025-08-12T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-224-05 Modicon M340 Controller and Communication Modules 2025-08-12T04:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2025-252-01 Multiple Altivar Process Drives and Communication Modules 2025-09-09T04:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-252-02 Saitel DR & Saitel DP Remote Terminal Unit 2025-09-09T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-287-01 EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server 2025-10-14T07:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-315-01 PowerChute™ Serial Shutdown 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-315-02 EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-343-01 EcoStruxure™ Foxboro DCS 2025-12-09T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-343-02 EcoStruxure™ Foxboro DCS Advisor 2025-12-09T08:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2026-013-01 Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-02 Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-03 Multiple Vulnerabilities on Zigbee Products 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-04 Multiple Vulnerabilities on EcoStruxure Power Build Rapsody 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-041-01 Improper Check for Unusual or Exceptional Conditions on Multiple Products 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-041-02 Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-069-01 Improper Resource Shutdown or Release vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-069-02 Improper Neutralization vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-069-03 Deserialization of Untrusted Data vulnerability on EcoStruxure™ Foxboro DCS 2026-03-10T07:00:00.000Z 2026-03-13T07:00:00.000Z
ID Description Published Updated
ID Description Published Updated
ssa-693555 SSA-693555: Memory Corruption Vulnerability in EN100 Ethernet Module 2022-06-14T00:00:00Z 2022-06-14T00:00:00Z
ssa-712929 SSA-712929: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products 2022-06-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-988345 SSA-988345: Local Privilege Escalation Vulnerability in Xpedition Designer 2022-06-14T00:00:00Z 2023-06-13T00:00:00Z
ssa-111512 SSA-111512: Client-side Authentication in SIMATIC WinCC OA 2022-06-21T00:00:00Z 2022-06-21T00:00:00Z
ssa-225578 SSA-225578: Improper Access Control Vulnerability in SICAM GridEdge Before V2.7.3 2022-07-12T00:00:00Z 2025-11-11T00:00:00Z
ssa-243317 SSA-243317 File Parsing Vulnerability in Simcenter Femap and Parasolid 2022-07-12T00:00:00Z 2022-09-13T00:00:00Z
ssa-310038 SSA-310038: Multiple Vulnerabilities in SCALANCE X Switch Devices 2022-07-12T00:00:00Z 2023-04-11T00:00:00Z
ssa-348662 SSA-348662: Multiple Vulnerabilities in SIMATIC MV500 Devices before V3.3 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-433782 SSA-433782: Improper Access Control Vulnerability in Mendix 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-439148 SSA-439148: File Parsing Vulnerabilities in PADS Standard/Plus Viewer 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-474231 SSA-474231: File Parsing Vulnerability in Simcenter Femap before V2022.2 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-491621 SSA-491621: Denial of Service Vulnerability in CPC80 Firmware of SICAM A8000 Devices 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-517377 SSA-517377: Multiple Vulnerabilities in the SRCS VPN Feature in SIMATIC CP Devices 2022-07-12T00:00:00Z 2023-03-14T00:00:00Z
ssa-580125 SSA-580125: Multiple Vulnerabilities in SIMATIC eaSie 2022-07-12T00:00:00Z 2022-08-09T00:00:00Z
ssa-599506 SSA-599506: Command Injection Vulnerability in RUGGEDCOM ROX 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-610768 SSA-610768: XML Entity Expansion Injection Vulnerability in Mendix Excel Importer Module 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-865333 SSA-865333: Memory Corruption Vulnerability in EN100 Ethernet Module 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-910883 SSA-910883: DHCP Client Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-944952 SSA-944952: Authentication Bypass Vulnerability in Opcenter Quality 2022-07-12T00:00:00Z 2022-07-12T00:00:00Z
ssa-185638 SSA-185638: Authentication Bypass Vulnerability in SICAM A8000 Web Server Module 2022-08-09T00:00:00Z 2022-08-09T00:00:00Z
ssa-555707 SSA-555707: Information Disclosure Vulnerability in Simcenter STAR-CCM+ 2022-08-09T00:00:00Z 2022-08-09T00:00:00Z
ssa-710008 SSA-710008: Multiple Web Vulnerabilities in SCALANCE Products 2022-08-09T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-759952 SSA-759952: Command Injection and Denial of Service Vulnerability in Teamcenter 2022-08-09T00:00:00Z 2022-08-09T00:00:00Z
ssa-459643 SSA-459643: Denial of Service Vulnerability in RUGGEDCOM ROS before V5.6.0 2022-09-13T00:00:00Z 2023-04-11T00:00:00Z
ssa-518824 SSA-518824 Multiple File Parsing Vulnerabilities in Simcenter Femap and Parasolid 2022-09-13T00:00:00Z 2022-09-13T00:00:00Z
ssa-638652 SSA-638652: Authentication Bypass Vulnerability in Mendix SAML Module 2022-09-13T00:00:00Z 2022-12-13T00:00:00Z
ssa-258115 SSA-258115: DWG File Parsing Vulnerability in Solid Edge before SE2022MP9 2022-10-11T00:00:00Z 2022-10-11T00:00:00Z
ssa-313313 SSA-313313: Denial of Service Vulnerability in the FTP Server of Nucleus RTOS 2022-10-11T00:00:00Z 2023-02-14T00:00:00Z
ssa-360783 SSA-360783: Multiple Webserver Vulnerabilities in Desigo PXM Devices 2022-10-11T00:00:00Z 2022-10-11T00:00:00Z
ssa-384224 SSA-384224: Denial of Service Vulnerability in SIMATIC HMI Panels 2022-10-11T00:00:00Z 2022-10-11T00:00:00Z
ID Description Published Updated
suse-su-2015:1336-1 Security update for python-Jinja2 2015-05-11T09:09:44Z 2015-05-11T09:09:44Z
suse-su-2015:1141-1 Security update for python-keystoneclient 2015-05-12T13:09:30Z 2015-05-12T13:09:30Z
suse-su-2015:0945-1 Security update for spacewalk-java, spacewalk-setup 2015-05-12T15:36:09Z 2015-05-12T15:36:09Z
suse-su-2015:0977-1 Security update for libqt4 2015-05-12T16:07:43Z 2015-05-12T16:07:43Z
suse-su-2015:0896-1 Security update for qemu 2015-05-12T21:54:11Z 2015-05-12T21:54:11Z
suse-su-2015:0923-1 Security update for xen 2015-05-12T21:54:24Z 2015-05-12T21:54:24Z
suse-su-2015:0927-1 Security update for Xen 2015-05-13T08:31:50Z 2015-05-13T08:31:50Z
suse-su-2015:1208-1 Security update for python-keystoneclient 2015-05-13T09:07:38Z 2015-05-13T09:07:38Z
suse-su-2015:0878-1 Security update for flash-player 2015-05-13T18:52:06Z 2015-05-13T18:52:06Z
suse-su-2015:1077-1 Security update for openldap2 2015-05-18T08:42:31Z 2015-05-18T08:42:31Z
suse-su-2015:0978-1 Security update for MozillaFirefox 2015-05-19T09:15:45Z 2015-05-19T09:15:45Z
suse-su-2015:0939-1 Security update for tigervnc, fltk 2015-05-19T16:58:01Z 2015-05-19T16:58:01Z
suse-su-2015:0984-1 Security update for docker 2015-05-19T18:41:00Z 2015-05-19T18:41:00Z
suse-su-2015:1053-1 Security update for fuse 2015-05-20T13:07:40Z 2015-05-20T13:07:40Z
suse-su-2015:1024-1 Security update for FUSE 2015-05-20T15:51:53Z 2015-05-20T15:51:53Z
suse-su-2015:0960-1 Security update for MozillaFirefox 2015-05-21T08:36:37Z 2015-05-21T08:36:37Z
suse-su-2015:1062-1 Security update for stunnel 2015-05-27T12:15:01Z 2015-05-27T12:15:01Z
suse-su-2015:1359-1 Security update for libqt4 2015-05-27T13:53:24Z 2015-05-27T13:53:24Z
suse-su-2015:1383-1 Security update for libqt5-qtbase 2015-05-29T17:35:18Z 2015-05-29T17:35:18Z
suse-su-2015:1102-1 Security update for SES 1.0 2015-05-31T20:53:33Z 2015-05-31T20:53:33Z
suse-su-2015:1046-1 Security update for wireshark 2015-06-03T10:45:46Z 2015-06-03T10:45:46Z
suse-su-2015:1019-1 Security update for patch 2015-06-03T12:13:47Z 2015-06-03T12:13:47Z
suse-su-2015:1042-1 Security update for xen 2015-06-03T12:47:57Z 2015-06-03T12:47:57Z
suse-su-2015:1156-1 Security update for Xen 2015-06-05T12:39:39Z 2015-06-05T12:39:39Z
suse-su-2015:1157-1 Security update for Xen 2015-06-05T12:47:22Z 2015-06-05T12:47:22Z
suse-su-2015:1045-1 Security update for Xen 2015-06-05T12:53:19Z 2015-06-05T12:53:19Z
suse-su-2015:1196-1 Security update for strongswan 2015-06-08T08:04:58Z 2015-06-08T08:04:58Z
suse-su-2015:1519-1 Security update for qemu 2015-06-08T14:28:12Z 2015-06-08T14:28:12Z
suse-ru-2015:1021-1 Recommended update for freetype2 2015-06-09T07:23:23Z 2015-06-09T07:23:23Z
suse-su-2015:1300-1 Security update for novnc 2015-06-10T07:30:30Z 2015-06-10T07:30:30Z
ID Description Published Updated
alsa-2021:4236 Low: tcpdump security and bug fix update 2021-11-09T08:48:42Z 2021-11-12T10:20:56Z
alsa-2021:4241 Moderate: libtiff security and bug fix update 2021-11-09T08:50:38Z 2021-11-12T10:21:01Z
alsa-2021:4251 Moderate: openjpeg2 security update 2021-11-09T08:51:11Z 2021-11-12T10:21:01Z
alsa-2021:4256 Moderate: graphviz security update 2021-11-09T08:52:05Z 2021-11-12T10:21:01Z
alsa-2021:4257 Moderate: httpd:2.4 security, bug fix, and enhancement update 2021-11-09T08:52:38Z 2022-01-26T07:27:24Z
alsa-2021:4270 Moderate: rust-toolset:rhel8 security, bug fix, and enhancement update 2021-11-09T08:54:06Z 2021-11-12T17:54:17Z
alsa-2021:4288 Moderate: libjpeg-turbo security and bug fix update 2021-11-09T08:56:07Z 2021-11-12T10:21:01Z
alsa-2021:4292 Moderate: squid:4 security, bug fix, and enhancement update 2021-11-09T08:56:14Z 2021-11-09T13:01:13Z
alsa-2021:4315 Moderate: spamassassin security update 2021-11-09T08:58:53Z 2021-11-12T10:20:56Z
alsa-2021:4316 Low: zziplib security update 2021-11-09T08:59:11Z 2021-11-12T10:21:01Z
alsa-2021:4319 Moderate: compat-exiv2-026 security update 2021-11-09T09:00:36Z 2021-11-12T10:20:56Z
alsa-2021:4321 Moderate: linuxptp security, bug fix, and enhancement update 2021-11-09T09:00:47Z 2021-11-12T10:20:56Z
alsa-2021:4324 Moderate: python-psutil security update 2021-11-09T09:01:04Z 2021-11-12T10:20:56Z
alsa-2021:4325 Moderate: lasso security and enhancement update 2021-11-09T09:01:05Z 2021-11-12T10:21:01Z
alsa-2021:4326 Moderate: libX11 security update 2021-11-09T09:01:07Z 2021-11-12T10:20:56Z
alsa-2021:4339 Moderate: grilo security update 2021-11-09T09:02:57Z 2021-11-12T10:21:01Z
alsa-2021:4356 Moderate: kernel security, bug fix, and enhancement update 2021-11-09T09:08:02Z 2021-11-12T10:21:01Z
alsa-2021:4358 Moderate: glibc security, bug fix, and enhancement update 2021-11-09T09:08:59Z 2021-11-12T10:21:01Z
alsa-2021:4361 Moderate: NetworkManager security, bug fix, and enhancement update 2021-11-09T09:11:14Z 2021-11-12T10:21:01Z
alsa-2021:4364 Moderate: binutils security update 2021-11-09T09:11:20Z 2021-11-12T10:20:56Z
alsa-2021:4368 Moderate: openssh security update 2021-11-09T09:11:41Z 2021-11-12T10:20:56Z
alsa-2021:4373 Low: pcre security update 2021-11-09T09:12:45Z 2023-03-13T16:33:45Z
alsa-2021:4374 Moderate: file security update 2021-11-09T09:13:30Z 2021-11-12T10:21:01Z
alsa-2021:4381 Moderate: GNOME security, bug fix, and enhancement update 2021-11-09T09:15:15Z 2021-11-12T10:21:01Z
alsa-2021:4384 Moderate: bind security and bug fix update 2021-11-09T09:16:00Z 2021-11-12T10:20:56Z
alsa-2021:4385 Moderate: glib2 security and bug fix update 2021-11-09T09:16:02Z 2021-11-12T10:21:01Z
alsa-2021:4386 Low: gcc security and bug fix update 2021-11-09T09:16:05Z 2021-11-12T10:21:01Z
alsa-2021:4387 Low: libssh security update 2021-11-09T09:16:07Z 2021-11-12T10:20:56Z
alsa-2021:4393 Moderate: cups security and bug fix update 2021-11-09T09:16:27Z 2021-11-12T10:20:56Z
alsa-2021:4396 Moderate: sqlite security update 2021-11-09T09:16:47Z 2021-11-12T10:20:56Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
osv-2020-408 Heap-buffer-overflow in _iri_unescape_inline 2020-07-01T00:00:07.867096Z 2022-04-13T03:04:41.747993Z
osv-2020-410 Global-buffer-overflow in lex_multiline_string 2020-07-01T00:00:07.995615Z 2022-04-13T03:04:31.725276Z
osv-2020-412 Heap-buffer-overflow in BEInt<unsigned short, 2>::operator unsigned short 2020-07-01T00:00:08.080711Z 2022-04-13T03:04:32.847965Z
osv-2020-413 Stack-buffer-overflow in ot::NetworkData::NetworkDataTlv::GetNext 2020-07-01T00:00:08.114688Z 2022-04-13T03:04:39.061092Z
osv-2020-414 Heap-use-after-free in WelsDec::MapColToList0 2020-07-01T00:00:08.178314Z 2022-04-13T03:04:37.393513Z
osv-2020-416 Use-of-uninitialized-value in UA_ServerConfig_clean 2020-07-01T00:00:08.299104Z 2022-04-13T03:04:41.265587Z
osv-2020-417 Heap-buffer-overflow in idn2_to_ascii_4i 2020-07-01T00:00:08.331193Z 2022-04-13T03:04:41.460832Z
osv-2020-418 Use-of-uninitialized-value in isMatchAtCPBoundary 2020-07-01T00:00:08.369511Z 2022-04-13T03:04:34.083961Z
osv-2020-420 UNKNOWN WRITE in uffd_cleanup 2020-07-01T00:00:08.489132Z 2022-04-13T03:04:42.095380Z
osv-2020-423 Heap-buffer-overflow in stdalloc__strdup 2020-07-01T00:00:08.690856Z 2022-04-13T03:04:35.188247Z
osv-2020-424 Heap-buffer-overflow in sav_parse_long_string_missing_values_record 2020-07-01T00:00:08.721678Z 2022-04-13T03:04:40.624731Z
osv-2020-425 Heap-buffer-overflow in ihevcd_parse_coding_unit 2020-07-01T00:00:08.799539Z 2022-04-13T03:04:30.934302Z
osv-2020-427 Stack-buffer-overflow in Mat_uint32Swap 2020-07-01T00:00:08.917488Z 2022-04-13T03:04:43.096948Z
osv-2020-429 Heap-buffer-overflow in MEM_read32 2020-07-01T00:00:08.999234Z 2022-04-13T03:04:31.653842Z
osv-2020-430 Stack-use-after-return in OSSL_PARAM_get_int32 2020-07-01T00:00:09.096641Z 2022-04-13T03:04:38.763723Z
osv-2020-431 Global-buffer-overflow in parse_headers 2020-07-01T00:00:09.131195Z 2022-04-13T03:04:31.753751Z
osv-2020-433 UNKNOWN READ in icu_64::UCharsTrie::branchNext 2020-07-01T00:00:09.276939Z 2022-04-13T03:04:34.078177Z
osv-2020-434 Heap-buffer-overflow in format_generic_odp_key 2020-07-01T00:00:09.309832Z 2022-04-13T03:04:40.780011Z
osv-2020-435 Heap-buffer-overflow in ares_parse_aaaa_reply 2020-07-01T00:00:09.430097Z 2022-04-13T03:04:36.416216Z
osv-2020-438 Use-of-uninitialized-value in ARM_post_printer 2020-07-01T00:00:09.576759Z 2022-04-13T03:04:39.911191Z
osv-2020-439 UNKNOWN WRITE in ares-test-fuzz.c 2020-07-01T00:00:09.657657Z 2022-04-13T03:04:36.421240Z
osv-2020-440 UNKNOWN READ in r_uleb128 2020-07-01T00:00:09.710794Z 2022-04-13T03:04:36.683164Z
osv-2020-441 Heap-buffer-overflow in r_buf_cpy 2020-07-01T00:00:09.757737Z 2022-04-13T03:04:36.533413Z
osv-2020-442 Heap-buffer-overflow in CRYPTO_strdup 2020-07-01T00:00:09.812508Z 2022-04-13T03:04:38.758794Z
osv-2020-447 UNKNOWN READ in yyparse 2020-07-01T00:00:10.057682Z 2022-04-13T03:04:39.703625Z
osv-2020-448 Heap-use-after-free in read_chunks_before_idat 2020-07-01T00:00:10.159770Z 2022-04-13T03:04:33.677865Z
osv-2020-449 Heap-buffer-overflow in perfetto::trace_processor::FuchsiaTraceParser::ParseTracePacket 2020-07-01T00:00:10.213693Z 2023-02-24T01:44:59.598379Z
osv-2020-452 UNKNOWN READ in _fini 2020-07-01T00:00:10.397492Z 2022-04-13T03:04:41.608146Z
osv-2020-455 Heap-buffer-overflow in r_core_lines_initcache 2020-07-01T00:00:10.523473Z 2022-04-13T03:04:36.647898Z
osv-2020-461 Index-out-of-bounds in parse_file_extra_owner 2020-07-01T00:00:10.823501Z 2022-04-13T03:04:41.205848Z
ID Description Published Updated
rustsec-2020-0103 `impl Random` on arrays can lead to dropping uninitialized memory 2020-12-31T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0132 `FixedCapacityDequeLike::clone()` can cause dropping uninitialized memory 2020-12-31T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0153 `read` on uninitialized buffer may cause UB (bite::read::BiteReadExpandedExt::read_framed_max) 2020-12-31T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0154 InputStream::read_exact : `Read` on uninitialized buffer causes UB 2020-12-31T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0006 Exposes internally used raw pointer 2021-01-01T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0008 reading on uninitialized buffer can cause UB (`impl<R> BufRead for GreedyAccessReader<R>`) 2021-01-02T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0012 Reading uninitialized memory can cause UB (`Deserializer::read_vec`) 2021-01-02T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0084 `Read` on uninitialized buffer can cause UB (impl of `ReadKVExt`) 2021-01-03T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0085 'Read' on uninitialized memory may cause UB 2021-01-03T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0001 XSS in mdBook's search page 2021-01-04T12:00:00Z 2021-10-19T22:14:35Z
rustsec-2021-0002 interfaces2 is unmaintained, use interfaces instead 2021-01-04T12:00:00Z 2021-01-06T16:07:19Z
rustsec-2021-0011 EventList's From<EventList> conversions can double drop on panic. 2021-01-04T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0039 panic in user-provided `Endian` impl triggers double drop of T 2021-01-04T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0143 kamadak-exif DoS with untrusted PNG data 2021-01-04T12:00:00Z 2022-09-08T10:52:02Z
rustsec-2021-0088 `Read` on uninitialized memory may cause UB (fn preamble_skipcount()) 2021-01-05T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0015 `Sectors::get` accesses unclaimed/uninitialized memory 2021-01-06T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0007 `Frame::copy_from_raw_parts` can lead to segfault without `unsafe` 2021-01-07T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0027 Loading a bgzip block can write out of bounds if size overflows. 2021-01-07T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0086 `Read` on uninitialized buffer may cause UB ( `read_entry()` ) 2021-01-07T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0087 columnar: `Read` on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec()) 2021-01-07T12:00:00Z 2025-02-01T00:07:11Z
rustsec-2021-0090 Reading on uninitialized memory may cause UB ( `util::read_spv()` ) 2021-01-07T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0091 Reading on uninitialized buffer may cause UB ( `gfx_auxil::read_spirv()` ) 2021-01-07T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0003 Buffer overflow in SmallVec::insert_many 2021-01-08T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0005 Double drop upon panic in 'fn map_array()' 2021-01-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0009 panic safety issue in `impl TransformContent<S, D> for [S; (2|3|4)]` 2021-01-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0045 FromIterator implementation for Vector/Matrix can drop uninitialized memory 2021-01-11T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0010 panic safety: double drop may happen within `util::{mutate, mutate2}` 2021-01-12T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0040 panic safety: double drop or uninitialized drop of T upon panic 2021-01-12T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0004 Missing Send bound for Lazy 2021-01-17T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2021-0013 Soundness issues in `raw-cpuid` 2021-01-20T12:00:00Z 2023-06-13T13:10:24Z
ID Description Published Updated
bit-ghost-2022-41697 2024-03-06T10:53:30.902Z 2025-04-03T14:40:37.652Z
bit-gitea-2022-1058 Open Redirect on login in go-gitea/gitea 2024-03-06T10:53:31.004Z 2025-05-20T10:02:07.006Z
bit-helm-2022-36049 Flux2 Helm Controller denial of service 2024-03-06T10:53:31.970Z 2025-05-20T10:02:07.006Z
bit-gradle-2022-30586 2024-03-06T10:53:33.004Z 2025-04-03T14:40:37.652Z
bit-envoy-2023-27496 Envoy may crash when a redirect url without a state param is received in the oauth filter 2024-03-06T10:53:33.396Z 2025-05-20T10:02:07.006Z
bit-consul-2021-3121 2024-03-06T10:53:33.669Z 2025-04-03T14:40:37.652Z
bit-gitlab-2024-0402 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab 2024-03-06T10:53:34.701Z 2025-05-20T10:02:07.006Z
bit-elasticsearch-2021-22137 2024-03-06T10:53:35.098Z 2025-04-03T14:40:37.652Z
bit-grafana-2023-2183 2024-03-06T10:53:35.301Z 2025-04-03T14:40:37.652Z
bit-golang-2023-39325 HTTP/2 rapid reset can cause excessive work in net/http 2024-03-06T10:53:35.567Z 2025-05-20T10:02:07.006Z
bit-airflow-2023-40273 Session fixation in Apache Airflow web interface 2024-03-06T10:53:37.079Z 2025-05-20T10:02:07.006Z
bit-harbor-2020-29662 2024-03-06T10:53:37.807Z 2025-04-03T14:40:37.652Z
bit-django-2021-45452 2024-03-06T10:53:37.905Z 2025-04-03T14:40:37.652Z
bit-apache-2022-22721 core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody 2024-03-06T10:53:38.076Z 2025-05-20T10:02:07.006Z
bit-drupal-2022-25271 2024-03-06T10:53:39.007Z 2025-04-03T14:40:37.652Z
bit-haproxy-2023-25725 2024-03-06T10:53:39.092Z 2025-04-03T14:40:37.652Z
bit-dotnet-2023-36792 Visual Studio Remote Code Execution Vulnerability 2024-03-06T10:53:40.388Z 2025-05-20T10:02:07.006Z
bit-gitea-2022-0905 Missing Authorization in go-gitea/gitea 2024-03-06T10:53:40.961Z 2025-05-20T10:02:07.006Z
bit-ghost-2022-41654 2024-03-06T10:53:41.472Z 2025-04-03T14:40:37.652Z
bit-discourse-2023-44388 Malicious requests can fill up the log files resulting in a deinal of service in Discourse 2024-03-06T10:53:42.285Z 2025-11-06T13:25:46.476Z
bit-gradle-2022-23630 Dependency verification bypass in Gradle 2024-03-06T10:53:42.475Z 2025-05-20T10:02:07.006Z
bit-jenkins-2024-23898 2024-03-06T10:53:43.665Z 2025-04-03T14:40:37.652Z
bit-helm-2022-23526 Helm contains Denial of service through schema file 2024-03-06T10:53:44.587Z 2025-05-20T10:02:07.006Z
bit-elasticsearch-2021-22135 2024-03-06T10:53:44.675Z 2025-04-03T14:40:37.652Z
bit-consul-2021-28156 2024-03-06T10:53:45.007Z 2025-04-03T14:40:37.652Z
bit-gitlab-2023-7028 Weak Password Recovery Mechanism for Forgotten Password in GitLab 2024-03-06T10:53:45.400Z 2025-10-22T09:08:25.162Z
bit-airflow-2023-39508 Apache Airflow: Airflow "Run task" feature allows execution with unnecessary priviledges 2024-03-06T10:53:46.702Z 2025-05-20T10:02:07.006Z
bit-apache-2022-22720 HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier 2024-03-06T10:53:47.761Z 2025-05-20T10:02:07.006Z
bit-envoy-2023-27493 Envoy doesn't escape HTTP header values 2024-03-06T10:53:47.786Z 2025-05-20T10:02:07.006Z
bit-harbor-2020-13794 2024-03-06T10:53:48.187Z 2025-04-03T14:40:37.652Z
ID Description Published Updated
cleanstart-2026-dn37053 Within HostnameError 2026-01-30T16:30:25.711037Z 2026-01-29T18:58:54Z
cleanstart-2026-so17846 Within HostnameError 2026-01-30T16:30:25.764771Z 2026-01-29T18:58:54Z
cleanstart-2026-yk54840 Within HostnameError 2026-01-30T16:30:55.324232Z 2026-01-29T18:58:54Z
cleanstart-2026-nl96892 Within HostnameError 2026-01-30T16:31:25.336110Z 2026-01-29T18:58:54Z
cleanstart-2026-gj12884 Within HostnameError 2026-01-30T16:31:25.827659Z 2026-01-29T18:58:54Z
cleanstart-2026-vs64679 ParseAddress function constructs domain-literal address components through repeated string concatenation 2026-01-30T16:35:25.680295Z 2026-01-29T18:58:54Z
cleanstart-2026-pw02676 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate 2026-01-30T16:35:26.383203Z 2026-01-29T18:58:54Z
cleanstart-2026-ty78539 ParseAddress function constructs domain-literal address components through repeated string concatenation 2026-01-30T16:35:55.295657Z 2026-01-29T18:58:54Z
cleanstart-2026-na36743 Within HostnameError 2026-01-30T16:35:55.379246Z 2026-01-29T18:58:54Z
cleanstart-2026-ax77726 vulnerability was found in PAM 2026-01-30T16:35:55.808062Z 2026-01-29T18:58:54Z
cleanstart-2026-vv68546 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate 2026-01-30T16:35:55.883570Z 2026-01-29T18:58:54Z
cleanstart-2026-qd78411 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process 2026-01-30T16:36:25.408698Z 2026-01-29T18:58:54Z
cleanstart-2026-gl18398 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:36:55.508939Z 2026-01-29T18:58:54Z
cleanstart-2026-fp29743 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:37:25.443687Z 2026-01-29T18:58:54Z
cleanstart-2026-on38469 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate 2026-01-30T16:37:25.667594Z 2026-01-29T18:58:54Z
cleanstart-2026-oj15484 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process 2026-01-30T16:37:55.388839Z 2026-01-29T18:58:54Z
cleanstart-2026-iy17697 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:37:55.497960Z 2026-01-29T18:58:54Z
cleanstart-2026-kz30232 Go before 1 2026-01-30T16:39:25.872575Z 2026-01-29T18:58:54Z
cleanstart-2026-hj34439 Go before 1 2026-01-30T16:39:55.415446Z 2026-01-29T18:58:54Z
cleanstart-2026-lz10721 Within HostnameError 2026-01-30T16:40:55.517816Z 2026-01-29T18:58:54Z
cleanstart-2026-pz62650 Cancelling a query (e 2026-01-30T16:41:55.453512Z 2026-01-29T18:58:54Z
cleanstart-2026-sb25660 net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines 2026-01-30T16:44:27.197226Z 2026-01-29T18:58:54Z
cleanstart-2026-tk38210 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate 2026-01-30T16:46:25.995358Z 2026-01-29T18:58:54Z
cleanstart-2026-hl71566 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-01-30T16:50:56.129322Z 2026-01-29T18:58:54Z
cleanstart-2026-jd48541 Moby is an open-source project created by Docker for software containerization 2026-01-30T16:52:56.596548Z 2026-01-29T18:58:54Z
cleanstart-2026-bn11148 Moby is an open-source project created by Docker for software containerization 2026-01-30T16:54:56.412220Z 2026-01-29T18:58:54Z
cleanstart-2026-jm16286 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-01-30T16:56:26.537390Z 2026-01-29T18:58:54Z
cleanstart-2025-zr62045 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-01-30T16:56:56.696859Z 2026-01-29T18:58:54Z
cleanstart-2026-zr62045 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-01-30T16:56:56.696859Z 2026-01-29T18:58:54Z
cleanstart-2026-dn29911 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-01-30T16:57:26.436107Z 2026-01-29T18:58:54Z
ID Description Published Updated
drupal-contrib-2024-006 2024-01-24T15:54:55.000Z 2025-02-20T18:38:32.000Z
drupal-contrib-2024-007 2024-01-31T17:22:36.000Z 2025-02-20T18:38:01.000Z
drupal-contrib-2024-008 2024-02-07T17:56:55.000Z 2025-02-20T18:37:40.000Z
drupal-contrib-2024-009 2024-02-14T19:31:10.000Z 2025-02-20T18:37:01.000Z
drupal-contrib-2024-010 2024-02-21T16:58:11.000Z 2025-02-20T18:36:16.000Z
drupal-contrib-2024-011 2024-02-28T18:14:40.000Z 2025-02-20T19:10:16.000Z
drupal-contrib-2024-012 2024-02-28T18:19:01.000Z 2025-02-20T19:09:55.000Z
drupal-contrib-2024-014 2024-02-28T18:36:35.000Z 2025-02-20T19:09:20.000Z
drupal-contrib-2024-015 2024-03-06T17:06:37.000Z 2025-02-20T19:08:51.000Z
drupal-contrib-2024-016 2024-03-27T17:16:26.000Z 2025-02-20T19:08:34.000Z
drupal-contrib-2024-017 2024-04-24T13:16:40.000Z 2025-02-20T18:44:32.000Z
drupal-contrib-2024-018 2024-04-24T14:23:34.000Z 2025-02-20T18:44:08.000Z
drupal-contrib-2024-020 2024-05-22T16:03:46.000Z 2025-02-20T18:43:21.000Z
drupal-contrib-2024-021 2024-05-22T16:21:55.000Z 2025-02-20T19:14:35.000Z
drupal-contrib-2024-022 2024-05-29T16:44:55.000Z 2025-02-20T19:14:10.000Z
drupal-contrib-2024-023 2024-05-29T16:52:42.000Z 2025-02-20T19:13:53.000Z
drupal-contrib-2024-024 2024-05-29T16:58:59.000Z 2025-02-20T19:13:35.000Z
drupal-contrib-2024-025 2024-06-05T16:45:02.000Z 2025-02-20T19:13:15.000Z
drupal-contrib-2024-026 2024-07-31T15:59:06.000Z 2025-02-20T19:12:56.000Z
drupal-contrib-2024-027 2024-08-07T17:19:30.000Z 2025-02-20T19:12:37.000Z
drupal-contrib-2024-028 2024-08-07T17:30:20.000Z 2025-02-20T19:12:22.000Z
drupal-contrib-2024-029 2024-08-07T17:36:15.000Z 2025-02-20T19:12:05.000Z
drupal-contrib-2024-030 2024-08-21T16:23:02.000Z 2025-02-20T19:11:48.000Z
drupal-contrib-2024-033 2024-08-28T15:32:41.000Z 2025-02-20T19:24:02.000Z
drupal-contrib-2024-034 2024-09-04T15:35:55.000Z 2025-02-20T19:23:44.000Z
drupal-contrib-2024-035 2024-09-04T15:40:44.000Z 2025-02-20T19:23:27.000Z
drupal-contrib-2024-036 2024-09-04T15:42:05.000Z 2025-02-20T19:23:09.000Z
drupal-contrib-2024-037 2024-09-04T16:15:41.000Z 2025-02-20T19:22:50.000Z
drupal-contrib-2024-038 2024-09-04T16:20:17.000Z 2025-02-20T19:22:30.000Z
drupal-contrib-2024-039 2024-09-11T16:21:22.000Z 2025-02-20T19:22:14.000Z
ID Description Updated
ID Description Published Updated
certfr-2017-ale-010 Propagation d'un rançongiciel exploitant les vulnérabilités MS17-010 2017-05-12T00:00:00.000000 2017-06-27T00:00:00.000000
certfr-2017-ale-011 Campagne de messages électroniques non sollicités de type Jaff 2017-05-14T00:00:00.000000 2017-06-27T00:00:00.000000
certfr-2017-ale-012 Campagne de maliciels prenant l'apparence d'un rançongiciel à multiples capacités de propagation 2017-06-27T00:00:00.000000 2017-08-03T00:00:00.000000
certfr-2017-ale-013 Présence de code malveillant dans Piriform CCleaner 2017-09-18T00:00:00.000000 2017-10-09T00:00:00.000000
certfr-2017-ale-015 Vulnérabilités dans la bibliothèque Infineon RSA 2017-10-16T00:00:00.000000 2017-10-17T00:00:00.000000
certfr-2017-ale-014 Vulnérabilité dans le protocole WPA/WPA2 2017-10-18T00:00:00.000000 2017-10-19T00:00:00.000000
certfr-2017-ale-016 Campagne de rançongiciel Bad Rabbit 2017-10-25T00:00:00.000000 2017-10-27T00:00:00.000000
certfr-2017-ale-017 Vulnérabilité dans le serveur de messagerie Exim 2017-11-27T00:00:00.000000 2018-02-01T00:00:00.000000
certfr-2017-ale-018 Vulnérabilité dans Apple MacOS High Sierra 2017-11-29T00:00:00.000000 2017-11-30T00:00:00.000000
certfr-2017-ale-019 Vulnérabilité d'usurpation d'identité dans plusieurs clients de messagerie 2017-12-05T00:00:00.000000 2018-03-07T00:00:00.000000
certfr-2017-ale-020 Vulnérabilité dans des implémentations de TLS 2017-12-13T00:00:00.000000 2018-04-06T00:00:00.000000
certfr-2018-ale-001 Multiples vulnérabilités de fuite d'informations dans des processeurs 2018-01-04T00:00:00.000000 2018-10-10T00:00:00.000000
certfr-2018-ale-002 Vulnérabilité dans Cisco Adaptive Security Appliance 2018-02-01T00:00:00.000000 2018-04-06T00:00:00.000000
certfr-2018-ale-003 Vulnérabilité dans Adobe Flash Player 2018-02-02T00:00:00.000000 2018-02-07T00:00:00.000000
certfr-2018-ale-004 Vulnérabilité dans le serveur de messagerie Exim 2018-03-07T00:00:00.000000 2018-07-30T00:00:00.000000
certfr-2018-ale-005 Multiples vulnérabilités dans Drupal 2018-03-29T00:00:00.000000 2018-07-30T00:00:00.000000
certfr-2018-ale-006 Vulnérabilité dans Cisco IOS et IOS XE Smart Install Client 2018-04-06T00:00:00.000000 2018-07-30T00:00:00.000000
certfr-2018-ale-007 Multiples vulnérabilités dans S/MIME et OpenPGP 2018-05-14T00:00:00.000000 2018-10-10T00:00:00.000000
certfr-2018-ale-008 Campagne de messages électroniques non sollicités de type Locky Locker 2018-08-03T00:00:00.000000 2018-10-10T00:00:00.000000
certfr-2018-ale-009 Vulnérabilité dans Microsoft Windows 2018-08-29T00:00:00.000000 2018-09-17T00:00:00.000000
certfr-2018-ale-010 Vulnérabilité activement exploitée dans le framework STRUTS 2 2018-08-29T00:00:00.000000 2018-10-10T00:00:00.000000
certfr-2018-ale-011 Vulnérabilité dans le client Git 2018-10-08T00:00:00.000000 2018-10-12T00:00:00.000000
certfr-2018-ale-012 Vulnérabilité dans Wallix AdminBastion 2018-10-26T00:00:00.000000 2019-02-04T00:00:00.000000
certfr-2018-ale-013 Vulnérabilité dans Microsoft Internet Explorer 2018-12-20T00:00:00.000000 2019-02-04T00:00:00.000000
certfr-2019-ale-001 Vulnérabilité dans le gestionnaire de paquets APT 2019-01-22T00:00:00.000000 2019-02-27T00:00:00.000000
certfr-2019-ale-002 Vulnérabilités affectant l'écosystème Microsoft Exchange et Active Directory 2019-01-30T00:00:00.000000 2019-03-06T00:00:00.000000
certfr-2019-ale-003 Campagnes de rançongiciels 2019-01-31T00:00:00.000000 2019-06-20T00:00:00.000000
certfr-2019-ale-004 Multiples vulnérabilités dans Microsoft Edge et Internet Explorer 2019-04-01T00:00:00.000000 2019-04-17T00:00:00.000000
certfr-2019-ale-005 Vulnérabilité dans Oracle WebLogic 2019-04-26T00:00:00.000000 2019-06-20T00:00:00.000000
certfr-2019-ale-007 Vulnérabilité dans le serveur DHCP de Windows 2019-05-15T00:00:00.000000 2019-06-20T00:00:00.000000
ID Description Published Updated
certa-2001-avi-148 Vulnérabilité dans le service d'impression sous HP-UX 2001-11-22T00:00:00.000000 2001-11-22T00:00:00.000000
certa-2001-avi-149 Vulnérabilités dans le package susehelp de SuSE 2001-11-26T00:00:00.000000 2001-11-26T00:00:00.000000
certa-2001-avi-150 Vulnérabilité du serveur Xsun sous Solaris 2001-11-26T00:00:00.000000 2001-11-26T00:00:00.000000
certa-2001-avi-151 Vulnérabilité de Xview sous Solaris 2001-11-26T00:00:00.000000 2001-11-26T00:00:00.000000
certa-2001-avi-152 Vulnérabilité de « patchadd » sous Solaris 2001-11-26T00:00:00.000000 2001-11-26T00:00:00.000000
certa-2001-avi-153 Vulnérabilité de wu-ftpd 2001-11-29T00:00:00.000000 2001-12-03T00:00:00.000000
certa-2001-avi-154 Vulnérabilité de CBAC sous CISCO IOS 2001-11-29T00:00:00.000000 2001-11-29T00:00:00.000000
certa-2001-avi-155 Vulnérabilités de Mailx sous Solaris 2001-11-30T00:00:00.000000 2001-11-30T00:00:00.000000
certa-2001-avi-156 Fichiers temporaires mal sécurisés créés par divers shells 2001-11-30T00:00:00.000000 2001-11-30T00:00:00.000000
certa-2001-avi-157 Multiples vulnérabilités d'implémentations LDAP 2001-12-03T00:00:00.000000 2001-12-03T00:00:00.000000
certa-2001-avi-158 Multiples vulnérabilités de l'agent dbsnmp du SGBD Oracle. 2001-12-04T00:00:00.000000 2001-12-04T00:00:00.000000
certa-2001-avi-159 Risque de compromission locale avec OpenSSH 2001-12-07T00:00:00.000000 2001-12-07T00:00:00.000000
certa-2001-avi-160 Vulnérabilité d'OWA dans Microsoft Exchange 5.5 2001-12-07T00:00:00.000000 2001-12-07T00:00:00.000000
certa-2001-avi-161 Vulnérabilité de l'exécutable login 2001-12-13T00:00:00.000000 2001-12-19T00:00:00.000000
certa-2001-avi-162 Déni de service potentiel de Postfix 2001-12-17T00:00:00.000000 2001-12-17T00:00:00.000000
certa-2001-avi-163 Vulnérabilités dans Internet Explorer 5.5 et 6 2001-12-17T00:00:00.000000 2001-12-17T00:00:00.000000
certa-2001-avi-164 Vulnérabilité du serveur pfinger 2001-12-20T00:00:00.000000 2001-12-20T00:00:00.000000
certa-2001-avi-165 Vulnérabilité de UPnP sous Windows 2001-12-24T00:00:00.000000 2001-12-24T00:00:00.000000
certa-2001-avi-166 Vulnérabilité du serveur web de Lotus Domino associé à SSL 2001-12-24T00:00:00.000000 2001-12-24T00:00:00.000000
certa-2001-avi-167 Vulnérabilités dans le serveur SQL Microsoft 2001-12-24T00:00:00.000000 2001-12-24T00:00:00.000000
certa-2002-avi-001 Vulnérabilité dans glibc sous linux 2002-01-02T00:00:00.000000 2002-01-14T00:00:00.000000
certa-2002-avi-002 Multiples vulnérabilités dans Oracle9i Application Server 2002-01-02T00:00:00.000000 2002-01-02T00:00:00.000000
certa-2002-avi-003 Multiples vulnérabilités dans Oracle 9iAS Web Cache 2002-01-02T00:00:00.000000 2002-01-02T00:00:00.000000
certa-2002-avi-004 Vulnérabilité dans <TT>Mutt</TT> 2002-01-08T00:00:00.000000 2002-01-14T00:00:00.000000
certa-2002-avi-005 Multiples vulnérabilités dans Netscape Enterprise Server et iPlanet Web Server 2002-01-14T00:00:00.000000 2002-01-14T00:00:00.000000
certa-2002-avi-006 Vulnérabilité dans Sudo 2002-01-16T00:00:00.000000 2002-01-16T00:00:00.000000
certa-2002-avi-007 Vulnérabilité du daemon <TT>nsd</TT> sous SGI Irix 2002-01-17T00:00:00.000000 2002-01-17T00:00:00.000000
certa-2002-avi-008 Vulnérabilité dans pine 2002-01-18T00:00:00.000000 2002-01-18T00:00:00.000000
certa-2002-avi-009 Vulnérabilité de la commande at 2002-01-21T00:00:00.000000 2002-01-21T00:00:00.000000
certa-2002-avi-010 Vulnérabilité dans stunnel 2002-01-22T00:00:00.000000 2002-01-22T00:00:00.000000
ID Description Published Updated
jvndb-2007-000625 Tuigwaa cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000626 Mayaa cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000639 Shopping Basket Pro directory traversal vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000640 Fulltext search CGI from futomi's CGI Cafe vulnerable to cross-site scripting 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000645 7-ZIP32.DLL buffer overflow vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000646 Fuktommy.com httpd.pl including HTML preprocessor vulnerable to directory traversal 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000647 Fuktommy.com httpd.pl included in its HTML preprocessor vulnerable in allowing an attacker to view arbitrary CGI source code 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000678 Fingerprint Authentication Software for Sony Pocket Bit installs hidden folders and files 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000697 Lhaplus buffer overflow vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000699 JP1/NETM/DM Manager SQL Injection Vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000700 Cosminexus javadoc Cross-Site Scripting Vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000701 Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000702 Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000710 Cosminexus Denial of Service Vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000711 TPBroker Denial of Service Vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000712 Cosminexus Agent Process Crash Vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000727 Safari allows access from HTTP to HTTPS 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000729 Aipo session fixation vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000730 Webmin OS command injection vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000745 PowerArchiver buffer overflow vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000772 Hitachi Web Server SSL Client Authentication Vulnerability 2008-05-21T00:00+09:00 2014-05-23T18:32+09:00
jvndb-2007-000773 Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page 2008-05-21T00:00+09:00 2014-05-21T18:27+09:00
jvndb-2007-000779 MouseoverDictionary vulnerable to arbitrary script execution 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000801 NetCommons cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000802 Lotus Domino cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000803 Cross-site scripting vulnerability in updir.php in UPDIR.NET 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000804 Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000805 RoundCube Webmail cross-site request forgery vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000806 Feed2JS cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
jvndb-2007-000807 FileMaker cross-site scripting vulnerability 2008-05-21T00:00+09:00 2008-05-21T00:00+09:00
ID Description Published Updated
cnvd-2015-00167 WordPress插件twimp-wp跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00168 WordPress插件Twitter LiveBlog跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00169 WordPress插件TweetScribe跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00170 WordPress插件Wp Unique Article Header Image存在多个跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00171 WordPress插件Post to Twitter存在多个跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00172 WordPress插件Simple visitor stat存在多个跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00173 WordPress Social Slider插件SQL注入漏洞 2015-01-08 2015-01-09
cnvd-2015-00174 HESK存在多个跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00175 CosmoShop ePRO存在多个跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00176 CosmoShop ePRO跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00177 WordPress插件gSlideShow存在多个跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00178 WordPress插件PWGRandom存在多个跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00179 WordPress插件Sodahead Polls存在多个跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00180 PHP Fileinfo component拒绝服务漏洞 2015-01-08 2015-01-09
cnvd-2015-00181 WordPress插件PictoBrowser跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00182 Easewe FTP OCX任意文件执行漏洞 2015-01-08 2015-01-09
cnvd-2015-00183 WordPress插件Cart66 Lite SQL注入漏洞 2015-01-08 2015-01-09
cnvd-2015-00184 concrete5存在多个跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00185 Roundcube Webmail存在多个跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00186 ManageEngine Desktop Central MSP远程代码执行漏洞 2015-01-08 2015-01-09
cnvd-2015-00187 Brother MFC-J4410DW打印机'url'参数存在多个跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00188 TP-Link TL-WR840N 'Import Configuration'选项跨站请求伪造漏洞 2015-01-08 2015-01-09
cnvd-2015-00189 NotePad++缓冲区溢出漏洞 2015-01-08 2015-01-09
cnvd-2015-00190 Spitfire CMS跨站脚本漏洞 2015-01-08 2015-01-09
cnvd-2015-00191 SysAid On-Premise绝对路径遍历漏洞 2015-01-08 2015-01-12
cnvd-2015-00192 vBulletin跨站请求伪造漏洞 2015-01-08 2015-01-12
cnvd-2015-00193 WordPress插件Relevanssi跨站脚本漏洞 2015-01-08 2015-01-12
cnvd-2015-00194 NYU OpenSSO Integration重定向漏洞 2015-01-08 2015-01-12
cnvd-2015-00195 Installatron GQ File Manager SQL注入漏洞 2015-01-08 2015-01-12
cnvd-2015-00196 Zabbix 'chart_bar.php'存在多个SQL注入漏洞 2015-01-08 2015-01-12
ID Description Published Updated
bdu:2015-02631 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02632 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02633 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02634 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02635 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02636 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02637 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02638 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02639 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02640 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02641 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02642 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02643 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02644 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02645 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02646 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02647 Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02648 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02649 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02650 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02651 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02652 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02653 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02654 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02655 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02656 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02657 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02658 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
bdu:2015-02659 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 05.07.2024
bdu:2015-02660 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… 28.04.2015 28.11.2016
ID Description Updated
var-202202-0284 A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists… 2022-05-04T08:51:45.776000Z
var-202112-2349 Certain NETGEAR devices are affected by command injection by an authenticated user. This … 2022-05-04T08:51:47.602000Z
var-202111-1856 Xiaomi Technology Co., Ltd. was established on March 3, 2010. It is a global mobile Inter… 2022-05-04T08:51:52.952000Z
var-202110-1421 IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This m… 2022-05-04T08:51:56.064000Z
var-202109-1970 Huawei USG2205BSR is a large-capacity router launched by Huawei. Huawei USG2205BSR ha… 2022-05-04T08:51:57.514000Z
var-202109-0202 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exist… 2022-05-04T08:52:01.490000Z
var-202108-2570 NBR2100G-E is an enterprise-level gateway router. Ruijie Networks NBR2100G-E router h… 2022-05-04T08:52:01.805000Z
var-202108-2549 MS521dn is a printer of Lexmark International Inc. Lexmark MS521dn has an unauthorize… 2022-05-04T08:52:01.822000Z
var-202108-2528 Shenzhen Zhizhi High-tech Development Co., Ltd. was established in September 2013. It is … 2022-05-04T08:52:01.834000Z
var-202108-2507 Lexmark (NYSE: LXK) is an American company that is a developer and manufacturer of laser … 2022-05-04T08:52:01.846000Z
var-202108-2486 Axis is an IT company that specializes in providing network video solutions. AXIS Q60… 2022-05-04T08:52:01.861000Z
var-202108-2465 SL-M3370FD is a printer of Samsung (China) Investment Co., Ltd. Samsung (China) Inves… 2022-05-04T08:52:01.872000Z
var-202108-2444 SCX-8240 is an all-in-one printer of Samsung (China) Investment Co., Ltd. Samsung (Ch… 2022-05-04T08:52:01.883000Z
var-202108-2423 Matsushita Electric (China) Co., Ltd. is a manufacturer mainly responsible for the sales … 2022-05-04T08:52:01.894000Z
var-202108-2402 DH-SD-6A9226F-HNI is a network camera product of Zhejiang Dahua Technology Co., Ltd. … 2022-05-04T08:52:01.906000Z
var-202108-2381 Fuji Xerox (China) Co., Ltd. was established on January 3, 1995. It is a wholly-owned hol… 2022-05-04T08:52:01.917000Z
var-202108-2360 The business scope of Epson (China) Co., Ltd. mainly includes printers, scanners, project… 2022-05-04T08:52:01.931000Z
var-202108-2339 Lexmark (NYSE: LXK) is an American company that is a developer and manufacturer of laser … 2022-05-04T08:52:01.942000Z
var-202108-2318 Quanxun Huiju Network Technology (Beijing) Co., Ltd. was established in 2013. "Ikuai" and… 2022-05-04T08:52:01.956000Z
var-202108-2297 NBR6210-E is an Internet behavior management router launched by Ruijie. It is a router de… 2022-05-04T08:52:01.967000Z
var-202107-1913 New H3C Technology Co., Ltd. is a new IT solution provider, committed to becoming the mos… 2022-05-04T08:52:03.439000Z
var-202107-1892 Axis is an IT company that specializes in providing network video solutions. AXIS M11… 2022-05-04T08:52:03.452000Z
var-202107-1871 Axis is an IT company that specializes in providing network video solutions. AXIS M31… 2022-05-04T08:52:03.463000Z
var-202107-1850 Axis is an IT company that specializes in providing network video solutions. Axis 223… 2022-05-04T08:52:03.474000Z
var-202107-1829 Belkin Corporation is a global leader in peripheral products, providing users of computer… 2022-05-04T08:52:03.484000Z
var-202107-1808 Dell is known for its production, design, and sales of home and office computers, but it … 2022-05-04T08:52:03.495000Z
var-202107-1787 Axis is an IT company that specializes in providing network video solutions. AXIS 212… 2022-05-04T08:52:03.506000Z
var-202107-1766 SP 320DN, SP 325DNw, SP 320SN, etc. are all-in-one printers, using RTOS operating system.… 2022-05-04T08:52:03.522000Z
var-202107-1745 Axis 207W is a network camera from Axis Communications AB. Axis Communications AB 207… 2022-05-04T08:52:03.532000Z
var-202107-1724 TOTOLINK is a brand owned by Zeon Electronics (Shenzhen) Co., Ltd. Founded in 1999, it is… 2022-05-04T08:52:03.543000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated