Recent vulnerabilities

Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2025-31960
5.3 (3.1)
HCL BigFix Service Management (SM) is vulnerable to in… HCL
 BigFix Service Management (SM)
 2026-05-06T18:02:52.716Z 2026-05-06T18:31:51.261Z
CVE-2025-31974
3.9 (3.1)
HCL BigFix Service Management (SM) is susceptible to a… HCL Software
 BigFix Service Management (SM)
 2026-05-06T18:01:39.794Z 2026-05-06T18:32:13.506Z
CVE-2026-8031
6.9 (4.0)
5.3 (3.1)
5.3 (3.0)
PicoTronica e-Clinic Healthcare System ECHS API Endpoi… PicoTronica
 e-Clinic Healthcare System ECHS
 2026-05-06T18:00:18.864Z 2026-05-06T18:37:26.894Z
CVE-2026-33079
8.7 (4.0)
Mistune ReDoS in LINK_TITLE_RE allows denial of servic… lepture
 mistune
 2026-05-06T17:25:09.026Z 2026-05-06T19:02:51.759Z
CVE-2026-29090
9 (4.0)
Rucio SQL injection in postgres_meta DID search path c… rucio
 rucio
 2026-05-06T17:21:24.141Z 2026-05-06T18:17:58.146Z
CVE-2026-20219
5.4 (3.1)
A vulnerability in the REST API of Cisco Slido co… Cisco
 Cisco Webex Meetings
 2026-05-06T17:10:46.343Z 2026-05-06T19:09:39.992Z
CVE-2026-29080
9.4 (4.0)
Rucio SQL Injection in FilterEngine Oracle JSON Path v… rucio
 rucio
 2026-05-06T16:44:54.393Z 2026-05-06T17:21:43.543Z
CVE-2026-23870
7.5 (3.1)
A denial of service vulnerability could be trigge… Meta
 react-server-dom-turbopack
 2026-05-06T16:24:55.620Z 2026-05-06T19:06:00.435Z
CVE-2026-21661
8.4 (4.0)
AC2000 Uncontrolled Search Path Element JohnsonControls
 AC2000
 2026-05-06T16:21:13.885Z 2026-05-06T19:02:28.291Z
CVE-2026-42503
8.8 (3.1)
Accidental binding to INADDR_ANY might lead to RCE in … golang.org/x/tools
 golang.org/x/tools/gopls
 2026-05-06T16:20:01.428Z 2026-05-07T03:55:49.730Z
CVE-2026-20034
8.8 (3.1)
Cisco Unity Connection Remote Code Execution Vulnerability Cisco
 Cisco Unity Connection
 2026-05-06T16:16:05.322Z 2026-05-07T03:55:48.652Z
CVE-2026-20035
7.2 (3.1)
Cisco Unity Connection Server-Side Request Forgery Vul… Cisco
 Cisco Unity Connection
 2026-05-06T16:15:57.142Z 2026-05-06T17:27:23.655Z
CVE-2026-20167
7.7 (3.1)
Cisco IoT Field Network Director Remote Device Denial … Cisco
 Cisco IoT Field Network Director (IoT-FND)
 2026-05-06T16:15:57.113Z 2026-05-06T17:26:01.173Z
CVE-2026-20169
6.4 (3.1)
Cisco IoT Field Network Director Command Injection Vul… Cisco
 Cisco IoT Field Network Director (IoT-FND)
 2026-05-06T16:15:48.405Z 2026-05-06T17:26:55.572Z
CVE-2026-20168
6.5 (3.1)
Cisco IoT Field Network Director Path Traversal Vulner… Cisco
 Cisco IoT Field Network Director (IoT-FND)
 2026-05-06T16:15:48.379Z 2026-05-06T17:59:11.531Z
CVE-2026-20172
4.3 (3.1)
Cisco Enterprise Chat and Email Lite Agent File Upload… Cisco
 Cisco Enterprise Chat and Email
 2026-05-06T16:15:37.789Z 2026-05-06T17:46:04.178Z
CVE-2026-20188
7.5 (3.1)
Cisco Crosswork Network Controller and Cisco Network S… Cisco
 Cisco Crosswork Network Change Automation
 2026-05-06T16:15:37.396Z 2026-05-06T17:48:12.690Z
CVE-2026-20189
4.3 (3.1)
Cisco Prime Infrastructure Information Disclosure Vuln… Cisco
 Cisco Prime Infrastructure
 2026-05-06T16:15:24.551Z 2026-05-06T17:48:19.143Z
CVE-2026-20185
7.7 (3.1)
Cisco SG350 and SG350X Series Managed Switches SNMP De… Cisco
 Cisco Small Business Smart and Managed Switches
 2026-05-06T16:15:23.838Z 2026-05-06T17:48:26.175Z
CVE-2026-20193
4.3 (3.1)
Cisco Identity Services Engine Authentication Bypass V… Cisco
 Cisco Identity Services Engine Software
 2026-05-06T16:15:16.835Z 2026-05-06T17:48:32.189Z
CVE-2026-20195
5.3 (3.1)
Cisco Identity Services Engine Observable Response Dis… Cisco
 Cisco Identity Services Engine Software
 2026-05-06T16:14:54.611Z 2026-05-06T17:48:38.355Z
CVE-2026-7875
8.8 (3.1)
9.3 (4.0)
NanoClaw Host/Container Filesystem Boundary Vulnerabil… Qwibit
 NanoClaw
 2026-05-06T16:10:46.270Z 2026-05-07T16:40:29.617Z
CVE-2026-6788
8.5 (4.0)
Uncontrolled search path in PluginLauncher allows SYST… WatchGuard
 WatchGuard Agent
 2026-05-06T15:46:48.269Z 2026-05-06T16:13:28.284Z
CVE-2026-6787
8.5 (4.0)
Usage of a hard-coded cryptographic key in WatchGuard … WatchGuard
 WatchGuard Agent
 2026-05-06T15:46:26.104Z 2026-05-06T16:11:58.312Z
CVE-2026-41286
7.1 (4.0)
Stack-based Buffer Overflow in WatchGuard Agent Discov… WatchGuard Technologies
 WatchGuard Agent
 2026-05-06T15:46:01.957Z 2026-05-06T16:11:26.423Z
CVE-2026-41288
7.3 (4.0)
WatchGuard Agent on Windows Privilege Escalation Vulne… WatchGuard
 WatchGuard Agent
 2026-05-06T15:45:43.371Z 2026-05-06T16:12:23.875Z
CVE-2026-6691
8.6 (4.0)
7.8 (3.1)
MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow MongoDB Inc.
 MongoDB C Driver
 2026-05-06T15:08:23.671Z 2026-05-07T03:55:47.410Z
CVE-2026-6863
6.8 (3.1)
HTTP Filestore Endpoints Misapply Permissions Across O… Rapid7
 Velociraptor
 2026-05-06T14:50:55.631Z 2026-05-06T15:27:40.088Z
CVE-2026-8028
6.3 (4.0)
3.7 (3.1)
3.7 (3.0)
FlowiseAI Flowise Endpoint account.service.ts verify i… FlowiseAI
 Flowise
 2026-05-06T14:15:10.891Z 2026-05-06T14:35:31.158Z
CVE-2025-31975
2.6 (3.1)
HCL BigFix Service Management (SM) is affected by an I… HCL
 BigFix Service Management (SM)
 2026-05-06T13:51:40.756Z 2026-05-06T14:46:31.277Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-41930
9.2 (4.0)
9.8 (3.1)
Vvveb < 1.0.8.2 Hard-coded Credentials Information Dis… givanz
 Vvveb
 2026-05-06T18:37:45.989Z 2026-05-08T14:05:14.864Z
CVE-2026-34474
7.5 (3.1)
Sensitive data exposure leading to admin/WLAN cre… n/a
 n/a
 2026-05-06T00:00:00.000Z 2026-05-07T12:14:19.747Z
CVE-2026-34473
7.5 (3.1)
Unauthenticated DoS in ZTE H8102E, H168N, H167A, … n/a
 n/a
 2026-05-06T00:00:00.000Z 2026-05-06T19:40:53.660Z
CVE-2026-0300
9.3 (4.0)
8.7 (4.0)
PAN-OS: Unauthenticated user initiated Buffer Overflow… Palo Alto Networks
 Cloud NGFW
 2026-05-06T18:57:39.876Z 2026-05-07T03:55:34.043Z
CVE-2025-31974
3.9 (3.1)
HCL BigFix Service Management (SM) is susceptible to a… HCL Software
 BigFix Service Management (SM)
 2026-05-06T18:01:39.794Z 2026-05-06T18:32:13.506Z
CVE-2025-31960
5.3 (3.1)
HCL BigFix Service Management (SM) is vulnerable to in… HCL
 BigFix Service Management (SM)
 2026-05-06T18:02:52.716Z 2026-05-06T18:31:51.261Z
CVE-2024-30151
8.3 (3.1)
HCL BigFix Service Management (SM) is susceptible to B… HCL
 BigFix Service Management (SM)
 2026-05-06T18:14:11.693Z 2026-05-06T18:31:25.156Z
CVE-2026-33079
8.7 (4.0)
Mistune ReDoS in LINK_TITLE_RE allows denial of servic… lepture
 mistune
 2026-05-06T17:25:09.026Z 2026-05-06T19:02:51.759Z
CVE-2026-29090
9 (4.0)
Rucio SQL injection in postgres_meta DID search path c… rucio
 rucio
 2026-05-06T17:21:24.141Z 2026-05-06T18:17:58.146Z
CVE-2026-7875
8.8 (3.1)
9.3 (4.0)
NanoClaw Host/Container Filesystem Boundary Vulnerabil… Qwibit
 NanoClaw
 2026-05-06T16:10:46.270Z 2026-05-07T16:40:29.617Z
CVE-2026-42503
8.8 (3.1)
Accidental binding to INADDR_ANY might lead to RCE in … golang.org/x/tools
 golang.org/x/tools/gopls
 2026-05-06T16:20:01.428Z 2026-05-07T03:55:49.730Z
CVE-2026-29080
9.4 (4.0)
Rucio SQL Injection in FilterEngine Oracle JSON Path v… rucio
 rucio
 2026-05-06T16:44:54.393Z 2026-05-06T17:21:43.543Z
CVE-2026-23870
7.5 (3.1)
A denial of service vulnerability could be trigge… Meta
 react-server-dom-turbopack
 2026-05-06T16:24:55.620Z 2026-05-06T19:06:00.435Z
CVE-2026-21661
8.4 (4.0)
AC2000 Uncontrolled Search Path Element JohnsonControls
 AC2000
 2026-05-06T16:21:13.885Z 2026-05-06T19:02:28.291Z
CVE-2026-20219
5.4 (3.1)
A vulnerability in the REST API of Cisco Slido co… Cisco
 Cisco Webex Meetings
 2026-05-06T17:10:46.343Z 2026-05-06T19:09:39.992Z
CVE-2026-20195
5.3 (3.1)
Cisco Identity Services Engine Observable Response Dis… Cisco
 Cisco Identity Services Engine Software
 2026-05-06T16:14:54.611Z 2026-05-06T17:48:38.355Z
CVE-2026-20193
4.3 (3.1)
Cisco Identity Services Engine Authentication Bypass V… Cisco
 Cisco Identity Services Engine Software
 2026-05-06T16:15:16.835Z 2026-05-06T17:48:32.189Z
CVE-2026-20189
4.3 (3.1)
Cisco Prime Infrastructure Information Disclosure Vuln… Cisco
 Cisco Prime Infrastructure
 2026-05-06T16:15:24.551Z 2026-05-06T17:48:19.143Z
CVE-2026-20188
7.5 (3.1)
Cisco Crosswork Network Controller and Cisco Network S… Cisco
 Cisco Crosswork Network Change Automation
 2026-05-06T16:15:37.396Z 2026-05-06T17:48:12.690Z
CVE-2026-20185
7.7 (3.1)
Cisco SG350 and SG350X Series Managed Switches SNMP De… Cisco
 Cisco Small Business Smart and Managed Switches
 2026-05-06T16:15:23.838Z 2026-05-06T17:48:26.175Z
CVE-2026-20172
4.3 (3.1)
Cisco Enterprise Chat and Email Lite Agent File Upload… Cisco
 Cisco Enterprise Chat and Email
 2026-05-06T16:15:37.789Z 2026-05-06T17:46:04.178Z
CVE-2026-20169
6.4 (3.1)
Cisco IoT Field Network Director Command Injection Vul… Cisco
 Cisco IoT Field Network Director (IoT-FND)
 2026-05-06T16:15:48.405Z 2026-05-06T17:26:55.572Z
CVE-2026-20168
6.5 (3.1)
Cisco IoT Field Network Director Path Traversal Vulner… Cisco
 Cisco IoT Field Network Director (IoT-FND)
 2026-05-06T16:15:48.379Z 2026-05-06T17:59:11.531Z
CVE-2026-20167
7.7 (3.1)
Cisco IoT Field Network Director Remote Device Denial … Cisco
 Cisco IoT Field Network Director (IoT-FND)
 2026-05-06T16:15:57.113Z 2026-05-06T17:26:01.173Z
CVE-2026-20035
7.2 (3.1)
Cisco Unity Connection Server-Side Request Forgery Vul… Cisco
 Cisco Unity Connection
 2026-05-06T16:15:57.142Z 2026-05-06T17:27:23.655Z
CVE-2026-20034
8.8 (3.1)
Cisco Unity Connection Remote Code Execution Vulnerability Cisco
 Cisco Unity Connection
 2026-05-06T16:16:05.322Z 2026-05-07T03:55:48.652Z
CVE-2026-6863
6.8 (3.1)
HTTP Filestore Endpoints Misapply Permissions Across O… Rapid7
 Velociraptor
 2026-05-06T14:50:55.631Z 2026-05-06T15:27:40.088Z
CVE-2026-6788
8.5 (4.0)
Uncontrolled search path in PluginLauncher allows SYST… WatchGuard
 WatchGuard Agent
 2026-05-06T15:46:48.269Z 2026-05-06T16:13:28.284Z
CVE-2026-6787
8.5 (4.0)
Usage of a hard-coded cryptographic key in WatchGuard … WatchGuard
 WatchGuard Agent
 2026-05-06T15:46:26.104Z 2026-05-06T16:11:58.312Z
CVE-2026-6691
8.6 (4.0)
7.8 (3.1)
MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow MongoDB Inc.
 MongoDB C Driver
 2026-05-06T15:08:23.671Z 2026-05-07T03:55:47.410Z
ID Description Published Updated
fkie_cve-2025-13650 An attacker with access to the web application ZeusWeb of the provider Microcom (in this case, regi… 2026-02-11T09:15:50.147 2026-03-20T18:33:56.270
fkie_cve-2025-13649 An attacker with access to the web application ZeusWeb of the provider Microcom (in this case, re… 2026-02-11T09:15:49.997 2026-03-17T20:24:13.760
fkie_cve-2025-13648 An attacker with access to the web application ZeusWeb of the provider Microcom (in this case, re… 2026-02-11T09:15:49.793 2026-03-17T20:22:55.103
fkie_cve-2025-10913 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… 2026-02-11T08:16:07.057 2026-04-15T00:35:42.020
fkie_cve-2025-10912 Authorization Bypass Through User-Controlled Key vulnerability in Saastech Cleaning and Internet Se… 2026-02-11T08:16:06.830 2026-04-15T00:35:42.020
fkie_cve-2026-1357 The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to U… 2026-02-11T06:15:51.677 2026-04-15T00:35:42.020
fkie_cve-2026-1235 The WP eCommerce WordPress plugin through 3.15.1 unserializes user input via ajax actions, which co… 2026-02-11T06:15:51.220 2026-04-15T00:35:42.020
fkie_cve-2025-15400 The OpenPix for WooCommerce WordPress plugin through 2.13.3 allows any authenticated user to trigge… 2026-02-11T06:15:47.870 2026-04-15T00:35:42.020
fkie_cve-2026-26079 Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection… 2026-02-11T05:16:28.650 2026-04-15T00:35:42.020
fkie_cve-2026-26044 Rejected reason: Not used 2026-02-11T05:16:28.590 2026-02-11T05:16:28.590
fkie_cve-2026-26043 Rejected reason: Not used 2026-02-11T05:16:28.527 2026-02-11T05:16:28.527
fkie_cve-2026-26042 Rejected reason: Not used 2026-02-11T05:16:28.463 2026-02-11T05:16:28.463
fkie_cve-2026-26041 Rejected reason: Not used 2026-02-11T05:16:28.400 2026-02-11T05:16:28.400
fkie_cve-2026-26040 Rejected reason: Not used 2026-02-11T05:16:28.337 2026-02-11T05:16:28.337
fkie_cve-2026-26039 Rejected reason: Not used 2026-02-11T05:16:28.267 2026-02-11T05:16:28.267
fkie_cve-2026-26038 Rejected reason: Not used 2026-02-11T05:16:28.193 2026-02-11T05:16:28.193
fkie_cve-2026-26037 Rejected reason: Not used 2026-02-11T05:16:28.133 2026-02-11T05:16:28.133
fkie_cve-2026-26036 Rejected reason: Not used 2026-02-11T05:16:28.003 2026-02-11T05:16:28.003
fkie_cve-2026-1893 The Orbisius Random Name Generator plugin for WordPress is vulnerable to Stored Cross-Site Scriptin… 2026-02-11T05:16:20.150 2026-04-15T00:35:42.020
fkie_cve-2026-1231 The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable … 2026-02-11T02:15:58.297 2026-04-15T00:35:42.020
fkie_cve-2025-15524 The Gallery by FooGallery plugin for WordPress is vulnerable to unauthorized access of data due to … 2026-02-11T02:15:58.057 2026-04-15T00:35:42.020
fkie_cve-2025-14541 The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all version… 2026-02-11T02:15:57.887 2026-04-15T00:35:42.020
fkie_cve-2025-13431 The SlimStat Analytics plugin for WordPress is vulnerable to time-based SQL Injection via the ‘args… 2026-02-11T02:15:57.667 2026-04-15T00:35:42.020
fkie_cve-2026-1571 User-controlled input is reflected into the HTML output without proper encoding on TP-Link Archer C… 2026-02-11T01:15:56.453 2026-02-20T20:19:24.487
fkie_cve-2026-25872 JUNG Smart Panel KNX firmware version L1.12.22 and prior contain an unauthenticated path traversal … 2026-02-10T23:16:16.473 2026-04-15T00:35:42.020
fkie_cve-2026-25870 DoraCMS version 3.1 and prior contains a server-side request forgery (SSRF) vulnerability in its UE… 2026-02-10T23:16:16.287 2026-04-15T00:35:42.020
fkie_cve-2026-25251 Rejected reason: This has been moved to the REJECTED state because the information source is under … 2026-02-10T23:16:16.080 2026-02-10T23:16:16.080
fkie_cve-2026-26013 LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the Cha… 2026-02-10T22:17:00.453 2026-03-17T20:30:07.960
fkie_cve-2026-26007 cryptography is a package designed to expose cryptographic primitives and recipes to Python develop… 2026-02-10T22:17:00.307 2026-02-23T15:40:33.787
fkie_cve-2026-26006 AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelli… 2026-02-10T22:16:59.710 2026-02-17T15:28:04.533
ID Severity Description Published Updated
ghsa-p272-qqm2-63g8
7.5 (3.1)
Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker w… 2026-05-06T21:31:37Z 2026-05-07T01:05:49Z
ghsa-ggh9-x7x7-xpw4
7.5 (3.1)
Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. … 2026-05-06T21:31:37Z 2026-05-07T15:38:33Z
ghsa-ffrx-892g-4x38
8.3 (3.1)
Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who… 2026-05-06T21:31:37Z 2026-05-07T01:05:49Z
ghsa-7p33-hr3q-655j
8.8 (3.1)
Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker… 2026-05-06T21:31:37Z 2026-05-07T01:05:49Z
ghsa-7cmm-jw3f-8q9h
8.8 (3.1)
Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to pote… 2026-05-06T21:31:37Z 2026-05-07T01:05:49Z
ghsa-2cvq-g96p-ggfw
8.8 (3.1)
Use after free in Chromoting in Google Chrome on Linux prior to 148.0.7778.96 allowed a remote atta… 2026-05-06T21:31:37Z 2026-05-07T01:05:49Z
ghsa-wq4h-4jp8-cjcw
8.3 (3.1)
HCL BigFix Service Management (SX) is affected by a Broken Access Control vulnerability leading to… 2026-05-06T21:31:36Z 2026-05-06T21:31:36Z
ghsa-wmrh-7wq5-qc6j
3.9 (3.1)
HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. A… 2026-05-06T21:31:36Z 2026-05-06T21:31:36Z
ghsa-vx9f-9xjj-7h22
7.5 (3.1)
Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H… 2026-05-06T21:31:36Z 2026-05-06T21:31:36Z
ghsa-6282-5cpc-5895
5.3 (3.1)
HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error hand… 2026-05-06T21:31:36Z 2026-05-06T21:31:36Z
ghsa-3vfh-3cpw-2378
9.8 (3.1)
9.3 (4.0)
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service … 2026-05-06T21:31:36Z 2026-05-07T18:30:37Z
ghsa-f5p7-9fr5-8jmj
5.9 (3.1)
Granian vulnerable to DoS via WSGI response header panic 2026-05-06T21:24:56Z 2026-05-06T21:24:56Z
ghsa-vrg7-482j-p6f6
7.5 (3.1)
Granian vulnerable to unauthenticated DoS via WebSocket subprotocol header panic 2026-05-06T21:20:48Z 2026-05-06T21:20:48Z
ghsa-6xx2-m8wv-756h
8.7 (4.0)
Low-privileged Grav API users can create super-admin accounts via blueprint-upload 2026-05-06T21:19:21Z 2026-05-06T21:19:21Z
ghsa-x597-9fr4-5857
6.2 (4.0)
Hugo's Node tool execution allows file system access outside the project directory 2026-05-06T20:59:23Z 2026-05-06T20:59:23Z
ghsa-x8jv-q8j2-487c
5.3 (4.0)
Magento LTS: Reflected XSS - Import -> Data Flow (profiles) 2026-05-06T20:57:37Z 2026-05-06T20:57:37Z
ghsa-m24v-f7g5-gq67
5.3 (3.1)
Statamic CMS vulnerable to email enumeration via forgot password endpoint 2026-05-06T20:54:31Z 2026-05-06T20:54:31Z
ghsa-pggp-6c3x-2xmx
7.5 (3.1)
Snappier has an infinite loop during SnappyStream decompression with malformed framed input 2026-05-06T20:53:23Z 2026-05-06T20:53:23Z
ghsa-289f-fq7w-6q2w
9.8 (3.1)
phpMyFAQ has unauthenticated SQL injection via User-Agent header in BuiltinCaptcha 2026-05-06T20:49:15Z 2026-05-06T20:49:15Z
ghsa-gh9p-q46p-57g2
6.5 (3.1)
phpMyFAQ: Path Traversal in Client::deleteClientFolder enables arbitrary directory deletion by non-… 2026-05-06T20:47:54Z 2026-05-06T20:47:54Z
ghsa-99qv-g4x9-mgc3
7.5 (3.1)
phpMyFAQ has unauthenticated FAQ permission bypass via getFaqBySolutionId fallback query 2026-05-06T20:45:01Z 2026-05-06T20:45:01Z
ghsa-pm8c-3qq3-72w7
7.5 (3.1)
phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields 2026-05-06T20:44:39Z 2026-05-06T20:44:39Z
ghsa-9pq7-mfwh-xx2j
9.1 (3.1)
phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id 2026-05-06T20:42:54Z 2026-05-06T20:42:54Z
ghsa-cf92-gfcw-6v53
3.5 (3.1)
Magic Wormhole: receive, with --output pointing at an existing directory can be path-traversed 2026-05-06T20:40:17Z 2026-05-06T20:40:17Z
ghsa-jrc5-w569-h7h5
4.3 (3.1)
phpMyFAQ: Ordinary Authenticated User Can Access Admin-Only API Endpoints Due to Insufficient Autho… 2026-05-06T20:37:42Z 2026-05-06T20:37:42Z
ghsa-pqh6-8fxf-jx22
6.9 (3.1)
phpMyFAQ has stored XSS via | raw Filter in search.twig — html_entity_decode(strip_tags()) Bypass i… 2026-05-06T20:31:54Z 2026-05-06T20:31:54Z
ghsa-rm98-82fr-mcfx
4.3 (3.1)
phpMyFAQ's Missing CONFIGURATION_EDIT Permission Check on 12 Admin API Configuration Tab Endpoints … 2026-05-06T20:24:39Z 2026-05-06T20:24:39Z
ghsa-whqh-9pq5-c7r3
5.4 (3.1)
phpMyFAQ has a SVG Sanitizer Entity Decoding Depth Limit Bypass Leading to Stored XSS 2026-05-06T20:18:48Z 2026-05-06T20:18:48Z
ghsa-f5p7-2c9q-8896
5.4 (3.1)
phpMyFAQ has Stored XSS in FAQ Question/Answer via Encode-Decode Bypass of removeAttributes() Sanit… 2026-05-06T20:18:02Z 2026-05-06T20:18:02Z
ghsa-pgh9-mpwc-8jjf
8.6 (3.1)
Harvester's SUSE Virtualization Registration Client Vulnerable to MITM and DOS 2026-05-06T20:16:08Z 2026-05-06T20:16:08Z
ID Severity Description Package Published Updated
pysec-2022-242
The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor insert… pycrowdtangle 2022-07-22T15:15:00Z 2022-07-29T05:45:36.692082Z
pysec-2022-241
The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a … eziod 2022-07-22T15:15:00Z 2022-07-29T05:45:35.868408Z
pysec-2022-236
The Apache Spark UI offers the possibility to enable ACLs via the configuration option sp… pyspark 2022-07-18T07:15:00Z 2022-07-25T14:38:46.692270Z
pysec-2022-235
WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles uploa… octobot 2022-07-16T17:15:00Z 2022-07-21T08:44:55.990435Z
pysec-2022-43143
6.5 (3.1)
OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo f… openzeppelin-cairo-contracts-test 2022-07-15T18:15:00Z 2024-11-21T14:22:57.304802Z
pysec-2022-238
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanit… codecov 2022-07-13T12:15:00Z 2022-07-26T13:13:30.178958Z
pysec-2022-226
The package whoogle-search before 0.7.2 are vulnerable to Cross-site Scripting (XSS) via … whoogle-search 2022-07-12T15:15:00Z 2022-07-14T05:11:54.875994Z
pysec-2022-225
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal be… ganga 2022-07-11T01:15:00Z 2022-07-14T05:11:52.325698Z
pysec-2022-223
mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal du… mat2 2022-07-08T18:15:00Z 2022-07-14T05:11:52.948988Z
pysec-2022-233
openssh_key_parser is an open source Python package providing utilities to parse and pack… openssh-key-parser 2022-07-06T18:15:00Z 2023-05-25T05:07:00Z
pysec-2022-230
NULL Pointer Dereference allows attackers to cause a denial of service (or application cr… lxml 2022-07-05T10:15:00Z 2023-05-25T05:07:00Z
pysec-2022-213
An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and… django 2022-07-04T16:15:00Z 2022-07-04T18:45:03.823587Z
pysec-2022-232
NVFLARE, versions prior to 2.1.2, contains a vulnerability in its utils module, where YAM… nvflare 2022-07-01T18:15:00Z 2023-06-05T01:12:56.865026Z
pysec-2022-231
NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation modu… nvflare 2022-07-01T18:15:00Z 2023-06-05T01:12:56.789968Z
pysec-2022-224
Synapse is an open source home server implementation for the Matrix chat network. In vers… matrix-synapse 2022-06-28T17:15:00Z 2022-07-14T05:11:53.027228Z
pysec-2022-222
The Security Team noticed that the termination condition of the for loop in the readExter… systemds 2022-06-27T18:15:00Z 2022-07-14T05:11:54.728743Z
pysec-2022-43176
9.8 (3.1)
The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. Thi… zibal 2022-06-24T21:15:00Z 2024-11-21T14:23:03.404044Z
pysec-2022-43172
9.8 (3.1)
The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor… watertools 2022-06-24T21:15:00Z 2024-11-21T14:23:03.143453Z
pysec-2022-43169
9.8 (3.1)
The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution bac… togglee 2022-06-24T21:15:00Z 2024-11-21T14:23:01.740031Z
pysec-2022-43168
9.8 (3.1)
The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backd… sixfab-tool 2022-06-24T21:15:00Z 2022-07-06T19:30:00Z
pysec-2022-43165
9.8 (3.1)
The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution b… scoptrial 2022-06-24T21:15:00Z 2024-11-21T14:23:01.181819Z
pysec-2022-43164
9.8 (3.1)
The Rondolu-YT-Concate package in PyPI v0.1.0 was discovered to contain a code execution … rondolu-yt-concate 2022-06-24T21:15:00Z 2024-11-21T14:23:00.996865Z
pysec-2022-43133
9.8 (3.1)
The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor v… drxhello 2022-06-24T21:15:00Z 2024-11-21T14:22:45.663614Z
pysec-2022-43132
9.8 (3.1)
The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution bac… dr-web-engine 2022-06-24T21:15:00Z 2024-11-21T14:22:45.610409Z
pysec-2022-43073
9.8 (3.1)
The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backd… cloudlabeling 2022-06-24T21:15:00Z 2024-11-21T14:22:42.118573Z
pysec-2022-43066
9.8 (3.1)
The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor vi… aamiles 2022-06-24T21:15:00Z 2024-11-21T14:22:40.256677Z
pysec-2022-221
The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code exe… catly-translate 2022-06-24T21:15:00Z 2022-07-06T20:32:04.087337Z
pysec-2022-220
** Reserved ** The pyesasky for python, as distributed on PyPI, included a code-execution… pyesasky 2022-06-24T21:15:00Z 2022-07-06T18:41:16.470294Z
pysec-2022-219
The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code … rootinteractive 2022-06-24T21:15:00Z 2022-07-05T20:48:00Z
pysec-2022-218
The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code ex… django-navbar-client 2022-06-24T21:15:00Z 2022-07-05T20:48:00Z
ID Description Updated
ID Description Published Updated
mal-2026-2588 Malicious code in @lamoda/seller-ui-kit (npm) 2026-04-10T12:56:44Z 2026-04-23T20:50:49Z
mal-2026-2530 Malicious code in noonhelpers (PyPI) 2026-04-10T12:02:29Z 2026-04-10T12:02:29Z
mal-2026-2823 Malicious code in @genoma-ui/components (npm) 2026-04-10T07:07:32Z 2026-04-23T20:50:49Z
mal-2026-2527 Malicious code in sjs-biginteger (npm) 2026-04-09T14:05:08Z 2026-04-10T17:23:36Z
mal-2026-2528 Malicious code in sjs-lint-build1 (npm) 2026-04-09T14:04:30Z 2026-04-10T17:23:36Z
mal-2026-2522 Malicious code in st-payment (PyPI) 2026-04-09T13:30:26Z 2026-04-09T13:30:26Z
mal-2026-2521 Malicious code in gc-grocery-api (PyPI) 2026-04-09T13:29:38Z 2026-04-09T13:29:38Z
mal-2026-2520 Malicious code in @signals-notebook/utils (npm) 2026-04-09T11:05:56Z 2026-04-10T17:23:32Z
mal-2026-2866 Malicious code in @tableau__catalog-messages/database_lower (npm) 2026-04-09T08:55:50Z 2026-04-23T20:50:49Z
mal-2026-2523 Malicious code in @telekom-wfa/auth-core (npm) 2026-04-09T08:25:05Z 2026-04-10T17:23:32Z
mal-2026-2519 Malicious code in just4testlm (PyPI) 2026-04-09T07:28:17Z 2026-04-09T08:40:08Z
mal-2026-2518 Malicious code in viewer-assets-generator (npm) 2026-04-09T03:10:01Z 2026-04-13T15:48:07Z
mal-2026-2517 Malicious code in kraken-trader (PyPI) 2026-04-08T20:22:02Z 2026-04-08T20:22:02Z
mal-2026-2870 Malicious code in black-moon-js (npm) 2026-04-08T19:03:22Z 2026-04-23T20:50:49Z
mal-2026-2516 Malicious code in sentinel-tool (PyPI) 2026-04-08T16:31:08Z 2026-04-08T16:31:08Z
mal-2026-2515 Malicious code in granulate-utils (PyPI) 2026-04-08T12:34:04Z 2026-04-08T12:34:04Z
mal-2026-2514 Malicious code in gprofiler-logging (PyPI) 2026-04-08T12:33:58Z 2026-04-08T12:33:58Z
mal-2026-2513 Malicious code in gprofiler (npm) 2026-04-08T11:45:58Z 2026-04-14T12:40:52Z
mal-2026-2512 Malicious code in roboat-utils (PyPI) 2026-04-08T09:50:08Z 2026-05-03T20:49:49Z
mal-2026-2506 Malicious code in @fairwords/encryption (npm) 2026-04-08T04:19:17Z 2026-04-10T17:23:32Z
mal-2026-2507 Malicious code in @fairwords/loopback-connector-es (npm) 2026-04-08T04:19:03Z 2026-04-10T17:23:32Z
mal-2026-2508 Malicious code in @fairwords/websocket (npm) 2026-04-08T04:18:49Z 2026-04-10T17:23:32Z
mal-2026-2865 Malicious code in @sie-ppr-web-checkout/app (npm) 2026-04-07T23:37:14Z 2026-04-23T20:50:49Z
mal-2026-2510 Malicious code in @velora-dex/sdk (npm) 2026-04-07T19:23:02Z 2026-04-20T00:45:38Z
mal-2026-2504 Malicious code in strapi-plugin-cache (npm) 2026-04-07T16:01:07Z 2026-04-10T17:23:36Z
mal-2026-2505 Malicious code in @aspect-security/argon2 (npm) 2026-04-07T12:16:51Z 2026-04-10T17:23:32Z
mal-2026-2511 Malicious code in argon2-napi (npm) 2026-04-07T12:15:56Z 2026-04-10T17:23:32Z
mal-2026-2509 Malicious code in @langgraphjs/toolkit (npm) 2026-04-07T12:15:13Z 2026-04-10T17:23:32Z
mal-2026-2503 Malicious code in genesis-1p-tools-rpm-bundle (PyPI) 2026-04-07T09:41:03Z 2026-04-07T09:41:03Z
mal-2026-2871 Malicious code in devkitx (npm) 2026-04-07T07:43:09Z 2026-04-23T20:50:50Z
ID Description Published Updated
ID Description Published Updated
wid-sec-w-2025-1379 Red Hat Enterprise Linux (iputils): Schwachstelle ermöglicht Denial of Service 2025-06-23T22:00:00.000+00:00 2025-07-23T22:00:00.000+00:00
wid-sec-w-2025-1378 Red Hat Enterprise Linux (mod_proxy_cluster): Schwachstelle ermöglicht Manipulation von Daten 2025-06-23T22:00:00.000+00:00 2025-06-25T22:00:00.000+00:00
wid-sec-w-2025-1375 WinRAR: Schwachstelle ermöglicht Codeausführung 2025-06-23T22:00:00.000+00:00 2025-12-09T23:00:00.000+00:00
wid-sec-w-2025-1372 Linux Kernel: Schwachstelle ermöglicht Manipulation von Daten und Denial of Service 2025-06-22T22:00:00.000+00:00 2026-01-19T23:00:00.000+00:00
wid-sec-w-2025-1371 FreeRDP: Schwachstelle ermöglicht Denial of Service 2025-06-22T22:00:00.000+00:00 2025-07-08T22:00:00.000+00:00
wid-sec-w-2025-1370 Red Hat Enterprise Linux (yaml-libyam): Schwachstelle ermöglicht Manipulation von Dateien 2025-06-22T22:00:00.000+00:00 2025-07-10T22:00:00.000+00:00
wid-sec-w-2025-1369 Red Hat Enterprise Linux (mpfr): Schwachstelle ermöglicht Denial of Service 2025-06-22T22:00:00.000+00:00 2025-06-22T22:00:00.000+00:00
wid-sec-w-2025-1368 IBM Spectrum Protect: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-06-22T22:00:00.000+00:00 2025-06-22T22:00:00.000+00:00
wid-sec-w-2025-1367 IBM InfoSphere Information Server: Mehrere Schwachstellen 2025-06-22T22:00:00.000+00:00 2025-06-22T22:00:00.000+00:00
wid-sec-w-2025-1366 F5 BIG-IP: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-06-22T22:00:00.000+00:00 2025-06-22T22:00:00.000+00:00
wid-sec-w-2025-1365 IBM QRadar SIEM: Mehrere Schwachstellen 2025-06-19T22:00:00.000+00:00 2025-07-15T22:00:00.000+00:00
wid-sec-w-2025-1364 Mattermost: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff 2025-06-19T22:00:00.000+00:00 2025-06-19T22:00:00.000+00:00
wid-sec-w-2025-1363 RabbitMQ: Schwachstelle ermöglicht Offenlegung von Informationen 2025-06-19T22:00:00.000+00:00 2025-09-23T22:00:00.000+00:00
wid-sec-w-2025-1362 ClamAV: Mehrere Schwachstellen ermöglichen Denial of Service 2025-06-19T22:00:00.000+00:00 2025-06-22T22:00:00.000+00:00
wid-sec-w-2025-1361 Cisco Meraki MX: Schwachstelle ermöglicht Denial of Service 2025-06-19T22:00:00.000+00:00 2025-06-19T22:00:00.000+00:00
wid-sec-w-2025-1360 Ubiquiti UniFi Network Application: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-06-19T22:00:00.000+00:00 2025-06-19T22:00:00.000+00:00
wid-sec-w-2025-1359 IBM Security Guardium: Schwachstelle ermöglicht Offenlegung oder Manipulation von Informationen 2025-06-19T22:00:00.000+00:00 2025-06-19T22:00:00.000+00:00
wid-sec-w-2025-1358 Grafana: Schwachstelle ermöglicht Denial of Service 2025-06-19T22:00:00.000+00:00 2025-06-19T22:00:00.000+00:00
wid-sec-w-2025-1357 Kubernetes: Schwachstelle ermöglicht umgehen von Sicherheitsmechanismen. 2025-06-19T22:00:00.000+00:00 2025-06-19T22:00:00.000+00:00
wid-sec-w-2025-1355 Apache Traffic Server: Mehrere Schwachstellen 2025-06-17T22:00:00.000+00:00 2025-06-17T22:00:00.000+00:00
wid-sec-w-2025-1354 Verschiedene Linux Distributionen: Mehrere Schwachstellen ermöglichen Privilegieneskalation 2025-06-17T22:00:00.000+00:00 2025-07-27T22:00:00.000+00:00
wid-sec-w-2025-1353 Moodle: Mehrere Schwachstellen 2025-06-17T22:00:00.000+00:00 2025-06-19T22:00:00.000+00:00
wid-sec-w-2025-1352 X.Org X11 und Xwayland: Mehrere Schwachstellen 2025-06-17T22:00:00.000+00:00 2025-11-17T23:00:00.000+00:00
wid-sec-w-2025-1351 Red Hat Enterprise Linux (kea): Mehrere Schwachstellen 2025-06-17T22:00:00.000+00:00 2025-06-17T22:00:00.000+00:00
wid-sec-w-2025-1350 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-06-17T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-1349 Citrix Systems ADC: Mehrere Schwachstellen 2025-06-17T22:00:00.000+00:00 2025-08-26T22:00:00.000+00:00
wid-sec-w-2025-1348 Citrix Systems NetScaler: Schwachstelle ermöglicht Offenlegung von Informationen 2025-06-17T22:00:00.000+00:00 2025-06-17T22:00:00.000+00:00
wid-sec-w-2025-1347 Citrix Systems Secure Access client: Schwachstelle ermöglicht Privilegieneskalation 2025-06-17T22:00:00.000+00:00 2025-06-17T22:00:00.000+00:00
wid-sec-w-2025-1346 Citrix Systems Workspace App: Schwachstelle ermöglicht Privilegieneskalation 2025-06-17T22:00:00.000+00:00 2025-06-17T22:00:00.000+00:00
wid-sec-w-2025-1345 Sitecore Experience Manager: Mehrere Schwachstellen 2025-06-17T22:00:00.000+00:00 2025-06-17T22:00:00.000+00:00
ID Description Published Updated
icsa-24-228-03 Siemens Teamcenter Visualization and JT2Go 2024-08-13T00:00:00.000000Z 2024-08-13T00:00:00.000000Z
icsa-24-228-02 Siemens INTRALOG WMS 2024-08-13T00:00:00.000000Z 2024-08-13T00:00:00.000000Z
icsa-24-228-01 Siemens SCALANCE M-800, RUGGEDCOM RM1224 2024-08-13T00:00:00.000000Z 2024-08-13T00:00:00.000000Z
icsa-24-221-01 Dorsett Controls InfoScan 2024-08-08T06:00:00.000000Z 2024-08-08T06:00:00.000000Z
icsa-24-219-01 Delta Electronics DIAScreen 2024-08-06T06:00:00.000000Z 2024-08-06T06:00:00.000000Z
icsa-24-214-09 Rockwell Automation Logix Controllers 2024-08-01T06:00:00.000000Z 2024-08-01T06:00:00.000000Z
icsa-24-214-08 Vonets WiFi Bridges 2024-08-01T06:00:00.000000Z 2024-08-01T06:00:00.000000Z
icsa-24-214-07 AVTECH IP camera 2024-08-01T06:00:00.000000Z 2024-08-01T06:00:00.000000Z
icsa-24-214-06 Johnson Controls exacqVision Web Service 2024-08-01T06:00:00.000000Z 2024-08-01T06:00:00.000000Z
icsa-24-214-05 Johnson Controls exacqVision Server 2024-08-01T06:00:00.000000Z 2024-08-01T06:00:00.000000Z
icsa-24-214-04 Johnson Controls exacqVision Web Service 2024-08-01T06:00:00.000000Z 2024-08-01T06:00:00.000000Z
icsa-24-214-03 Johnson Controls exacqVision Web Service 2024-08-01T06:00:00.000000Z 2024-08-01T06:00:00.000000Z
icsa-24-214-02 Johnson Controls exacqVision Server web service 2024-08-01T06:00:00.000000Z 2024-08-01T06:00:00.000000Z
icsa-24-214-01 Johnson Controls exacqVision client and exacqVision server 2024-08-01T06:00:00.000000Z 2024-08-01T06:00:00.000000Z
icsa-24-207-02 Positron Broadcast Signal Processor 2024-07-25T06:00:00.000000Z 2024-07-25T06:00:00.000000Z
icsa-24-205-03 National Instruments LabVIEW 2024-07-23T06:00:00.000000Z 2024-07-23T06:00:00.000000Z
icsa-24-205-02 Hitachi Energy AFS/AFR Series Products 2024-07-23T06:00:00.000000Z 2024-07-23T06:00:00.000000Z
icsa-24-205-01 National Instruments IO Trace 2024-07-23T06:00:00.000000Z 2024-07-23T06:00:00.000000Z
icsa-24-207-01 Siemens SICAM Products 2024-07-22T00:00:00.000000Z 2024-07-22T00:00:00.000000Z
va-24-201-01 Adminer and AdminerEvo Multiple Vulnerabilities 2024-07-19T16:00:00Z 2024-11-14T17:00:00Z
icsma-24-200-01 Philips Vue PACS (Update A) 2024-07-18T06:00:00.000000Z 2024-11-21T07:00:00.000000Z
icsa-24-200-02 Subnet Solutions PowerSYSTEM Center 2024-07-18T06:00:00.000000Z 2024-07-18T06:00:00.000000Z
icsa-24-200-01 Mitsubishi Electric MELSOFT MaiLab and MELSOFT VIXIO (Update A) 2024-07-18T06:00:00.000000Z 2025-05-15T06:00:00.000000Z
icsa-24-198-01 Rockwell Automation Pavilion 8 2024-07-16T06:00:00.000000Z 2024-07-16T06:00:00.000000Z
icsa-24-193-20 HMS Industrial Networks Anybus-CompactCom 30 2024-07-11T06:00:00.000000Z 2024-07-11T06:00:00.000000Z
icsa-24-193-19 Rockwell Automation FactoryTalk System Services and Policy Manager 2024-07-11T06:00:00.000000Z 2024-07-11T06:00:00.000000Z
icsa-24-193-18 Rockwell Automation ThinManager ThinServer 2024-07-11T06:00:00.000000Z 2024-07-11T06:00:00.000000Z
icsa-24-191-05 Johnson Controls Inc. Software House C●CURE 9000 (Update B) 2024-07-09T06:00:00.000000Z 2025-07-17T06:00:00.000000Z
icsa-24-191-04 Johnson Controls Inc. Software House C●CURE 9000 2024-07-09T06:00:00.000000Z 2024-07-09T06:00:00.000000Z
icsa-24-191-03 Johnson Controls Illustra Pro Gen 4 2024-07-09T06:00:00.000000Z 2024-07-09T06:00:00.000000Z
ID Description Published Updated
cisco-sa-cdp-dos-g8dplwyg Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability 2022-02-23T16:00:00+00:00 2022-03-01T17:35:44+00:00
cisco-sa-rcm-tcp-dos-2wh8xjaq Cisco Redundancy Configuration Manager for Cisco StarOS Software TCP Denial of Service Vulnerability 2022-02-16T16:00:00+00:00 2022-02-16T16:00:00+00:00
cisco-sa-pi-epnm-xss-p8fbz2fw Cisco Prime Infrastructure and Evolved Programmable Network Manager Cross-Site Scripting Vulnerability 2022-02-16T16:00:00+00:00 2022-02-16T16:00:00+00:00
cisco-sa-esa-dos-mxzvgtgu Cisco Email Security Appliance DNS Verification Denial of Service Vulnerability 2022-02-16T16:00:00+00:00 2022-02-25T19:22:29+00:00
cisco-sa-swg-fbyps-3z4qt7p Cisco Umbrella Secure Web Gateway File Inspection Bypass Vulnerability 2022-02-02T16:00:00+00:00 2022-02-02T16:00:00+00:00
cisco-sa-smb-mult-vuln-ka9pk6d Cisco Small Business RV Series Routers Vulnerabilities 2022-02-02T16:00:00+00:00 2022-02-14T13:54:42+00:00
cisco-sa-dnac-info-disc-8qeynkej Cisco DNA Center Information Disclosure Vulnerability 2022-02-02T16:00:00+00:00 2022-02-04T20:22:37+00:00
cisco-sa-cpsc-info-disc-zkjbdj9f Cisco Prime Service Catalog Information Disclosure Vulnerability 2022-02-02T16:00:00+00:00 2022-02-02T16:00:00+00:00
cisco-sa-webex-xss-fmbpu2pe Cisco Webex Meetings Cross-Site Scripting Vulnerability 2022-01-19T16:00:00+00:00 2022-01-19T16:00:00+00:00
cisco-sa-snort-dos-9d3hjluj Multiple Cisco Products Snort Modbus Denial of Service Vulnerability 2022-01-19T16:00:00+00:00 2022-04-26T19:41:55+00:00
cisco-sa-rcm-vuls-7cs3nuq Cisco Redundancy Configuration Manager for Cisco StarOS Software Multiple Vulnerabilities 2022-01-19T16:00:00+00:00 2022-01-19T16:00:00+00:00
cisco-sa-confdcli-cmdinj-wybqdssh ConfD CLI Command Injection Vulnerability 2022-01-19T16:00:00+00:00 2022-01-19T16:00:00+00:00
cisco-sa-cli-cmdinj-4mttwzpb Multiple Cisco Products CLI Command Injection Vulnerability 2022-01-19T16:00:00+00:00 2022-01-19T16:00:00+00:00
cisco-sa-tetr-cmd-injc-skrwgo Cisco Tetration Command Injection Vulnerability 2022-01-12T16:00:00+00:00 2022-01-31T17:21:31+00:00
cisco-sa-sna-xss-nxoxdhrq Cisco Secure Network Analytics Cross-Site Scripting Vulnerability 2022-01-12T16:00:00+00:00 2022-01-12T16:00:00+00:00
cisco-sa-prime-reg-xss-zloz8pfb Cisco Prime Access Registrar Appliance Cross-Site Scripting Vulnerability 2022-01-12T16:00:00+00:00 2022-01-12T16:00:00+00:00
cisco-sa-pi-epnm-path-trav-zws324yn Cisco Prime Infrastructure and Evolved Programmable Network Manager Vulnerabilities 2022-01-12T16:00:00+00:00 2022-01-12T16:00:00+00:00
cisco-sa-ip-phone-info-disc-frdjfoxa Cisco IP Phones Information Disclosure Vulnerability 2022-01-12T16:00:00+00:00 2022-01-12T16:00:00+00:00
cisco-sa-ece-multivulns-kbk2yvhr Cisco Enterprise Chat and Email Vulnerabilities 2022-01-12T16:00:00+00:00 2022-01-12T16:00:00+00:00
cisco-sa-csm-mult-xss-7hmokqtt Cisco Security Manager Cross-Site Scripting Vulnerabilities 2022-01-12T16:00:00+00:00 2022-01-12T16:00:00+00:00
cisco-sa-ccmp-priv-esc-jzhtflm4 Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager Privilege Escalation Vulnerability 2022-01-12T16:00:00+00:00 2022-01-12T16:00:00+00:00
cisco-sa-asdm-logging-jnloy422 Cisco Adaptive Security Device Manager Information Disclosure Vulnerability 2022-01-12T16:00:00+00:00 2022-06-29T21:50:47+00:00
cisco-sa-apache-log4j-qruknebd Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021 2021-12-10T18:45:00+00:00 2022-01-31T21:16:10+00:00
cisco-sa-cspc-xss-kjrnbm3p Cisco Common Services Platform Collector Stored Cross-Site Scripting Vulnerability 2021-11-17T16:00:00+00:00 2021-11-18T22:48:14+00:00
cisco-sa-cspc-sqli-unvptn5 Cisco Common Services Platform Collector SQL Injection Vulnerability 2021-11-17T16:00:00+00:00 2021-11-18T22:48:13+00:00
cisco-sa-cspc-ilr-8qmw8y8x Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability 2021-11-17T16:00:00+00:00 2021-11-18T22:48:15+00:00
cisco-sa-webex-activation-3sdnfxcy Cisco Webex Meetings Email Content Injection Vulnerability 2021-11-03T16:00:00+00:00 2021-11-03T16:00:00+00:00
cisco-sa-vmesh-openred-agnrmf5 Cisco Webex Video Mesh Arbitrary Site Redirection Vulnerability 2021-11-03T16:00:00+00:00 2021-11-03T16:00:00+00:00
cisco-sa-videomesh-xss-qjm2bdqf Cisco Webex Video Mesh Cross-Site Scripting Vulnerability 2021-11-03T16:00:00+00:00 2021-11-03T16:00:00+00:00
cisco-sa-umbrella-user-enum-s7xfjwde Cisco Umbrella Email Enumeration Vulnerability 2021-11-03T16:00:00+00:00 2021-11-03T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-4438 gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames 2026-03-02T00:00:00.000Z 2026-03-31T15:09:47.000Z
msrc_cve-2026-4437 gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response 2026-03-02T00:00:00.000Z 2026-03-31T15:09:24.000Z
msrc_cve-2026-4426 Libarchive: libarchive: denial of service via malformed iso file processing 2026-03-02T00:00:00.000Z 2026-04-24T14:37:38.000Z
msrc_cve-2026-4424 Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing 2026-03-02T00:00:00.000Z 2026-04-24T14:37:47.000Z
msrc_cve-2026-4395 Heap-based buffer overflow in wc_ecc_import_x963_ex KCAPI path 2026-03-02T00:00:00.000Z 2026-04-30T01:42:44.000Z
msrc_cve-2026-4224 Stack overflow parsing XML with deeply nested DTD content models 2026-03-02T00:00:00.000Z 2026-04-13T14:37:54.000Z
msrc_cve-2026-4176 Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib 2026-03-02T00:00:00.000Z 2026-04-15T01:41:11.000Z
msrc_cve-2026-4159 wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read 2026-03-02T00:00:00.000Z 2026-04-30T01:43:47.000Z
msrc_cve-2026-4111 Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive 2026-03-02T00:00:00.000Z 2026-03-18T14:36:47.000Z
msrc_cve-2026-4105 Systemd: systemd: privilege escalation via improper access control in registermachine d-bus method 2026-03-02T00:00:00.000Z 2026-04-01T14:36:30.000Z
msrc_cve-2026-4046 iconv crash due to assertion failure with untrusted input 2026-03-02T00:00:00.000Z 2026-04-02T01:01:22.000Z
msrc_cve-2026-3904 CVE-2026-3904 2026-03-02T00:00:00.000Z 2026-03-27T01:38:14.000Z
msrc_cve-2026-3849 Buffer Overflow in HPKE via Oversized ECH Config 2026-03-02T00:00:00.000Z 2026-04-22T01:39:34.000Z
msrc_cve-2026-3805 use after free in SMB connection reuse 2026-03-02T00:00:00.000Z 2026-03-26T01:38:04.000Z
msrc_cve-2026-3784 wrong proxy connection reuse with credentials 2026-03-02T00:00:00.000Z 2026-04-29T01:43:59.000Z
msrc_cve-2026-3783 token leak with redirect and netrc 2026-03-02T00:00:00.000Z 2026-04-29T01:43:47.000Z
msrc_cve-2026-3731 libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds 2026-03-02T00:00:00.000Z 2026-05-01T01:38:14.000Z
msrc_cve-2026-3713 pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow 2026-03-02T00:00:00.000Z 2026-04-29T14:57:51.000Z
msrc_cve-2026-3644 Incomplete control character validation in http.cookies 2026-03-02T00:00:00.000Z 2026-04-15T01:42:33.000Z
msrc_cve-2026-3634 Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header 2026-03-02T00:00:00.000Z 2026-04-14T14:41:33.000Z
msrc_cve-2026-3633 Libsoup: libsoup: header and http request injection via crlf injection 2026-03-02T00:00:00.000Z 2026-04-14T14:41:43.000Z
msrc_cve-2026-3632 Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames 2026-03-02T00:00:00.000Z 2026-04-14T14:41:38.000Z
msrc_cve-2026-3591 A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass 2026-03-02T00:00:00.000Z 2026-03-31T14:59:36.000Z
msrc_cve-2026-3580 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V 2026-03-02T00:00:00.000Z 2026-04-30T01:43:33.000Z
msrc_cve-2026-3579 Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I 2026-03-02T00:00:00.000Z 2026-04-22T01:39:23.000Z
msrc_cve-2026-3549 ECH parsing heap buffer overflow 2026-03-02T00:00:00.000Z 2026-03-27T01:42:32.000Z
msrc_cve-2026-3548 Buffer overflow in CRL number parsing in wolfSSL 2026-03-02T00:00:00.000Z 2026-03-27T01:42:24.000Z
msrc_cve-2026-3547 wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation 2026-03-02T00:00:00.000Z 2026-03-27T01:42:40.000Z
msrc_cve-2026-3503 Fault injection attack with ML-DSA and ML-KEM on ARM 2026-03-02T00:00:00.000Z 2026-04-22T01:39:17.000Z
msrc_cve-2026-3494 MariaDB Server Audit Plugin Comment Handling Bypass 2026-03-02T00:00:00.000Z 2026-03-14T01:37:11.000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
opensuse-su-2026:20039-1 Security update for bind 2026-01-15T10:43:49Z 2026-01-15T10:43:49Z
opensuse-su-2026:10056-1 libwireshark19-4.6.3-1.1 on GA media 2026-01-15T00:00:00Z 2026-01-15T00:00:00Z
opensuse-su-2026:10055-1 python311-virtualenv-20.36.1-1.1 on GA media 2026-01-15T00:00:00Z 2026-01-15T00:00:00Z
opensuse-su-2026:10054-1 php-composer2-2.9.3-1.1 on GA media 2026-01-15T00:00:00Z 2026-01-15T00:00:00Z
opensuse-su-2026:10053-1 ffmpeg-4-4.4.6-11.1 on GA media 2026-01-15T00:00:00Z 2026-01-15T00:00:00Z
opensuse-su-2026:10052-1 avahi-0.8-41.1 on GA media 2026-01-15T00:00:00Z 2026-01-15T00:00:00Z
opensuse-su-2026:10051-1 NetworkManager-applet-l2tp-1.52.0-1.1 on GA media 2026-01-15T00:00:00Z 2026-01-15T00:00:00Z
opensuse-su-2026:20038-1 Security update for wget2 2026-01-14T13:23:53Z 2026-01-14T13:23:53Z
opensuse-su-2026:20034-1 Security update for tomcat 2026-01-14T13:14:54Z 2026-01-14T13:14:54Z
opensuse-su-2026:20031-1 Security update for curl 2026-01-14T11:01:44Z 2026-01-14T11:01:44Z
opensuse-su-2026:20032-1 Security update for haproxy 2026-01-14T10:56:00Z 2026-01-14T10:56:00Z
opensuse-su-2026:20030-1 Security update for apache2 2026-01-14T10:49:51Z 2026-01-14T10:49:51Z
opensuse-su-2026:20029-1 Security update for gpg2 2026-01-14T10:23:16Z 2026-01-14T10:23:16Z
opensuse-su-2026:20027-1 Security update for squid 2026-01-14T08:39:17Z 2026-01-14T08:39:17Z
opensuse-su-2026:10050-1 rke2-1.34-1.34.3+rke2r1-1.1 on GA media 2026-01-14T00:00:00Z 2026-01-14T00:00:00Z
opensuse-su-2026:10049-1 python311-urllib3-2.6.3-1.1 on GA media 2026-01-14T00:00:00Z 2026-01-14T00:00:00Z
opensuse-su-2026:10048-1 openCryptoki-3.26.0-3.1 on GA media 2026-01-14T00:00:00Z 2026-01-14T00:00:00Z
opensuse-su-2026:10047-1 libcryptopp-devel-8.9.0-6.1 on GA media 2026-01-14T00:00:00Z 2026-01-14T00:00:00Z
opensuse-su-2026:10046-1 MozillaFirefox-147.0-1.1 on GA media 2026-01-14T00:00:00Z 2026-01-14T00:00:00Z
opensuse-su-2026:20026-1 Security update for python-uv 2026-01-13T12:48:04Z 2026-01-13T12:48:04Z
opensuse-su-2026:20025-1 Security update for hawk2 2026-01-13T12:41:42Z 2026-01-13T12:41:42Z
opensuse-su-2026:10045-1 liburiparser1-1.0.0-1.1 on GA media 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
opensuse-su-2026:10044-1 python311-pypdf-6.6.0-1.1 on GA media 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
opensuse-su-2026:10043-1 python311-filelock-3.20.3-1.1 on GA media 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
opensuse-su-2026:10042-1 mcphost-0.32.0-1.1 on GA media 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
opensuse-su-2026:10041-1 libsoup-2_4-1-2.74.3-14.1 on GA media 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
opensuse-su-2026:10040-1 libsoup-3_0-0-3.6.5-11.1 on GA media 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
opensuse-su-2026:10039-1 kernel-devel-6.18.5-1.1 on GA media 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
opensuse-su-2026:10038-1 fluidsynth-2.5.2-2.1 on GA media 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
opensuse-su-2026:10037-1 firefox-esr-140.7.0-1.1 on GA media 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ID Description Published Updated
ID Description Published Updated
rhsa-2026:6619 Red Hat Security Advisory: vim security update 2026-04-06T03:27:33+00:00 2026-05-09T02:37:01+00:00
rhsa-2026:6570 Red Hat Security Advisory: kernel security update 2026-04-06T02:26:53+00:00 2026-04-27T19:41:40+00:00
rhsa-2026:6571 Red Hat Security Advisory: kernel security update 2026-04-06T02:01:44+00:00 2026-05-06T20:31:53+00:00
rhsa-2026:6572 Red Hat Security Advisory: kernel-rt security update 2026-04-06T01:38:53+00:00 2026-05-06T20:31:49+00:00
rhsa-2026:6569 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update 2026-04-04T16:29:57+00:00 2026-05-05T13:37:46+00:00
rhsa-2026:6568 Red Hat Security Advisory: Red Hat Quay 3.15.4 2026-04-03T22:07:28+00:00 2026-05-09T21:04:09+00:00
rhsa-2026:6567 Red Hat Security Advisory: Red Hat Quay 3.16.3 2026-04-03T15:21:25+00:00 2026-05-09T21:04:09+00:00
rhsa-2026:6539 Red Hat Security Advisory: vim security update 2026-04-02T22:31:40+00:00 2026-05-09T02:37:15+00:00
rhsa-2026:6540 Red Hat Security Advisory: vim security update 2026-04-02T22:08:24+00:00 2026-05-09T02:37:14+00:00
rhsa-2026:6502 Red Hat Security Advisory: vim security update 2026-04-02T16:54:54+00:00 2026-05-09T02:37:14+00:00
rhsa-2026:6499 Red Hat Security Advisory: libxslt security update 2026-04-02T16:39:09+00:00 2026-04-29T18:27:17+00:00
rhsa-2026:6503 Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20.9 security, enhancement & bug fix update 2026-04-02T16:38:29+00:00 2026-05-07T18:22:32+00:00
rhsa-2026:6481 Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.8 2026-04-02T16:17:10+00:00 2026-05-08T20:33:30+00:00
rhsa-2026:6497 Red Hat Security Advisory: Red Hat Quay 3.16.3 2026-04-02T15:17:12+00:00 2026-05-09T21:04:04+00:00
rhsa-2026:6473 Red Hat Security Advisory: python3 security update 2026-04-02T14:18:33+00:00 2026-05-05T20:29:33+00:00
rhsa-2026:5873 Red Hat Security Advisory: OpenShift Container Platform 4.16.59 bug fix and security update 2026-04-02T14:11:18+00:00 2026-05-08T20:33:34+00:00
rhsa-2026:6478 Red Hat Security Advisory: Red Hat build of Keycloak 26.4.11 Images Update 2026-04-02T13:58:01+00:00 2026-05-05T16:44:39+00:00
rhsa-2026:6476 Red Hat Security Advisory: Red Hat build of Keycloak 26.2.15 Images Update 2026-04-02T13:55:29+00:00 2026-04-07T14:57:20+00:00
rhsa-2026:6477 Red Hat Security Advisory: Red Hat build of Keycloak 26.4.11 Update 2026-04-02T13:54:47+00:00 2026-05-05T16:44:39+00:00
rhsa-2026:6475 Red Hat Security Advisory: Red Hat build of Keycloak 26.2.15 Update 2026-04-02T13:53:32+00:00 2026-04-07T14:57:19+00:00
rhsa-2026:6461 Red Hat Security Advisory: openssh security update 2026-04-02T12:35:10+00:00 2026-05-08T20:33:33+00:00
rhsa-2026:6462 Red Hat Security Advisory: openssh security update 2026-04-02T12:33:43+00:00 2026-05-08T20:33:34+00:00
rhsa-2026:6470 Red Hat Security Advisory: perl-YAML-Syck security update 2026-04-02T12:23:12+00:00 2026-04-15T21:58:28+00:00
rhsa-2026:6469 Red Hat Security Advisory: libpng15 security update 2026-04-02T12:20:17+00:00 2026-05-09T02:36:54+00:00
rhsa-2026:6468 Red Hat Security Advisory: libpng15 security update 2026-04-02T12:18:04+00:00 2026-05-09T02:36:54+00:00
rhsa-2026:6467 Red Hat Security Advisory: libpng15 security update 2026-04-02T12:12:54+00:00 2026-05-09T02:36:55+00:00
rhsa-2026:6463 Red Hat Security Advisory: openssh security update 2026-04-02T12:09:43+00:00 2026-05-08T20:33:34+00:00
rhsa-2026:6464 Red Hat Security Advisory: python3 security update 2026-04-02T12:07:33+00:00 2026-04-23T23:44:30+00:00
rhsa-2026:6466 Red Hat Security Advisory: libpng15 security update 2026-04-02T12:04:34+00:00 2026-05-09T02:36:56+00:00
rhsa-2026:6445 Red Hat Security Advisory: libpng12 security update 2026-04-02T11:35:38+00:00 2026-05-09T02:37:01+00:00
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
suse-su-2026:1073-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6) 2026-03-26T12:33:43Z 2026-03-26T12:33:43Z
suse-su-2026:1068-1 Security update for pgvector 2026-03-26T10:39:31Z 2026-03-26T10:39:31Z
suse-su-2026:1067-1 Security update for python-urllib3 2026-03-26T10:39:06Z 2026-03-26T10:39:06Z
suse-su-2026:1066-1 Security update for ruby2.5 2026-03-26T10:38:44Z 2026-03-26T10:38:44Z
suse-su-2026:1065-1 Security update for sqlite3 2026-03-26T10:38:26Z 2026-03-26T10:38:26Z
suse-su-2026:1064-1 Security update for python-tornado6 2026-03-26T10:37:23Z 2026-03-26T10:37:23Z
suse-su-2026:1063-1 Security update for frr 2026-03-26T10:36:49Z 2026-03-26T10:36:49Z
suse-su-2026:1062-1 Security update for python310 2026-03-26T10:36:25Z 2026-03-26T10:36:25Z
suse-su-2026:1061-1 Security update for systemd 2026-03-26T10:35:55Z 2026-03-26T10:35:55Z
suse-su-2026:1060-1 Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP5) 2026-03-26T10:04:45Z 2026-03-26T10:04:45Z
suse-su-2026:1059-1 Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5) 2026-03-26T10:04:27Z 2026-03-26T10:04:27Z
suse-su-2026:20936-1 Security update for openexr 2026-03-26T10:00:01Z 2026-03-26T10:00:01Z
suse-su-2026:20935-1 Security update for fetchmail 2026-03-26T09:57:50Z 2026-03-26T09:57:50Z
suse-su-2026:1058-1 Security update for tomcat 2026-03-26T09:46:45Z 2026-03-26T09:46:45Z
suse-su-2026:20871-1 Security update for docker-compose 2026-03-26T09:12:43Z 2026-03-26T09:12:43Z
suse-su-2026:20870-1 Security update for nghttp2 2026-03-26T09:10:44Z 2026-03-26T09:10:44Z
suse-su-2026:1057-1 Security update for frr 2026-03-26T08:58:49Z 2026-03-26T08:58:49Z
suse-su-2026:1056-1 Security update for nghttp2 2026-03-26T08:57:39Z 2026-03-26T08:57:39Z
suse-su-2026:20879-1 Security update for python-PyJWT 2026-03-26T08:57:07Z 2026-03-26T08:57:07Z
suse-su-2026:1048-1 Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5) 2026-03-26T04:34:10Z 2026-03-26T04:34:10Z
suse-su-2026:1049-1 Security update for the Linux Kernel (Live Patch 25 for SUSE Linux Enterprise 15 SP5) 2026-03-26T01:34:07Z 2026-03-26T01:34:07Z
suse-su-2026:1046-1 Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP4) 2026-03-25T19:34:09Z 2026-03-25T19:34:09Z
suse-su-2026:20947-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) 2026-03-25T18:18:29Z 2026-03-25T18:18:29Z
suse-su-2026:20842-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) 2026-03-25T18:18:29Z 2026-03-25T18:18:29Z
suse-su-2026:20945-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) 2026-03-25T18:10:41Z 2026-03-25T18:10:41Z
suse-su-2026:20840-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) 2026-03-25T18:10:41Z 2026-03-25T18:10:41Z
suse-su-2026:20946-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) 2026-03-25T18:10:07Z 2026-03-25T18:10:07Z
suse-su-2026:20841-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) 2026-03-25T18:10:07Z 2026-03-25T18:10:07Z
suse-su-2026:20934-1 Security update for python-PyJWT 2026-03-25T18:08:28Z 2026-03-25T18:08:28Z
suse-su-2026:20839-1 Security update for python-PyJWT 2026-03-25T18:08:28Z 2026-03-25T18:08:28Z
ID Description Published Updated
alsa-2025:14126 Important: pki-deps:10.6 security update 2025-08-20T00:00:00Z 2025-08-20T12:28:21Z
alsa-2025:14101 Important: mingw-sqlite security update 2025-08-19T00:00:00Z 2025-08-20T12:24:33Z
alsa-2025:14075 Moderate: xterm security update 2025-08-19T00:00:00Z 2025-08-19T10:24:09Z
alsa-2025:14009 Important: kernel security update 2025-08-18T00:00:00Z 2025-09-04T09:42:53Z
alsa-2025:13962 Important: kernel security update 2025-08-18T00:00:00Z 2025-08-22T07:58:21Z
alsa-2025:13961 Moderate: kernel-rt security update 2025-08-18T00:00:00Z 2025-08-18T11:25:42Z
alsa-2025:13960 Important: kernel security update 2025-08-18T00:00:00Z 2025-08-18T11:23:07Z
alsa-2025:13944 Important: openjpeg2 security update 2025-08-18T00:00:00Z 2025-08-18T11:07:28Z
alsa-2025:13941 Important: golang security update 2025-08-18T00:00:00Z 2025-09-29T09:40:10Z
alsa-2025:13940 Important: go-toolset:rhel8 security update 2025-08-18T00:00:00Z 2025-08-18T11:27:15Z
alsa-2025:13935 Important: golang security update 2025-08-18T00:00:00Z 2025-08-18T11:04:57Z
alsa-2025:13782 Important: webkit2gtk3 security update 2025-08-13T00:00:00Z 2025-08-14T13:28:02Z
alsa-2025:13780 Important: webkit2gtk3 security update 2025-08-13T00:00:00Z 2025-08-14T14:33:57Z
alsa-2025:13676 Important: thunderbird security update 2025-08-12T00:00:00Z 2025-08-13T12:22:12Z
alsa-2025:13674 Important: toolbox security update 2025-08-12T00:00:00Z 2025-08-14T14:36:21Z
alsa-2025:13673 Important: toolbox security update 2025-08-12T00:00:00Z 2025-08-12T14:16:36Z
alsa-2025:13604 Moderate: python-requests security update 2025-08-11T00:00:00Z 2025-08-11T19:21:12Z
alsa-2025:13602 Moderate: kernel security update 2025-08-11T00:00:00Z 2025-08-15T10:34:10Z
alsa-2025:13590 Moderate: kernel-rt security update 2025-08-11T00:00:00Z 2025-08-11T15:42:47Z
alsa-2025:13589 Moderate: kernel security update 2025-08-11T00:00:00Z 2025-08-11T15:39:13Z
alsa-2025:13578 Moderate: python3.11-setuptools security update 2025-08-11T00:00:00Z 2025-08-12T14:18:32Z
alsa-2025:13429 Moderate: libxml2 security update 2025-08-07T00:00:00Z 2025-08-07T22:17:37Z
alsa-2025:13428 Moderate: libxml2 security update 2025-08-07T00:00:00Z 2025-08-07T21:44:30Z
alsa-2025:13315 Moderate: gdk-pixbuf2 security update 2025-08-07T00:00:00Z 2025-08-07T09:27:11Z
alsa-2025:13240 Moderate: glibc security update 2025-08-06T00:00:00Z 2025-08-07T10:23:27Z
alsa-2025:13234 Moderate: python-requests security update 2025-08-06T00:00:00Z 2025-08-06T15:03:44Z
alsa-2025:13203 Moderate: libxml2 security update 2025-08-06T00:00:00Z 2025-08-06T15:05:54Z
alsa-2025:12980 Moderate: glibc security update 2025-08-05T00:00:00Z 2025-08-06T14:24:57Z
alsa-2025:12850 Moderate: opentelemetry-collector security update 2025-08-05T00:00:00Z 2025-08-07T10:25:17Z
alsa-2025:12834 Moderate: python3.12-setuptools security update 2025-08-05T00:00:00Z 2025-08-06T05:36:51Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
osv-2023-873 UNKNOWN WRITE in icu_74::Calendar::set 2023-09-18T14:00:31.769072Z 2023-09-18T14:00:31.769380Z
osv-2023-872 Security exception in org.springframework.expression.spel.ast.OpPlus.getValueInternal 2023-09-18T14:00:10.451327Z 2023-09-18T14:00:10.451623Z
osv-2023-869 Heap-buffer-overflow in Assimp::MD5::MD5MeshParser::MD5MeshParser 2023-09-17T14:01:25.028324Z 2026-05-01T14:22:59.941483Z
osv-2023-870 Heap-buffer-overflow in icu_74::SimpleDateFormat::subFormat 2023-09-17T14:01:25.114159Z 2023-09-17T14:01:25.114447Z
osv-2023-867 Negative-size-param in http_cb 2023-09-16T14:02:46.648990Z 2023-09-16T14:02:46.649266Z
osv-2023-865 UNKNOWN in WasmEdge::Loader::SharedLibrary::load 2023-09-16T14:02:40.468661Z 2023-09-16T14:02:40.468956Z
osv-2023-862 Heap-use-after-free in g_datalist_get_flags 2023-09-16T14:01:07.280790Z 2025-01-10T05:49:31.753574Z
osv-2023-857 Segv on unknown address in FunctionCompiler::compileReturn 2023-09-15T14:02:42.221599Z 2023-09-15T14:02:42.222010Z
osv-2023-855 Heap-double-free in dwg_free_common_entity_data 2023-09-15T14:01:06.818081Z 2024-04-27T14:22:00.114824Z
osv-2023-850 Heap-buffer-overflow in bit_TV_to_utf8 2023-09-15T14:00:33.303768Z 2023-09-15T14:00:33.304088Z
osv-2023-849 Stack-buffer-overflow in ulocimp_toLanguageTag_74 2023-09-15T14:00:28.699483Z 2023-09-15T14:00:28.699782Z
osv-2023-844 Heap-buffer-overflow in Video::VP9::Decoder::create_video_frame 2023-09-14T14:00:27.712533Z 2023-09-14T14:00:27.712843Z
osv-2023-840 Null-dereference READ in isvcd_parse_inter_slice_data_cavlc_enh_lyr 2023-09-13T14:01:19.214532Z 2023-09-13T14:01:19.214860Z
osv-2023-839 Global-buffer-overflow in iusace_quantize_lines 2023-09-12T14:01:48.491847Z 2023-09-12T14:01:48.492091Z
osv-2023-838 Use-of-uninitialized-value in wabt::BinaryReaderIR::OnOpcode 2023-09-12T14:01:08.316035Z 2025-07-22T14:22:12.701561Z
osv-2023-837 Heap-buffer-overflow in uint7_get_64 2023-09-12T14:00:46.512961Z 2023-09-12T14:00:46.513217Z
osv-2023-819 Heap-buffer-overflow in ucl_object_dtor_unref_single 2023-09-09T14:01:07.368928Z 2026-02-17T14:21:16.973749Z
osv-2023-813 UNKNOWN READ in parse_priv_value 2023-09-09T14:00:12.875572Z 2023-12-09T14:23:28.975076Z
osv-2023-811 Invalid-free in bit_chain_alloc_size 2023-09-08T14:03:02.684720Z 2023-09-08T14:03:02.684999Z
osv-2023-806 Heap-buffer-overflow in H5F__accum_free 2023-09-08T14:00:12.468140Z 2025-03-18T00:47:11.270073Z
osv-2023-800 Heap-buffer-overflow in XCFImageFormat::loadTileRLE 2023-09-07T14:00:27.693270Z 2026-05-08T14:21:09.976488Z
osv-2023-797 Stack-buffer-overflow in QBuffer::readData 2023-09-06T14:02:36.541753Z 2023-09-10T14:16:24.674920Z
osv-2023-795 Security exception in org.apache.poi.hwpf.converter.AbstractWordConverter.processNoteAnchor 2023-09-06T14:00:41.687301Z 2023-09-06T14:00:41.687553Z
osv-2023-793 Security exception in org.apache.lucene.util.BytesRefBuilder.<init> 2023-09-06T14:00:17.692567Z 2023-09-06T14:00:17.692814Z
osv-2023-779 Use-of-uninitialized-value in dev_io_capture 2023-09-01T14:02:31.084726Z 2023-09-01T14:02:31.085002Z
osv-2023-777 Heap-buffer-overflow in dxf_fixup_string 2023-08-31T14:02:40.465168Z 2023-08-31T14:02:40.465446Z
osv-2023-776 Heap-buffer-overflow in ndpi_domain_classify_contains 2023-08-31T14:01:17.285452Z 2023-08-31T14:01:17.285839Z
osv-2023-775 Security exception in com.github.javaparser.CommentsInserter.insertComments 2023-08-31T14:00:51.228804Z 2023-08-31T14:00:51.229055Z
osv-2023-769 Index-out-of-bounds in derive_spatial_luma_vector_prediction 2023-08-30T14:01:19.139702Z 2023-08-30T14:01:19.139963Z
osv-2023-764 Heap-buffer-overflow in pim_pim_packet 2023-08-30T14:00:10.025963Z 2023-08-30T14:00:10.026257Z
ID Description Published Updated
rustsec-2020-0138 ReaderResult should be bounded by Sync 2020-11-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0137 AtomicBox<T> lacks bound on its Send and Sync traits allowing data races 2020-11-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0121 AtomicBox<T> implements Send/Sync for any `T: Sized` 2020-11-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0120 `Decoder<R>` can carry `R: !Send` to other threads 2020-11-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0111 may_queue's Queue lacks Send/Sync bound for its Send/Sync trait. 2020-11-10T12:00:00Z 2024-10-25T18:45:36Z
rustsec-2020-0107 hashconsing's HConsed lacks Send/Sync bound for its Send/Sync trait. 2020-11-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0102 LateStatic has incorrect Sync bound 2020-11-10T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0096 TreeFocus lacks bounds on its Send and Sync traits 2020-11-09T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0070 Some lock_api lock guard objects can cause data races 2020-11-08T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0068 Unexpected panic in multihash `from_slice` parsing code 2020-11-08T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0078 `net2` invalidly assumes the memory layout of std::net::SocketAddr 2020-11-07T12:00:00Z 2023-07-08T12:30:19Z
rustsec-2020-0079 `socket2` invalidly assumes the memory layout of std::net::SocketAddr 2020-11-06T12:00:00Z 2024-02-10T15:57:43Z
rustsec-2020-0163 `term_size` is unmaintained; use `terminal_size` instead 2020-11-03T12:00:00Z 2022-08-02T14:03:23Z
rustsec-2020-0145 Use-after-free when cloning a partially consumed `Vec` iterator 2020-11-02T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0081 `mio` invalidly assumes the memory layout of std::net::SocketAddr 2020-11-02T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0076 crate has been renamed to `sn_routing` 2020-11-02T12:00:00Z 2020-12-02T17:59:27Z
rustsec-2020-0067 crate has been renamed to `qp2p` 2020-11-02T12:00:00Z 2020-11-02T14:50:19Z
rustsec-2020-0066 crate has been renamed to `sn_bindgen` 2020-11-02T12:00:00Z 2020-11-02T14:48:54Z
rustsec-2020-0065 crate has been renamed to `sn_fake_clock` 2020-11-02T12:00:00Z 2020-11-02T14:46:33Z
rustsec-2020-0064 crate has been renamed to `sn_ffi_utils` 2020-11-02T12:00:00Z 2020-11-02T14:45:15Z
rustsec-2020-0063 crate has been renamed to `safe-nd` 2020-11-02T12:00:00Z 2020-11-02T14:43:36Z
rustsec-2020-0113 AtomicOption should have Send + Sync bound on its type argument. 2020-10-31T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0072 GenericMutexGuard allows data races of non-Sync types across threads 2020-10-31T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0122 beef::Cow lacks a Sync bound on its Send trait allowing for data races 2020-10-28T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0059 MutexGuard::map can cause a data race in safe code 2020-10-22T12:00:00Z 2023-06-13T13:10:24Z
rustsec-2020-0055 Please see RUSTSEC-2018-0020 2020-10-21T12:00:00Z 2022-08-16T02:38:08Z
rustsec-2020-0054 directories is unmaintained, use directories-next instead 2020-10-16T12:00:00Z 2022-08-16T02:38:08Z
rustsec-2020-0053 dirs is unmaintained, use dirs-next instead 2020-10-16T12:00:00Z 2022-08-16T02:38:08Z
rustsec-2020-0058 crate has been renamed to `cipher` 2020-10-15T12:00:00Z 2020-10-25T19:14:03Z
rustsec-2020-0057 crate has been renamed to `cipher` 2020-10-15T12:00:00Z 2020-10-25T19:05:32Z
ID Description Published Updated
bit-envoy-2026-26310 Crash for scoped ip address in Envoy during DNS 2026-03-12T08:39:44.551Z 2026-03-12T09:10:07.191Z
bit-envoy-2026-26309 Envoy has an off-by-one write in JsonEscaper::escapeString() 2026-03-12T08:39:42.871Z 2026-03-12T09:10:07.191Z
bit-envoy-2026-26308 Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation 2026-03-12T08:39:41.078Z 2026-03-12T09:10:07.191Z
bit-appsmith-2026-30862 Critical Stored XSS & Privilege Escalation in Appsmith 2026-03-12T08:36:03.908Z 2026-03-12T09:10:07.191Z
bit-parse-2026-30863 Parse Server: JWT audience validation bypass in Google, Apple, and Facebook authentication adapters 2026-03-11T15:49:05.551Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30854 Parse Server: GraphQL `__type` introspection bypass via inline fragments when public introspection is disabled 2026-03-11T15:49:02.829Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30850 Parse Server: File metadata endpoint bypasses `beforeFind` / `afterFind` trigger authorization 2026-03-11T15:48:59.848Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30848 Parse Server: `PagesRouter` path traversal allows reading files outside configured pages directory 2026-03-11T15:48:57.194Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30835 Parse Server: Malformed `$regex` query leaks database error details in API response 2026-03-11T15:48:54.398Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30229 Parse Server: Endpoint `/loginAs` allows `readOnlyMasterKey` to gain full read and write access as any user 2026-03-11T15:48:51.922Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30228 Parse Server: File creation and deletion bypasses `readOnlyMasterKey` write restriction 2026-03-11T15:48:49.330Z 2026-03-11T18:56:50.865Z
bit-parse-2026-29182 Parse Server: Cloud Hooks and Cloud Jobs bypass `readOnlyMasterKey` write restriction 2026-03-11T15:48:46.637Z 2026-03-11T18:56:50.865Z
bit-zookeeper-2026-24308 Apache ZooKeeper: Sensitive information disclosure in client configuration handling 2026-03-10T08:52:17.946Z 2026-03-11T09:11:40.352Z
bit-zookeeper-2026-24281 Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManager 2026-03-10T08:52:16.699Z 2026-03-11T09:11:40.352Z
bit-mariadb-2026-3494 MariaDB Server Audit Plugin Comment Handling Bypass 2026-03-10T08:46:18.025Z 2026-03-17T09:18:01.284Z
bit-golang-2026-27142 URLs in meta content attribute actions are not escaped in html/template 2026-03-10T08:44:16.859Z 2026-03-17T09:18:01.284Z
bit-golang-2026-27139 FileInfo can escape from a Root in os 2026-03-10T08:44:14.844Z 2026-03-10T09:11:39.609Z
bit-golang-2026-27138 Panic in name constraint checking for malformed certificates in crypto/x509 2026-03-10T08:44:12.992Z 2026-03-11T09:11:40.352Z
bit-golang-2026-27137 Incorrect enforcement of email constraints in crypto/x509 2026-03-10T08:44:11.145Z 2026-03-11T09:11:40.352Z
bit-golang-2026-25679 Incorrect parsing of IPv6 host literals in net/url 2026-03-10T08:44:09.300Z 2026-03-11T09:11:40.352Z
bit-maven-2021-26291 block repositories using http by default 2026-03-10T08:44:08.742Z 2026-03-10T09:11:39.609Z
bit-ghost-2026-29784 Ghost: Incomplete CSRF protections around OTC use 2026-03-10T08:40:17.691Z 2026-03-10T09:11:39.609Z
bit-ghost-2026-29053 Ghost Vulnerable to Remote Code Execution via Malicious Themes 2026-03-07T08:42:59.400Z 2026-03-10T09:11:39.609Z
bit-moodle-2025-67847 Moodle: moodle: remote code execution via insufficient restore input validation 2026-03-06T08:50:20.446Z 2026-03-06T09:10:26.160Z
bit-python-2026-2297 SourcelessFileLoader does not use io.open_code() 2026-03-06T08:50:18.397Z 2026-03-06T09:10:26.160Z
bit-moodle-2021-47857 Moodle 3.10.3 - 'label' Persistent Cross Site Scripting 2026-03-06T08:46:28.845Z 2026-03-06T09:10:26.160Z
bit-libpython-2026-2297 SourcelessFileLoader does not use io.open_code() 2026-03-06T08:43:26.501Z 2026-03-06T09:10:26.160Z
bit-django-2026-25674 Potential incorrect permissions on newly created file system objects 2026-03-06T08:38:51.644Z 2026-03-06T09:10:26.160Z
bit-django-2026-25673 Potential denial-of-service vulnerability in URLField via Unicode normalization on Windows 2026-03-06T08:38:49.880Z 2026-03-06T09:10:26.160Z
bit-activemq-2025-66168 Apache ActiveMQ, Apache ActiveMQ All Module, Apache ActiveMQ MQTT Module: MQTT control packet remaining length field is not properly validated 2026-03-06T08:36:37.326Z 2026-04-13T06:11:47.324Z
ID Description Published Updated
ID Description Published Updated
ID Description Updated
ID Description Published Updated
ID Description Published Updated
CERTFR-2025-AVI-1075 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1074 Multiples vulnérabilités dans le noyau Linux de Red Hat 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1073 Multiples vulnérabilités dans le noyau Linux de SUSE 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1072 Multiples vulnérabilités dans les produits IBM 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1071 Multiples vulnérabilités dans Apache HTTP Server 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1070 Multiples vulnérabilités dans Microsoft CBL Mariner 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1069 Multiples vulnérabilités dans Microsoft Edge 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1068 Vulnérabilité dans Python 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1067 Vulnérabilité dans Apache Struts 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1066 Multiples vulnérabilités dans les produits Nextcloud 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
CERTFR-2025-AVI-1065 Multiples vulnérabilités dans NetApp ONTAP 2025-12-05T00:00:00.000000 2025-12-05T00:00:00.000000
certfr-2025-avi-1064 Multiples vulnérabilités dans les produits Microsoft 2025-12-04T00:00:00.000000 2025-12-04T00:00:00.000000
certfr-2025-avi-1063 Multiples vulnérabilités dans les produits Splunk 2025-12-04T00:00:00.000000 2025-12-04T00:00:00.000000
certfr-2025-avi-1062 Multiples vulnérabilités dans Wireshark 2025-12-04T00:00:00.000000 2025-12-04T00:00:00.000000
certfr-2025-avi-1061 Vulnérabilité dans PostgreSQL PgBouncer 2025-12-04T00:00:00.000000 2025-12-04T00:00:00.000000
CERTFR-2025-AVI-1064 Multiples vulnérabilités dans les produits Microsoft 2025-12-04T00:00:00.000000 2025-12-04T00:00:00.000000
CERTFR-2025-AVI-1063 Multiples vulnérabilités dans les produits Splunk 2025-12-04T00:00:00.000000 2025-12-04T00:00:00.000000
CERTFR-2025-AVI-1062 Multiples vulnérabilités dans Wireshark 2025-12-04T00:00:00.000000 2025-12-04T00:00:00.000000
CERTFR-2025-AVI-1061 Vulnérabilité dans PostgreSQL PgBouncer 2025-12-04T00:00:00.000000 2025-12-04T00:00:00.000000
certfr-2025-avi-1060 Multiples vulnérabilités dans Python 2025-12-03T00:00:00.000000 2025-12-03T00:00:00.000000
certfr-2025-avi-1059 Multiples vulnérabilités dans Google Pixel 2025-12-03T00:00:00.000000 2025-12-03T00:00:00.000000
certfr-2025-avi-1058 Multiples vulnérabilités dans Google Chrome 2025-12-03T00:00:00.000000 2025-12-03T00:00:00.000000
CERTFR-2025-AVI-1060 Multiples vulnérabilités dans Python 2025-12-03T00:00:00.000000 2025-12-03T00:00:00.000000
CERTFR-2025-AVI-1059 Multiples vulnérabilités dans Google Pixel 2025-12-03T00:00:00.000000 2025-12-03T00:00:00.000000
CERTFR-2025-AVI-1058 Multiples vulnérabilités dans Google Chrome 2025-12-03T00:00:00.000000 2025-12-03T00:00:00.000000
certfr-2025-avi-1057 Multiples vulnérabilités dans les produits VMware 2025-12-02T00:00:00.000000 2025-12-02T00:00:00.000000
certfr-2025-avi-1056 Multiples vulnérabilités dans Google Android 2025-12-02T00:00:00.000000 2025-12-02T00:00:00.000000
CERTFR-2025-AVI-1057 Multiples vulnérabilités dans les produits VMware 2025-12-02T00:00:00.000000 2025-12-02T00:00:00.000000
CERTFR-2025-AVI-1056 Multiples vulnérabilités dans Google Android 2025-12-02T00:00:00.000000 2025-12-02T00:00:00.000000
certfr-2025-avi-1055 Multiples vulnérabilités dans Zabbix 2025-12-01T00:00:00.000000 2025-12-01T00:00:00.000000
ID Description Published Updated
jvndb-2021-004432 Multiple Vulnerabilities in JP1/Automatic Operation 2021-11-22T16:10+09:00 2021-11-22T16:10+09:00
jvndb-2021-000103 WordPress Plugin "Push Notifications for WordPress (Lite)" vulnerable to cross-site request forgery 2021-11-16T13:42+09:00 2021-11-16T13:42+09:00
jvndb-2021-000102 rwtxt vulnerable to cross-site scripting 2021-11-16T13:38+09:00 2021-11-16T13:38+09:00
jvndb-2021-000101 Unlimited Sitemap Generator vulnerable to cross-site request forgery 2021-11-12T15:07+09:00 2021-11-12T15:07+09:00
jvndb-2021-003840 Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer 2021-11-12T11:41+09:00 2021-11-12T11:41+09:00
jvndb-2021-000100 Multiple vulnerabilities in EC-CUBE 2 series 2021-11-11T15:09+09:00 2021-11-11T15:09+09:00
jvndb-2021-000094 WordPress Plugin "Booking Package - Appointment Booking Calendar System" vulnerable to cross-site scripting 2021-11-10T14:26+09:00 2021-11-10T14:26+09:00
jvndb-2021-003811 File Permission Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center 2021-11-05T15:04+09:00 2021-11-05T15:04+09:00
jvndb-2021-003660 Authentication Bypass Vulnerability in Hitachi Device Manager 2021-11-01T15:56+09:00 2021-11-01T15:56+09:00
jvndb-2021-000097 Multiple vulnerabilities in CLUSTERPRO X and EXPRESSCLUSTER X 2021-10-29T15:22+09:00 2022-04-20T14:03+09:00
jvndb-2021-000096 Android App "Mercari (Merpay) - Marketplace and Mobile Payments App" (Japan version) vulnerable to improper handling of Intent 2021-10-29T15:11+09:00 2021-10-29T15:11+09:00
jvndb-2021-000098 ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS) 2021-10-29T14:58+09:00 2021-10-29T14:58+09:00
jvndb-2021-000095 Multiple improper restriction of XML external entity reference (XXE) vulnerabilities in Office Server Document Converter 2021-10-28T15:03+09:00 2021-10-28T15:03+09:00
jvndb-2021-003385 Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation 2021-10-26T12:35+09:00 2021-10-26T12:35+09:00
jvndb-2021-000093 Movable Type XMLRPC API vulnerable to OS command injection 2021-10-20T17:38+09:00 2021-12-17T17:36+09:00
jvndb-2021-003080 OMRON CX-Supervisor vulnerable to out-of-bounds read 2021-10-18T15:26+09:00 2021-11-01T15:37+09:00
jvndb-2021-000091 128 Technology Session Smart Router vulnerable to authentication bypass 2021-10-18T14:58+09:00 2021-10-18T14:58+09:00
jvndb-2021-000090 Apache HTTP Server vulnerable to directory traversal 2021-10-11T18:07+09:00 2021-10-11T18:07+09:00
jvndb-2021-000089 Nike App fails to restrict custom URL schemes properly 2021-10-08T14:32+09:00 2021-10-08T14:32+09:00
jvndb-2021-002810 Information Disclosure Vulnerability in Hitachi Tuning Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer 2021-10-05T15:37+09:00 2021-10-05T15:37+09:00
jvndb-2021-002774 Trend Micro ServerProtect family vulnerable to authentication bypass 2021-10-01T14:42+09:00 2021-10-01T14:42+09:00
jvndb-2021-000088 Multiple vulnerabilities in Cybozu Remote Service 2021-09-30T16:03+09:00 2024-04-08T18:09+09:00
jvndb-2021-002752 Trend Micro HouseCall for Home Networks vulnerable to privilege escalation 2021-09-30T13:56+09:00 2021-09-30T13:56+09:00
jvndb-2021-000085 SNKRDUNK Market Place App for iOS vulnerable to improper server certificate verification 2021-09-28T15:18+09:00 2021-09-28T15:18+09:00
jvndb-2021-000086 WordPress Plugin "OG Tags" vulnerable to cross-site request forgery 2021-09-28T15:11+09:00 2021-09-28T15:11+09:00
jvndb-2021-000084 InBody App vulnerable to information disclosure 2021-09-28T14:27+09:00 2021-09-28T14:27+09:00
jvndb-2021-000081 Multiple vulnerabilities in Sharp NEC Display Solutions' public displays 2021-09-17T15:13+09:00 2025-12-10T10:24+09:00
jvndb-2021-000083 EC-CUBE plugin "Order Status Batch Change Plug-in" vulnerable to cross-site scripting 2021-09-16T14:33+09:00 2021-09-16T14:33+09:00
jvndb-2021-000082 EC-CUBE plugin "List (order management) item change plug-in" vulnerable to cross-site scripting 2021-09-13T14:24+09:00 2021-09-13T14:24+09:00
jvndb-2021-000074 Multiple vulnerabilities in RevoWorks Browser 2021-09-10T15:44+09:00 2021-09-10T15:44+09:00
ID Description Published Updated
cnvd-2026-14271 多款Apple产品拒绝服务漏洞(CNVD-2026-14271) 2026-03-02 2026-03-19
cnvd-2026-13430 OpenClaw数据伪造问题漏洞(CNVD-2026-13430) 2026-03-02 2026-03-11
cnvd-2026-13429 OpenClaw数据伪造问题漏洞 2026-03-02 2026-03-11
cnvd-2026-13428 OpenClaw路径遍历漏洞(CNVD-2026-13428) 2026-03-02 2026-03-12
cnvd-2026-13427 OpenClaw路径遍历漏洞(CNVD-2026-13427) 2026-03-02 2026-03-12
cnvd-2026-13426 OpenClaw跨站请求伪造漏洞 2026-03-02 2026-03-12
cnvd-2026-13425 OpenClaw跨站脚本漏洞 2026-03-02 2026-03-12
cnvd-2026-13408 OpenClaw访问控制错误漏洞(CNVD-2026-13408) 2026-03-02 2026-03-13
cnvd-2026-13400 OpenClaw服务端请求伪造漏洞 2026-03-02 2026-03-11
cnvd-2026-13392 OpenClaw访问控制错误漏洞(CNVD-2026-13392) 2026-03-02 2026-03-13
cnvd-2026-13391 OpenClaw访问控制错误漏洞 2026-03-02 2026-03-13
cnvd-2026-13390 OpenClaw代码注入漏洞 2026-03-02 2026-03-13
cnvd-2026-13389 OpenClaw存在未明漏洞(CNVD-2026-13389) 2026-03-02 2026-03-13
cnvd-2026-13388 OpenClaw代码问题漏洞(CNVD-2026-13388) 2026-03-02 2026-03-13
cnvd-2026-13383 OpenClaw存在未明漏洞(CNVD-2026-13383) 2026-03-02 2026-03-13
cnvd-2026-13382 OpenClaw存在未明漏洞(CNVD-2026-13382) 2026-03-02 2026-03-13
cnvd-2026-13381 OpenClaw存在未明漏洞(CNVD-2026-13381) 2026-03-02 2026-03-13
cnvd-2026-13380 OpenClaw存在未明漏洞(CNVD-2026-13380) 2026-03-02 2026-03-13
cnvd-2026-13379 OpenClaw存在未明漏洞(CNVD-2026-13379) 2026-03-02 2026-03-13
cnvd-2026-13378 OpenClaw存在未明漏洞(CNVD-2026-13378) 2026-03-02 2026-03-13
cnvd-2026-13377 OpenClaw存在未明漏洞(CNVD-2026-13377) 2026-03-02 2026-03-13
cnvd-2026-13376 OpenClaw存在未明漏洞(CNVD-2026-13376) 2026-03-02 2026-03-12
cnvd-2026-13375 OpenClaw存在未明漏洞(CNVD-2026-13375) 2026-03-02 2026-03-12
cnvd-2026-13374 OpenClaw资源管理错误漏洞(CNVD-2026-13374) 2026-03-02 2026-03-12
cnvd-2026-13373 OpenClaw操作系统命令注入漏洞(CNVD-2026-13373) 2026-03-02 2026-03-12
cnvd-2026-13372 OpenClaw操作系统命令注入漏洞(CNVD-2026-13372) 2026-03-02 2026-03-12
cnvd-2026-13295 OpenClaw路径遍历漏洞 2026-03-02 2026-03-11
cnvd-2026-13294 OpenClaw代码问题漏洞 2026-03-02 2026-03-11
cnvd-2026-13292 OpenClaw命令注入漏洞 2026-03-02 2026-03-11
cnvd-2026-12892 Apache Shiro身份验证绕过漏洞 2026-03-02 2026-03-04
ID Description Published Updated
bdu:2026-00784 Уязвимость платформы для автоматизации рабочих процессов N8n, связанная с ошибками разгра… 23.01.2026 23.01.2026
bdu:2026-00783 Уязвимость агента для разработки программного обеспечения на основе искусственного интелл… 23.01.2026 23.01.2026
bdu:2026-00782 Уязвимость функций verify() и decrypt() npm библиотеки OpenPGP, позволяющая нарушителю по… 23.01.2026 23.01.2026
bdu:2026-00781 Уязвимость централизованной системы управления Multi-Stack Controller (MSC), связанная с … 23.01.2026 23.01.2026
bdu:2026-00780 Уязвимость централизованной системы управления Multi-Stack Controller (MSC), связанная с … 23.01.2026 23.01.2026
bdu:2026-00779 Уязвимость централизованной системы управления Multi-Stack Controller (MSC), связанная с … 23.01.2026 23.01.2026
bdu:2026-00778 Уязвимость централизованной системы управления батареей Battery Management System (BMS), … 23.01.2026 23.01.2026
bdu:2026-00777 Уязвимость централизованной системы управления Multi-Stack Controller (MSC), связанная с … 23.01.2026 23.01.2026
bdu:2026-00776 Уязвимость репозитория Android Frameworks Base операционной системы Android, позволяющая … 23.01.2026 23.01.2026
bdu:2026-00775 Уязвимость компонента Settings операционных систем Android, позволяющая нарушителю повыси… 23.01.2026 23.01.2026
bdu:2026-00774 Уязвимость компонента IntentResolver операционной системы Android, позволяющая нарушителю… 23.01.2026 23.01.2026
bdu:2026-00773 Уязвимость службы NFC операционной системы Android, позволяющая нарушителю повысить свои … 23.01.2026 23.01.2026
bdu:2026-00772 Уязвимость файла NotificationStation.java операционной системы Android, позволяющая наруш… 23.01.2026 23.01.2026
bdu:2026-00771 Уязвимость файла WifiScanModeActivity.java операционной системы Android, позволяющая нару… 23.01.2026 23.01.2026
bdu:2026-00770 Уязвимость модульной системы охранной сигнализации Bosch MAP 5000, связанная с использова… 23.01.2026 23.01.2026
bdu:2026-00769 Уязвимость модульной системы охранной сигнализации Bosch MAP 5000, связанная с недостаточ… 23.01.2026 23.01.2026
bdu:2026-00768 Уязвимость сервиса для распределённого выполнения SQL-запросов Apache Kyuubi, связанная с… 23.01.2026 23.01.2026
bdu:2026-00767 Уязвимость приложения для автоматизации закупки услуг SAP Supplier Relationship Managemen… 23.01.2026 23.01.2026
bdu:2026-00766 Уязвимость приложения Business Server Pages Application, связанная с отсутствием авториза… 23.01.2026 23.01.2026
bdu:2026-00765 Уязвимость веб-приложения SAP Fiori App, связанная с раскрытием системных данных неавтори… 23.01.2026 23.01.2026
bdu:2026-00764 Уязвимость веб-приложения SAP Fiori App, связанная с подделкой межсайтовых запросов, позв… 23.01.2026 23.01.2026
bdu:2026-00763 Уязвимость программной интеграционной платформы SAP NetWeaver Enterprise Portal, связанна… 23.01.2026 23.01.2026
bdu:2026-00762 Уязвимость приложения для блокировки рекламы Pi-hole, связанная с непринятием мер по нейт… 23.01.2026 23.01.2026
bdu:2026-00761 Уязвимость приложение для блокировки рекламы и интернет-трекеров Pi-hole, связанная с неп… 23.01.2026 23.01.2026
bdu:2026-00760 Уязвимость промышленных систем удаленного доступа mymbCONNECT24 и mbCONNECT24, VPN-портал… 23.01.2026 23.01.2026
bdu:2026-00759 Уязвимость промышленных систем удаленного доступа mymbCONNECT24 и mbCONNECT24, VPN-портал… 23.01.2026 23.01.2026
bdu:2026-00758 Уязвимость промышленных систем удаленного доступа mymbCONNECT24 и mbCONNECT24, VPN-портал… 23.01.2026 23.01.2026
bdu:2026-00757 Уязвимость программного обеспечения централизованного сбора, анализа и хранения логов Gra… 23.01.2026 23.01.2026
bdu:2026-00756 Уязвимость платформы хранения данных Dell ECS, связанная с хранением информации в открыто… 23.01.2026 23.01.2026
bdu:2026-00755 Уязвимость платформы хранения данных Dell ECS, связанная с недостаточной защитой служебны… 23.01.2026 23.01.2026
ID Description Updated
var-201804-1182 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari be… 2024-07-23T20:25:18.221000Z
var-202207-0588 The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does no… 2024-07-23T20:25:16.794000Z
var-200809-0184 Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-passwo… 2024-07-23T20:25:15.218000Z
var-201210-0269 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … 2024-07-23T20:25:11.811000Z
var-201404-0374 Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 an… 2024-07-23T20:25:08.563000Z
var-201704-1034 Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.… 2024-07-23T20:25:07.884000Z
var-201912-1848 Multiple memory corruption issues were addressed with improved memory handling. This issu… 2024-07-23T20:24:44.163000Z
var-201210-0280 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … 2024-07-23T20:24:43.164000Z
var-201912-0589 Multiple memory corruption issues were addressed with improved memory handling. This issu… 2024-07-23T20:24:42.912000Z
var-200611-0487 com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions,… 2024-07-23T20:24:10.857000Z
var-202006-1807 Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)]… 2024-07-23T20:23:24.085000Z
var-201306-0242 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … 2024-07-23T20:22:47.590000Z
var-202101-0220 A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded qu… 2024-07-23T20:21:44.763000Z
var-202105-1451 An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas i… 2024-07-23T20:21:39.668000Z
var-201504-0479 The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle … 2024-07-23T20:21:39.248000Z
var-200904-0817 Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS … 2024-07-23T20:21:39.155000Z
var-200810-0394 Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local us… 2024-07-23T20:21:38.100000Z
var-202105-1469 A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(… 2024-07-23T20:21:37.217000Z
var-202006-1640 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 a… 2024-07-23T20:21:37.869000Z
var-201203-0171 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google… 2024-07-23T20:21:34.716000Z
var-200609-1013 Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and … 2024-07-23T20:21:33.528000Z
var-201410-1418 The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeter… 2024-07-23T20:21:29.859000Z
var-201010-0168 Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache… 2024-07-23T20:20:56.693000Z
var-201707-1197 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari … 2024-07-23T20:20:19.517000Z
var-200810-0643 Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in ne… 2024-07-23T20:20:17.446000Z
var-201808-1002 Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo… 2024-07-23T20:20:15.857000Z
var-201506-0210 The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 befo… 2024-07-23T20:20:15.383000Z
var-202006-0241 Incomplete cleanup from specific special register read operations in some Intel(R) Proces… 2024-07-23T20:20:14.740000Z
var-201110-0392 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK… 2024-07-23T20:20:14.628000Z
var-201306-0226 mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 wri… 2024-07-23T20:20:13.633000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated