Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-8031 |
6.9 (4.0)
5.3 (3.1)
5.3 (3.0)
|
PicoTronica e-Clinic Healthcare System ECHS API Endpoi… |
PicoTronica |
e-Clinic Healthcare System ECHS |
2026-05-06T18:00:18.864Z | 2026-05-06T18:37:26.894Z |
| CVE-2026-33079 |
8.7 (4.0)
|
Mistune ReDoS in LINK_TITLE_RE allows denial of servic… |
lepture |
mistune |
2026-05-06T17:25:09.026Z | 2026-05-06T19:02:51.759Z |
| CVE-2026-29090 |
9 (4.0)
|
Rucio SQL injection in postgres_meta DID search path c… |
rucio |
rucio |
2026-05-06T17:21:24.141Z | 2026-05-06T18:17:58.146Z |
| CVE-2026-20219 |
5.4 (3.1)
|
A vulnerability in the REST API of Cisco Slido co… |
Cisco |
Cisco Webex Meetings |
2026-05-06T17:10:46.343Z | 2026-05-06T19:09:39.992Z |
| CVE-2026-29080 |
9.4 (4.0)
|
Rucio SQL Injection in FilterEngine Oracle JSON Path v… |
rucio |
rucio |
2026-05-06T16:44:54.393Z | 2026-05-06T17:21:43.543Z |
| CVE-2026-23870 |
7.5 (3.1)
|
A denial of service vulnerability could be trigge… |
Meta |
react-server-dom-turbopack |
2026-05-06T16:24:55.620Z | 2026-05-06T19:06:00.435Z |
| CVE-2026-21661 |
8.4 (4.0)
|
AC2000 Uncontrolled Search Path Element |
JohnsonControls |
AC2000 |
2026-05-06T16:21:13.885Z | 2026-05-06T19:02:28.291Z |
| CVE-2026-42503 |
8.8 (3.1)
|
Accidental binding to INADDR_ANY might lead to RCE in … |
golang.org/x/tools |
golang.org/x/tools/gopls |
2026-05-06T16:20:01.428Z | 2026-05-07T03:55:49.730Z |
| CVE-2026-20034 |
8.8 (3.1)
|
Cisco Unity Connection Remote Code Execution Vulnerability |
Cisco |
Cisco Unity Connection |
2026-05-06T16:16:05.322Z | 2026-05-07T03:55:48.652Z |
| CVE-2026-20035 |
7.2 (3.1)
|
Cisco Unity Connection Server-Side Request Forgery Vul… |
Cisco |
Cisco Unity Connection |
2026-05-06T16:15:57.142Z | 2026-05-06T17:27:23.655Z |
| CVE-2026-20167 |
7.7 (3.1)
|
Cisco IoT Field Network Director Remote Device Denial … |
Cisco |
Cisco IoT Field Network Director (IoT-FND) |
2026-05-06T16:15:57.113Z | 2026-05-06T17:26:01.173Z |
| CVE-2026-20169 |
6.4 (3.1)
|
Cisco IoT Field Network Director Command Injection Vul… |
Cisco |
Cisco IoT Field Network Director (IoT-FND) |
2026-05-06T16:15:48.405Z | 2026-05-06T17:26:55.572Z |
| CVE-2026-20168 |
6.5 (3.1)
|
Cisco IoT Field Network Director Path Traversal Vulner… |
Cisco |
Cisco IoT Field Network Director (IoT-FND) |
2026-05-06T16:15:48.379Z | 2026-05-06T17:59:11.531Z |
| CVE-2026-20172 |
4.3 (3.1)
|
Cisco Enterprise Chat and Email Lite Agent File Upload… |
Cisco |
Cisco Enterprise Chat and Email |
2026-05-06T16:15:37.789Z | 2026-05-06T17:46:04.178Z |
| CVE-2026-20188 |
7.5 (3.1)
|
Cisco Crosswork Network Controller and Cisco Network S… |
Cisco |
Cisco Crosswork Network Change Automation |
2026-05-06T16:15:37.396Z | 2026-05-06T17:48:12.690Z |
| CVE-2026-20189 |
4.3 (3.1)
|
Cisco Prime Infrastructure Information Disclosure Vuln… |
Cisco |
Cisco Prime Infrastructure |
2026-05-06T16:15:24.551Z | 2026-05-06T17:48:19.143Z |
| CVE-2026-20185 |
7.7 (3.1)
|
Cisco SG350 and SG350X Series Managed Switches SNMP De… |
Cisco |
Cisco Small Business Smart and Managed Switches |
2026-05-06T16:15:23.838Z | 2026-05-06T17:48:26.175Z |
| CVE-2026-20193 |
4.3 (3.1)
|
Cisco Identity Services Engine Authentication Bypass V… |
Cisco |
Cisco Identity Services Engine Software |
2026-05-06T16:15:16.835Z | 2026-05-06T17:48:32.189Z |
| CVE-2026-20195 |
5.3 (3.1)
|
Cisco Identity Services Engine Observable Response Dis… |
Cisco |
Cisco Identity Services Engine Software |
2026-05-06T16:14:54.611Z | 2026-05-06T17:48:38.355Z |
| CVE-2026-7875 |
8.8 (3.1)
9.3 (4.0)
|
NanoClaw Host/Container Filesystem Boundary Vulnerabil… |
Qwibit |
NanoClaw |
2026-05-06T16:10:46.270Z | 2026-05-07T16:40:29.617Z |
| CVE-2026-6788 |
8.5 (4.0)
|
Uncontrolled search path in PluginLauncher allows SYST… |
WatchGuard |
WatchGuard Agent |
2026-05-06T15:46:48.269Z | 2026-05-06T16:13:28.284Z |
| CVE-2026-6787 |
8.5 (4.0)
|
Usage of a hard-coded cryptographic key in WatchGuard … |
WatchGuard |
WatchGuard Agent |
2026-05-06T15:46:26.104Z | 2026-05-06T16:11:58.312Z |
| CVE-2026-41286 |
7.1 (4.0)
|
Stack-based Buffer Overflow in WatchGuard Agent Discov… |
WatchGuard Technologies |
WatchGuard Agent |
2026-05-06T15:46:01.957Z | 2026-05-06T16:11:26.423Z |
| CVE-2026-41288 |
7.3 (4.0)
|
WatchGuard Agent on Windows Privilege Escalation Vulne… |
WatchGuard |
WatchGuard Agent |
2026-05-06T15:45:43.371Z | 2026-05-06T16:12:23.875Z |
| CVE-2026-6691 |
8.6 (4.0)
7.8 (3.1)
|
MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow |
MongoDB Inc. |
MongoDB C Driver |
2026-05-06T15:08:23.671Z | 2026-05-07T03:55:47.410Z |
| CVE-2026-6863 |
6.8 (3.1)
|
HTTP Filestore Endpoints Misapply Permissions Across O… |
Rapid7 |
Velociraptor |
2026-05-06T14:50:55.631Z | 2026-05-06T15:27:40.088Z |
| CVE-2026-8028 |
6.3 (4.0)
3.7 (3.1)
3.7 (3.0)
|
FlowiseAI Flowise Endpoint account.service.ts verify i… |
FlowiseAI |
Flowise |
2026-05-06T14:15:10.891Z | 2026-05-06T14:35:31.158Z |
| CVE-2025-31975 |
2.6 (3.1)
|
HCL BigFix Service Management (SM) is affected by an I… |
HCL |
BigFix Service Management (SM) |
2026-05-06T13:51:40.756Z | 2026-05-06T14:46:31.277Z |
| CVE-2025-52613 |
4.6 (3.1)
|
HCL BigFix Service Management (SM) is affected by use … |
HCL |
BigFix Service Management (SM) |
2026-05-06T13:50:47.494Z | 2026-05-06T14:46:49.273Z |
| CVE-2025-31976 |
4.8 (3.1)
|
HCL BigFix Service Management (SM) is vulnerable to in… |
HCL Software |
BigFix Service Management (SM) |
2026-05-06T13:49:39.462Z | 2026-05-06T14:47:08.920Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-41930 |
9.2 (4.0)
9.8 (3.1)
|
Vvveb < 1.0.8.2 Hard-coded Credentials Information Dis… |
givanz |
Vvveb |
2026-05-06T18:37:45.989Z | 2026-05-08T14:05:14.864Z |
| CVE-2026-34474 |
7.5 (3.1)
|
Sensitive data exposure leading to admin/WLAN cre… |
n/a |
n/a |
2026-05-06T00:00:00.000Z | 2026-05-07T12:14:19.747Z |
| CVE-2026-34473 |
7.5 (3.1)
|
Unauthenticated DoS in ZTE H8102E, H168N, H167A, … |
n/a |
n/a |
2026-05-06T00:00:00.000Z | 2026-05-06T19:40:53.660Z |
| CVE-2026-0300 |
9.3 (4.0)
8.7 (4.0)
|
PAN-OS: Unauthenticated user initiated Buffer Overflow… |
Palo Alto Networks |
Cloud NGFW |
2026-05-06T18:57:39.876Z | 2026-05-07T03:55:34.043Z |
| CVE-2025-31974 |
3.9 (3.1)
|
HCL BigFix Service Management (SM) is susceptible to a… |
HCL Software |
BigFix Service Management (SM) |
2026-05-06T18:01:39.794Z | 2026-05-06T18:32:13.506Z |
| CVE-2025-31960 |
5.3 (3.1)
|
HCL BigFix Service Management (SM) is vulnerable to in… |
HCL |
BigFix Service Management (SM) |
2026-05-06T18:02:52.716Z | 2026-05-06T18:31:51.261Z |
| CVE-2024-30151 |
8.3 (3.1)
|
HCL BigFix Service Management (SM) is susceptible to B… |
HCL |
BigFix Service Management (SM) |
2026-05-06T18:14:11.693Z | 2026-05-06T18:31:25.156Z |
| CVE-2026-33079 |
8.7 (4.0)
|
Mistune ReDoS in LINK_TITLE_RE allows denial of servic… |
lepture |
mistune |
2026-05-06T17:25:09.026Z | 2026-05-06T19:02:51.759Z |
| CVE-2026-29090 |
9 (4.0)
|
Rucio SQL injection in postgres_meta DID search path c… |
rucio |
rucio |
2026-05-06T17:21:24.141Z | 2026-05-06T18:17:58.146Z |
| CVE-2026-7875 |
8.8 (3.1)
9.3 (4.0)
|
NanoClaw Host/Container Filesystem Boundary Vulnerabil… |
Qwibit |
NanoClaw |
2026-05-06T16:10:46.270Z | 2026-05-07T16:40:29.617Z |
| CVE-2026-42503 |
8.8 (3.1)
|
Accidental binding to INADDR_ANY might lead to RCE in … |
golang.org/x/tools |
golang.org/x/tools/gopls |
2026-05-06T16:20:01.428Z | 2026-05-07T03:55:49.730Z |
| CVE-2026-29080 |
9.4 (4.0)
|
Rucio SQL Injection in FilterEngine Oracle JSON Path v… |
rucio |
rucio |
2026-05-06T16:44:54.393Z | 2026-05-06T17:21:43.543Z |
| CVE-2026-23870 |
7.5 (3.1)
|
A denial of service vulnerability could be trigge… |
Meta |
react-server-dom-turbopack |
2026-05-06T16:24:55.620Z | 2026-05-06T19:06:00.435Z |
| CVE-2026-21661 |
8.4 (4.0)
|
AC2000 Uncontrolled Search Path Element |
JohnsonControls |
AC2000 |
2026-05-06T16:21:13.885Z | 2026-05-06T19:02:28.291Z |
| CVE-2026-20219 |
5.4 (3.1)
|
A vulnerability in the REST API of Cisco Slido co… |
Cisco |
Cisco Webex Meetings |
2026-05-06T17:10:46.343Z | 2026-05-06T19:09:39.992Z |
| CVE-2026-20195 |
5.3 (3.1)
|
Cisco Identity Services Engine Observable Response Dis… |
Cisco |
Cisco Identity Services Engine Software |
2026-05-06T16:14:54.611Z | 2026-05-06T17:48:38.355Z |
| CVE-2026-20193 |
4.3 (3.1)
|
Cisco Identity Services Engine Authentication Bypass V… |
Cisco |
Cisco Identity Services Engine Software |
2026-05-06T16:15:16.835Z | 2026-05-06T17:48:32.189Z |
| CVE-2026-20189 |
4.3 (3.1)
|
Cisco Prime Infrastructure Information Disclosure Vuln… |
Cisco |
Cisco Prime Infrastructure |
2026-05-06T16:15:24.551Z | 2026-05-06T17:48:19.143Z |
| CVE-2026-20188 |
7.5 (3.1)
|
Cisco Crosswork Network Controller and Cisco Network S… |
Cisco |
Cisco Crosswork Network Change Automation |
2026-05-06T16:15:37.396Z | 2026-05-06T17:48:12.690Z |
| CVE-2026-20185 |
7.7 (3.1)
|
Cisco SG350 and SG350X Series Managed Switches SNMP De… |
Cisco |
Cisco Small Business Smart and Managed Switches |
2026-05-06T16:15:23.838Z | 2026-05-06T17:48:26.175Z |
| CVE-2026-20172 |
4.3 (3.1)
|
Cisco Enterprise Chat and Email Lite Agent File Upload… |
Cisco |
Cisco Enterprise Chat and Email |
2026-05-06T16:15:37.789Z | 2026-05-06T17:46:04.178Z |
| CVE-2026-20169 |
6.4 (3.1)
|
Cisco IoT Field Network Director Command Injection Vul… |
Cisco |
Cisco IoT Field Network Director (IoT-FND) |
2026-05-06T16:15:48.405Z | 2026-05-06T17:26:55.572Z |
| CVE-2026-20168 |
6.5 (3.1)
|
Cisco IoT Field Network Director Path Traversal Vulner… |
Cisco |
Cisco IoT Field Network Director (IoT-FND) |
2026-05-06T16:15:48.379Z | 2026-05-06T17:59:11.531Z |
| CVE-2026-20167 |
7.7 (3.1)
|
Cisco IoT Field Network Director Remote Device Denial … |
Cisco |
Cisco IoT Field Network Director (IoT-FND) |
2026-05-06T16:15:57.113Z | 2026-05-06T17:26:01.173Z |
| CVE-2026-20035 |
7.2 (3.1)
|
Cisco Unity Connection Server-Side Request Forgery Vul… |
Cisco |
Cisco Unity Connection |
2026-05-06T16:15:57.142Z | 2026-05-06T17:27:23.655Z |
| CVE-2026-20034 |
8.8 (3.1)
|
Cisco Unity Connection Remote Code Execution Vulnerability |
Cisco |
Cisco Unity Connection |
2026-05-06T16:16:05.322Z | 2026-05-07T03:55:48.652Z |
| CVE-2026-6863 |
6.8 (3.1)
|
HTTP Filestore Endpoints Misapply Permissions Across O… |
Rapid7 |
Velociraptor |
2026-05-06T14:50:55.631Z | 2026-05-06T15:27:40.088Z |
| CVE-2026-6788 |
8.5 (4.0)
|
Uncontrolled search path in PluginLauncher allows SYST… |
WatchGuard |
WatchGuard Agent |
2026-05-06T15:46:48.269Z | 2026-05-06T16:13:28.284Z |
| CVE-2026-6787 |
8.5 (4.0)
|
Usage of a hard-coded cryptographic key in WatchGuard … |
WatchGuard |
WatchGuard Agent |
2026-05-06T15:46:26.104Z | 2026-05-06T16:11:58.312Z |
| CVE-2026-6691 |
8.6 (4.0)
7.8 (3.1)
|
MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow |
MongoDB Inc. |
MongoDB C Driver |
2026-05-06T15:08:23.671Z | 2026-05-07T03:55:47.410Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-1507 | The affected products are vulnerable to an uncaught exception that could allow an unauthenticated a… | 2026-02-10T21:16:01.647 | 2026-04-15T00:35:42.020 |
| fkie_cve-2026-1495 | The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privi… | 2026-02-10T21:16:01.470 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-12699 | The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled s… | 2026-02-10T21:15:59.187 | 2026-04-15T00:35:42.020 |
| fkie_cve-2026-2303 | The mongo-go-driver repository contains CGo bindings for GSSAPI (Kerberos) authentication on Linux … | 2026-02-10T20:17:00.757 | 2026-04-15T00:35:42.020 |
| fkie_cve-2026-21349 | Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability th… | 2026-02-10T20:16:55.590 | 2026-02-19T17:50:30.293 |
| fkie_cve-2026-21348 | Substance3D - Modeler versions 1.22.5 and earlier are affected by an out-of-bounds read vulnerabili… | 2026-02-10T20:16:55.420 | 2026-02-12T19:07:46.840 |
| fkie_cve-2026-1763 | Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and pre… | 2026-02-10T20:16:53.073 | 2026-04-15T00:35:42.020 |
| fkie_cve-2026-1762 | A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue aff… | 2026-02-10T20:16:52.940 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-54514 | Improper isolation of shared resources on a system on a chip by a malicious local attacker with hig… | 2026-02-10T20:16:46.473 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-52536 | Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to d… | 2026-02-10T20:16:46.320 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-52534 | Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, … | 2026-02-10T20:16:46.063 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-48517 | Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a mal… | 2026-02-10T20:16:45.407 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-48515 | Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attack… | 2026-02-10T20:16:45.250 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-48514 | Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to creat… | 2026-02-10T20:16:45.097 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-48509 | Missing Checks in certain functions related to RMP initialization can allow a local admin privilege… | 2026-02-10T20:16:44.957 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-29952 | Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an … | 2026-02-10T20:16:44.767 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-29951 | A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite… | 2026-02-10T20:16:44.630 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-29950 | Improper input validation in system management mode (SMM) could allow a privileged attacker to over… | 2026-02-10T20:16:44.493 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-29949 | Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recover… | 2026-02-10T20:16:44.337 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-29948 | Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicio… | 2026-02-10T20:16:44.197 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-29946 | Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush I… | 2026-02-10T20:16:44.057 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-29939 | Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker … | 2026-02-10T20:16:43.910 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-0031 | A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest… | 2026-02-10T20:16:43.477 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-0029 | Improper handling of error condition during host-induced faults can allow a local high-privileged a… | 2026-02-10T20:16:43.337 | 2026-04-15T00:35:42.020 |
| fkie_cve-2025-0012 | Improper handling of overlap between the segmented reverse map table (RMP) and system management mo… | 2026-02-10T20:16:43.193 | 2026-04-15T00:35:42.020 |
| fkie_cve-2024-36355 | Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to … | 2026-02-10T20:16:42.817 | 2026-04-15T00:35:42.020 |
| fkie_cve-2024-36311 | A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a … | 2026-02-10T20:16:42.687 | 2026-04-15T00:35:42.020 |
| fkie_cve-2024-36310 | Improper input validation in the SMM communications buffer could allow a privileged attacker to per… | 2026-02-10T20:16:42.550 | 2026-04-15T00:35:42.020 |
| fkie_cve-2024-21953 | Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU register… | 2026-02-10T20:16:42.407 | 2026-04-15T00:35:42.020 |
| fkie_cve-2021-26410 | Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading s… | 2026-02-10T20:16:42.227 | 2026-04-15T00:35:42.020 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-6xx2-m8wv-756h |
8.7 (4.0)
|
Low-privileged Grav API users can create super-admin accounts via blueprint-upload | 2026-05-06T21:19:21Z | 2026-05-06T21:19:21Z |
| ghsa-x597-9fr4-5857 |
6.2 (4.0)
|
Hugo's Node tool execution allows file system access outside the project directory | 2026-05-06T20:59:23Z | 2026-05-06T20:59:23Z |
| ghsa-x8jv-q8j2-487c |
5.3 (4.0)
|
Magento LTS: Reflected XSS - Import -> Data Flow (profiles) | 2026-05-06T20:57:37Z | 2026-05-06T20:57:37Z |
| ghsa-m24v-f7g5-gq67 |
5.3 (3.1)
|
Statamic CMS vulnerable to email enumeration via forgot password endpoint | 2026-05-06T20:54:31Z | 2026-05-06T20:54:31Z |
| ghsa-pggp-6c3x-2xmx |
7.5 (3.1)
|
Snappier has an infinite loop during SnappyStream decompression with malformed framed input | 2026-05-06T20:53:23Z | 2026-05-06T20:53:23Z |
| ghsa-289f-fq7w-6q2w |
9.8 (3.1)
|
phpMyFAQ has unauthenticated SQL injection via User-Agent header in BuiltinCaptcha | 2026-05-06T20:49:15Z | 2026-05-06T20:49:15Z |
| ghsa-gh9p-q46p-57g2 |
6.5 (3.1)
|
phpMyFAQ: Path Traversal in Client::deleteClientFolder enables arbitrary directory deletion by non-… | 2026-05-06T20:47:54Z | 2026-05-06T20:47:54Z |
| ghsa-99qv-g4x9-mgc3 |
7.5 (3.1)
|
phpMyFAQ has unauthenticated FAQ permission bypass via getFaqBySolutionId fallback query | 2026-05-06T20:45:01Z | 2026-05-06T20:45:01Z |
| ghsa-pm8c-3qq3-72w7 |
7.5 (3.1)
|
phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields | 2026-05-06T20:44:39Z | 2026-05-06T20:44:39Z |
| ghsa-9pq7-mfwh-xx2j |
9.1 (3.1)
|
phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id | 2026-05-06T20:42:54Z | 2026-05-06T20:42:54Z |
| ghsa-cf92-gfcw-6v53 |
3.5 (3.1)
|
Magic Wormhole: receive, with --output pointing at an existing directory can be path-traversed | 2026-05-06T20:40:17Z | 2026-05-06T20:40:17Z |
| ghsa-jrc5-w569-h7h5 |
4.3 (3.1)
|
phpMyFAQ: Ordinary Authenticated User Can Access Admin-Only API Endpoints Due to Insufficient Autho… | 2026-05-06T20:37:42Z | 2026-05-06T20:37:42Z |
| ghsa-pqh6-8fxf-jx22 |
6.9 (3.1)
|
phpMyFAQ has stored XSS via | raw Filter in search.twig — html_entity_decode(strip_tags()) Bypass i… | 2026-05-06T20:31:54Z | 2026-05-06T20:31:54Z |
| ghsa-rm98-82fr-mcfx |
4.3 (3.1)
|
phpMyFAQ's Missing CONFIGURATION_EDIT Permission Check on 12 Admin API Configuration Tab Endpoints … | 2026-05-06T20:24:39Z | 2026-05-06T20:24:39Z |
| ghsa-whqh-9pq5-c7r3 |
5.4 (3.1)
|
phpMyFAQ has a SVG Sanitizer Entity Decoding Depth Limit Bypass Leading to Stored XSS | 2026-05-06T20:18:48Z | 2026-05-06T20:18:48Z |
| ghsa-f5p7-2c9q-8896 |
5.4 (3.1)
|
phpMyFAQ has Stored XSS in FAQ Question/Answer via Encode-Decode Bypass of removeAttributes() Sanit… | 2026-05-06T20:18:02Z | 2026-05-06T20:18:02Z |
| ghsa-pgh9-mpwc-8jjf |
8.6 (3.1)
|
Harvester's SUSE Virtualization Registration Client Vulnerable to MITM and DOS | 2026-05-06T20:16:08Z | 2026-05-06T20:16:08Z |
| ghsa-7cx3-2qx2-3g6w |
5.4 (3.1)
|
phpMyFAQ's Missing Authorization on Tag Deletion Allows Any Authenticated User to Delete Tags | 2026-05-06T20:12:07Z | 2026-05-06T20:12:07Z |
| ghsa-hpgw-ww76-c68r |
6.5 (3.1)
|
phpMyFAQ has an Authorization Bypass in All Admin Pages Due to Non-Terminating Permission Check | 2026-05-06T20:11:52Z | 2026-05-06T20:11:52Z |
| ghsa-9525-27vj-c8r8 |
7.6 (3.1)
|
phpMyFAQ has stored XSS via Utils::parseUrl() in comment rendering | 2026-05-06T20:10:48Z | 2026-05-06T20:10:48Z |
| ghsa-8hjv-92q9-g4xj |
7.5 (3.1)
|
Micronaut has unbounded `formattersCache` in `TimeConverterRegistrar` that Allows Memory Exhaustion… | 2026-05-06T20:00:22Z | 2026-05-06T20:00:22Z |
| ghsa-3rfq-4wpf-qqw3 |
3.7 (3.1)
|
Micronaut has Unbounded `bundleCache` in `ResourceBundleMessageSource` that Allows Memory Exhaustio… | 2026-05-06T19:57:54Z | 2026-05-06T19:57:54Z |
| ghsa-6447-269v-g68m |
8.8 (4.0)
|
Mezo: ERC-20 bridgeOut burn can be erased by a stale StateDB overwrite leading to full L1 bridge drain | 2026-05-06T19:57:36Z | 2026-05-06T19:57:36Z |
| ghsa-4rm2-28vj-fj39 |
9.4 (3.1)
|
Scramble vulnerable to remote code execution via evaluation of user-controlled input in validation rules | 2026-05-06T19:54:56Z | 2026-05-06T19:54:56Z |
| ghsa-vqv8-j3mj-wjxj |
5.4 (3.1)
|
wger: trainer_login open redirect - ?next= parameter not validated against host | 2026-05-06T19:50:52Z | 2026-05-06T19:50:52Z |
| ghsa-mhc8-p3jx-84mm |
9.9 (3.1)
|
wger: cross-tenant password reset and plaintext disclosure via gym=None bypass | 2026-05-06T19:50:31Z | 2026-05-06T19:50:31Z |
| ghsa-xq9m-hmp9-fw87 |
7.4 (3.1)
|
wger: CSV/TSV formula injection in gym member export (first_name/last_name) | 2026-05-06T19:48:16Z | 2026-05-06T19:48:16Z |
| ghsa-7545-fcxq-7j24 |
7.1 (3.1)
7.8 (4.0)
|
GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and de… | 2026-05-06T19:38:48Z | 2026-05-08T21:52:16Z |
| ghsa-rpmf-866q-6p89 |
7.5 (3.1)
|
basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multil… | 2026-05-06T19:37:33Z | 2026-05-08T21:51:44Z |
| ghsa-3r34-vq8m-39gh |
8.1 (3.1)
|
Lemur: LDAP Filter Injection enables post-authentication privilege escalation | 2026-05-06T19:16:59Z | 2026-05-06T19:16:59Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2022-217 |
|
The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contai… | cryptoasset-data-downloader | 2022-06-24T21:15:00Z | 2022-07-05T22:30:15.999007Z |
| pysec-2022-216 |
|
The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution b… | perdido | 2022-06-24T21:15:00Z | 2022-07-05T19:16:00Z |
| pysec-2022-215 |
|
The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code executio… | ml-scanner | 2022-06-24T21:15:00Z | 2022-07-05T20:33:43.190558Z |
| pysec-2022-214 |
|
The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution … | beginner | 2022-06-24T21:15:00Z | 2022-07-05T20:33:42.390810Z |
| pysec-2022-43162 |
7.5 (3.1)
|
Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID. | redis | 2022-06-23T17:15:00Z | 2024-12-23T11:33:23.546447Z |
| pysec-2022-43059 |
5.5 (3.1)
|
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a De… | aiohttp | 2022-06-23T17:15:00Z | 2024-02-16T13:47:54.655573Z |
| pysec-2022-210 |
|
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM … | salt | 2022-06-23T17:15:00Z | 2022-06-23T18:47:26.936484Z |
| pysec-2022-211 |
|
Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) fo… | jupyter-server | 2022-06-14T21:15:00Z | 2022-06-24T18:46:20.115761Z |
| pysec-2022-212 |
|
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to … | notebook | 2022-06-14T18:15:00Z | 2022-08-24T20:50:33.251121Z |
| pysec-2022-209 |
|
Command Injection in GitHub repository nuitka/nuitka prior to 0.9. | nuitka | 2022-06-12T14:15:00Z | 2022-06-23T11:27:14.332916Z |
| pysec-2022-207 |
|
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are… | couchbase | 2022-06-10T12:15:00Z | 2022-06-17T16:54:24.107616Z |
| pysec-2022-206 |
|
OAuthenticator is an OAuth token library for the JupyerHub login handler. CILogonOAuthent… | oauthenticator | 2022-06-09T13:15:00Z | 2022-06-16T05:33:11.901142Z |
| pysec-2022-43053 |
7.5 (3.1)
|
Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions… | vyper | 2022-06-09T09:15:00+00:00 | 2023-08-02T18:28:00.437362+00:00 |
| pysec-2022-208 |
|
django-s3file is a lightweight file upload input for Django and Amazon S3 . In versions p… | django-s3file | 2022-06-09T04:15:00Z | 2022-06-17T16:54:24.425121Z |
| pysec-2022-43147 |
9.8 (3.1)
|
pyanxdns package in PyPI version 0.2 is vulnerable to code execution backdoor. The impact… | pyanxdns | 2022-06-08T20:15:00Z | 2024-11-21T14:22:59.309018Z |
| pysec-2022-43071 |
9.8 (3.1)
|
api-res-py package in PyPI 0.1 is vulnerable to a code execution backdoor in the request … | api-res-py | 2022-06-08T20:15:00Z | 2024-11-25T22:25:53.019921Z |
| pysec-2022-43056 |
9.8 (3.1)
|
The keep for python, as distributed on PyPI, included a code-execution backdoor inserted … | keep | 2022-06-08T18:15:00+00:00 | 2023-08-17T03:22:31.636090+00:00 |
| pysec-2022-204 |
|
The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument… | cookiecutter | 2022-06-08T08:15:00Z | 2022-06-08T10:35:31.256727Z |
| pysec-2022-42973 |
|
Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vu… | flower | 2022-06-02T14:15:00Z | 2022-10-26T22:48:00Z |
| pysec-2022-227 |
|
Bottle before 0.12.20 mishandles errors during early request binding. | bottle | 2022-06-02T14:15:00Z | 2023-05-25T05:07:00Z |
| pysec-2022-205 |
|
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2… | waitress | 2022-05-31T23:15:00Z | 2022-06-14T20:37:51.457649Z |
| pysec-2022-43145 |
9.8 (3.1)
|
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of… | pillow | 2022-05-25T12:15:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2022-203 |
|
** DISPUTED ** Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below all… | werkzeug | 2022-05-25T01:15:00Z | 2022-06-07T22:30:02.873111Z |
| pysec-2022-199 |
|
The ctx hosted project on PyPI was taken over via user account compromise and replaced wi… | ctx | 2022-05-24T17:55:00.000000Z | 2022-05-24T17:55:00.000000Z |
| pysec-2022-202 |
|
PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signi… | pyjwt | 2022-05-24T15:15:00Z | 2022-06-07T16:57:16.566102Z |
| pysec-2022-43154 |
7.8 (3.1)
|
WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm. | pywasm3 | 2022-05-20T19:15:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2022-201 |
|
Cross-site Scripting (XSS) - Generic in GitHub repository octoprint/octoprint prior to 1.8.0. | octoprint | 2022-05-18T14:15:00Z | 2022-05-25T22:34:11.424461Z |
| pysec-2022-200 |
|
Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0. | octoprint | 2022-05-18T14:15:00Z | 2022-05-25T22:34:11.363909Z |
| pysec-2022-185 |
|
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. | marcador | 2022-05-08T20:15:00Z | 2022-05-17T18:33:00Z |
| pysec-2022-182 |
|
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (… | admesh | 2022-05-08T06:15:00Z | 2022-05-17T21:40:50.660206Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-2503 | Malicious code in genesis-1p-tools-rpm-bundle (PyPI) | 2026-04-07T09:41:03Z | 2026-04-07T09:41:03Z |
| mal-2026-2871 | Malicious code in devkitx (npm) | 2026-04-07T07:43:09Z | 2026-04-23T20:50:50Z |
| mal-2026-2502 | Malicious code in databasenaps (PyPI) | 2026-04-07T04:39:13Z | 2026-05-03T20:49:49Z |
| mal-2026-2501 | Malicious code in databaselooks (PyPI) | 2026-04-07T04:00:02Z | 2026-05-03T20:49:49Z |
| mal-2026-2525 | Malicious code in frontend-backoffice (npm) | 2026-04-06T16:24:27Z | 2026-04-10T17:23:34Z |
| mal-2026-2529 | Malicious code in use-form-builder-plugin (npm) | 2026-04-06T16:16:50Z | 2026-04-14T12:40:55Z |
| mal-2026-2524 | Malicious code in a2a-chat-canvas (npm) | 2026-04-06T16:13:05Z | 2026-04-10T17:23:32Z |
| mal-2026-2526 | Malicious code in request-js-validator (npm) | 2026-04-06T16:07:02Z | 2026-04-10T17:23:36Z |
| mal-2026-2499 | Malicious code in nerite-security-audit (npm) | 2026-04-06T09:23:07Z | 2026-04-07T14:41:23Z |
| mal-2026-2500 | Malicious code in totally-safe-util (npm) | 2026-04-06T09:20:39Z | 2026-04-07T14:41:25Z |
| mal-2026-2498 | Malicious code in df-sandbox-test (npm) | 2026-04-06T09:18:00Z | 2026-04-07T14:41:21Z |
| mal-2026-2497 | Malicious code in commerce-utils (npm) | 2026-04-06T09:11:24Z | 2026-04-07T14:41:21Z |
| mal-2026-2496 | Malicious code in chess-sec-ssrf1 (npm) | 2026-04-06T06:10:44Z | 2026-04-07T14:41:21Z |
| mal-2026-2495 | Malicious code in cloudera (npm) | 2026-04-05T20:05:37Z | 2026-04-07T14:41:21Z |
| mal-2026-2493 | Malicious code in cloudera-poc (npm) | 2026-04-05T19:40:31Z | 2026-04-07T14:41:21Z |
| mal-2026-2494 | Malicious code in databasetapes (PyPI) | 2026-04-05T19:35:23Z | 2026-05-03T20:49:49Z |
| mal-2026-2492 | Malicious code in admin0911 (npm) | 2026-04-05T15:30:57Z | 2026-04-14T01:05:14Z |
| mal-2026-2491 | Malicious code in @not-nemo/crypto-tracker (npm) | 2026-04-05T13:50:03Z | 2026-04-20T00:45:38Z |
| mal-2026-2716 | Malicious code in @needl-ai/common (npm) | 2026-04-05T09:03:43Z | 2026-04-23T20:50:49Z |
| mal-2026-2489 | Malicious code in databaserobooms (PyPI) | 2026-04-04T22:24:16Z | 2026-05-03T20:49:49Z |
| mal-2026-2490 | Malicious code in databaserotacos (PyPI) | 2026-04-04T22:03:00Z | 2026-05-03T20:49:49Z |
| mal-2026-2488 | Malicious code in photo-extractor (PyPI) | 2026-04-04T16:41:48Z | 2026-04-04T16:41:48Z |
| mal-2026-2487 | Malicious code in discord-request (PyPI) | 2026-04-04T12:56:18Z | 2026-04-04T12:56:18Z |
| mal-2026-2486 | Malicious code in gangomodule (PyPI) | 2026-04-04T12:01:55Z | 2026-04-04T12:01:55Z |
| mal-2026-2452 | Malicious code in strapi-plugin-blurhash (npm) | 2026-04-03T19:10:29Z | 2026-04-07T16:38:18Z |
| mal-2026-2450 | Malicious code in strapi-plugin-advanced-uuid (npm) | 2026-04-03T19:10:26Z | 2026-04-07T16:38:18Z |
| mal-2026-2463 | Malicious code in strapi-plugin-guardarian-ext (npm) | 2026-04-03T19:10:23Z | 2026-04-07T16:38:18Z |
| mal-2026-2465 | Malicious code in strapi-plugin-health-check (npm) | 2026-04-03T19:10:19Z | 2026-04-07T16:38:18Z |
| mal-2026-2459 | Malicious code in strapi-plugin-debug-tools (npm) | 2026-04-03T19:10:16Z | 2026-04-07T16:38:18Z |
| mal-2026-2455 | Malicious code in strapi-plugin-content-sync (npm) | 2026-04-03T19:09:53Z | 2026-04-07T16:38:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-1344 | Atlassian Confluence: Mehrere Schwachstellen | 2025-06-17T22:00:00.000+00:00 | 2025-06-17T22:00:00.000+00:00 |
| wid-sec-w-2025-1343 | Atlassian Bitbucket: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-06-17T22:00:00.000+00:00 | 2025-06-17T22:00:00.000+00:00 |
| wid-sec-w-2025-1342 | Veeam Backup & Replication: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-06-17T22:00:00.000+00:00 | 2025-06-17T22:00:00.000+00:00 |
| wid-sec-w-2025-1340 | Google Chrome und Microsoft Edge: Mehrere Schwachstellen | 2025-06-17T22:00:00.000+00:00 | 2025-07-27T22:00:00.000+00:00 |
| wid-sec-w-2025-1339 | PAM: Schwachstelle ermöglicht Privilegieneskalation | 2025-06-17T22:00:00.000+00:00 | 2026-01-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1338 | Red Hat Enterprise Linux (freeIPA): Schwachstelle ermöglicht Privilegieneskalation | 2025-06-17T22:00:00.000+00:00 | 2025-06-19T22:00:00.000+00:00 |
| wid-sec-w-2025-1337 | IBM Tivoli Netcool/OMNIbus: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-06-16T22:00:00.000+00:00 | 2025-06-16T22:00:00.000+00:00 |
| wid-sec-w-2025-1336 | Liferay Liferay DXP: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-06-16T22:00:00.000+00:00 | 2025-06-16T22:00:00.000+00:00 |
| wid-sec-w-2025-1335 | Apache Tomcat: Mehrere Schwachstellen | 2025-06-16T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1334 | Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service | 2025-06-16T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-1333 | Erlang/OTP: Schwachstelle ermöglicht Manipulation von Dateien | 2025-06-16T22:00:00.000+00:00 | 2025-06-19T22:00:00.000+00:00 |
| wid-sec-w-2025-1332 | D-LINK Router: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-06-16T22:00:00.000+00:00 | 2025-06-16T22:00:00.000+00:00 |
| wid-sec-w-2025-1331 | BeyondTrust Remote Support: Schwachstelle ermöglicht Codeausführung | 2025-06-16T22:00:00.000+00:00 | 2025-06-16T22:00:00.000+00:00 |
| wid-sec-w-2025-1330 | IBM App Connect Enterprise: Schwachstelle ermöglicht Manipulation der Konfiguration | 2025-06-16T22:00:00.000+00:00 | 2025-06-16T22:00:00.000+00:00 |
| wid-sec-w-2025-1329 | OTRS: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2025-06-15T22:00:00.000+00:00 | 2025-06-15T22:00:00.000+00:00 |
| wid-sec-w-2025-1328 | PostgreSQL JDBC Treiber: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-06-15T22:00:00.000+00:00 | 2025-09-22T22:00:00.000+00:00 |
| wid-sec-w-2025-1327 | Grafana: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-06-15T22:00:00.000+00:00 | 2025-06-15T22:00:00.000+00:00 |
| wid-sec-w-2025-1326 | M-Files Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-06-15T22:00:00.000+00:00 | 2025-06-16T22:00:00.000+00:00 |
| wid-sec-w-2025-1325 | libxml2: Schwachstelle ermöglicht Denial of Service | 2025-06-15T22:00:00.000+00:00 | 2025-07-27T22:00:00.000+00:00 |
| wid-sec-w-2025-1324 | xwiki: Mehrere Schwachstellen | 2025-06-12T22:00:00.000+00:00 | 2025-06-12T22:00:00.000+00:00 |
| wid-sec-w-2025-1323 | Red Hat Satellite: Schwachstelle ermöglicht Denial of Service | 2025-06-12T22:00:00.000+00:00 | 2025-06-17T22:00:00.000+00:00 |
| wid-sec-w-2025-1322 | GIMP: Schwachstelle ermöglicht Denial of Service und potenziell Codeausführung | 2025-06-12T22:00:00.000+00:00 | 2025-06-12T22:00:00.000+00:00 |
| wid-sec-w-2025-1321 | SaltStack Salt: Mehrere Schwachstellen | 2025-06-12T22:00:00.000+00:00 | 2025-07-27T22:00:00.000+00:00 |
| wid-sec-w-2025-1320 | Tenable Security Nessus: Mehrere Schwachstellen | 2025-06-12T22:00:00.000+00:00 | 2025-06-12T22:00:00.000+00:00 |
| wid-sec-w-2025-1319 | VMware Tanzu Spring Framework: Schwachstelle ermöglicht Manipulation von Dateien | 2025-06-12T22:00:00.000+00:00 | 2025-06-17T22:00:00.000+00:00 |
| wid-sec-w-2025-1318 | Python: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-06-12T22:00:00.000+00:00 | 2026-01-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1317 | xwiki: Schwachstelle ermöglicht SQL Injection | 2025-06-12T22:00:00.000+00:00 | 2025-06-12T22:00:00.000+00:00 |
| wid-sec-w-2025-1316 | Dell integrated Dell Remote Access Controller: Schwachstelle ermöglicht Privilegieneskalation | 2025-06-12T22:00:00.000+00:00 | 2025-06-12T22:00:00.000+00:00 |
| wid-sec-w-2025-1315 | GitLab: Mehrere Schwachstellen | 2025-06-11T22:00:00.000+00:00 | 2025-06-11T22:00:00.000+00:00 |
| wid-sec-w-2025-1314 | Apple Produkte: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-06-11T22:00:00.000+00:00 | 2025-06-11T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-24-191-02 | Mitsubishi Electric MELIPC Series MI5122-VW | 2024-07-09T06:00:00.000000Z | 2024-07-09T06:00:00.000000Z |
| icsa-24-191-01 | Delta Electronics CNCSoft-G2 (Update A) | 2024-07-09T06:00:00.000000Z | 2025-02-18T07:00:00.000000Z |
| icsa-25-112-03 | Schneider Electric Wiser Home Controller WHC-5918A | 2024-07-09T00:00:00.000000Z | 2026-01-30T07:00:00.000000Z |
| icsa-24-345-03 | Schneider Electric FoxRTU Station | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-345-02 | Schneider Electric EcoStruxure Foxboro DCS Core Control Services | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-193-17 | Siemens SIMATIC STEP 7 (TIA Portal) | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-193-16 | Siemens SIMATIC WinCC | 2024-07-09T00:00:00.000000Z | 2024-11-12T00:00:00.000000Z |
| icsa-24-193-15 | Siemens SINEMA Remote Connect Server | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-193-14 | Siemens SIPROTEC | 2024-07-09T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-24-193-13 | Siemens TIA Portal, SIMATIC, and SIRIUS | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-193-12 | Siemens TIA Portal and SIMATIC STEP 7 | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-193-11 | Siemens RUGGEDCOM APE 1808 | 2024-07-09T00:00:00.000000Z | 2026-01-14T22:00:09.701376Z |
| icsa-24-193-10 | Siemens JT Open and PLM XML SDK | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-193-09 | Siemens SINEMA Remote Connect Server | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-193-08 | Siemens Mendix Encryption Module | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-193-07 | Siemens SIMATIC and SIMIT | 2024-07-09T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-24-193-06 | Siemens RUGGEDCOM | 2024-07-09T00:00:00.000000Z | 2025-08-12T00:00:00.000000Z |
| icsa-24-193-05 | Siemens SCALANCE, RUGGEDCOM | 2024-07-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-24-193-04 | Siemens Simcenter Femap | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-24-193-03 | Siemens Teamcenter Visualization and JT2Go | 2024-07-09T00:00:00.000000Z | 2024-08-13T00:00:00.000000Z |
| icsa-24-193-02 | Siemens RUGGEDCOM APE 1808 | 2024-07-09T00:00:00.000000Z | 2026-01-14T22:00:11.677616Z |
| icsa-24-193-01 | Siemens Remote Connect Server | 2024-07-09T00:00:00.000000Z | 2024-07-09T00:00:00.000000Z |
| icsa-25-007-01 | ABB ASPECT System | 2024-07-03T00:30:00.000000Z | 2024-12-05T00:30:00.000000Z |
| icsa-24-184-03 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update D) | 2024-07-02T06:00:00.000000Z | 2026-04-07T06:00:00.000000Z |
| icsa-24-184-02 | mySCADA myPRO | 2024-07-02T06:00:00.000000Z | 2024-07-02T06:00:00.000000Z |
| icsa-24-184-01 | Johnson Controls Kantech Door Controllers | 2024-07-02T06:00:00.000000Z | 2024-07-02T06:00:00.000000Z |
| icsa-24-179-07 | Johnson Controls Illustra Essentials Gen 4 (Update A) | 2024-06-27T06:00:00.000000Z | 2024-07-02T06:00:00.000000Z |
| icsa-24-179-06 | Johnson Controls Illustra Essentials Gen 4 (Update A) | 2024-06-27T06:00:00.000000Z | 2024-07-02T06:00:00.000000Z |
| icsa-24-179-05 | Johnson Controls Illustra Essentials Gen 4 (Update A) | 2024-06-27T06:00:00.000000Z | 2024-07-02T06:00:00.000000Z |
| icsa-24-179-04 | Johnson Controls Illustra Essentials Gen 4 (Update A) | 2024-06-27T06:00:00.000000Z | 2024-07-02T06:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-ucm-csrf-xrtkdu3h | Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-smb-switches-web-dos-xmyffkt8 | Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-smb-switches-tokens-uzwpr4e5 | Cisco Small Business Series Switches Session Credentials Replay Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-sbrv-cmdinjection-z5cwfdk | Cisco Small Business RV Series Routers Command Injection Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-pi-epnm-xss-u2jk537j | Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-esa-dos-jom9etfo | Cisco Email Security Appliance Denial of Service Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-cucm-path-trav-dkcvktvo | Cisco Unified Communications Products Path Traversal Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-cspc-info-disc-km3bgvl | Cisco Common Services Platform Collector Information Disclosure Vulnerability | 2021-11-03T16:00:00+00:00 | 2022-01-06T17:54:37+00:00 |
| cisco-sa-cps-static-key-jms92hnv | Cisco Policy Suite Static SSH Keys Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-04T17:32:39+00:00 |
| cisco-sa-cpar-strd-xss-a4dcvetg | Cisco Prime Access Registrar Stored Cross-Site Scripting Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-catpon-multivulns-ce3dsygr | Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-anyconnect-nam-priv-ycsrnugt | Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-snort-dos-s2r7w9uu | Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-29T14:07:40+00:00 |
| cisco-sa-snort-dos-rywh7ezm | Multiple Cisco Products Snort Rule Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-natalg-bypass-cpkgqkng | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-ftd-tls-decrypt-dos-bmxyjm8m | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-ftd-file-write-shvcmqvc | Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability | 2021-10-27T16:00:00+00:00 | 2023-05-26T11:54:17+00:00 |
| cisco-sa-ftd-enip-bypass-efsxd8kp | Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-ftd-dos-rudsew3r | Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-ftd-cmdinject-fmzsln8 | Cisco Firepower Threat Defense Software Command Injection Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-fmc-xss-openredir-tvpmwjyg | Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-fmc-infodisc-ft2wvmnu | Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-fmc-dir-traversal-95uyw5tk | Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-asaftd-xss-webui-gqlsfypm | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-asaftd-snmpaccess-m6yoweq3 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-asaftd-rule-bypass-ejjogqey | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-asaftd-ikev2-dos-g4cmrr7c | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-29T13:51:25+00:00 |
| cisco-sa-asaftd-dos-4ygzlku9 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-asafdt-webvpn-dos-ksqjakpa | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-asa-ftd-dos-unk689xy | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-3479 | pkgutil.get_data() does not enforce documented restrictions | 2026-03-02T00:00:00.000Z | 2026-04-22T01:38:01.000Z |
| msrc_cve-2026-34714 | CVE-2026-34714 | 2026-03-02T00:00:00.000Z | 2026-04-08T01:37:47.000Z |
| msrc_cve-2026-34353 | CVE-2026-34353 | 2026-03-02T00:00:00.000Z | 2026-04-01T01:57:48.000Z |
| msrc_cve-2026-34085 | CVE-2026-34085 | 2026-03-02T00:00:00.000Z | 2026-04-22T01:41:08.000Z |
| msrc_cve-2026-34073 | cryptography has incomplete DNS name constraint enforcement on peer names | 2026-03-02T00:00:00.000Z | 2026-04-30T01:48:15.000Z |
| msrc_cve-2026-34043 | Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects | 2026-03-02T00:00:00.000Z | 2026-04-30T01:46:20.000Z |
| msrc_cve-2026-33941 | Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:24.000Z |
| msrc_cve-2026-33940 | Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:35.000Z |
| msrc_cve-2026-33939 | Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:30.000Z |
| msrc_cve-2026-33938 | Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:18.000Z |
| msrc_cve-2026-33937 | Handlebars.js has JavaScript Injection via AST Type Confusion | 2026-03-02T00:00:00.000Z | 2026-04-01T01:58:16.000Z |
| msrc_cve-2026-33936 | python-ecdsa: Denial of Service via improper DER length validation in crafted private keys | 2026-03-02T00:00:00.000Z | 2026-04-08T01:36:46.000Z |
| msrc_cve-2026-33916 | Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection | 2026-03-02T00:00:00.000Z | 2026-04-30T01:46:08.000Z |
| msrc_cve-2026-33896 | Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation) | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:04.000Z |
| msrc_cve-2026-33895 | Forge has signature forgery in Ed25519 due to missing S > L check | 2026-03-02T00:00:00.000Z | 2026-04-15T01:38:56.000Z |
| msrc_cve-2026-33891 | Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:13.000Z |
| msrc_cve-2026-3381 | Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib | 2026-03-02T00:00:00.000Z | 2026-03-26T01:39:38.000Z |
| msrc_cve-2026-33750 | brace-expansion: Zero-step sequence causes process hang and memory exhaustion | 2026-03-02T00:00:00.000Z | 2026-04-23T01:37:20.000Z |
| msrc_cve-2026-33672 | Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching | 2026-03-02T00:00:00.000Z | 2026-04-22T01:41:38.000Z |
| msrc_cve-2026-33671 | Picomatch has a ReDoS vulnerability via extglob quantifiers | 2026-03-02T00:00:00.000Z | 2026-04-16T14:37:41.000Z |
| msrc_cve-2026-33636 | LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64 | 2026-03-02T00:00:00.000Z | 2026-04-15T01:38:17.000Z |
| msrc_cve-2026-33554 | CVE-2026-33554 | 2026-03-02T00:00:00.000Z | 2026-04-08T01:38:36.000Z |
| msrc_cve-2026-33542 | Incus does not verify combined fingerprint when downloading images from simplestreams servers | 2026-03-02T00:00:00.000Z | 2026-04-30T01:45:45.000Z |
| msrc_cve-2026-33526 | Squid vulnerable to Denial of Service in ICP Request handling | 2026-03-02T00:00:00.000Z | 2026-03-28T14:38:00.000Z |
| msrc_cve-2026-33515 | Squid has issues in ICP message handling | 2026-03-02T00:00:00.000Z | 2026-03-28T14:38:07.000Z |
| msrc_cve-2026-33416 | LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` | 2026-03-02T00:00:00.000Z | 2026-04-15T01:38:06.000Z |
| msrc_cve-2026-33413 | etcd: Authorization bypasses in multiple APIs | 2026-03-02T00:00:00.000Z | 2026-03-31T14:57:04.000Z |
| msrc_cve-2026-33412 | Vim affected by Command injection via newline in glob() | 2026-03-02T00:00:00.000Z | 2026-03-31T14:54:51.000Z |
| msrc_cve-2026-3338 | PKCS7_verify Signature Validation Bypass in AWS-LC | 2026-03-02T00:00:00.000Z | 2026-03-06T01:38:11.000Z |
| msrc_cve-2026-3336 | PKCS7_verify Certificate Chain Validation Bypass in AWS-LC | 2026-03-02T00:00:00.000Z | 2026-03-06T01:38:19.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:10036-1 | cockpit-repos-4.6-1.1 on GA media | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| opensuse-su-2026:20018-1 | Security update for glib2 | 2026-01-12T11:52:23Z | 2026-01-12T11:52:23Z |
| opensuse-su-2026:20014-1 | Security update for MozillaFirefox | 2026-01-12T11:35:13Z | 2026-01-12T11:35:13Z |
| opensuse-su-2026:20017-1 | Security update for libpng16 | 2026-01-12T11:14:46Z | 2026-01-12T11:14:46Z |
| opensuse-su-2026:20016-1 | Security update for libmicrohttpd | 2026-01-12T11:14:46Z | 2026-01-12T11:14:46Z |
| opensuse-su-2026:20015-1 | Security update for python-tornado6 | 2026-01-12T10:29:37Z | 2026-01-12T10:29:37Z |
| opensuse-su-2026:10035-1 | teleport-17.7.13-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10034-1 | python311-Authlib-1.6.6-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10033-1 | libtasn1-6-32bit-4.21.0-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10032-1 | libpcap-devel-1.10.6-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10031-1 | kubelogin-0.2.14-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10030-1 | k6-1.5.0-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10029-1 | istioctl-1.28.2-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10028-1 | ffmpeg-7-7.1.3-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10027-1 | ffmpeg-4-4.4.6-10.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:20022-1 | Security update for matio | 2026-01-11T17:15:13Z | 2026-01-11T17:15:13Z |
| opensuse-su-2026:20013-1 | Security update for avahi | 2026-01-11T16:54:00Z | 2026-01-11T16:54:00Z |
| opensuse-su-2026:20020-1 | Security update for chromium | 2026-01-10T02:17:54Z | 2026-01-10T02:17:54Z |
| opensuse-su-2026:10026-1 | python311-urllib3-2.6.2-1.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10025-1 | python311-aiohttp-3.13.3-1.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10024-1 | libsoup-2_4-1-2.74.3-13.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10023-1 | libsoup-3_0-0-3.6.5-10.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10022-1 | libsodium-devel-1.0.21-1.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10021-1 | coredns-1.14.0-1.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-ru-2026:20010-1 | Recommended update for trivy | 2026-01-08T14:37:24Z | 2026-01-08T14:37:24Z |
| opensuse-su-2026:10020-1 | traefik-3.6.6-1.1 on GA media | 2026-01-08T00:00:00Z | 2026-01-08T00:00:00Z |
| opensuse-su-2026:10019-1 | gdk-pixbuf-loader-libheif-1.21.1-1.1 on GA media | 2026-01-08T00:00:00Z | 2026-01-08T00:00:00Z |
| opensuse-su-2026:10018-1 | gimp-3.0.6-4.1 on GA media | 2026-01-08T00:00:00Z | 2026-01-08T00:00:00Z |
| opensuse-su-2026:10017-1 | curl-8.18.0-1.1 on GA media | 2026-01-08T00:00:00Z | 2026-01-08T00:00:00Z |
| opensuse-su-2026:10016-1 | chromedriver-143.0.7499.192-1.1 on GA media | 2026-01-08T00:00:00Z | 2026-01-08T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:6439 | Red Hat Security Advisory: libpng15 security update | 2026-04-02T11:12:37+00:00 | 2026-05-09T02:37:06+00:00 |
| rhsa-2026:6435 | Red Hat Security Advisory: mariadb:10.11 security update | 2026-04-02T10:59:43+00:00 | 2026-04-16T06:43:22+00:00 |
| rhsa-2026:6436 | Red Hat Security Advisory: rsync security update | 2026-04-02T10:54:57+00:00 | 2026-05-05T20:35:27+00:00 |
| rhsa-2026:6431 | Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update | 2026-04-02T08:24:03+00:00 | 2026-04-20T21:33:22+00:00 |
| rhsa-2026:5910 | Red Hat Security Advisory: OpenShift Container Platform 4.16.59 bug fix and security update | 2026-04-02T08:02:20+00:00 | 2026-05-07T13:18:34+00:00 |
| rhsa-2026:6429 | Red Hat Security Advisory: Multicluster Global Hub 1.4.5 security update | 2026-04-02T07:56:10+00:00 | 2026-05-10T03:03:50+00:00 |
| rhsa-2026:6428 | Red Hat Security Advisory: Network Observability 1.11.1 for OpenShift | 2026-04-02T07:50:38+00:00 | 2026-05-10T03:03:45+00:00 |
| rhsa-2026:6427 | Red Hat Security Advisory: nginx:1.26 security update | 2026-04-02T07:42:56+00:00 | 2026-04-23T06:08:49+00:00 |
| rhsa-2026:6407 | Red Hat Security Advisory: nginx:1.24 security update | 2026-04-01T22:57:35+00:00 | 2026-04-23T06:08:47+00:00 |
| rhsa-2026:6408 | Red Hat Security Advisory: nginx security update | 2026-04-01T20:24:35+00:00 | 2026-04-23T06:08:48+00:00 |
| rhsa-2026:6404 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Container Release Update | 2026-04-01T18:20:27+00:00 | 2026-05-08T03:02:45+00:00 |
| rhsa-2026:6402 | Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update | 2026-04-01T16:46:17+00:00 | 2026-04-20T21:33:24+00:00 |
| rhsa-2026:6396 | Red Hat Security Advisory: freerdp security update | 2026-04-01T16:28:09+00:00 | 2026-04-09T14:38:07+00:00 |
| rhsa-2026:6395 | Red Hat Security Advisory: freerdp security update | 2026-04-01T16:24:09+00:00 | 2026-04-09T14:38:07+00:00 |
| rhsa-2026:6391 | Red Hat Security Advisory: mysql:8.4 security update | 2026-04-01T15:43:39+00:00 | 2026-04-02T16:36:39+00:00 |
| rhsa-2026:6390 | Red Hat Security Advisory: rsync security update | 2026-04-01T15:41:34+00:00 | 2026-05-05T20:28:50+00:00 |
| rhsa-2026:6385 | Red Hat Security Advisory: freerdp security update | 2026-04-01T15:01:19+00:00 | 2026-04-09T14:38:06+00:00 |
| rhsa-2026:6383 | Red Hat Security Advisory: grafana-pcp security update | 2026-04-01T14:59:14+00:00 | 2026-05-08T15:00:31+00:00 |
| rhsa-2026:6382 | Red Hat Security Advisory: grafana security update | 2026-04-01T14:57:19+00:00 | 2026-05-08T15:00:31+00:00 |
| rhsa-2026:6384 | Red Hat Security Advisory: freerdp security update | 2026-04-01T14:55:19+00:00 | 2026-04-09T14:38:07+00:00 |
| rhsa-2026:6388 | Red Hat Security Advisory: grafana-pcp security update | 2026-04-01T14:40:49+00:00 | 2026-05-08T15:00:31+00:00 |
| rhsa-2026:6344 | Red Hat Security Advisory: grafana security update | 2026-04-01T11:23:28+00:00 | 2026-05-08T15:00:30+00:00 |
| rhsa-2026:5876 | Red Hat Security Advisory: OpenShift Container Platform 4.19.27 packages and security update | 2026-04-01T10:19:18+00:00 | 2026-05-10T03:03:40+00:00 |
| rhsa-2026:5877 | Red Hat Security Advisory: OpenShift Container Platform 4.19.27 bug fix and security update | 2026-04-01T10:06:58+00:00 | 2026-04-02T16:39:26+00:00 |
| rhsa-2026:5878 | Red Hat Security Advisory: OpenShift Container Platform 4.19.27 bug fix and security update | 2026-04-01T09:48:10+00:00 | 2026-05-08T14:58:57+00:00 |
| rhsa-2026:6342 | Red Hat Security Advisory: thunderbird security update | 2026-04-01T09:40:38+00:00 | 2026-04-28T18:40:12+00:00 |
| rhsa-2026:5866 | Red Hat Security Advisory: OpenShift Container Platform 4.17.52 packages and security update | 2026-04-01T09:29:07+00:00 | 2026-05-10T03:03:39+00:00 |
| rhsa-2026:6341 | Red Hat Security Advisory: Red Hat build of Cryostat security update | 2026-04-01T09:19:49+00:00 | 2026-05-08T15:00:30+00:00 |
| rhsa-2026:5867 | Red Hat Security Advisory: OpenShift Container Platform 4.17.52 bug fix and security update | 2026-04-01T09:17:57+00:00 | 2026-04-02T16:39:27+00:00 |
| rhsa-2026:6340 | Red Hat Security Advisory: freerdp security update | 2026-04-01T09:08:02+00:00 | 2026-04-28T07:39:20+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:1045-1 | Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5) | 2026-03-25T18:04:47Z | 2026-03-25T18:04:47Z |
| suse-su-2026:1044-1 | Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5) | 2026-03-25T17:54:43Z | 2026-03-25T17:54:43Z |
| suse-su-2026:1041-1 | Security update for the Linux Kernel | 2026-03-25T14:13:20Z | 2026-03-25T14:13:20Z |
| suse-su-2026:1040-1 | Security update for systemd | 2026-03-25T12:43:09Z | 2026-03-25T12:43:09Z |
| suse-su-2026:1039-1 | Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5) | 2026-03-25T12:34:25Z | 2026-03-25T12:34:25Z |
| suse-su-2026:20933-1 | Security update for python-ldap | 2026-03-25T10:48:13Z | 2026-03-25T10:48:13Z |
| suse-su-2026:1037-1 | Security update for grafana | 2026-03-25T10:31:04Z | 2026-03-25T10:31:04Z |
| suse-su-2026:1030-1 | Security update for salt | 2026-03-25T10:17:20Z | 2026-03-25T10:17:20Z |
| suse-su-2026:1029-1 | Security update for salt | 2026-03-25T10:16:49Z | 2026-03-25T10:16:49Z |
| suse-su-2026:1028-1 | Security update for salt | 2026-03-25T10:16:17Z | 2026-03-25T10:16:17Z |
| suse-su-2026:1027-1 | Security update for salt | 2026-03-25T10:15:43Z | 2026-03-25T10:15:43Z |
| suse-su-2026:1026-1 | Security update 5.0.7 for Multi-Linux Manager Salt Bundle | 2026-03-25T10:15:30Z | 2026-03-25T10:15:30Z |
| suse-su-2026:1014-1 | Security update 5.0.7 for Multi-Linux Manager Salt Bundle | 2026-03-25T10:12:32Z | 2026-03-25T10:12:32Z |
| suse-su-2026:1013-1 | Security update 5.0.7 for Multi-Linux Manager Client Tools | 2026-03-25T10:11:52Z | 2026-03-25T10:11:52Z |
| suse-su-2026:1012-1 | Security update 5.0.7 for Multi-Linux Manager Salt Bundle | 2026-03-25T10:10:54Z | 2026-03-25T10:10:54Z |
| suse-su-2026:1011-1 | Security update 5.0.7 for Multi-Linux Manager Client Tools | 2026-03-25T10:10:31Z | 2026-03-25T10:10:31Z |
| suse-su-2026:1010-1 | Security update 5.0.7 for Multi-Linux Manager Server | 2026-03-25T10:10:02Z | 2026-03-25T10:10:02Z |
| suse-su-2026:1008-1 | Security update for Prometheus | 2026-03-25T10:07:27Z | 2026-03-25T10:07:27Z |
| suse-su-2026:20932-1 | Security update for ffmpeg-7 | 2026-03-25T09:58:50Z | 2026-03-25T09:58:50Z |
| suse-su-2026:20878-1 | Security update for python-pyasn1 | 2026-03-25T09:44:19Z | 2026-03-25T09:44:19Z |
| suse-su-2026:20868-1 | Security update for capstone | 2026-03-25T09:40:00Z | 2026-03-25T09:40:00Z |
| suse-su-2026:1002-1 | Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5) | 2026-03-25T09:34:30Z | 2026-03-25T09:34:30Z |
| suse-su-2026:1005-1 | Security update for giflib | 2026-03-25T09:32:48Z | 2026-03-25T09:32:48Z |
| suse-su-2026:1004-1 | Security update for libsoup | 2026-03-25T09:32:40Z | 2026-03-25T09:32:40Z |
| suse-su-2026:20869-1 | Security update for python-PyJWT | 2026-03-25T09:31:26Z | 2026-03-25T09:31:26Z |
| suse-su-2026:1003-1 | Security update for the Linux Kernel | 2026-03-25T09:25:47Z | 2026-03-25T09:25:47Z |
| suse-su-2026:20931-1 | Security update for the Linux Kernel | 2026-03-25T08:48:43Z | 2026-03-25T08:48:43Z |
| suse-su-2026:20838-1 | Security update for the Linux Kernel | 2026-03-25T08:48:43Z | 2026-03-25T08:48:43Z |
| suse-su-2026:21284-1 | Security update for the Linux Kernel | 2026-03-25T08:43:53Z | 2026-03-25T08:43:53Z |
| suse-ru-2026:1001-1 | Recommended update for rust1.94 | 2026-03-25T08:36:36Z | 2026-03-25T08:36:36Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2025:12831 | Moderate: opentelemetry-collector security update | 2025-08-05T00:00:00Z | 2025-08-07T10:26:12Z |
| alsa-2025:12753 | Important: kernel-rt security update | 2025-08-04T00:00:00Z | 2025-08-07T10:27:31Z |
| alsa-2025:12752 | Important: kernel security update | 2025-08-04T00:00:00Z | 2025-08-07T10:29:22Z |
| alsa-2025:12746 | Important: kernel security update | 2025-08-04T00:00:00Z | 2025-08-07T11:25:17Z |
| alsa-2025:12662 | Important: kernel security update | 2025-08-04T00:00:00Z | 2025-08-13T13:56:22Z |
| alsa-2025:12527 | Moderate: virt:rhel and virt-devel:rhel security update | 2025-08-04T00:00:00Z | 2026-04-09T15:30:58Z |
| alsa-2025:12519 | Moderate: python-requests security update | 2025-08-04T00:00:00Z | 2025-08-04T12:47:36Z |
| alsa-2025:12450 | Important: libxml2 security update | 2025-07-31T00:00:00Z | 2025-08-01T13:36:17Z |
| alsa-2025:12447 | Important: libxml2 security update | 2025-07-31T00:00:00Z | 2025-08-01T13:39:05Z |
| alsa-2025:12280 | Important: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update | 2025-07-30T00:00:00Z | 2025-08-09T13:24:27Z |
| alsa-2025:12188 | Important: thunderbird security update | 2025-07-29T00:00:00Z | 2025-07-30T13:59:25Z |
| alsa-2025:12187 | Important: thunderbird security update | 2025-07-29T00:00:00Z | 2025-07-30T13:57:28Z |
| alsa-2025:12100 | Moderate: libtpms security update | 2025-07-29T00:00:00Z | 2025-07-30T09:49:56Z |
| alsa-2025:12083 | Moderate: icu security update | 2025-07-29T00:00:00Z | 2025-07-30T08:16:08Z |
| alsa-2025:12064 | Important: unbound security update | 2025-07-29T00:00:00Z | 2025-07-30T08:10:45Z |
| alsa-2025:12010 | Important: sqlite security update | 2025-07-28T00:00:00Z | 2025-07-29T09:23:05Z |
| alsa-2025:12008 | Important: redis:7 security update | 2025-07-28T00:00:00Z | 2025-07-29T10:55:40Z |
| alsa-2025:12006 | Important: redis:6 security update | 2025-07-28T00:00:00Z | 2025-07-30T08:13:36Z |
| alsa-2025:11992 | Important: sqlite security update | 2025-07-28T00:00:00Z | 2025-07-29T09:25:46Z |
| alsa-2025:11933 | Important: sqlite security update | 2025-07-28T00:00:00Z | 2025-07-28T19:45:16Z |
| alsa-2025:11888 | Moderate: icu security update | 2025-07-28T00:00:00Z | 2025-07-28T19:46:22Z |
| alsa-2025:11884 | Important: unbound security update | 2025-07-28T00:00:00Z | 2025-07-28T14:37:14Z |
| alsa-2025:11861 | Moderate: kernel security update | 2025-07-28T00:00:00Z | 2025-07-31T22:26:58Z |
| alsa-2025:11855 | Moderate: kernel security update | 2025-07-28T00:00:00Z | 2025-08-06T06:59:49Z |
| alsa-2025:11851 | Moderate: kernel-rt security update | 2025-07-28T00:00:00Z | 2025-07-30T08:18:29Z |
| alsa-2025:11850 | Moderate: kernel security update | 2025-07-28T00:00:00Z | 2025-08-06T17:11:33Z |
| alsa-2025:11849 | Important: unbound security update | 2025-07-28T00:00:00Z | 2025-07-28T14:51:11Z |
| alsa-2025:11805 | Moderate: perl security update | 2025-07-28T00:00:00Z | 2025-07-28T09:38:48Z |
| alsa-2025:11803 | Important: nodejs:22 security update | 2025-07-28T00:00:00Z | 2025-07-28T14:53:46Z |
| alsa-2025:11797 | Important: firefox security update | 2025-07-28T00:00:00Z | 2025-07-31T10:21:39Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2023-761 | Heap-buffer-overflow in ICMPinfo::dissectICMP | 2023-08-29T14:02:10.894349Z | 2023-08-29T14:02:10.894589Z |
| osv-2023-758 | Heap-double-free in bit_TV_to_utf8 | 2023-08-29T14:00:10.585462Z | 2023-08-29T14:00:10.585716Z |
| osv-2023-756 | Heap-buffer-overflow in rawspeed::DngDecoder::decodeMetaDataInternal | 2023-08-28T14:02:10.741602Z | 2023-12-23T14:16:41.470280Z |
| osv-2023-754 | Heap-buffer-overflow in H5O__chunk_protect | 2023-08-28T14:00:10.026707Z | 2025-03-18T00:43:25.726885Z |
| osv-2023-753 | Stack-buffer-overflow in iasecc_crt_parse | 2023-08-28T14:00:08.788843Z | 2023-08-28T14:00:08.789089Z |
| osv-2023-750 | Security exception in org.antlr.v4.runtime.atn.PredictionContext.fromRuleContext | 2023-08-27T14:01:22.181636Z | 2023-08-27T14:01:22.181891Z |
| osv-2023-748 | Segv on unknown address in dwg_encode | 2023-08-27T14:01:00.633988Z | 2023-08-27T14:01:00.634262Z |
| osv-2023-745 | Heap-buffer-overflow in pcpp::SomeIpSdLayer::isDataValid | 2023-08-27T14:00:31.929598Z | 2023-08-27T14:00:31.929865Z |
| osv-2023-744 | Stack-buffer-overflow in sc_color_fprintf_va | 2023-08-26T14:02:46.114617Z | 2023-08-26T14:02:46.114892Z |
| osv-2023-743 | Out-of-memory in QueryParserFuzzer | 2023-08-26T14:02:30.998218Z | 2023-08-27T14:28:54.259585Z |
| osv-2023-741 | Heap-buffer-overflow in Flow::dissectBittorrent | 2023-08-26T14:00:30.188688Z | 2023-08-26T14:00:30.188967Z |
| osv-2023-739 | UNKNOWN READ in OT::glyph_variations_t::create_from_glyphs_var_data | 2023-08-25T14:02:18.323225Z | 2023-08-25T14:02:18.323527Z |
| osv-2023-738 | Use-of-uninitialized-value in _PyFunction_FromConstructor | 2023-08-25T14:00:42.118304Z | 2023-08-25T14:00:42.118579Z |
| osv-2023-736 | Heap-buffer-overflow in HeifContext::interpret_heif_file | 2023-08-25T14:00:14.487219Z | 2023-12-20T14:12:01.243209Z |
| osv-2023-734 | Container-overflow in libbrotlidec.so.1 | 2023-08-24T14:02:58.433195Z | 2023-08-24T14:02:58.433472Z |
| osv-2023-728 | Use-of-uninitialized-value in aesEncryptBlock | 2023-08-24T14:00:27.838220Z | 2024-04-29T14:13:55.378729Z |
| osv-2023-726 | Heap-buffer-overflow in Flow::dissectNetBIOS | 2023-08-23T14:02:47.143481Z | 2023-08-23T14:02:47.143744Z |
| osv-2023-723 | Heap-buffer-overflow in H5MM_memcpy | 2023-08-22T14:03:07.334340Z | 2023-08-22T14:03:07.334606Z |
| osv-2023-722 | Heap-buffer-overflow in H5MM_memcpy | 2023-08-22T14:03:04.118428Z | 2025-03-18T00:42:21.984142Z |
| osv-2023-721 | Stack-buffer-overflow in crc24q_check | 2023-08-21T14:02:51.271773Z | 2023-08-21T14:02:51.272060Z |
| osv-2023-719 | Security exception in org.apache.commons.jxpath.ri.compiler.CoreFunction.toString | 2023-08-21T14:02:38.497581Z | 2023-08-21T14:02:38.497866Z |
| osv-2023-717 | Heap-buffer-overflow in bit_TV_to_utf8_codepage | 2023-08-21T14:00:28.036480Z | 2023-12-01T14:22:18.777534Z |
| osv-2023-715 | Stack-use-after-scope in ulocimp_addLikelySubtags_74 | 2023-08-21T14:00:19.885505Z | 2023-08-23T15:32:00.801902Z |
| osv-2023-714 | Security exception in org.apache.poi.ddf.EscherContainerRecord.fillFields | 2023-08-19T14:02:15.130219Z | 2023-08-19T14:02:15.130475Z |
| osv-2023-710 | Heap-buffer-overflow in Flow::dissectMDNS | 2023-08-19T14:00:12.746394Z | 2023-08-19T14:00:12.746652Z |
| osv-2023-709 | Heap-buffer-overflow in QOIHandler::read | 2023-08-18T14:02:53.146275Z | 2023-08-20T14:15:45.069773Z |
| osv-2023-705 | Security exception in org.apache.lucene.util.automaton.RegExp.toAutomaton | 2023-08-17T14:00:59.717535Z | 2023-08-19T14:26:28.816770Z |
| osv-2023-697 | Heap-buffer-overflow in IEC104Stats::processPacket | 2023-08-15T14:01:02.977387Z | 2023-08-15T14:01:02.977646Z |
| osv-2023-696 | Security exception in org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone | 2023-08-14T14:00:47.094365Z | 2023-08-14T14:00:47.094611Z |
| osv-2023-693 | Security exception in org.json.JSONArray.writeTo | 2023-08-13T14:00:24.146135Z | 2023-08-13T14:00:24.146368Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2020-0051 | Obsolete versions of the `rustsec` crate do not support the new V3 advisory format | 2020-10-01T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2020-0050 | VecCopy allows misaligned access to elements | 2020-09-27T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0047 | array_queue pop_back() may cause a use-after-free | 2020-09-26T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0043 | Insufficient size checks in outgoing buffer in ws allows remote attacker to run the process out of memory | 2020-09-25T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0042 | Missing check in ArrayVec leads to out-of-bounds write. | 2020-09-24T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0044 | Unsafe Send implementation in Atom allows data races | 2020-09-21T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0041 | Multiple soundness issues in Chunk and InlineArray | 2020-09-06T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0166 | personnummer Input validation error | 2020-09-04T12:00:00Z | 2023-02-02T10:57:52Z |
| rustsec-2020-0060 | futures_task::waker may cause a use-after-free if used on a type that isn't 'static | 2020-09-04T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0040 | Obstack generates unaligned references | 2020-09-03T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0039 | `index()` allows out-of-bound read and `remove()` has off-by-one error | 2020-09-03T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0038 | Memory safety issues in `compact::Vec` | 2020-09-03T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0037 | Misbehaving `HandleLike` implementation can lead to memory safety violation | 2020-08-31T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0164 | `cell-project` used incorrect variance when projecting through `&Cell<T>` | 2020-08-27T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0035 | Chunk API does not respect align requirement | 2020-08-25T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0034 | Multiple security issues including data race, buffer overflow, and uninitialized memory drop | 2020-08-25T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0033 | Matrix::new() drops uninitialized memory | 2020-08-25T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0032 | StrcCtx deallocates a memory region that it doesn't own | 2020-08-20T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0030 | Missing sanitization in mozwire allows local file overwrite of files ending in .conf | 2020-08-18T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0168 | mach is unmaintained | 2020-07-14T12:00:00Z | 2023-03-12T06:59:25Z |
| rustsec-2020-0024 | Improper uniqueness verification of signature threshold | 2020-07-09T12:00:00Z | 2021-10-19T22:14:35Z |
| rustsec-2020-0165 | mozjpeg DecompressScanlines::read_scanlines is Unsound | 2020-07-04T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0022 | Ozone contains several memory safety issues | 2020-07-04T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0052 | Undefined Behavior in bounded channel | 2020-06-26T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0026 | linked-hash-map creates uninitialized NonNull pointer | 2020-06-23T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0167 | `pnet_packet` buffer overrun in `set_payload` setters | 2020-06-19T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0031 | HTTP Request smuggling through malformed Transfer Encoding headers | 2020-06-16T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0029 | Allows viewing and modifying arbitrary structs as bytes | 2020-06-14T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2020-0157 | Improper Synchronization and Race Condition in vm-memory | 2020-06-02T12:00:00Z | 2021-09-10T15:50:27Z |
| rustsec-2020-0027 | traitobject assumes the layout of fat pointers | 2020-06-01T12:00:00Z | 2023-06-13T13:10:24Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-discourse-2026-28227 | Discourse Vulnerable to Unauthorized Topic Creation in Staff-Only Categories via Topic Timer publish_to_category | 2026-03-03T13:29:32.408Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-28219 | Privilege Escalation via Mass Assignment Allows Regular Users to Set Topics as Global Banners | 2026-03-03T13:29:30.555Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-28218 | Discourse's Fail-Open Access Control in Data Explorer Plugin Allows Unauthorized SQL Query Execution | 2026-03-03T13:29:28.795Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-27162 | DIscourse doesn't prevent whispers to leak in excerpts | 2026-03-03T13:29:27.139Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-27154 | Discourse has XSS when editing a malicious post | 2026-03-03T13:29:25.328Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-27153 | Discourse doesn't prevent moderators from exporting user Chat DMs | 2026-03-03T13:29:23.447Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-27152 | DIscourse has DM communication-preference bypass when adding members | 2026-03-03T13:29:21.569Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-27151 | Discourse doesn't validate destination topic when moving posts | 2026-03-03T13:29:19.608Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-27150 | Discourse doesn't ensure guardian check when creating QueryGroupBookmark | 2026-03-03T13:29:17.871Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-27149 | Discourse has SQL injection in PM tag filtering | 2026-03-03T13:29:16.239Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-27021 | Discourse: Poll voters endpoint lacked post visibility checks | 2026-03-03T13:29:14.621Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-26979 | Discourse: TL4 users are able to change status of restricted topics | 2026-03-03T13:29:12.870Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-26973 | Discourse doesn't scope reviewable notes to user-visible reviewables | 2026-03-03T13:29:10.861Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-26265 | Discourse has IDOR vulnerability in the directory items endpoint | 2026-03-03T13:29:08.511Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-26207 | DIscourse's discourse-policy plugin lacks post access check | 2026-03-03T13:29:06.818Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-26078 | Discourse has authentication bypass vulnerability in the Patreon plugin webhook endpoint | 2026-03-03T13:29:04.991Z | 2026-03-03T13:59:21.562Z |
| bit-discourse-2026-26077 | Discourse doesn't ensure webhooks require a token | 2026-03-03T13:29:03.296Z | 2026-03-03T13:59:21.562Z |
| bit-kibana-2026-26938 | Improper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF) | 2026-03-03T08:43:31.139Z | 2026-03-03T09:19:06.344Z |
| bit-kibana-2026-26937 | Uncontrolled Resource Consumption in Kibana Leading to Denial of Service | 2026-03-03T08:43:29.291Z | 2026-03-03T09:19:06.344Z |
| bit-kibana-2026-26936 | Inefficient Regular Expression Complexity in Kibana Leading to Denial of Service | 2026-03-03T08:43:27.718Z | 2026-03-03T09:19:06.344Z |
| bit-kibana-2026-26935 | Improper Input Validation in Kibana Leading to Denial of Service | 2026-03-03T08:43:25.969Z | 2026-03-03T09:19:06.344Z |
| bit-kibana-2026-26934 | Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service | 2026-03-03T08:43:24.256Z | 2026-03-03T09:19:06.344Z |
| bit-elk-2026-26938 | Improper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF) | 2026-03-03T08:40:14.378Z | 2026-03-03T09:19:06.344Z |
| bit-elk-2026-26937 | Uncontrolled Resource Consumption in Kibana Leading to Denial of Service | 2026-03-03T08:40:12.613Z | 2026-03-03T09:19:06.344Z |
| bit-elk-2026-26936 | Inefficient Regular Expression Complexity in Kibana Leading to Denial of Service | 2026-03-03T08:40:11.205Z | 2026-03-03T09:19:06.344Z |
| bit-elk-2026-26935 | Improper Input Validation in Kibana Leading to Denial of Service | 2026-03-03T08:40:09.731Z | 2026-03-03T09:19:06.344Z |
| bit-elk-2026-26934 | Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service | 2026-03-03T08:40:08.176Z | 2026-03-03T09:19:06.344Z |
| bit-parse-2026-27804 | Parse Server: Account takeover via JWT algorithm confusion in Google auth adapter | 2026-03-02T11:46:50.810Z | 2026-03-11T18:56:50.865Z |
| bit-nats-2026-27571 | nats-server websockets are vulnerable to pre-auth memory DoS | 2026-03-02T11:44:25.393Z | 2026-03-02T12:11:51.083Z |
| bit-gitlab-2026-2845 | Allocation of Resources Without Limits or Throttling in GitLab | 2026-03-02T09:08:47.577Z | 2026-03-02T09:10:16.414Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-1054 | Multiples vulnérabilités dans les produits VMware | 2025-12-01T00:00:00.000000 | 2025-12-01T00:00:00.000000 |
| certfr-2025-avi-1053 | Vulnérabilité dans Stormshield Network VPN Client | 2025-12-01T00:00:00.000000 | 2025-12-01T00:00:00.000000 |
| certfr-2025-avi-1052 | Vulnérabilité dans Mattermost Server | 2025-12-01T00:00:00.000000 | 2025-12-01T00:00:00.000000 |
| CERTFR-2025-AVI-1055 | Multiples vulnérabilités dans Zabbix | 2025-12-01T00:00:00.000000 | 2025-12-01T00:00:00.000000 |
| CERTFR-2025-AVI-1054 | Multiples vulnérabilités dans les produits VMware | 2025-12-01T00:00:00.000000 | 2025-12-01T00:00:00.000000 |
| CERTFR-2025-AVI-1053 | Vulnérabilité dans Stormshield Network VPN Client | 2025-12-01T00:00:00.000000 | 2025-12-01T00:00:00.000000 |
| CERTFR-2025-AVI-1052 | Vulnérabilité dans Mattermost Server | 2025-12-01T00:00:00.000000 | 2025-12-01T00:00:00.000000 |
| certfr-2025-avi-1051 | Multiples vulnérabilités dans les produits IBM | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| certfr-2025-avi-1050 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| certfr-2025-avi-1049 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| certfr-2025-avi-1048 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| certfr-2025-avi-1047 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| certfr-2025-avi-1046 | Multiples vulnérabilités dans les produits Moxa | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| CERTFR-2025-AVI-1051 | Multiples vulnérabilités dans les produits IBM | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| CERTFR-2025-AVI-1050 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| CERTFR-2025-AVI-1049 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| CERTFR-2025-AVI-1048 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| CERTFR-2025-AVI-1047 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| CERTFR-2025-AVI-1046 | Multiples vulnérabilités dans les produits Moxa | 2025-11-28T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| certfr-2025-avi-1045 | Vulnérabilité dans MISP | 2025-11-27T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| certfr-2025-avi-1044 | Vulnérabilité dans Mattermost Server | 2025-11-27T00:00:00.000000 | 2025-11-27T00:00:00.000000 |
| certfr-2025-avi-1043 | Multiples vulnérabilités dans les produits Splunk | 2025-11-27T00:00:00.000000 | 2025-11-27T00:00:00.000000 |
| certfr-2025-avi-1042 | Multiples vulnérabilités dans GitLab | 2025-11-27T00:00:00.000000 | 2025-11-27T00:00:00.000000 |
| CERTFR-2025-AVI-1045 | Vulnérabilité dans MISP | 2025-11-27T00:00:00.000000 | 2025-11-28T00:00:00.000000 |
| CERTFR-2025-AVI-1044 | Vulnérabilité dans Mattermost Server | 2025-11-27T00:00:00.000000 | 2025-11-27T00:00:00.000000 |
| CERTFR-2025-AVI-1043 | Multiples vulnérabilités dans les produits Splunk | 2025-11-27T00:00:00.000000 | 2025-11-27T00:00:00.000000 |
| CERTFR-2025-AVI-1042 | Multiples vulnérabilités dans GitLab | 2025-11-27T00:00:00.000000 | 2025-11-27T00:00:00.000000 |
| certfr-2025-avi-1041 | Vulnérabilité dans Synology ActiveProtect Agent | 2025-11-26T00:00:00.000000 | 2025-11-26T00:00:00.000000 |
| certfr-2025-avi-1040 | Vulnérabilité dans Postfix | 2025-11-26T00:00:00.000000 | 2025-11-26T00:00:00.000000 |
| CERTFR-2025-AVI-1041 | Vulnérabilité dans Synology ActiveProtect Agent | 2025-11-26T00:00:00.000000 | 2025-11-26T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-002342 | Trend Micro Security family vulnerable to improper handling of Directory Junction | 2021-09-03T16:10+09:00 | 2021-09-03T16:10+09:00 |
| jvndb-2021-000080 | baserCMS vulnerable to cross-site scripting | 2021-08-27T13:29+09:00 | 2021-08-27T13:29+09:00 |
| jvndb-2021-000079 | Multiple cross-site scripting vulnerabilities in Movable Type | 2021-08-25T14:54+09:00 | 2021-08-25T14:54+09:00 |
| jvndb-2021-000078 | The installers of multiple Sony products may insecurely load Dynamic Link Libraries | 2021-08-24T14:30+09:00 | 2021-08-24T14:30+09:00 |
| jvndb-2021-002282 | Multiple vulnerabilities in Navigate CMS | 2021-08-20T14:25+09:00 | 2021-08-20T14:25+09:00 |
| jvndb-2021-002279 | Incorrect permission assignment vulnerability in multiple Trend Micro Endpoint security products for enterprises | 2021-08-19T15:01+09:00 | 2021-08-19T15:01+09:00 |
| jvndb-2021-000077 | Huawei EchoLife HG8045Q vulnerable to OS command injection | 2021-08-17T14:24+09:00 | 2021-08-17T14:24+09:00 |
| jvndb-2021-002273 | Multiple vulnerabilities in D-Link router DSL-2750U | 2021-08-17T14:09+09:00 | 2021-08-17T14:09+09:00 |
| jvndb-2021-000076 | Plone vulnerable to open redirect | 2021-08-12T14:05+09:00 | 2021-08-12T14:05+09:00 |
| jvndb-2021-000075 | WordPress Plugin "Quiz And Survey Master" vulnerable to cross-site scripting | 2021-08-10T14:40+09:00 | 2021-08-10T14:40+09:00 |
| jvndb-2021-002077 | Multiple vulnerabilities in multiple Trend Micro Endpoint security products for enterprises | 2021-08-04T11:15+09:00 | 2021-08-04T11:15+09:00 |
| jvndb-2021-000073 | Multiple vulnerabilities in Cybozu Garoon | 2021-08-02T16:42+09:00 | 2022-05-24T15:16+09:00 |
| jvndb-2021-000072 | Minecraft Java Edition vulnerable to directory traversal | 2021-07-21T15:12+09:00 | 2021-07-21T15:12+09:00 |
| jvndb-2021-002005 | Trend Micro InterScan Web Security Virtual Appliance (IWSVA) vulnerable to cross-site scripting | 2021-07-19T16:53+09:00 | 2021-07-19T16:53+09:00 |
| jvndb-2021-000070 | Multiple vulnerabilities in GroupSession | 2021-07-19T15:41+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2021-000069 | Optical BB unit E-WMTA2.3 vulnerable to cross-site request forgery | 2021-07-14T17:13+09:00 | 2021-07-14T17:13+09:00 |
| jvndb-2021-000068 | Multiple vulnerabilities in Retty App | 2021-07-13T14:34+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2021-000067 | voidtools "Everything" vulnerable to HTTP header injection | 2021-07-09T14:40+09:00 | 2021-07-09T14:40+09:00 |
| jvndb-2021-000065 | WordPress Plugin "WordPress Meta Data Filter & Taxonomies Filter" vulnerable to cross-site request forgery | 2021-07-08T14:29+09:00 | 2021-07-08T14:29+09:00 |
| jvndb-2021-000066 | WordPress Plugin "Software License Manager" vulnerable to cross-site request forgery | 2021-07-08T13:45+09:00 | 2021-07-08T13:45+09:00 |
| jvndb-2021-001977 | Multiple vulnerabilities in Elecom routers | 2021-07-07T14:03+09:00 | 2021-07-12T16:04+09:00 |
| jvndb-2021-000064 | GU App for Android fails to restrict access permissions | 2021-07-07T13:16+09:00 | 2021-07-07T13:16+09:00 |
| jvndb-2021-001968 | Multiple vulnerabilities in Trend Micro Password Manager | 2021-07-06T16:08+09:00 | 2021-07-06T16:08+09:00 |
| jvndb-2021-000063 | WordPress Plugin "WordPress Email Template Designer - WP HTML Mail" vulnerable to cross-site request forgery | 2021-07-06T14:50+09:00 | 2021-07-06T14:50+09:00 |
| jvndb-2021-000062 | WordPress Plugin "WPCS - WordPress Currency Switcher" vulnerable to cross-site request forgery | 2021-07-06T14:11+09:00 | 2021-07-06T14:11+09:00 |
| jvndb-2021-000061 | A-Stage SCT-40CM01SR and AT-40CM01SR vulnerable to authentication bypass | 2021-07-05T14:28+09:00 | 2021-07-05T14:28+09:00 |
| jvndb-2021-000059 | EC-CUBE fails to restrict access permissions | 2021-07-01T15:49+09:00 | 2021-07-01T15:49+09:00 |
| jvndb-2007-002102 | boastMachine vulnerable to cross-site scripting | 2021-06-30T14:32+09:00 | 2021-06-30T14:32+09:00 |
| jvndb-2021-000058 | IkaIka RSS Reader vulnerable to cross-site scripting | 2021-06-30T14:21+09:00 | 2021-06-30T14:21+09:00 |
| jvndb-2021-000056 | WordPress Plugin "WordPress Popular Posts" vulnerable to cross-site scripting | 2021-06-30T11:36+09:00 | 2021-06-30T11:36+09:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-12770 | WordPress插件Web Accessibility by accessiBe信息泄露漏洞 | 2026-03-02 | 2026-03-06 |
| cnvd-2026-12769 | WordPress插件Simple Ajax Chat信息泄露漏洞 | 2026-03-02 | 2026-03-06 |
| cnvd-2026-12768 | WordPress插件Context Blog信息泄露漏洞 | 2026-03-02 | 2026-03-06 |
| cnvd-2026-12767 | D-Link DWR-M960 formDdns文件缓冲区溢出漏洞 | 2026-03-02 | 2026-03-06 |
| cnvd-2026-12763 | Google Chrome缓冲区溢出漏洞(CNVD-2026-12763) | 2026-03-02 | 2026-03-06 |
| cnvd-2026-12702 | Adobe After Effects存在内存释放后使用漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12701 | Adobe After Effects存在二进制漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12700 | Adobe Substance 3D Stager存在越界读取漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12699 | Adobe Substance 3D Stager存在越界读取漏洞(CNVD-2026-12699) | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12698 | Adobe Substance 3D Stager存在越界写入漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12697 | Adobe Substance 3D Stager存在越界写入漏洞(CNVD-2026-12697) | 2026-03-02 | 2026-03-05 |
| cnvd-2026-12696 | Adobe InDesign Desktop存在越界读取漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12694 | Adobe After Effects 25.6及之前版本存在内存释放后使用漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12693 | Adobe After Effects存在越界写入漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12691 | Adobe After Effects存在越界写入漏洞(CNVD-2026-12691) | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12690 | Adobe After Effects存在越界读取漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12689 | Adobe After Effects存在越界读取漏洞(CNVD-2026-12689) | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12688 | Adobe After Effects存在越界读取漏洞(CNVD-2026-12688) | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12668 | IBM webMethods Integration Server存在HTML注入漏洞 | 2026-03-02 | 2026-03-05 |
| cnvd-2026-12667 | IBM Sterling B2B Integrator和IBM Sterling File Gateway存在信息泄露漏洞 | 2026-03-02 | 2026-03-05 |
| cnvd-2026-12666 | IBM MQ Operator和IBM‑supplied MQ Advanced container images存在日志注入漏洞 | 2026-03-02 | 2026-03-05 |
| cnvd-2026-12665 | IBM Db2存在拒绝服务漏洞 | 2026-03-02 | 2026-03-05 |
| cnvd-2026-12664 | IBM Db2存在XML外部实体注入漏洞 | 2026-03-02 | 2026-03-05 |
| cnvd-2026-12663 | IBM Concert存在弱密码算法漏洞 | 2026-03-02 | 2026-03-05 |
| cnvd-2026-12560 | Microsoft Windows资源管理错误漏洞(CNVD-2026-12560) | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12559 | Microsoft Windows Notepad命令注入漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12558 | Microsoft Windows Kernel竞争条件漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12557 | Microsoft Outlook信息泄露漏洞(CNVD-2026-12557) | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12556 | Microsoft Hyper-V缓冲区溢出漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12555 | Microsoft Hyper-V访问控制错误漏洞 | 2026-03-02 | 2026-03-04 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-00754 | Уязвимость платформы хранения данных Dell ECS, связанная с передачей данных в открытом ви… | 23.01.2026 | 23.01.2026 |
| bdu:2026-00753 | Уязвимость платформы хранения данных Dell ECS, связанная с использованием учетных данных … | 23.01.2026 | 23.01.2026 |
| bdu:2026-00752 | Уязвимость платформы хранения данных Dell ECS, связанная с передачей данных в открытом ви… | 23.01.2026 | 23.01.2026 |
| bdu:2026-00751 | Уязвимость функции fsl_otg_remove() модуля drivers/usb/phy/phy-fsl-usb.c ядра операционно… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00750 | Уязвимость функции hfs_bnode_get() модуля fs/hfsplus/bnode.c набора инструментов в Linux … | 23.01.2026 | 27.01.2026 |
| bdu:2026-00749 | Уязвимость функции f2fs_write_cache_pages() модуля fs/f2fs/data.c поддержки файловой сист… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00748 | Уязвимость модуля drivers/spi/spi-fsl-spi.c драйвера процессора коммуникаций Freescale (C… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00747 | Уязвимость функции ocfs2_find_victim_chain() компонента fs/ocfs2/suballoc.c поддержки фай… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00746 | Уязвимость компонента drivers/input/touchscreen/ti_am335x_tsc.c драйвера для интерфейса с… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00745 | Уязвимость компонента net/mlx5e драйвера поддержки сетевых адаптеров Ethernet Mellanox яд… | 23.01.2026 | 23.01.2026 |
| bdu:2026-00744 | Уязвимость функции f2fs_recover_fsync_data() модуля fs/f2fs/super.c поддержки файловой си… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00743 | Уязвимость функции check_lock_range() модуля fs/smb/server/vfs.c ядра операционной систем… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00742 | Уязвимость пакета для работы с файловой системой HFS+ hfsplus ядра операционной системы L… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00741 | Уязвимость функции nr_sendmsg() модуля net/netrom/nr_out.c ядра операционной системы Linu… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00740 | Уязвимость модулей kernel/sched/cpudeadline.c, kernel/sched/cpudeadline.h, kernel/sched/d… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00739 | Уязвимость функции xchk_setup_xattr_buf() модуля fs/xfs/scrub/attr_repair.c ядра операцио… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00738 | Уязвимость функции fqdir_pre_exit() модуля include/net/inet_frag.h ядра операционной сист… | 23.01.2026 | 23.01.2026 |
| bdu:2026-00737 | Уязвимость функции remove_pending() компонента net/handshake реализации механизма установ… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00736 | Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушител… | 23.01.2026 | 23.01.2026 |
| bdu:2026-00735 | Уязвимость функции bnxt_rx_xdp() компонента drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00734 | Уязвимость функции prp_get_untagged_frame() модуля net/hsr реализации протокола бесшовног… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00733 | Уязвимость модуля fs/notify/fsnotify.c ядра операционной системы Linux, позволяющая наруш… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00732 | Уязвимость функции ibmpex_high_low_store() модуля drivers/hwmon/ibmpex.c ядра операционно… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00731 | Уязвимость функции get_meter_levels_from_urb() модуля sound/usb/mixer_us16x08.c ядра опер… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00730 | Уязвимость модуля drivers/target/target_core_transport.c драйвера поддержки устройств SCS… | 23.01.2026 | 27.01.2026 |
| bdu:2026-00729 | Уязвимость HTML-редактора Adobe Dreamweaver, связанная с непринятием мер по нейтрализации… | 23.01.2026 | 23.01.2026 |
| bdu:2026-00728 | Уязвимость HTML-редактора Adobe Dreamweaver, связанная с недостаточной проверкой вводимых… | 23.01.2026 | 23.01.2026 |
| bdu:2026-00727 | Уязвимость HTML-редактора Adobe Dreamweaver, связанная с недостаточной проверкой вводимых… | 23.01.2026 | 23.01.2026 |
| bdu:2026-00726 | Уязвимость HTML-редактора Adobe Dreamweaver, связанная с недостаточной проверкой вводимых… | 23.01.2026 | 23.01.2026 |
| bdu:2026-00725 | Уязвимость HTML-редактора Adobe Dreamweaver, связанная с недостатками процедуры авторизац… | 23.01.2026 | 23.01.2026 |
| ID | Description | Updated |
|---|---|---|
| var-201006-1245 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4… | 2024-07-23T20:20:13.577000Z |
| var-200906-0618 | Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops fi… | 2024-07-23T20:20:09.578000Z |
| var-200603-0283 | Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 1… | 2024-07-23T20:19:38.862000Z |
| var-202110-1513 | This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS… | 2024-07-23T20:19:37.537000Z |
| var-202201-0369 | Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. vim Exists in an out-of… | 2024-07-23T20:19:36.004000Z |
| var-201512-0325 | The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml… | 2024-07-23T20:19:32.648000Z |
| var-202205-1313 | A memory corruption issue was addressed with improved state management. This issue is fix… | 2024-07-23T20:19:31.445000Z |
| var-201512-0531 | The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not prop… | 2024-07-23T20:19:31.632000Z |
| var-201902-0242 | In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishand… | 2024-07-23T20:19:24.838000Z |
| var-201011-0043 | The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in Web… | 2024-07-23T20:19:23.854000Z |
| var-201302-0144 | Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on… | 2024-07-23T20:19:19.837000Z |
| var-200603-0272 | IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers… | 2024-07-23T20:19:19.547000Z |
| var-201912-0458 | A memory corruption issue was addressed with improved memory handling. This issue is fixe… | 2024-07-23T20:19:18.056000Z |
| var-201908-1840 | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_dat… | 2024-07-23T20:18:47.623000Z |
| var-201111-0190 | Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.… | 2024-07-23T20:18:23.378000Z |
| var-201211-0319 | Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote … | 2024-07-23T20:18:22.202000Z |
| var-200611-0488 | Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows r… | 2024-07-23T20:18:22.657000Z |
| var-201912-0633 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-07-23T20:18:16.634000Z |
| var-200009-0023 | VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x b… | 2024-07-23T20:18:16.537000Z |
| var-200904-0809 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.1… | 2024-07-23T20:18:12.278000Z |
| var-200808-0470 | Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Ap… | 2024-07-23T20:18:12.672000Z |
| var-202110-1620 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-07-23T20:18:10.248000Z |
| var-201704-1397 | The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certa… | 2024-07-23T20:18:09.167000Z |
| var-200609-1220 | The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.… | 2024-07-23T20:18:09.590000Z |
| var-202112-1654 | A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a … | 2024-07-23T20:18:07.199000Z |
| var-201504-0362 | The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4… | 2024-07-23T20:18:07.348000Z |
| var-200703-0026 | The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.… | 2024-07-23T20:17:59.571000Z |
| var-201912-0536 | A cross-origin issue existed with the fetch API. This was addressed with improved input v… | 2024-07-23T20:17:22.170000Z |
| var-201806-0859 | Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the L… | 2024-07-23T20:17:17.373000Z |
| var-201912-0497 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-07-23T20:17:16.698000Z |