Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-37006 |
0 (4.0)
8.2 (3.1)
|
berliCRM 1.0.24 - 'src_record' SQL Injection |
crm-now GmbH |
berliCRM |
2026-01-29T14:28:29.352Z | 2026-01-29T15:25:36.505Z |
| CVE-2025-65889 |
7.5 (3.1)
|
A type validation flaw in the flow.dstack() compo… |
n/a |
n/a |
2026-01-28T00:00:00.000Z | 2026-01-29T15:23:46.523Z |
| CVE-2025-67940 |
8.1 (3.1)
|
WordPress Powerlift theme < 3.2.1 - Local File Inclusi… |
Mikado-Themes |
Powerlift |
2026-01-22T16:51:53.314Z | 2026-01-29T15:23:34.041Z |
| CVE-2025-7015 |
5.7 (3.1)
|
Session Hijacking in Akinsoft's QR Menu |
Akın Software Computer Import Export Industry and Trade Ltd. |
QR Menu |
2026-01-29T11:40:47.187Z | 2026-01-29T15:22:21.043Z |
| CVE-2026-1513 |
6.1 (3.1)
|
billboard.js before 3.18.0 allows an attacker to … |
NAVER |
billboard.js |
2026-01-28T01:28:23.567Z | 2026-01-29T15:22:06.409Z |
| CVE-2025-65888 |
7.5 (3.1)
|
A dimension validation flaw in the flow.empty() c… |
n/a |
n/a |
2026-01-28T00:00:00.000Z | 2026-01-29T15:21:58.278Z |
| CVE-2025-65887 |
6.5 (3.1)
|
A division-by-zero vulnerability in the flow.floo… |
n/a |
n/a |
2026-01-28T00:00:00.000Z | 2026-01-29T15:20:34.156Z |
| CVE-2020-36994 |
0 (4.0)
6.2 (3.1)
|
QlikView 12.50.20000.0 - 'FTP Server Address' Denial o… |
QlikTech International AB |
QlikView |
2026-01-29T14:28:25.870Z | 2026-01-29T15:20:30.098Z |
| CVE-2025-7016 |
8 (3.1)
|
Improper Access Control in Akinsoft's QR Menu |
Akın Software Computer Import Export Industry and Trade Ltd. |
QR Menu |
2026-01-29T11:45:06.104Z | 2026-01-29T15:20:15.746Z |
| CVE-2025-65886 |
7.5 (3.1)
|
A shape mismatch vulnerability in OneFlow v0.9.0 … |
n/a |
n/a |
2026-01-28T00:00:00.000Z | 2026-01-29T15:19:07.701Z |
| CVE-2025-61140 |
9.8 (3.1)
|
The value function in jsonpath 1.1.1 lib/index.js… |
n/a |
n/a |
2026-01-28T00:00:00.000Z | 2026-01-29T15:16:15.666Z |
| CVE-2020-37015 |
0 (4.0)
7.5 (3.1)
|
Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory … |
Ruijienetworks |
Ruijie Networks Switch eWeb S29_RGOS |
2026-01-29T14:28:32.271Z | 2026-01-29T15:14:28.309Z |
| CVE-2020-37016 |
8.5 (4.0)
7.8 (3.1)
|
BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path |
Barcode-Ocr |
BarcodeOCR |
2026-01-29T14:28:32.663Z | 2026-01-29T15:11:57.434Z |
| CVE-2025-57283 |
7.8 (3.1)
|
The Node.js package browserstack-local 1.5.8 cont… |
n/a |
n/a |
2026-01-28T00:00:00.000Z | 2026-01-29T15:11:40.801Z |
| CVE-2026-1586 |
6.9 (4.0)
5.3 (3.1)
5.3 (3.0)
|
Open5GS SGWC s11-handler.c ogs_gtp2_f_teid_to_ip denia… |
n/a |
Open5GS |
2026-01-29T12:32:06.331Z | 2026-01-29T15:11:30.103Z |
| CVE-2025-69419 |
N/A
|
Out of bounds write in PKCS12_get_friendlyname() UTF-8… |
OpenSSL |
OpenSSL |
2026-01-27T16:01:24.822Z | 2026-01-29T15:09:39.154Z |
| CVE-2025-69418 |
N/A
|
Unauthenticated/unencrypted trailing bytes with low-le… |
OpenSSL |
OpenSSL |
2026-01-27T16:01:23.986Z | 2026-01-29T15:07:14.052Z |
| CVE-2025-68160 |
N/A
|
Heap out-of-bounds write in BIO_f_linebuffer on short writes |
OpenSSL |
OpenSSL |
2026-01-27T16:01:23.181Z | 2026-01-29T15:06:04.443Z |
| CVE-2025-66199 |
N/A
|
TLS 1.3 CompressedCertificate excessive memory allocation |
OpenSSL |
OpenSSL |
2026-01-27T16:01:22.399Z | 2026-01-29T15:03:51.754Z |
| CVE-2020-37018 |
5.1 (4.0)
6.4 (3.1)
|
GOautodial 4.0 - Persistent Cross-Site Scripting |
Goautodial |
GOautodial |
2026-01-29T14:28:33.636Z | 2026-01-29T15:02:59.828Z |
| CVE-2020-37020 |
8.5 (4.0)
7.8 (3.1)
|
SonarQube 8.3.1 - Unquoted Service Path |
Sonarqube |
SonarQube |
2026-01-29T14:28:33.970Z | 2026-01-29T14:59:49.572Z |
| CVE-2020-37021 |
8.5 (4.0)
7.8 (3.1)
|
Bandwidth Monitor 3.9 - 'Svc10StrikeBandMontitor' Unqu… |
10-Strike |
Bandwidth Monitor |
2026-01-29T14:28:34.361Z | 2026-01-29T14:56:17.369Z |
| CVE-2025-15469 |
N/A
|
'openssl dgst' one-shot codepath silently truncates in… |
OpenSSL |
OpenSSL |
2026-01-27T16:01:21.597Z | 2026-01-29T14:54:35.153Z |
| CVE-2025-15468 |
N/A
|
NULL dereference in SSL_CIPHER_find() function on unkn… |
OpenSSL |
OpenSSL |
2026-01-27T16:01:20.824Z | 2026-01-29T14:53:03.572Z |
| CVE-2025-15467 |
N/A
|
Stack buffer overflow in CMS AuthEnvelopedData parsing |
OpenSSL |
OpenSSL |
2026-01-27T16:01:19.922Z | 2026-01-29T14:50:58.363Z |
| CVE-2025-68913 |
7.5 (3.1)
|
WordPress Miion theme <= 1.2.7 - Local File Inclusion … |
zozothemes |
Miion |
2026-01-22T16:52:15.263Z | 2026-01-29T14:49:19.868Z |
| CVE-2025-11187 |
N/A
|
Improper validation of PBMAC1 parameters in PKCS#12 MA… |
OpenSSL |
OpenSSL |
2026-01-27T15:59:41.681Z | 2026-01-29T14:48:29.161Z |
| CVE-2026-1587 |
6.9 (4.0)
5.3 (3.1)
5.3 (3.0)
|
Open5GS SGWC s11-handler.c sgwc_s11_handle_modify_bear… |
n/a |
Open5GS |
2026-01-29T12:32:08.109Z | 2026-01-29T14:46:26.399Z |
| CVE-2025-28162 |
5.5 (3.1)
|
Buffer Overflow vulnerability in libpng 1.6.43-1.… |
n/a |
n/a |
2026-01-27T00:00:00.000Z | 2026-01-29T14:45:03.126Z |
| CVE-2026-1588 |
5.1 (4.0)
2.7 (3.1)
2.7 (3.0)
|
jishenghua jshERP installByPath install path traversal |
jishenghua |
jshERP |
2026-01-29T13:32:06.240Z | 2026-01-29T14:29:46.680Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-23831 |
5.3 (3.1)
|
Rekor COSE v0.0.1 Canonicalize crashes when passed emp… |
sigstore |
rekor |
2026-01-22T21:26:22.183Z | 2026-01-23T14:32:43.078Z |
| CVE-2022-2552 |
N/A
|
Duplicator < 1.4.7.1 - Unauthenticated System Informat… |
Unknown |
Duplicator |
2022-08-22T15:04:02 | 2024-08-03T00:39:08.064Z |
| CVE-2022-2551 |
N/A
|
Duplicator < 1.4.7 - Unauthenticated Backup Download |
Unknown |
Duplicator – WordPress Migration Plugin |
2022-08-22T15:03:52 | 2024-08-03T00:39:08.049Z |
| CVE-2020-11738 |
7.5 (3.0)
|
The Snap Creek Duplicator plugin before 1.3.28 fo… |
n/a |
n/a |
2020-04-13T21:20:00.000Z | 2026-01-12T20:20:55.122Z |
| CVE-2018-7543 |
N/A
|
Cross-site scripting (XSS) vulnerability in insta… |
n/a |
n/a |
2018-03-26T18:00:00 | 2024-08-05T06:31:04.470Z |
| CVE-2018-25095 |
9.8 (3.1)
|
Duplicator < 1.3.0 - Unauthenticated RCE |
Unknown |
Duplicator |
2024-01-08T19:00:33.155Z | 2025-06-03T14:34:46.451Z |
| CVE-2018-17207 |
N/A
|
An issue was discovered in Snap Creek Duplicator … |
n/a |
n/a |
2018-09-19T16:00:00Z | 2024-09-17T03:59:04.103Z |
| CVE-2025-67713 |
5.3 (4.0)
|
Miniflux 2 has an Open Redirect via protocol-relative … |
miniflux |
v2 |
2025-12-11T00:17:00.282Z | 2025-12-11T18:52:30.866Z |
| CVE-2026-21852 |
5.3 (4.0)
|
Claude Code Leaks Data via Malicious Environment Confi… |
anthropics |
claude-code |
2026-01-21T20:42:06.812Z | 2026-01-21T21:34:43.858Z |
| CVE-2025-59935 |
6.5 (3.1)
|
GLPI Vulnerable to Unauthenticated Stored XSS on the I… |
glpi-project |
glpi |
2025-12-16T16:34:46.251Z | 2025-12-16T17:15:24.435Z |
| CVE-2025-7397 |
6.8 (4.0)
|
CLI history displays inline passwords |
Broadcom |
Brocade ASCG |
2025-07-17T21:53:39.786Z | 2025-07-18T14:10:37.202Z |
| CVE-2025-7398 |
8.6 (4.0)
|
Medium Strength Cipher Suites detected on port on port… |
Broadcom |
Brocade ASCG |
2025-07-17T21:28:57.410Z | 2025-07-18T14:57:57.810Z |
| CVE-2025-66039 |
9.3 (4.0)
|
FreePBX Endpoint Manager Allows Unauthenticated Logins… |
FreePBX |
security-reporting |
2025-12-09T21:32:03.412Z | 2025-12-17T04:55:44.692Z |
| CVE-2025-62408 |
5.9 (3.1)
|
c-ares has a Use After Free vulnerability when connect… |
c-ares |
c-ares |
2025-12-08T22:04:08.565Z | 2025-12-09T16:05:06.098Z |
| CVE-2026-23892 |
6 (4.0)
|
OctoPrint has Timing Side-Channel Vulnerability in API… |
OctoPrint |
OctoPrint |
2026-01-27T18:35:31.370Z | 2026-01-27T19:14:50.643Z |
| CVE-2026-24842 |
8.2 (3.1)
|
node-tar Vulnerable to Arbitrary File Creation/Overwri… |
isaacs |
node-tar |
2026-01-28T00:20:13.261Z | 2026-01-28T14:56:10.317Z |
| CVE-2026-24739 |
6.3 (3.1)
|
Symfony has incorrect argument escaping under MSYS2/Gi… |
symfony |
symfony |
2026-01-28T20:25:21.500Z | 2026-01-29T18:01:36.510Z |
| CVE-2026-23968 |
6.8 (4.0)
|
Copier safe template has arbitrary filesystem read acc… |
copier-org |
copier |
2026-01-21T22:13:25.377Z | 2026-01-22T16:49:32.054Z |
| CVE-2026-23986 |
6.9 (4.0)
|
Copier safe template has arbitrary filesystem write ac… |
copier-org |
copier |
2026-01-21T22:20:37.720Z | 2026-01-22T16:49:26.426Z |
| CVE-2025-69285 |
7.7 (4.0)
|
SQLBot uploadExcel Endpoint has Unauthenticated Arbitr… |
dataease |
SQLBot |
2026-01-21T20:05:22.108Z | 2026-01-21T21:27:55.889Z |
| CVE-2026-24127 |
5.4 (3.1)
|
Typemill has Reflected XSS via login error view template |
typemill |
typemill |
2026-01-23T23:01:15.832Z | 2026-01-26T16:18:10.770Z |
| CVE-2026-21520 |
7.5 (3.1)
|
Copilot Studio Information Disclosure Vulnerability |
Microsoft |
Microsoft Copilot Studio |
2026-01-22T22:47:33.536Z | 2026-01-30T03:40:01.713Z |
| CVE-2026-21521 |
7.4 (3.1)
|
Word Copilot Information Disclosure Vulnerability |
Microsoft |
Microsoft 365 Word Copilot |
2026-01-22T22:47:38.118Z | 2026-01-30T03:40:06.091Z |
| CVE-2026-23848 |
6.5 (3.1)
|
MyTube has Rate Limiting Bypass via X-Forwarded-For He… |
franklioxygen |
MyTube |
2026-01-19T20:34:40.060Z | 2026-01-20T20:04:56.547Z |
| CVE-2026-24139 |
8.7 (4.0)
|
MyTube Allows Unauthorized Database Export by Guest Users |
franklioxygen |
MyTube |
2026-01-23T23:55:23.541Z | 2026-01-26T16:18:05.863Z |
| CVE-2026-24140 |
2.7 (3.1)
|
MyTube has Mass Assignment via Settings Management |
franklioxygen |
MyTube |
2026-01-23T23:59:56.045Z | 2026-01-26T16:17:58.728Z |
| CVE-2026-23837 |
9.8 (3.1)
|
MyTube has an Authorization Bypass vulnerability |
franklioxygen |
MyTube |
2026-01-19T20:09:37.223Z | 2026-01-20T17:24:06.897Z |
| CVE-2026-21569 |
7.9 (3.0)
|
This High severity XXE (XML External Entity Injec… |
Atlassian |
Crowd Data Center |
2026-01-28T00:30:00.557Z | 2026-01-28T14:49:56.282Z |
| CVE-2024-2420 |
8.8 (4.0)
|
LenelS2 NetBox Hardcoded Credentials |
LenelS2 |
NetBox |
2024-05-30T17:22:06.344Z | 2024-08-01T19:11:53.496Z |
| CVE-2024-2422 |
9.3 (4.0)
|
LenelS2 NetBox Improper Neutralization of Argumented D… |
LenelS2 |
NetBox |
2024-05-30T17:26:12.543Z | 2024-08-01T19:11:53.469Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-7397 | A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the … | 2025-07-17T22:15:27.270 | 2026-02-02T14:55:13.333 |
| fkie_cve-2025-7398 | Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal… | 2025-07-17T22:15:27.413 | 2026-02-02T14:54:24.873 |
| fkie_cve-2025-66039 | FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions … | 2025-12-09T22:16:15.757 | 2026-02-02T14:47:12.183 |
| fkie_cve-2025-62408 | c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after… | 2025-12-08T22:15:52.620 | 2026-02-02T14:40:44.843 |
| fkie_cve-2026-23892 | OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up to a… | 2026-01-27T19:16:16.027 | 2026-02-02T14:39:36.583 |
| fkie_cve-2026-24842 | node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security … | 2026-01-28T01:16:14.947 | 2026-02-02T14:30:10.890 |
| fkie_cve-2026-24739 | Symfony is a PHP framework for web and console applications and a set of reusable PHP components. P… | 2026-01-28T21:16:11.750 | 2026-02-02T14:24:27.267 |
| fkie_cve-2026-23968 | Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier su… | 2026-01-21T23:15:52.637 | 2026-02-02T14:11:03.307 |
| fkie_cve-2026-23986 | Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier su… | 2026-01-21T23:15:52.793 | 2026-02-02T14:10:51.063 |
| fkie_cve-2025-69285 | SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior … | 2026-01-21T21:16:07.380 | 2026-02-02T13:57:50.020 |
| fkie_cve-2026-24127 | Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A re… | 2026-01-23T23:15:54.360 | 2026-02-02T13:32:53.560 |
| fkie_cve-2026-21520 | Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticat… | 2026-01-22T23:15:57.657 | 2026-02-02T13:31:19.580 |
| fkie_cve-2026-21521 | Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized att… | 2026-01-22T23:15:57.823 | 2026-02-02T13:30:53.350 |
| fkie_cve-2026-23848 | MyTube is a self-hosted downloader and player for several video websites. Prior to version 1.7.71, … | 2026-01-19T21:15:51.433 | 2026-02-02T13:27:34.320 |
| fkie_cve-2026-24139 | MyTube is a self-hosted downloader and player for several video websites. Versions 1.7.78 and below… | 2026-01-24T00:15:49.313 | 2026-02-02T13:26:40.357 |
| fkie_cve-2026-24140 | MyTube is a self-hosted downloader and player for several video websites. Versions 1.7.78 and below… | 2026-01-24T00:15:49.450 | 2026-02-02T13:26:17.833 |
| fkie_cve-2026-23837 | MyTube is a self-hosted downloader and player for several video websites. A vulnerability present i… | 2026-01-19T21:15:50.903 | 2026-02-02T13:24:34.437 |
| fkie_cve-2026-21569 | This High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7.1.… | 2026-01-28T01:16:14.187 | 2026-02-02T13:22:24.383 |
| fkie_cve-2024-2420 | LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Crede… | 2024-05-30T18:15:09.070 | 2026-02-02T13:14:26.023 |
| fkie_cve-2024-2422 | LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticate… | 2024-05-30T18:15:09.367 | 2026-02-02T13:13:52.333 |
| fkie_cve-2024-2421 | LenelS2 NetBox access control and event monitoring system was discovered to contain an unauthentica… | 2024-05-30T18:15:09.230 | 2026-02-02T13:11:33.113 |
| fkie_cve-2025-64718 | js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible f… | 2025-11-13T16:15:57.153 | 2026-02-02T12:54:45.340 |
| fkie_cve-2024-34764 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Collisi… | 2024-06-03T12:15:09.120 | 2026-02-02T11:15:53.723 |
| fkie_cve-2025-4598 | A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process… | 2025-05-30T14:15:23.557 | 2026-02-02T10:16:05.983 |
| fkie_cve-2024-43275 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Collisi… | 2024-08-15T08:15:05.363 | 2026-02-02T09:15:50.800 |
| fkie_cve-2025-46691 | Dell PremierColor Panel Driver, versions prior to 1.0.0.1 A01, contains an Improper Access Control … | 2026-01-28T20:16:09.077 | 2026-02-02T08:16:05.833 |
| fkie_cve-2025-15447 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This cand… | 2026-01-05T00:15:46.747 | 2026-02-02T07:16:35.470 |
| fkie_cve-2025-15446 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This cand… | 2026-01-04T23:15:50.850 | 2026-02-02T07:16:26.267 |
| fkie_cve-2025-15427 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This cand… | 2026-01-02T04:15:43.980 | 2026-02-02T07:16:05.860 |
| fkie_cve-2021-47916 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2026-02-01T13:15:55.903 | 2026-02-01T23:15:49.110 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-7jqp-g5vc-78qc |
7.8 (3.1)
8.5 (4.0)
|
Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service th… | 2026-01-27T21:31:47Z | 2026-01-27T21:31:47Z |
| ghsa-56p5-hjp2-w73q |
7.8 (3.1)
8.5 (4.0)
|
Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its ser… | 2026-01-27T21:31:47Z | 2026-01-27T21:31:47Z |
| ghsa-3wfw-hw9j-3p3m |
6.4 (3.1)
5.1 (4.0)
|
Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in… | 2026-01-27T21:31:47Z | 2026-01-27T21:31:47Z |
| ghsa-rxx2-x5v3-hv94 |
5.4 (3.1)
|
Worklenz version 2.1.5 contains a Stored Cross-Site Scripting (XSS) vulnerability in the Project Up… | 2026-01-26T21:30:36Z | 2026-01-27T21:31:46Z |
| ghsa-q7qm-9q6p-5wg7 |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-23T15:31:38Z | 2026-01-27T21:31:46Z |
| ghsa-pmpq-66cp-597x |
8.8 (3.1)
|
The binary serving the web server and executing basically all actions launched from the Web UI is r… | 2026-01-26T12:30:29Z | 2026-01-27T21:31:46Z |
| ghsa-jc49-q8pm-mwx9 |
7.8 (3.1)
8.5 (4.0)
|
Realtek Andrea RT Filters 1.0.64.7 contains an unquoted service path vulnerability that allows loca… | 2026-01-27T21:31:46Z | 2026-01-27T21:31:46Z |
| ghsa-h7wx-c535-fxf8 |
5.9 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-23T15:31:37Z | 2026-01-27T21:31:46Z |
| ghsa-5xj3-mjvp-h43q |
5.5 (3.1)
|
The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed vi… | 2026-01-27T18:32:17Z | 2026-01-27T21:31:46Z |
| ghsa-387g-7jpp-vpxj |
5.9 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-23T15:31:38Z | 2026-01-27T21:31:46Z |
| ghsa-vgxm-x435-rmh6 |
4.3 (3.1)
|
Cross-Site Request Forgery (CSRF) vulnerability in John James Jacoby WP Term Order wp-term-order al… | 2026-01-23T15:31:36Z | 2026-01-27T21:31:45Z |
| ghsa-m8pw-x258-449r |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-23T15:31:35Z | 2026-01-27T21:31:45Z |
| ghsa-g43m-r7jr-63q9 |
4.3 (3.1)
|
Cross-Site Request Forgery (CSRF) vulnerability in Paolo GeoDirectory geodirectory allows Cross Sit… | 2026-01-23T15:31:36Z | 2026-01-27T21:31:45Z |
| ghsa-r4q4-9cp2-vvhf |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-22T18:30:41Z | 2026-01-27T21:31:44Z |
| ghsa-p9jf-6qr6-p275 |
5.4 (3.1)
|
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Justicia justicia a… | 2026-01-22T18:30:40Z | 2026-01-27T21:31:44Z |
| ghsa-fxrx-2p93-9gf3 |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-23T15:31:35Z | 2026-01-27T21:31:44Z |
| ghsa-fq2m-74v3-27rh |
4.3 (3.1)
|
Cross-Site Request Forgery (CSRF) vulnerability in Timur Kamaev Kama Thumbnail kama-thumbnail allow… | 2026-01-23T15:31:35Z | 2026-01-27T21:31:44Z |
| ghsa-9cj6-xv7g-cmmg |
7.1 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-22T18:30:41Z | 2026-01-27T21:31:44Z |
| ghsa-wcrq-p45c-535j |
5.4 (3.1)
|
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Overton overton all… | 2026-01-22T18:30:40Z | 2026-01-27T21:31:43Z |
| ghsa-vf62-mr8q-5x6j |
5.4 (3.1)
|
Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft Electrician - Electrical Service … | 2026-01-22T18:30:39Z | 2026-01-27T21:31:43Z |
| ghsa-r27c-7g4j-xm44 |
5.4 (3.1)
|
Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterina… | 2026-01-22T18:30:39Z | 2026-01-27T21:31:43Z |
| ghsa-q32f-r8pm-4x22 |
5.4 (3.1)
|
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Roam roam allows Ex… | 2026-01-22T18:30:40Z | 2026-01-27T21:31:43Z |
| ghsa-phpf-j5wm-v54r |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-22T18:30:41Z | 2026-01-27T21:31:43Z |
| ghsa-mv6g-87f6-hxrp |
7.6 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-01-22T18:30:40Z | 2026-01-27T21:31:43Z |
| ghsa-jm69-rg69-2cwx |
8.2 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-22T18:30:37Z | 2026-01-27T21:31:43Z |
| ghsa-jfcc-c4r2-57h6 |
7.1 (3.1)
|
Cross-Site Request Forgery (CSRF) vulnerability in gregmolnar Simple XML Sitemap simple-xml-sitemap… | 2026-01-22T18:30:39Z | 2026-01-27T21:31:43Z |
| ghsa-grxh-vmwr-556w |
5.4 (3.1)
|
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Dolcino dolcino all… | 2026-01-22T18:30:40Z | 2026-01-27T21:31:43Z |
| ghsa-gm44-v6r8-p25m |
4.3 (3.1)
|
Cross-Site Request Forgery (CSRF) vulnerability in AA-Team SearchAzon searchazon allows Cross Site … | 2026-01-22T18:30:39Z | 2026-01-27T21:31:43Z |
| ghsa-f25r-2j92-5mqm |
5.4 (3.1)
|
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows … | 2026-01-22T18:30:40Z | 2026-01-27T21:31:43Z |
| ghsa-9fcm-hxf8-v4x6 |
5.9 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-22T18:30:40Z | 2026-01-27T21:31:43Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2017-45 |
|
Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows remote attacker… | ipython | 2017-09-21T14:29:00Z | 2021-07-15T02:22:14.767338Z |
| pysec-2015-25 |
|
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allow… | ipython | 2015-09-29T19:59:00Z | 2021-07-15T02:22:14.948088Z |
| pysec-2015-24 |
|
Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py i… | ipython | 2015-09-21T19:59:00Z | 2021-07-15T02:22:14.906376Z |
| pysec-2017-44 |
|
In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled i… | django | 2017-09-07T13:29:00Z | 2021-07-15T02:22:10.638315Z |
| pysec-2016-18 |
|
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when se… | django | 2016-12-09T20:59:00Z | 2021-07-15T02:22:10.532243Z |
| pysec-2016-17 |
|
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded… | django | 2016-12-09T20:59:00Z | 2021-07-15T02:22:10.369344Z |
| pysec-2016-16 |
|
The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1… | django | 2016-04-08T15:59:00Z | 2021-07-15T02:22:10.225115Z |
| pysec-2016-15 |
|
The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows… | django | 2016-04-08T15:59:00Z | 2021-07-15T02:22:10.137209Z |
| pysec-2016-14 |
|
Django 1.9.x before 1.9.2, when ModelAdmin.save_as is set to True, allows remote authenti… | django | 2016-02-08T19:59:00Z | 2021-07-15T02:22:10.055528Z |
| pysec-2015-23 |
|
The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.fl… | django | 2015-08-24T14:59:00Z | 2021-07-15T02:22:10.010649Z |
| pysec-2015-22 |
|
contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before … | django | 2015-08-24T14:59:00Z | 2021-07-15T02:22:09.927134Z |
| pysec-2015-21 |
|
validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a d… | django | 2015-07-14T17:59:00Z | 2021-07-15T02:22:09.798596Z |
| pysec-2015-19 |
|
The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2 does not… | django | 2015-06-02T14:59:00Z | 2021-07-15T02:22:09.577532Z |
| pysec-2013-21 |
|
The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.… | django | 2013-10-04T17:55:00Z | 2021-07-15T02:22:09.088856Z |
| pysec-2013-20 |
|
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1… | django | 2013-09-16T19:14:00Z | 2021-07-15T02:22:08.994909Z |
| pysec-2013-19 |
|
Cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget in contrib/adm… | django | 2013-10-04T17:55:00Z | 2021-07-15T02:22:08.907870Z |
| pysec-2013-18 |
|
The authentication framework (django.contrib.auth) in Django 1.4.x before 1.4.8, 1.5.x be… | django | 2013-09-23T20:55:00Z | 2021-07-15T02:22:08.840916Z |
| pysec-2013-17 |
|
The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release… | django | 2013-05-02T14:55:00Z | 2021-07-15T02:22:08.748982Z |
| pysec-2013-16 |
|
The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 b… | django | 2013-05-02T14:55:00Z | 2021-07-15T02:22:08.650123Z |
| pysec-2012-7 |
|
The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x befo… | django | 2012-11-18T23:55:00Z | 2021-07-15T02:22:08.562601Z |
| pysec-2011-9 |
|
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x bef… | django | 2011-01-10T20:00:00Z | 2021-07-15T02:22:08.187235Z |
| pysec-2011-8 |
|
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before… | django | 2011-01-10T20:00:00Z | 2021-07-15T02:22:08.091343Z |
| pysec-2011-12 |
|
Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on … | django | 2011-02-14T21:00:00Z | 2021-07-15T02:22:08.473566Z |
| pysec-2011-11 |
|
Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.… | django | 2011-02-14T21:00:00Z | 2021-07-15T02:22:08.384566Z |
| pysec-2011-10 |
|
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests… | django | 2011-02-14T21:00:00Z | 2021-07-15T02:22:08.278158Z |
| pysec-2010-12 |
|
Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attac… | django | 2010-09-14T19:00:00Z | 2021-07-15T02:22:08.006222Z |
| pysec-2018-52 |
|
A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_w… | cryptography | 2018-07-30T16:29:00Z | 2021-07-15T02:22:07.445715Z |
| pysec-2018-51 |
|
An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values wer… | bleach | 2018-03-07T23:29:00Z | 2021-07-15T02:22:07.141398Z |
| pysec-2009-4 |
|
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and … | django | 2009-10-13T10:30:00Z | 2021-07-15T02:22:07.960103Z |
| pysec-2009-3 |
|
The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not prope… | django | 2009-08-04T16:30:00Z | 2021-07-15T02:22:07.875702Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-3528 | A vulnerability was found in Campcodes Complete Online Student Management System 1.0 and … | 2024-04-11T05:03:27.323652Z |
| gsd-2024-3527 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.121652Z |
| gsd-2024-3526 | A vulnerability has been found in Campcodes Online Event Management System 1.0 and classi… | 2024-04-11T05:03:27.280106Z |
| gsd-2024-3525 | A vulnerability, which was classified as problematic, was found in Campcodes Online Event… | 2024-04-11T05:03:27.419761Z |
| gsd-2024-3524 | A vulnerability, which was classified as problematic, has been found in Campcodes Online … | 2024-04-11T05:03:27.133139Z |
| gsd-2024-3523 | A vulnerability classified as critical was found in Campcodes Online Event Management Sys… | 2024-04-11T05:03:27.336753Z |
| gsd-2024-3522 | A vulnerability classified as critical has been found in Campcodes Online Event Managemen… | 2024-04-11T05:03:27.036590Z |
| gsd-2024-3521 | A vulnerability was found in Byzoro Smart S80 Management Platform up to 20240317. It has … | 2024-04-11T05:03:27.061995Z |
| gsd-2024-3520 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.088874Z |
| gsd-2024-3519 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.321424Z |
| gsd-2024-3518 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.239432Z |
| gsd-2024-3517 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.240663Z |
| gsd-2024-3516 | Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote a… | 2024-04-11T05:03:27.300112Z |
| gsd-2024-3515 | Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker… | 2024-04-11T05:03:27.175261Z |
| gsd-2024-3514 | ** REJECT ** **DUPLICATE** Please use CVE-2024-1846 instead. | 2024-04-11T05:03:27.174480Z |
| gsd-2024-3513 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.197785Z |
| gsd-2024-3512 | ** REJECT ** **DUPLICATE*** Please use CVE-2024-2583 instead. | 2024-04-11T05:03:27.315790Z |
| gsd-2024-3511 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.292073Z |
| gsd-2024-3510 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.296018Z |
| gsd-2024-3509 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.080625Z |
| gsd-2024-3508 | A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzi… | 2024-04-11T05:03:27.063567Z |
| gsd-2024-3507 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.046374Z |
| gsd-2024-3506 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.128291Z |
| gsd-2024-3505 | JFrog Artifactory Self-Hosted versions below 7.77.3, are vulnerable to sensitive informat… | 2024-04-11T05:03:27.282899Z |
| gsd-2024-3504 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.402916Z |
| gsd-2024-3503 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.399660Z |
| gsd-2024-3502 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.116755Z |
| gsd-2024-3501 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.053973Z |
| gsd-2024-3500 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.329192Z |
| gsd-2024-3499 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.366035Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192540 | Malicious code in elf-stats-twinkling-wishlist-283 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T22:09:11Z |
| mal-2025-192534 | Malicious code in elf-stats-sugarplum-snowman-116 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T22:09:11Z |
| mal-2025-192286 | Malicious code in elf-stats-tinsel-sparkler-289 (npm) | 2025-12-03T19:38:32Z | 2025-12-23T22:09:11Z |
| mal-2025-192285 | Malicious code in elf-stats-sugarplum-cookiejar-287 (npm) | 2025-12-03T19:42:46Z | 2025-12-23T22:09:11Z |
| mal-2025-192270 | Malicious code in elf-stats-tinsel-candy-605 (npm) | 2025-12-03T18:49:05Z | 2025-12-23T22:09:11Z |
| mal-2025-192243 | Malicious code in elf-stats-wintry-cocoa-831 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192241 | Malicious code in elf-stats-velvet-snowman-470 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192240 | Malicious code in elf-stats-velvet-ornament-148 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192238 | Malicious code in elf-stats-sugarplum-muffin-944 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192237 | Malicious code in elf-stats-storybook-snowglobe-157 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192198 | Malicious code in elf-stats-wintry-ornament-960 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192196 | Malicious code in elf-stats-wintry-hollyberry-832 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192194 | Malicious code in elf-stats-wintry-fir-892 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192192 | Malicious code in elf-stats-whimsical-rocket-922 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192191 | Malicious code in elf-stats-whimsical-muffin-613 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192190 | Malicious code in elf-stats-whimsical-marshmallow-258 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192189 | Malicious code in elf-stats-whimsical-marshmallow-212 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192188 | Malicious code in elf-stats-whimsical-ledger-767 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192187 | Malicious code in elf-stats-whimsical-lantern-823 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192181 | Malicious code in elf-stats-twinkling-marshmallow-913 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192178 | Malicious code in elf-stats-tinsel-pantry-856 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192173 | Malicious code in elf-stats-sugarplum-star-404 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192171 | Malicious code in elf-stats-sugarplum-fireplace-278 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192169 | Malicious code in elf-stats-storybook-reindeer-552 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-191974 | Malicious code in elf-stats-wintry-northstar-674 (npm) | 2025-12-03T12:25:23Z | 2025-12-23T22:09:11Z |
| MAL-2025-192628 | Malicious code in elf-stats-wintry-chimney-348 (npm) | 2025-12-19T08:44:11Z | 2025-12-23T22:09:11Z |
| MAL-2025-192540 | Malicious code in elf-stats-twinkling-wishlist-283 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T22:09:11Z |
| MAL-2025-192534 | Malicious code in elf-stats-sugarplum-snowman-116 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T22:09:11Z |
| MAL-2025-192286 | Malicious code in elf-stats-tinsel-sparkler-289 (npm) | 2025-12-03T19:38:32Z | 2025-12-23T22:09:11Z |
| MAL-2025-192285 | Malicious code in elf-stats-sugarplum-cookiejar-287 (npm) | 2025-12-03T19:42:46Z | 2025-12-23T22:09:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-0547 | Red Hat Enterprise Linux und Directory Server: Schwachstelle ermöglicht Denial of Service | 2024-03-04T23:00:00.000+00:00 | 2025-02-17T23:00:00.000+00:00 |
| wid-sec-w-2022-1660 | systemd: Schwachstelle ermöglicht Denial of Service | 2021-04-26T22:00:00.000+00:00 | 2025-02-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0386 | HP LaserJet: Mehrere Schwachstellen | 2025-02-16T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2025-0384 | Microsoft Edge: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-02-16T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2025-0383 | Ruby on Rails: Schwachstelle ermöglicht Offenlegung von Informationen | 2019-12-18T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2025-0380 | vim: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-02-16T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2025-0369 | IEEE WPA2: Mehrere Schwachstellen | 2017-10-15T22:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2025-0368 | Intel Wireless Bluetooth Produkte: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-02-08T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2025-0358 | Google Chrome und Microsoft Edge: Mehrere Schwachstellen | 2025-02-12T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2025-0025 | SonicWall SonicOS: Mehrere Schwachstellen | 2025-01-07T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2024-0162 | FreeRDP Clients: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-01-18T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2023-2251 | FreeRDP: Mehrere Schwachstellen | 2023-09-03T22:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2023-1873 | AMD Prozessor: Schwachstelle ermöglicht Offenlegung von Informationen | 2023-07-24T22:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2023-0632 | Ruby on Rails: Mehrere Schwachstellen | 2023-03-13T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2023-0559 | Ruby on Rails: Schwachstelle ermöglicht Denial of Service | 2023-03-02T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2023-0103 | Meltdown und Spectre: Mehrere Schwachstellen | 2018-01-03T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2022-0073 | AMD Prozessoren: Mehrere Schwachstellen | 2022-05-10T22:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2022-0072 | AMD Prozessoren: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2022-05-10T22:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2025-0377 | Dell PowerEdge: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-02-13T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0376 | WatchGuard Firebox: Mehrere Schwachstellen | 2025-02-13T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0375 | Lexmark Laser Printers: Mehrere Schwachstellen | 2025-02-13T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0374 | MISP: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-02-13T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0371 | IBM QRadar SIEM: Schwachstelle ermöglicht Cross-Site Scripting | 2025-02-13T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0370 | Apple Mac OS: Mehrere Schwachstellen | 2017-09-25T22:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0367 | Broadcom Brocade SANnav: Mehrere Schwachstellen | 2025-02-13T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0336 | AMD Radeon: Mehrere Schwachstellen | 2025-02-11T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0260 | Google Chrome / Microsoft Edge: Mehrere Schwachstellen | 2025-02-04T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0093 | Microsoft Developer Tools: Mehrere Schwachstellen | 2025-01-14T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2024-3275 | VMware Tanzu Spring Security: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2024-10-27T23:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2024-2238 | Grafana: Schwachstelle ermöglicht Manipulation von Regeln und Offenlegung von Informationen | 2024-09-26T22:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2022:6801 | Red Hat Security Advisory: OpenShift Container Platform 4.8.51 packages and security update | 2022-10-13T07:44:51+00:00 | 2026-02-03T21:13:24+00:00 |
| rhsa-2022:6714 | Red Hat Security Advisory: RHACS 3.72 enhancement and security update | 2022-09-26T15:26:11+00:00 | 2026-02-03T21:13:23+00:00 |
| rhsa-2022:6696 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.6 security update and bug fixes | 2022-09-26T14:49:03+00:00 | 2026-02-03T21:13:23+00:00 |
| rhsa-2022:6535 | Red Hat Security Advisory: OpenShift Container Platform 4.11.5 packages and security update | 2022-09-20T17:03:38+00:00 | 2026-02-03T21:13:22+00:00 |
| rhsa-2022:6347 | Red Hat Security Advisory: VolSync 0.5 security fixes and updates | 2022-09-06T14:14:15+00:00 | 2026-02-03T21:13:22+00:00 |
| rhsa-2022:6527 | Red Hat Security Advisory: OpenShift Virtualization 4.11.0 RPMs security and bug fix update | 2022-09-15T09:13:04+00:00 | 2026-02-03T21:13:21+00:00 |
| rhsa-2022:6526 | Red Hat Security Advisory: OpenShift Virtualization 4.11.0 Images security and bug fix update | 2022-09-14T19:28:51+00:00 | 2026-02-03T21:13:21+00:00 |
| rhsa-2022:6430 | Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix update | 2022-09-13T02:09:43+00:00 | 2026-02-03T21:13:20+00:00 |
| rhsa-2022:6370 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes | 2022-09-06T22:27:58+00:00 | 2026-02-03T21:13:19+00:00 |
| rhsa-2022:6348 | Red Hat Security Advisory: Gatekeeper Operator v0.2 security and container updates | 2022-09-06T13:43:08+00:00 | 2026-02-03T21:13:19+00:00 |
| rhsa-2022:6346 | Red Hat Security Advisory: RHSA: Submariner 0.13 - security and enhancement update | 2022-09-06T13:00:18+00:00 | 2026-02-03T21:13:18+00:00 |
| rhsa-2022:6345 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1 security updates and bug fixes | 2022-09-06T14:28:04+00:00 | 2026-02-03T21:13:17+00:00 |
| rhsa-2022:6344 | Red Hat Security Advisory: Logging Subsystem 5.5.1 Security and Bug Fix Update | 2022-09-06T17:00:14+00:00 | 2026-02-03T21:13:16+00:00 |
| rhsa-2022:6277 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.5 security update | 2022-08-31T16:58:21+00:00 | 2026-02-03T21:13:16+00:00 |
| rhsa-2022:6318 | Red Hat Security Advisory: OpenShift Container Platform 4.9.48 extras security update | 2022-09-12T12:17:08+00:00 | 2026-02-03T21:13:15+00:00 |
| rhsa-2022:6308 | Red Hat Security Advisory: OpenShift Container Platform 4.8.49 security update | 2022-09-14T20:37:57+00:00 | 2026-02-03T21:13:15+00:00 |
| rhsa-2022:6290 | Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.0 security and bug fix update | 2022-09-01T01:24:16+00:00 | 2026-02-03T21:13:15+00:00 |
| rhsa-2022:6287 | Red Hat Security Advisory: OpenShift Container Platform 4.11.3 packages and security update | 2022-09-07T20:47:50+00:00 | 2026-02-03T21:13:12+00:00 |
| rhsa-2022:6283 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.2 Containers security update | 2022-08-31T18:49:06+00:00 | 2026-02-03T21:13:12+00:00 |
| rhsa-2022:6263 | Red Hat Security Advisory: OpenShift Container Platform 4.6.61 security and extras update | 2022-09-09T04:53:55+00:00 | 2026-02-03T21:13:12+00:00 |
| rhsa-2022:6258 | Red Hat Security Advisory: OpenShift Container Platform 4.10.31 security update | 2022-09-08T05:39:54+00:00 | 2026-02-03T21:13:11+00:00 |
| rhsa-2022:6188 | Red Hat Security Advisory: Node Maintenance Operator 4.11.1 security update | 2022-08-25T11:20:51+00:00 | 2026-02-03T21:13:11+00:00 |
| rhsa-2022:6187 | Red Hat Security Advisory: Node Health Check Operator 0.3.1 security update | 2022-08-25T10:08:43+00:00 | 2026-02-03T21:13:10+00:00 |
| rhsa-2022:6183 | Red Hat Security Advisory: Logging Subsystem 5.4.5 Security and Bug Fix Update | 2022-09-06T13:32:06+00:00 | 2026-02-03T21:13:09+00:00 |
| rhsa-2022:6156 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update | 2022-08-24T13:45:52+00:00 | 2026-02-03T21:13:09+00:00 |
| rhsa-2022:6155 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement & bugfix update | 2022-08-24T13:43:53+00:00 | 2026-02-03T21:13:08+00:00 |
| rhsa-2022:6152 | Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.0 security update | 2022-09-01T05:40:28+00:00 | 2026-02-03T21:13:08+00:00 |
| rhsa-2022:6147 | Red Hat Security Advisory: OpenShift Container Platform 4.9.47 bug fix and security update | 2022-08-31T16:38:13+00:00 | 2026-02-03T21:13:08+00:00 |
| rhsa-2022:6133 | Red Hat Security Advisory: OpenShift Container Platform 4.10.30 bug fix and security update | 2022-08-31T12:31:50+00:00 | 2026-02-03T21:13:07+00:00 |
| rhsa-2022:6113 | Red Hat Security Advisory: Red Hat Application Interconnect 1.0 Release (rpms) | 2022-08-18T15:12:43+00:00 | 2026-02-03T21:13:06+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-21-238-01 | Johnson Controls Controlled Electronic Management Systems CEM Systems AC2000 | 2021-08-26T00:00:00.000000Z | 2021-08-26T00:00:00.000000Z |
| icsa-21-236-03 | Delta Electronics TPEditor | 2021-08-24T00:00:00.000000Z | 2021-08-24T00:00:00.000000Z |
| icsa-21-236-02 | Hitachi ABB Power Grids Retail Operations and CSB Products | 2021-08-24T00:00:00.000000Z | 2021-08-24T00:00:00.000000Z |
| icsa-21-236-01 | Hitachi ABB Power Grids TropOS | 2021-08-24T00:00:00.000000Z | 2021-08-24T00:00:00.000000Z |
| icsa-21-168-03 | Advantech WebAccess/SCADA (Update A) | 2021-06-17T00:00:00.000000Z | 2021-08-24T00:00:00.000000Z |
| icsa-21-231-01 | ICSA-21-231-01_AVEVA SuiteLink Server | 2021-08-19T00:00:00.000000Z | 2021-08-19T00:00:00.000000Z |
| icsa-21-229-03 | xArrow SCADA | 2021-08-17T00:00:00.000000Z | 2021-08-17T00:00:00.000000Z |
| icsa-21-229-02 | Advantech WebAccess/NMS | 2021-08-17T00:00:00.000000Z | 2021-08-17T00:00:00.000000Z |
| icsa-21-229-01 | ThroughTek Kalay P2P SDK | 2021-08-17T00:00:00.000000Z | 2021-08-17T00:00:00.000000Z |
| icsa-21-224-02 | Horner Automation Cscape | 2021-08-12T00:00:00.000000Z | 2021-08-12T00:00:00.000000Z |
| icsa-21-224-01 | Cognex In-Sight OPC Server | 2021-08-12T00:00:00.000000Z | 2021-08-12T00:00:00.000000Z |
| icsa-21-182-02 | Sensormatic Electronics C-CURE 9000 (Update A) | 2021-07-01T00:00:00.000000Z | 2021-08-12T00:00:00.000000Z |
| icsa-21-222-08 | ICSA-21-222-08_Siemens Solid Edge | 2021-08-10T00:00:00.000000Z | 2021-08-10T00:00:00.000000Z |
| icsa-21-131-13 | Siemens SINAMICS Medium Voltage Products Telnet (Update A) | 2021-05-11T00:00:00.000000Z | 2021-08-10T00:00:00.000000Z |
| icsa-20-070-01 | ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B) | 2020-03-10T00:00:00.000000Z | 2021-08-10T00:00:00.000000Z |
| icsa-21-217-04 | Advantech WebAccess SCADA | 2021-08-05T00:00:00.000000Z | 2021-08-05T00:00:00.000000Z |
| icsa-21-217-03 | ICSA-21-217-03_mySCADA myPRO | 2021-08-05T00:00:00.000000Z | 2021-08-05T00:00:00.000000Z |
| icsa-21-217-02 | FATEK Automation FvDesigner | 2021-08-05T00:00:00.000000Z | 2021-08-05T00:00:00.000000Z |
| icsma-21-215-01 | Swisslog Healthcare Translogic PTS | 2021-08-03T00:00:00.000000Z | 2021-08-03T00:00:00.000000Z |
| icsa-21-210-01 | Hitachi ABB Power Grids eSOMS | 2021-07-29T00:00:00.000000Z | 2021-07-29T00:00:00.000000Z |
| icsa-21-208-05 | Delta Electronics DIAScreen | 2021-07-27T00:00:00.000000Z | 2021-07-27T00:00:00.000000Z |
| icsa-21-208-04 | LCDS LAquis SCADA | 2021-07-27T00:00:00.000000Z | 2021-07-27T00:00:00.000000Z |
| icsa-21-208-03 | Geutebrück G-Cam E2 and G-Code | 2021-07-27T00:00:00.000000Z | 2021-07-27T00:00:00.000000Z |
| icsa-21-208-02 | Mitsubishi Electric GOT2000 series and GT SoftGOT2000 | 2021-07-27T00:00:00.000000Z | 2021-07-27T00:00:00.000000Z |
| icsa-21-208-01 | KUKA KR C4 | 2021-07-27T00:00:00.000000Z | 2021-07-27T00:00:00.000000Z |
| icsa-21-194-02 | Schneider Electric Modicon Controllers and Software (Update A) | 2021-07-13T00:00:00.000000Z | 2021-07-27T00:00:00.000000Z |
| icsa-21-180-05 | AVEVA System Platform (Update A) | 2021-06-29T00:00:00.000000Z | 2021-07-27T00:00:00.000000Z |
| icsa-21-112-02 | Mitsubishi Electric GOT (Update A) | 2021-04-22T00:00:00.000000Z | 2021-07-27T00:00:00.000000Z |
| icsa-21-201-01 | Mitsubishi Electric MELSEC-F Series | 2021-07-20T00:00:00.000000Z | 2021-07-20T00:00:00.000000Z |
| icsma-21-196-01 | ICSMA-21-196-01_Ypsomed mylife | 2021-07-15T00:00:00.000000Z | 2021-07-15T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-cmx-prvesc-6g37hjal | Cisco Connected Mobile Experiences Privilege Escalation Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cmx-prvesc-6g37hjAL | Cisco Connected Mobile Experiences Privilege Escalation Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cdp-memleak-k5z7m55t | Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Memory Leak Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cdp-memleak-k5Z7m55t | Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Memory Leak Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-HYP-WSV-yT3j5hSB | Cisco Hyperflex HX-Series Software Weak Storage Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-webex-client-url-fcmpdfvy | Cisco Webex Meetings Desktop App and Webex Meetings Client URL Filtering Arbitrary Program Execution Vulnerability | 2020-06-17T16:00:00+00:00 | 2020-08-11T16:29:52+00:00 |
| cisco-sa-webex-client-url-fcmpdfVY | Cisco Webex Meetings Desktop App and Webex Meetings Client URL Filtering Arbitrary Program Execution Vulnerability | 2020-06-17T16:00:00+00:00 | 2020-08-11T16:29:52+00:00 |
| cisco-sa-cvp-info-dislosure-nzbewj9v | Cisco Unified Customer Voice Portal Information Disclosure Vulnerability | 2020-07-01T16:00:00+00:00 | 2020-08-11T13:54:42+00:00 |
| cisco-sa-cvp-info-dislosure-NZBEwj9V | Cisco Unified Customer Voice Portal Information Disclosure Vulnerability | 2020-07-01T16:00:00+00:00 | 2020-08-11T13:54:42+00:00 |
| cisco-sa-grub2-code-exec-xlepcapy | GRUB2 Arbitrary Code Execution Vulnerability | 2020-08-04T23:00:00+00:00 | 2020-08-10T15:49:28+00:00 |
| cisco-sa-grub2-code-exec-xLePCAPY | GRUB2 Arbitrary Code Execution Vulnerability | 2020-08-04T23:00:00+00:00 | 2020-08-10T15:49:28+00:00 |
| cisco-sa-bgp-erkeqaer | Cisco IOS XR Software Additional Paths Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-10T13:37:52+00:00 |
| cisco-sa-bgp-ErKEqAer | Cisco IOS XR Software Additional Paths Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-10T13:37:52+00:00 |
| cisco-sa-webex-smtdelete-gjdurogr | Cisco Webex Meetings Scheduled Meeting Template Deletion Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-smtdelete-gJDurOgR | Cisco Webex Meetings Scheduled Meeting Template Deletion Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-smtcreate-ymud5sk | Cisco Webex Meetings Scheduled Meeting Template Creation Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-smtcreate-YmuD5Sk | Cisco Webex Meetings Scheduled Meeting Template Creation Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-mttngs-xss-3vbdxduf | Cisco Webex Meetings Reflected Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-mttngs-xss-3VbdxDuF | Cisco Webex Meetings Reflected Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-makmv4qc | Cisco Webex Meetings User Email Address Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-mAkmV4qc | Cisco Webex Meetings User Email Address Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-client-g3zevbcp | Cisco Webex Meetings Desktop App Information Disclosure Vulnerabilities | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-client-g3zevBcp | Cisco Webex Meetings Desktop App Information Disclosure Vulnerabilities | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-ucs-director-xss-o7t8oryr | Cisco UCS Director Stored Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-ucs-director-xss-O7T8ORYR | Cisco UCS Director Stored Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-ise-pass-disclosure-k8p2nsgg | Cisco Identity Services Engine Password Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-ise-pass-disclosure-K8p2Nsgg | Cisco Identity Services Engine Password Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-esa-sma-log-yxq6g2kg | Cisco Email Security Appliance and Cisco Content Security Management Appliance Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-esa-sma-log-YxQ6g2kG | Cisco Email Security Appliance and Cisco Content Security Management Appliance Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-dna-info-disc-3bz8bcgr | Cisco DNA Center Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-4287 | PyTorch nccl.py torch.cuda.nccl.reduce denial of service | 2025-05-02T00:00:00.000Z | 2025-09-03T23:22:19.000Z |
| msrc_cve-2025-38411 | netfs: Fix double put of request | 2025-07-02T00:00:00.000Z | 2025-09-03T23:21:36.000Z |
| msrc_cve-2024-43823 | PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() | 2024-08-02T00:00:00.000Z | 2025-09-03T23:21:21.000Z |
| msrc_cve-2013-4416 | The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply. | 2013-11-02T00:00:00.000Z | 2025-09-03T23:21:14.000Z |
| msrc_cve-2025-38670 | arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() | 2025-08-02T00:00:00.000Z | 2025-09-03T23:20:26.000Z |
| msrc_cve-2025-38500 | xfrm: interface: fix use-after-free after changing collect_md xfrm interface | 2025-08-02T00:00:00.000Z | 2025-09-03T23:19:48.000Z |
| msrc_cve-2022-46883 | Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.<br />*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107. | 2022-12-02T00:00:00.000Z | 2025-09-03T23:19:26.000Z |
| msrc_cve-2024-26866 | spi: lpspi: Avoid potential use-after-free in probe() | 2024-04-02T07:00:00.000Z | 2025-09-03T23:19:20.000Z |
| msrc_cve-2024-26677 | rxrpc: Fix delayed ACKs to not set the reference serial number | 2024-04-02T07:00:00.000Z | 2025-09-03T23:18:53.000Z |
| msrc_cve-2025-52496 | Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery. | 2025-07-02T00:00:00.000Z | 2025-09-03T23:18:31.000Z |
| msrc_cve-2023-39318 | Improper handling of HTML-like comments in script contexts in html/template | 2023-09-01T00:00:00.000Z | 2025-09-03T23:18:21.000Z |
| msrc_cve-2023-52757 | smb: client: fix potential deadlock when releasing mids | 2024-05-02T07:00:00.000Z | 2025-09-03T23:17:53.000Z |
| msrc_cve-2025-8844 | NASM Netwide Assember preproc.c parse_smacro_template null pointer dereference | 2025-08-02T00:00:00.000Z | 2025-09-03T23:16:28.000Z |
| msrc_cve-2024-26893 | firmware: arm_scmi: Fix double free in SMC transport cleanup path | 2024-04-02T07:00:00.000Z | 2025-09-03T23:15:44.000Z |
| msrc_cve-2010-2249 | Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. | 2010-06-02T00:00:00.000Z | 2025-09-03T23:15:39.000Z |
| msrc_cve-2024-35870 | smb: client: fix UAF in smb2_reconnect_server() | 2024-05-02T07:00:00.000Z | 2025-09-03T23:14:40.000Z |
| msrc_cve-2025-38646 | wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band | 2025-08-02T00:00:00.000Z | 2025-09-03T23:14:25.000Z |
| msrc_cve-2023-42364 | A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function. | 2023-11-01T07:00:00.000Z | 2025-09-03T23:14:03.000Z |
| msrc_cve-2025-0677 | Grub2: ufs: integer overflow may lead to heap based out-of-bounds write when handling symlinks | 2025-02-02T00:00:00.000Z | 2025-09-03T23:13:01.000Z |
| msrc_cve-2024-23829 | aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators | 2024-01-01T08:00:00.000Z | 2025-09-03T23:12:33.000Z |
| msrc_cve-2024-6610 | Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128. | 2024-07-01T07:00:00.000Z | 2025-09-03T23:12:15.000Z |
| msrc_cve-2022-49342 | net: ethernet: bgmac: Fix refcount leak in bcma_mdio_mii_register | 2025-02-02T00:00:00.000Z | 2025-09-03T23:11:30.000Z |
| msrc_cve-2018-25091 | urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the authorization header to be exposed to unintended hosts or transmitted in cleartext. NOTE: this issue exists because of an incomplete fix for CVE-2018-20060 (which was case-sensitive). | 2023-10-01T00:00:00.000Z | 2025-09-03T23:11:12.000Z |
| msrc_cve-2022-49901 | blk-mq: Fix kmemleak in blk_mq_init_allocated_queue | 2025-05-02T00:00:00.000Z | 2025-09-03T23:11:01.000Z |
| msrc_cve-2023-52737 | btrfs: lock the inode in shared mode before starting fiemap | 2024-05-02T07:00:00.000Z | 2025-09-03T23:10:25.000Z |
| msrc_cve-2025-38237 | media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() | 2025-07-02T00:00:00.000Z | 2025-09-03T23:10:02.000Z |
| msrc_cve-2025-38640 | bpf: Disable migration in nf_hook_run_bpf(). | 2025-08-02T00:00:00.000Z | 2025-09-03T23:09:33.000Z |
| msrc_cve-2025-38364 | maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() | 2025-07-02T00:00:00.000Z | 2025-09-03T23:08:55.000Z |
| msrc_cve-2023-3482 | When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox < 115. | 2023-07-01T07:00:00.000Z | 2025-09-03T23:08:41.000Z |
| msrc_cve-2018-14042 | In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | 2018-07-02T00:00:00.000Z | 2025-09-03T23:08:20.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2024:13696-1 | kernel-devel-6.7.5-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13695-1 | expat-2.6.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13694-1 | wpa_supplicant-2.10-6.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13693-1 | tomcat10-10.1.18-3.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13692-1 | tomcat-9.0.85-3.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13691-1 | python310-aiohttp-3.9.3-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13690-1 | libQt5Bootstrap-devel-static-32bit-5.15.12+kde151-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13689-1 | docker-24.0.7_ce-3.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13688-1 | buildkit-0.12.5-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13687-1 | bind-9.18.24-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13686-1 | python310-FontTools-4.47.2-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13685-1 | hugin-2023.0.0-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13684-1 | python310-fastapi-0.109.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13683-1 | libIex-3_1-30-32bit-3.1.11-1.3 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13682-1 | python310-uamqp-1.6.8-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13681-1 | php-composer2-2.7.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13680-1 | pdns-recursor-5.0.2-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13679-1 | java-1_8_0-openj9-1.8.0.402-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13678-1 | java-17-openj9-17.0.10.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13677-1 | java-11-openj9-11.0.22.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13676-1 | libxml2-2-2.11.6-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13675-1 | libgit2-1_7-1.7.2-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13674-1 | python310-oletools-0.60.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13673-1 | python310-Django-4.2.10-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13672-1 | libecpg6-16.2-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13671-1 | postgresql15-15.6-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13670-1 | postgresql14-14.11-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13669-1 | postgresql13-13.14-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13668-1 | postgresql12-12.18-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13667-1 | pgadmin4-8.2-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-gitlab-2023-0120 | Incorrect Authorization in GitLab | 2024-03-06T11:12:40.282Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2022-4343 | Exposure of Sensitive Information to an Unauthorized Actor in GitLab | 2024-03-06T11:13:00.182Z | 2025-05-20T10:02:07.006Z |
| bit-gitlab-2021-32823 | Potential Denial-of-Service in bindata | 2024-03-06T11:18:52.964Z | 2025-05-20T10:02:07.006Z |
| bit-gitea-2023-3515 | Open Redirect in go-gitea/gitea | 2024-03-06T10:52:08.603Z | 2025-05-20T10:02:07.006Z |
| bit-gitea-2022-1928 | Cross-site Scripting (XSS) - Stored in go-gitea/gitea | 2024-03-06T10:53:22.292Z | 2025-05-20T10:02:07.006Z |
| bit-gitea-2022-1058 | Open Redirect on login in go-gitea/gitea | 2024-03-06T10:53:31.004Z | 2025-05-20T10:02:07.006Z |
| bit-gitea-2022-0905 | Missing Authorization in go-gitea/gitea | 2024-03-06T10:53:40.961Z | 2025-05-20T10:02:07.006Z |
| bit-git-2024-52005 | The sideband payload is passed unfiltered to the terminal in git | 2025-04-14T11:03:18.348Z | 2025-05-20T10:02:07.006Z |
| bit-git-2022-25648 | Command Injection | 2024-03-06T10:52:03.704Z | 2025-05-20T10:02:07.006Z |
| bit-git-2020-5260 | malicious URLs may cause Git to present stored credentials to the wrong server | 2024-03-06T10:52:15.272Z | 2025-05-20T10:02:07.006Z |
| bit-ghost-2024-43409 | Ghost's improper authentication allows access to member information and actions | 2024-08-23T07:18:19.005Z | 2025-05-20T10:02:07.006Z |
| bit-ghost-2023-40028 | Arbitrary file read via symlinks in Ghost | 2024-03-06T10:52:08.986Z | 2025-05-20T10:02:07.006Z |
| bit-ghost-2023-31133 | Ghost vulnerable to disclosure of private API fields | 2024-03-06T10:52:29.977Z | 2025-05-20T10:02:07.006Z |
| bit-ghost-2021-39192 | Privilege escalation: all users can access Admin-level API keys | 2024-03-06T10:54:14.780Z | 2025-05-20T10:02:07.006Z |
| bit-ghost-2021-29484 | DOM XSS in Theme Preview | 2024-03-06T10:54:24.871Z | 2025-05-20T10:02:07.006Z |
| bit-fluentd-2022-39379 | Fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration) | 2024-03-06T10:51:50.613Z | 2025-05-20T10:02:07.006Z |
| bit-fluentd-2021-41186 | ReDoS vulnerability in parser_apache2 | 2024-03-06T10:52:03.183Z | 2025-05-20T10:02:07.006Z |
| bit-flink-2020-17518 | Apache Flink directory traversal attack: remote file writing through the REST API | 2024-03-06T10:52:08.186Z | 2025-05-20T10:02:07.006Z |
| bit-etcd-2023-32082 | etcd key name can be accessed via LeaseTimeToLive API | 2024-03-06T10:51:44.987Z | 2025-05-20T10:02:07.006Z |
| bit-etcd-2020-15113 | Improper Preservation of Permissions in etcd | 2024-03-06T10:52:21.172Z | 2025-05-20T10:02:07.006Z |
| bit-etcd-2020-15112 | Improper Input Validation in etcd | 2024-03-06T10:52:31.679Z | 2025-05-20T10:02:07.006Z |
| bit-etcd-2020-15106 | Improper Input Validation in etcd | 2024-03-06T10:52:40.894Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2025-30157 | Envoy crashes when HTTP ext_proc processes local replies | 2025-03-25T07:10:09.552Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2024-53271 | HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy | 2024-12-20T07:08:24.205Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2024-53270 | HTTP/1: sending overload crashes when the request is reset beforehand in envoy | 2024-12-20T07:08:32.803Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2024-45810 | Envoy crashes for LocalReply in http async client | 2024-09-21T07:10:05.550Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2024-45809 | Jwt filter crash in the clear route cache with remote JWKs in envoy | 2024-09-21T07:10:18.152Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2024-45808 | Malicious log injection via access logs in envoy | 2024-09-21T07:10:31.256Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2024-45807 | oghttp2 crash on OnBeginHeadersForStream in envoy | 2024-09-21T07:10:45.353Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2024-45806 | Potential manipulate `x-envoy` headers from external sources in envoy | 2024-09-21T07:10:58.550Z | 2025-05-20T10:02:07.006Z |
| ID | Description | Updated |
|---|---|---|
| var-202005-0696 | A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) … | 2024-03-18T22:14:29.272000Z |
| var-200411-0171 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos c… | 2024-03-18T21:58:08.254000Z |
| var-202211-0553 | Missing release of memory after effective lifetime in firmware for Intel(R) SPS before ve… | 2024-03-18T21:52:24.173000Z |
| var-202211-0555 | Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700… | 2024-03-18T21:30:47.175000Z |
| var-200305-0063 | OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends… | 2024-03-18T20:58:00.361000Z |
| var-202309-0577 | A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visua… | 2024-03-18T20:45:19.974000Z |
| var-202208-0642 | Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.… | 2024-03-18T20:38:03.825000Z |
| var-200110-0326 | OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a de… | 2024-03-18T20:17:51.889000Z |
| var-200809-0209 | The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4… | 2024-03-18T19:48:03.569000Z |
| var-201011-0079 | OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, whic… | 2024-03-18T19:31:19.132000Z |
| var-202402-0339 | A post authentication command injection vulnerability exists when configuring the wiregu… | 2024-03-16T23:02:49.001000Z |
| var-202402-0356 | A post authentication command injection vulnerability exists in the GRE policy functional… | 2024-03-16T23:02:29.579000Z |
| var-202403-0458 | Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerabili… | 2024-03-16T23:01:37.192000Z |
| var-202402-0660 | A post authentication command injection vulnerability exists in the ipsec policy function… | 2024-03-16T22:55:06.407000Z |
| var-202403-0160 | Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware… | 2024-03-16T22:51:04.657000Z |
| var-202311-0697 | A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an ope… | 2024-03-16T22:40:49.696000Z |
| var-200609-1252 | OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key… | 2024-03-16T20:18:27.377000Z |
| var-202402-0523 | there is a possible out of bounds write due to a missing bounds check. This could lead to… | 2024-03-15T23:07:35.562000Z |
| var-202312-0259 | Affected devices improperly handle specially crafted packets sent to port 102/tcp. This… | 2024-03-14T21:09:08.879000Z |
| var-202403-0393 | A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cg… | 2024-03-14T03:14:25.338000Z |
| var-202202-1144 | Puma is a Ruby/Rack web server built for parallelism. Prior to `puma` version `5.6.2`, `p… | 2024-03-13T08:26:19.866000Z |
| var-202308-3431 | Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via … | 2024-03-12T18:17:17.595000Z |
| var-202305-1882 | TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi… | 2024-03-12T18:15:47.847000Z |
| var-202303-0603 | TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injecti… | 2024-03-12T17:58:50.032000Z |
| var-202401-2614 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the f… | 2024-03-07T22:58:37.321000Z |
| var-202209-2004 | A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software… | 2024-03-07T22:57:51.363000Z |
| var-202401-2371 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the fu… | 2024-03-07T22:56:50.490000Z |
| var-202402-2610 | RG-UAC Ruijie unified online behavior management and audit system is an online behavior m… | 2024-03-07T22:55:59.356000Z |
| var-202402-2400 | NBR6205-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. N… | 2024-03-07T22:55:59.453000Z |
| var-202401-2419 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the f… | 2024-03-07T22:55:59.714000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2010-000022 | e-Pares vulnerable to cross-site request forgery | 2010-06-03T11:29+09:00 | 2010-06-03T11:29+09:00 |
| jvndb-2010-000021 | e-Pares vulnerable to cross-site scripting | 2010-06-03T11:29+09:00 | 2010-06-03T11:29+09:00 |
| jvndb-2010-000024 | Ichitaro series vulnerable to arbitrary code execution | 2010-06-01T17:37+09:00 | 2010-06-01T17:37+09:00 |
| jvndb-2010-001427 | XMAP3 Arbitrary Code Execution Vulnerability | 2010-05-18T11:34+09:00 | 2010-05-18T11:34+09:00 |
| jvndb-2010-001395 | Several EUR Form/EUR Products Arbitrary Code Execution Vulnerability | 2010-05-18T11:33+09:00 | 2010-05-18T11:33+09:00 |
| jvndb-2010-000020 | CapsSuite Small Edition PatchMeister vulnerable to denial of service | 2010-05-17T16:43+09:00 | 2010-05-17T16:43+09:00 |
| jvndb-2010-000019 | WebSAM DeploymentManager vulnerable to denial of service | 2010-05-17T16:42+09:00 | 2010-05-17T16:42+09:00 |
| jvndb-2010-000018 | Interstage Application Server vulnerable in request processing | 2010-05-17T16:42+09:00 | 2010-05-17T16:42+09:00 |
| jvndb-2010-000017 | Movable Type vulnerable to cross-site scripting | 2010-05-12T15:25+09:00 | 2010-05-12T15:25+09:00 |
| jvndb-2010-000016 | Multiple Cybozu products vulnerable to authentication bypass | 2010-04-21T17:27+09:00 | 2010-04-21T17:27+09:00 |
| jvndb-2010-000015 | Ichitaro series vulnerable to arbitrary code execution | 2010-04-12T17:17+09:00 | 2010-04-12T17:17+09:00 |
| jvndb-2010-001204 | Accela BizSearch Access Control Bypass Vulnerability | 2010-04-09T16:36+09:00 | 2010-04-09T16:36+09:00 |
| jvndb-2010-000014 | Cisco Router and Security Device Manager vulnerable to cross-site scripting | 2010-04-08T17:47+09:00 | 2010-04-08T17:47+09:00 |
| jvndb-2010-000013 | MODx vulnerable to cross-site scripting | 2010-04-08T17:47+09:00 | 2010-04-08T17:47+09:00 |
| jvndb-2010-000012 | MODx vulnerable to SQL injection | 2010-04-08T17:47+09:00 | 2010-04-08T17:47+09:00 |
| jvndb-2010-000011 | Internet Explorer information disclosure vulnerability | 2010-04-08T17:47+09:00 | 2010-04-08T17:47+09:00 |
| jvndb-2010-000010 | HL-SiteManager vulnerable to SQL injection | 2010-04-02T17:33+09:00 | 2010-04-02T17:33+09:00 |
| jvndb-2010-000009 | Compiere vulnerable to cross-site scripting | 2010-04-02T17:32+09:00 | 2010-04-02T17:32+09:00 |
| jvndb-2010-000008 | Compiere vulnerable to cross-site scripting | 2010-04-02T17:32+09:00 | 2010-04-02T17:32+09:00 |
| jvndb-2010-000007 | PrettyFormMail vulnerable to cross-site scripting | 2010-04-02T17:31+09:00 | 2010-04-02T17:31+09:00 |
| jvndb-2009-000057 | ATOK screen lock bypass vulnerability | 2010-03-23T17:42+09:00 | 2010-03-23T17:42+09:00 |
| jvndb-2009-000018 | Ichitaro series buffer overflow vulnerability | 2010-03-23T17:42+09:00 | 2010-03-23T17:42+09:00 |
| jvndb-2010-001147 | JP1/Cm2/Network Node Manager Remote Console Insecure File Permissions Vulnerability | 2010-03-15T12:21+09:00 | 2010-03-15T12:21+09:00 |
| jvndb-2010-000006 | OpenPNE authentication bypass vulnerability | 2010-03-12T15:29+09:00 | 2010-03-12T15:29+09:00 |
| jvndb-2010-001088 | uCosminexus Portal Framework Cross-Site Scripting Vulnerability | 2010-03-03T12:00+09:00 | 2010-03-03T12:00+09:00 |
| jvndb-2010-000005 | tDiary plugin tb-send.rb vulnerable to cross-site scripting | 2010-02-26T12:45+09:00 | 2010-02-26T12:45+09:00 |
| jvndb-2009-002475 | Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java | 2010-02-09T14:03+09:00 | 2010-02-09T14:03+09:00 |
| jvndb-2009-000068 | Implementations of IPv6 may be vulnerable to denial of service (DoS) attacks | 2009-10-26T15:58+09:00 | 2010-01-25T12:02+09:00 |
| jvndb-2010-000004 | Oracle Application Server vulnerable to cross-site scripting | 2010-01-14T21:24+09:00 | 2010-01-14T21:24+09:00 |
| jvndb-2010-000003 | WebCalenderC3 vulnerable to directory traversal | 2010-01-14T21:24+09:00 | 2010-01-14T21:24+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2025:20350-1 | Security update for kernel-livepatch-MICRO-6-0_Update_5 | 2025-05-28T09:53:11Z | 2025-05-28T09:53:11Z |
| suse-su-2025:20349-1 | Security update for kernel-livepatch-MICRO-6-0_Update_3 | 2025-05-28T09:53:11Z | 2025-05-28T09:53:11Z |
| suse-su-2025:20364-1 | Security update for libxml2 | 2025-05-28T09:00:09Z | 2025-05-28T09:00:09Z |
| suse-su-2025:20363-1 | Security update for skopeo | 2025-05-28T08:56:42Z | 2025-05-28T08:56:42Z |
| suse-ru-2025:20362-1 | Recommended update for git | 2025-05-28T07:19:22Z | 2025-05-28T07:19:22Z |
| suse-su-2025:01720-1 | Security update for webkit2gtk3 | 2025-05-27T13:54:56Z | 2025-05-27T13:54:56Z |
| suse-su-2025:01718-1 | Security update for gstreamer-plugins-bad | 2025-05-27T12:53:43Z | 2025-05-27T12:53:43Z |
| suse-su-2025:01717-1 | Security update for gstreamer-plugins-bad | 2025-05-27T12:51:34Z | 2025-05-27T12:51:34Z |
| suse-su-2025:01716-1 | Security update for mariadb | 2025-05-27T12:44:03Z | 2025-05-27T12:44:03Z |
| suse-su-2025:01715-1 | Security update for python-setuptools | 2025-05-27T12:34:45Z | 2025-05-27T12:34:45Z |
| suse-su-2025:01713-1 | Security update for govulncheck-vulndb | 2025-05-27T10:04:35Z | 2025-05-27T10:04:35Z |
| suse-su-2025:20361-1 | Security update for glibc | 2025-05-27T09:35:37Z | 2025-05-27T09:35:37Z |
| suse-su-2025:20360-1 | Security update for docker | 2025-05-27T08:59:26Z | 2025-05-27T08:59:26Z |
| suse-su-2025:20359-1 | Security update for unbound | 2025-05-27T08:57:55Z | 2025-05-27T08:57:55Z |
| suse-su-2025:01710-1 | Security update for MozillaFirefox | 2025-05-26T17:33:49Z | 2025-05-26T17:33:49Z |
| suse-su-2025:01709-1 | Security update for python310-setuptools | 2025-05-26T16:28:05Z | 2025-05-26T16:28:05Z |
| suse-su-2025:01707-1 | Security update for the Linux Kernel | 2025-05-26T11:35:17Z | 2025-05-26T11:35:17Z |
| suse-su-2025:01705-1 | Security update for postgresql13 | 2025-05-26T11:04:19Z | 2025-05-26T11:04:19Z |
| suse-su-2025:01704-1 | Security update for python-setuptools | 2025-05-26T11:02:46Z | 2025-05-26T11:02:46Z |
| suse-su-2025:01661-2 | Security update for postgresql14 | 2025-05-25T22:02:36Z | 2025-05-25T22:02:36Z |
| suse-su-2025:01523-1 | Security update for python-Django | 2025-05-25T22:01:37Z | 2025-05-25T22:01:37Z |
| suse-su-2025:01703-1 | Security update for xen | 2025-05-25T21:42:29Z | 2025-05-25T21:42:29Z |
| suse-su-2025:01702-1 | Security update for glibc | 2025-05-24T09:50:54Z | 2025-05-24T09:50:54Z |
| suse-su-2025:01701-1 | Security update for MozillaFirefox | 2025-05-24T08:34:24Z | 2025-05-24T08:34:24Z |
| suse-su-2025:20346-1 | Security update for python311 | 2025-05-23T13:40:05Z | 2025-05-23T13:40:05Z |
| suse-su-2025:20345-1 | Security update for augeas | 2025-05-23T13:00:13Z | 2025-05-23T13:00:13Z |
| suse-su-2025:01695-1 | Security update for python-setuptools | 2025-05-23T12:50:53Z | 2025-05-23T12:50:53Z |
| suse-su-2025:01693-1 | Security update for python36-setuptools | 2025-05-23T12:48:03Z | 2025-05-23T12:48:03Z |
| suse-su-2025:01649-2 | Security update for python-tornado6 | 2025-05-23T11:58:50Z | 2025-05-23T11:58:50Z |
| suse-su-2025:01692-1 | Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5) | 2025-05-23T08:03:48Z | 2025-05-23T08:03:48Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-26157 | D-Link DIR-823G缓冲区溢出漏洞(CNVD-2025-26157) | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26108 | Microsoft Windows Server远程代码执行漏洞(CNVD-2025-26108) | 2025-10-17 | 2025-10-31 |
| cnvd-2025-26107 | Simple Food Ordering System editproduct.php文件上传漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26106 | Simple Food Ordering System editproduct.php文件跨站脚本漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26105 | Simple Food Ordering System editcategory.php文件跨站脚本漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26104 | Simple Food Ordering System addproduct.php文件跨站脚本漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26103 | Simple Food Ordering System addcategory.php文件跨站脚本漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26102 | Simple Food Ordering System addproduct.php文件上传漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26101 | Nero Social Networking Site index.php文件SQL注入漏洞 | 2025-05-14 | 2025-10-31 |
| cnvd-2025-26100 | Nero Social Networking Site friendprofile.php文件SQL注入漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26099 | Nero Social Networking Site deletemessage.php文件SQL注入漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26098 | Nero Social Networking Site addfriend.php文件SQL注入漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26097 | Nero Social Networking Site acceptoffres.php文件SQL注入漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26081 | Client Details System授权绕过漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26080 | Client Details System welcome.php文件跨站脚本漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26079 | Client Details System update-clients.php文件跨站脚本漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26078 | Client Details System welcome.php文件SQL注入漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26077 | Client Details System manage-users.php文件跨站脚本漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26076 | Client Details System clientview.php文件跨站脚本漏洞 | 2025-10-31 | 2025-10-31 |
| cnvd-2025-26096 | Vehicle Management filter2.php文件SQL注入漏洞 | 2025-08-10 | 2025-10-30 |
| cnvd-2025-26095 | Vehicle Management /filter1.php文件SQL注入漏洞 | 2025-08-10 | 2025-10-30 |
| cnvd-2025-26094 | Vehicle Management /filter.php文件SQL注入漏洞 | 2025-08-10 | 2025-10-30 |
| cnvd-2025-26093 | Vehicle Management addvehicle.php文件SQL注入漏洞 | 2025-08-10 | 2025-10-30 |
| cnvd-2025-26092 | Vehicle Management addcompany.php文件SQL注入漏洞 | 2025-08-10 | 2025-10-30 |
| cnvd-2025-26091 | Online Medicine Guide pharsignup.php文件SQL注入漏洞 | 2025-08-10 | 2025-10-30 |
| cnvd-2025-26090 | Online Medicine Guide login.php文件SQL注入漏洞 | 2025-08-10 | 2025-10-30 |
| cnvd-2025-26089 | Online Medicine Guide cussignup.php文件SQL注入漏洞 | 2025-08-10 | 2025-10-30 |
| cnvd-2025-26088 | Medical Store Management System UpdateMedicines.java文件SQL注入漏洞 | 2025-08-18 | 2025-10-30 |
| cnvd-2025-26087 | Medical Store Management System MainPanel.java文件SQL注入漏洞 | 2025-08-18 | 2025-10-30 |
| cnvd-2025-26086 | Online Medicine Guide browsemdcn.php文件SQL注入漏洞 | 2025-08-20 | 2025-10-30 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-1013 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| certfr-2024-avi-1012 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| certfr-2024-avi-1011 | Vulnérabilité dans Centreon Web | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| certfr-2024-avi-1010 | Multiples vulnérabilités dans Microsoft Edge | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| CERTFR-2024-AVI-1015 | Multiples vulnérabilités dans les produits IBM | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| CERTFR-2024-AVI-1014 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| CERTFR-2024-AVI-1013 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| CERTFR-2024-AVI-1012 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| CERTFR-2024-AVI-1011 | Vulnérabilité dans Centreon Web | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| CERTFR-2024-AVI-1010 | Multiples vulnérabilités dans Microsoft Edge | 2024-11-22T00:00:00.000000 | 2024-11-22T00:00:00.000000 |
| certfr-2024-avi-1009 | Multiples vulnérabilités dans Drupal | 2024-11-21T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-avi-1008 | Multiples vulnérabilités dans Wireshark | 2024-11-21T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-avi-1007 | Multiples vulnérabilités dans PHP | 2024-11-21T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| CERTFR-2024-AVI-1009 | Multiples vulnérabilités dans Drupal | 2024-11-21T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| CERTFR-2024-AVI-1008 | Multiples vulnérabilités dans Wireshark | 2024-11-21T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| CERTFR-2024-AVI-1007 | Multiples vulnérabilités dans PHP | 2024-11-21T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-avi-1006 | Multiples vulnérabilités dans les produits Atlassian | 2024-11-20T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| certfr-2024-avi-1005 | Multiples vulnérabilités dans les produits Spring | 2024-11-20T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| certfr-2024-avi-1004 | Multiples vulnérabilités dans les produits Apple | 2024-11-20T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| certfr-2024-avi-1003 | Vulnérabilité dans Google Chrome | 2024-11-20T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| certfr-2024-avi-0969 | Multiples vulnérabilités dans Synacor Zimbra Collaboration | 2024-11-13T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| CERTFR-2024-AVI-1006 | Multiples vulnérabilités dans les produits Atlassian | 2024-11-20T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| CERTFR-2024-AVI-1005 | Multiples vulnérabilités dans les produits Spring | 2024-11-20T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| CERTFR-2024-AVI-1004 | Multiples vulnérabilités dans les produits Apple | 2024-11-20T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| CERTFR-2024-AVI-1003 | Vulnérabilité dans Google Chrome | 2024-11-20T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| CERTFR-2024-AVI-0969 | Multiples vulnérabilités dans Synacor Zimbra Collaboration | 2024-11-13T00:00:00.000000 | 2024-11-20T00:00:00.000000 |
| certfr-2024-avi-1002 | Vulnérabilité dans les produits Trend Micro | 2024-11-19T00:00:00.000000 | 2024-11-19T00:00:00.000000 |
| certfr-2024-avi-1001 | Vulnérabilité dans les produits Palo Alto Networks | 2024-11-19T00:00:00.000000 | 2024-11-19T00:00:00.000000 |
| CERTFR-2024-AVI-1002 | Vulnérabilité dans les produits Trend Micro | 2024-11-19T00:00:00.000000 | 2024-11-19T00:00:00.000000 |
| CERTFR-2024-AVI-1001 | Vulnérabilité dans les produits Palo Alto Networks | 2024-11-19T00:00:00.000000 | 2024-11-19T00:00:00.000000 |