Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-0683 |
6.5 (3.1)
|
SupportCandy – Helpdesk & Customer Support Ticket Syst… |
psmplugins |
SupportCandy – Helpdesk & Customer Support Ticket System |
2026-01-31T05:52:46.922Z | 2026-02-02T17:56:52.091Z |
| CVE-2026-1251 |
5.4 (3.1)
|
SupportCandy – Helpdesk & Customer Support Ticket Syst… |
psmplugins |
SupportCandy – Helpdesk & Customer Support Ticket System |
2026-01-31T06:39:23.182Z | 2026-02-02T17:55:57.069Z |
| CVE-2026-1745 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
SourceCodester Medical Certificate Generator App cross… |
SourceCodester |
Medical Certificate Generator App |
2026-02-02T05:02:07.076Z | 2026-02-02T17:51:45.275Z |
| CVE-2026-1746 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
JeecgBoot Online Report API loadDictItemByKeyword sql … |
n/a |
JeecgBoot |
2026-02-02T05:32:10.887Z | 2026-02-02T17:50:49.264Z |
| CVE-2026-1117 |
8.2 (3.0)
|
Improper Access Control in parisneo/lollms |
parisneo |
parisneo/lollms |
2026-02-02T09:55:26.972Z | 2026-02-02T17:49:47.974Z |
| CVE-2024-4147 |
7.5 (3.0)
|
Insufficient Access Control in lunary-ai/lunary |
lunary-ai |
lunary-ai/lunary |
2026-02-02T10:36:22.410Z | 2026-02-02T17:49:06.647Z |
| CVE-2025-10279 |
7 (3.0)
|
Privilege Escalation in mlflow/mlflow |
mlflow |
mlflow/mlflow |
2026-02-02T10:36:22.810Z | 2026-02-02T17:48:15.265Z |
| CVE-2025-6208 |
5.3 (3.0)
|
Uncontrolled Memory Consumption in run-llama/llama_index |
run-llama |
run-llama/llama_index |
2026-02-02T10:36:23.033Z | 2026-02-02T17:46:53.711Z |
| CVE-2024-5386 |
9.6 (3.0)
|
Account Hijacking via Password Reset Token Leak in lun… |
lunary-ai |
lunary-ai/lunary |
2026-02-02T10:36:23.506Z | 2026-02-02T17:46:17.229Z |
| CVE-2024-2356 |
9.6 (3.0)
|
Remote Code Execution due to LFI in '/reinstall_extens… |
parisneo |
parisneo/lollms-webui |
2026-02-02T10:36:23.820Z | 2026-02-02T17:43:35.038Z |
| CVE-2026-25156 |
7.3 (3.1)
|
HotCRP vulnerable to stored XSS via comment attachments |
kohler |
hotcrp |
2026-01-30T22:11:35.480Z | 2026-02-02T17:42:38.247Z |
| CVE-2026-1705 |
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
|
D-Link DSL-6641K Web ad_virtual_server_vdsl cross site… |
D-Link |
DSL-6641K |
2026-01-30T21:32:08.548Z | 2026-02-02T17:41:22.122Z |
| CVE-2025-36123 |
6.2 (3.1)
|
IBM Db2 Denial of Service |
IBM |
Db2 for Linux, UNIX and Windows |
2026-01-30T21:28:03.127Z | 2026-02-02T17:40:46.365Z |
| CVE-2026-1757 |
6.2 (3.1)
|
Libxml2: memory leak leading to local denial of servic… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-02-02T12:38:14.588Z | 2026-02-02T17:35:36.990Z |
| CVE-2020-37063 |
8.5 (4.0)
7.8 (3.1)
|
TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path |
Weird-Solutions |
TFTP Turbo |
2026-02-01T14:38:29.753Z | 2026-02-02T17:35:06.994Z |
| CVE-2025-8587 |
8.6 (3.1)
|
Time-Based Blind SQLi in AKCE Software's SKSPro |
AKCE Software Technology R&D Industry and Trade Inc. |
SKSPro |
2026-02-02T12:50:51.826Z | 2026-02-02T17:34:11.719Z |
| CVE-2026-1186 |
8.6 (4.0)
|
Path Traversal in EAP Legislator |
ABC PRO SP. Z O.O. |
EAP Legislator |
2026-02-02T13:59:56.671Z | 2026-02-02T17:32:58.563Z |
| CVE-2026-1760 |
5.3 (3.1)
|
Libsoup: soupserver: denial of service via http reques… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-02-02T14:01:26.762Z | 2026-02-02T17:29:53.838Z |
| CVE-2025-61730 |
5.3 (3.1)
|
Handshake messages may be processed at the incorrect e… |
Go standard library |
crypto/tls |
2026-01-28T19:30:30.986Z | 2026-02-02T17:28:49.572Z |
| CVE-2022-50975 |
8.8 (3.1)
|
Multiple Innomic VibroLine VLX and avibia AVLX allow u… |
Innomic |
VibroLine VLX1 HD 5.0 |
2026-02-02T14:07:32.421Z | 2026-02-02T17:26:33.533Z |
| CVE-2022-50976 |
7.7 (3.1)
|
Innomic VibroLine Configurator and avibia Configurator… |
Innomic |
VibroLine Configurator 5.0 |
2026-02-02T14:08:24.139Z | 2026-02-02T17:25:50.864Z |
| CVE-2022-50977 |
7.5 (3.1)
|
Multiple Innomic VibroLine VLX and avibia AVLX allow u… |
Innomic |
VibroLine VLX1 HD 5.0 |
2026-02-02T14:08:59.192Z | 2026-02-02T17:25:19.355Z |
| CVE-2022-50978 |
7.5 (3.1)
|
Multiple Innomic VibroLine VLX and avibia AVLX allow u… |
Innomic |
VibroLine VLX1 HD 5.0 |
2026-02-02T14:09:43.563Z | 2026-02-02T17:24:43.146Z |
| CVE-2022-50979 |
6.5 (3.1)
|
Multiple Innomic VibroLine VLX and avibia AVLX allow u… |
Innomic |
VibroLine VLX1 HD 5.0 |
2026-02-02T14:10:40.182Z | 2026-02-02T17:23:54.319Z |
| CVE-2022-50980 |
6.5 (3.1)
|
Multiple Innomic VibroLine VLX and avibia AVLX allow u… |
Innomic |
VibroLine VLX1 HD 5.0 |
2026-02-02T14:11:21.236Z | 2026-02-02T17:23:17.439Z |
| CVE-2022-50981 |
9.8 (3.1)
|
Multiple Innomic VibroLine VLX HD 5.0 and avibia AVLX … |
Innomic |
VibroLine VLX1 HD 5.0 |
2026-02-02T14:12:05.100Z | 2026-02-02T17:22:10.010Z |
| CVE-2020-37064 |
8.5 (4.0)
7.8 (3.1)
|
EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Un… |
Epson |
EPSON EasyMP Network Projection |
2026-02-01T14:38:30.186Z | 2026-02-02T17:21:47.088Z |
| CVE-2026-1703 |
2 (4.0)
|
Limited path traversal when installing wheel archives |
Python Packaging Authority |
pip |
2026-02-02T14:43:02.919Z | 2026-02-02T17:21:25.369Z |
| CVE-2026-1734 |
6.9 (4.0)
5.3 (3.1)
5.3 (3.0)
|
Zhong Bang CRMEB crontab Endpoint CrontabController.ph… |
Zhong Bang |
CRMEB |
2026-02-01T23:32:05.711Z | 2026-02-02T17:09:29.523Z |
| CVE-2026-24070 |
8.8 (3.1)
|
Local Privilege Escalation via DYLIB Injection in Nati… |
Native Instruments |
Native Access |
2026-02-02T13:15:37.012Z | 2026-02-02T17:09:27.541Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-1757 |
6.2 (3.1)
|
Libxml2: memory leak leading to local denial of servic… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-02-02T12:38:14.588Z | 2026-02-02T17:35:36.990Z |
| CVE-2026-1743 |
2.3 (4.0)
3.1 (3.1)
3.1 (3.0)
|
DJI Mavic Mini/Air/Spark/Mini SE Enhanced Wi-Fi Pairin… |
DJI |
Mavic Mini |
2026-02-02T04:02:07.053Z | 2026-02-03T15:32:46.738Z |
| CVE-2026-1742 |
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
|
EFM ipTIME A8004T VPN Service timepro.cgi commit_vpncl… |
EFM |
ipTIME A8004T |
2026-02-02T03:32:06.852Z | 2026-02-02T14:10:09.145Z |
| CVE-2026-1741 |
7.5 (4.0)
6.6 (3.1)
6.6 (3.0)
|
EFM ipTIME A8004T Debug d.cgi httpcon_check_session_ur… |
EFM |
ipTIME A8004T |
2026-02-02T03:02:06.833Z | 2026-02-02T14:14:04.340Z |
| CVE-2026-1740 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
EFM ipTIME A8004T Hidden Hiddenloginsetup timepro.cgi … |
EFM |
ipTIME A8004T |
2026-02-02T02:32:06.592Z | 2026-02-02T14:15:07.636Z |
| CVE-2026-1735 |
2.4 (4.0)
4.3 (3.1)
4.3 (3.0)
|
Yealink MeetingBar A30 Diagnostic command injection |
Yealink |
MeetingBar A30 |
2026-02-02T00:02:07.695Z | 2026-02-02T17:03:13.892Z |
| CVE-2026-1703 |
2 (4.0)
|
Limited path traversal when installing wheel archives |
Python Packaging Authority |
pip |
2026-02-02T14:43:02.919Z | 2026-02-02T17:21:25.369Z |
| CVE-2026-1531 |
8.1 (3.1)
|
Foreman-kubevirt: foreman_kubevirt: man-in-the-middle … |
Red Hat |
Red Hat Satellite 6 |
2026-02-02T05:47:09.570Z | 2026-02-02T16:28:40.750Z |
| CVE-2026-1530 |
8.1 (3.1)
|
Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerab… |
Red Hat |
Red Hat Satellite 6 |
2026-02-02T05:47:10.049Z | 2026-02-02T16:28:31.327Z |
| CVE-2026-1518 |
2.7 (3.1)
|
Keycloak: blind server-side request forgery (ssrf) via… |
Red Hat |
Red Hat Build of Keycloak |
2026-02-02T07:17:46.557Z | 2026-02-02T14:07:02.915Z |
| CVE-2026-1431 |
5.3 (3.1)
|
Booking Calendar <= 10.14.13 - Missing Authorization t… |
wpdevelop |
Booking Calendar |
2026-01-31T04:35:14.563Z | 2026-02-02T17:58:21.979Z |
| CVE-2026-1251 |
5.4 (3.1)
|
SupportCandy – Helpdesk & Customer Support Ticket Syst… |
psmplugins |
SupportCandy – Helpdesk & Customer Support Ticket System |
2026-01-31T06:39:23.182Z | 2026-02-02T17:55:57.069Z |
| CVE-2026-1232 |
6.8 (4.0)
|
Anti-Tamper Bypass in BeyondTrust Privilege Management… |
BeyondTrust |
Privilege management for Windows |
2026-02-02T16:18:47.242Z | 2026-02-02T16:35:48.876Z |
| CVE-2026-1186 |
8.6 (4.0)
|
Path Traversal in EAP Legislator |
ABC PRO SP. Z O.O. |
EAP Legislator |
2026-02-02T13:59:56.671Z | 2026-02-02T17:32:58.563Z |
| CVE-2026-1165 |
4.3 (3.1)
|
Popup Box <= 6.1.1 - Cross-Site Request Forgery to Pop… |
ays-pro |
Popup Box – Create Countdown, Coupon, Video, Contact Form Popups |
2026-01-31T14:22:29.035Z | 2026-02-02T16:29:04.500Z |
| CVE-2026-1117 |
8.2 (3.0)
|
Improper Access Control in parisneo/lollms |
parisneo |
parisneo/lollms |
2026-02-02T09:55:26.972Z | 2026-02-02T17:49:47.974Z |
| CVE-2026-0683 |
6.5 (3.1)
|
SupportCandy – Helpdesk & Customer Support Ticket Syst… |
psmplugins |
SupportCandy – Helpdesk & Customer Support Ticket System |
2026-01-31T05:52:46.922Z | 2026-02-02T17:56:52.091Z |
| CVE-2026-0658 |
4.3 (3.1)
|
Five Star Restaurant Reservations < 2.7.9 - Arbitrary … |
Unknown |
Five Star Restaurant Reservations |
2026-02-02T06:00:03.784Z | 2026-02-02T14:53:22.633Z |
| CVE-2026-0599 |
7.5 (3.0)
|
Unbounded External Image Fetch in Validation Leads to … |
huggingface |
huggingface/text-generation-inference |
2026-02-02T10:36:25.459Z | 2026-02-02T12:49:08.220Z |
| CVE-2025-9974 |
8 (3.1)
|
Insufficient Input Validation on WEBUI in Nokia ONT/Be… |
Nokia |
Nokia ONT |
2026-02-02T09:01:31.524Z | 2026-02-03T14:02:01.003Z |
| CVE-2025-8587 |
8.6 (3.1)
|
Time-Based Blind SQLi in AKCE Software's SKSPro |
AKCE Software Technology R&D Industry and Trade Inc. |
SKSPro |
2026-02-02T12:50:51.826Z | 2026-02-02T17:34:11.719Z |
| CVE-2025-71187 |
N/A
|
dmaengine: sh: rz-dmac: fix device leak on probe failure |
Linux |
Linux |
2026-01-31T11:41:58.816Z | 2026-02-09T08:36:11.748Z |
| CVE-2025-71184 |
N/A
|
btrfs: fix NULL dereference on root when tracing inode… |
Linux |
Linux |
2026-01-31T11:38:57.171Z | 2026-02-09T08:36:08.559Z |
| CVE-2025-71183 |
N/A
|
btrfs: always detect conflicting inodes when logging i… |
Linux |
Linux |
2026-01-31T11:38:56.067Z | 2026-02-09T08:36:07.352Z |
| CVE-2025-71182 |
N/A
|
can: j1939: make j1939_session_activate() fail if devi… |
Linux |
Linux |
2026-01-31T11:38:55.157Z | 2026-02-09T08:36:06.320Z |
| CVE-2025-71181 |
N/A
|
rust_binder: remove spin_lock() in rust_shrink_free_page() |
Linux |
Linux |
2026-01-31T11:38:54.221Z | 2026-02-09T08:36:05.247Z |
| CVE-2025-71180 |
N/A
|
counter: interrupt-cnt: Drop IRQF_NO_THREAD flag |
Linux |
Linux |
2026-01-31T11:38:52.481Z | 2026-02-09T08:36:04.225Z |
| CVE-2025-7105 |
5.7 (3.0)
|
Denial of Service via JavaScript Memory Overflow in da… |
danny-avila |
danny-avila/librechat |
2026-02-02T10:36:24.368Z | 2026-02-02T13:19:12.269Z |
| CVE-2025-6208 |
5.3 (3.0)
|
Uncontrolled Memory Consumption in run-llama/llama_index |
run-llama |
run-llama/llama_index |
2026-02-02T10:36:23.033Z | 2026-02-02T17:46:53.711Z |
| CVE-2025-15525 |
5.3 (3.1)
|
Ajax Load More – Infinite Scroll, Lazy Load & Load Mor… |
dcooney |
Ajax Load More – Infinite Scroll, Load More, & Lazy Load |
2026-01-31T04:35:15.222Z | 2026-02-02T17:57:31.920Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2022-50797 | Stripe Green Downloads Wordpress Plugin 2.03 contains a persistent cross-site scripting vulnerabili… | 2026-02-01T13:15:56.940 | 2026-02-03T16:44:36.630 |
| fkie_cve-2021-47920 | WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allo… | 2026-02-01T13:15:56.573 | 2026-02-03T16:44:36.630 |
| fkie_cve-2021-47919 | Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file… | 2026-02-01T13:15:56.403 | 2026-02-03T16:44:36.630 |
| fkie_cve-2021-47918 | Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to in… | 2026-02-01T13:15:56.237 | 2026-02-03T16:44:36.630 |
| fkie_cve-2021-47917 | Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters th… | 2026-02-01T13:15:56.073 | 2026-02-03T16:44:36.630 |
| fkie_cve-2021-47915 | PHP Melody version 3.0 contains a remote SQL injection vulnerability in the video edit module that … | 2026-02-01T13:15:55.740 | 2026-02-03T16:44:36.630 |
| fkie_cve-2021-47914 | PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.p… | 2026-02-01T13:15:55.573 | 2026-02-03T16:44:36.630 |
| fkie_cve-2021-47908 | Ultimate POS 4.4 contains a persistent cross-site scripting vulnerability in the product name param… | 2026-02-01T13:15:54.727 | 2026-02-03T16:44:36.630 |
| fkie_cve-2021-47885 | Multiple payment terminal versions contain non-persistent cross-site scripting vulnerabilities in b… | 2026-02-01T13:15:54.557 | 2026-02-03T16:44:36.630 |
| fkie_cve-2021-47856 | Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the se… | 2026-02-01T13:15:54.217 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37064 | EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMP_NSW… | 2026-02-01T15:16:04.710 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37063 | TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to … | 2026-02-01T15:16:04.547 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37062 | DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to p… | 2026-02-01T15:16:04.387 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37061 | BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to… | 2026-02-01T15:16:04.223 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37057 | Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows a… | 2026-01-30T23:16:11.803 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37056 | Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to … | 2026-01-30T23:16:11.630 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37055 | SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially … | 2026-02-01T15:16:04.060 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37054 | Navigate CMS 2.8.7 contains a cross-site request forgery vulnerability that allows attackers to upl… | 2026-01-30T23:16:11.473 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37053 | Navigate CMS 2.8.7 contains an authenticated SQL injection vulnerability that allows attackers to l… | 2026-01-30T23:16:11.300 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37052 | AirControl 1.4.2 contains a pre-authentication remote code execution vulnerability that allows unau… | 2026-01-30T23:16:11.130 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37051 | Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback for… | 2026-01-30T23:16:10.963 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37050 | Quick Player 1.3 contains a buffer overflow vulnerability that allows attackers to execute arbitrar… | 2026-01-30T23:16:10.787 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37049 | Frigate 3.36.0.9 contains a local buffer overflow vulnerability in the Command Line input field tha… | 2026-01-30T23:16:10.627 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37048 | Iskysoft Application Framework Service 2.4.3.241 contains an unquoted service path vulnerability th… | 2026-02-01T15:16:03.897 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37047 | Deep Instinct Windows Agent 1.2.29.0 contains an unquoted service path vulnerability in the DeepMgm… | 2026-02-01T15:16:03.733 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37046 | Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerabilit… | 2026-01-30T23:16:10.463 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37045 | Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon … | 2026-02-01T15:16:03.563 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37044 | OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting (XSS) attack via the /graphql endpo… | 2026-01-30T23:16:10.257 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37043 | 10-Strike Bandwidth Monitor 3.9 contains a buffer overflow vulnerability that allows attackers to b… | 2026-01-30T23:16:10.080 | 2026-02-03T16:44:36.630 |
| fkie_cve-2020-37042 | Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the 'Find Computer'… | 2026-01-30T23:16:09.920 | 2026-02-03T16:44:36.630 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-cc7j-j6fh-4xhc |
5.4 (3.1)
5.1 (4.0)
|
Stored cross-site scripting (XSS, CWE-79) in the survey content and administration functionality in… | 2026-01-07T15:30:16Z | 2026-01-29T03:31:25Z |
| ghsa-j6jw-hg33-x575 |
9.1 (3.1)
7.6 (4.0)
|
Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is an… | 2025-03-01T00:31:55Z | 2026-01-29T03:31:24Z |
| ghsa-4pvg-877c-6rg9 |
7.8 (3.1)
7.0 (4.0)
|
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allo… | 2025-09-10T12:30:20Z | 2026-01-29T03:31:24Z |
| ghsa-r2rj-wwm5-x6mq |
7.7 (3.1)
|
Kyverno Denial of Service via Context Variable Amplification in Policy Engine | 2026-01-27T18:02:22Z | 2026-01-29T03:31:12Z |
| ghsa-24hm-wm2h-h8w7 |
5.0 (3.1)
|
Peppol-py is vulnerable to XXE attacks due to Saxon configuration | 2025-11-28T06:32:06Z | 2026-01-29T03:30:58Z |
| ghsa-vc8c-j3xm-xj73 |
4.1 (4.0)
|
Wasmtime segfault or unused out-of-sandbox load with f64.copysign operator on x86-64 | 2026-01-27T00:48:20Z | 2026-01-29T03:28:33Z |
| ghsa-jqc5-w2xx-5vq4 |
4.7 (3.1)
|
go-tuf Path Traversal in TAP 4 Multirepo Client Allows Arbitrary File Write via Malicious Repositor… | 2026-01-26T23:49:55Z | 2026-01-29T03:26:24Z |
| ghsa-8hf7-h89p-3pqj |
8.1 (3.1)
|
MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field | 2026-01-26T23:36:19Z | 2026-01-29T03:25:29Z |
| ghsa-gcgx-chcp-hxp9 |
5.3 (3.1)
|
Gakido vulnerable to HTTP Header Injection (CRLF Injection) | 2026-01-26T23:29:57Z | 2026-01-29T03:25:02Z |
| ghsa-wp53-j4wj-2cfg |
8.6 (3.1)
|
Python-Multipart has Arbitrary File Write via Non-Default Configuration | 2026-01-26T23:28:05Z | 2026-01-29T03:24:52Z |
| ghsa-mxxc-p822-2hx9 |
8.1 (3.1)
|
Skipper Ingress Controller Allows Unauthorized Access to Internal Services via ExternalName | 2026-01-26T23:26:56Z | 2026-01-29T03:24:42Z |
| ghsa-hm8f-75xx-w2vr |
0.0 (3.1)
|
sigstore CSRF possibility in OIDC authentication during signing | 2026-01-26T21:34:50Z | 2026-01-29T03:24:33Z |
| ghsa-rqfh-9r24-8c9r |
8.2 (4.0)
|
AssertJ has XML External Entity (XXE) vulnerability when parsing untrusted XML via isXmlEqualTo assertion | 2026-01-26T21:31:41Z | 2026-01-29T03:24:21Z |
| ghsa-6r62-w2q3-48hf |
7.4 (3.1)
|
BentoML has a Path Traversal via Bentofile Configuration | 2026-01-26T21:17:16Z | 2026-01-29T03:23:35Z |
| ghsa-m733-5w8f-5ggw |
6.5 (3.1)
6.7 (4.0)
|
pnpm has symlink traversal in file:/git dependencies | 2026-01-26T21:02:33Z | 2026-01-29T03:23:22Z |
| ghsa-xpqm-wm3m-f34h |
6.5 (3.1)
|
pnpm scoped bin name Path Traversal allows arbitrary file creation outside node_modules/.bin | 2026-01-26T21:02:39Z | 2026-01-29T03:23:11Z |
| ghsa-6x96-7vc8-cm3p |
6.5 (3.1)
|
pnpm has Windows-specific tarball Path Traversal | 2026-01-26T21:02:44Z | 2026-01-29T03:23:02Z |
| ghsa-99p7-6v5w-7xg8 |
9.8 (3.1)
|
vm2 has a Sandbox Escape | 2026-01-26T18:57:14Z | 2026-01-29T03:22:51Z |
| ghsa-796p-j2gh-9m2q |
9.3 (4.0)
|
dcap-qvl has Missing Verification for QE Identity | 2026-01-26T18:55:13Z | 2026-01-29T03:22:29Z |
| ghsa-4v5x-9m47-cqr2 |
4.2 (3.1)
|
Duplicate Advisory: WildFly Elytron OpenID Connect Client Extension authorization code injection attack | 2024-12-09T21:31:02Z | 2026-01-29T02:38:40Z |
| ghsa-qm9p-f9j5-w83w |
6.5 (3.1)
|
Parcel has an Origin Validation Error vulnerability | 2025-09-17T21:30:42Z | 2026-01-29T02:37:59Z |
| ghsa-f9qj-4c5x-cpcw |
6.5 (3.1)
6.9 (4.0)
|
elysia-cors Origin Validation Error | 2025-08-20T15:31:42Z | 2026-01-29T02:36:18Z |
| ghsa-9fm9-hp7p-53mf |
2.3 (4.0)
|
Hackney fails to properly release HTTP connections to the pool | 2025-05-28T12:30:34Z | 2026-01-29T02:35:55Z |
| ghsa-c336-7962-wfj2 |
5.3 (4.0)
|
Dask Distributed is Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard | 2026-01-16T16:58:16Z | 2026-01-29T02:35:29Z |
| ghsa-xvmg-3jpr-x7x7 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-22T18:30:38Z | 2026-01-29T00:31:11Z |
| ghsa-xjxg-vwmm-hhvv |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-22T18:30:38Z | 2026-01-29T00:31:11Z |
| ghsa-w3rg-9jrv-74mc |
5.3 (3.1)
|
The User Activity Log WordPress plugin through 2.2 does not properly handle failed login attempts i… | 2026-01-28T06:30:31Z | 2026-01-29T00:31:11Z |
| ghsa-r9vf-35hj-mrm5 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-22T18:30:38Z | 2026-01-29T00:31:11Z |
| ghsa-p75w-4grh-593c |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-22T18:30:38Z | 2026-01-29T00:31:11Z |
| ghsa-mp9g-jg66-vmf4 |
6.3 (3.1)
|
Tanium addressed a SQL injection vulnerability in Asset. | 2026-01-29T00:31:11Z | 2026-01-29T00:31:11Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2016-7 |
|
Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pi… | pillow | 2016-04-13T16:59:00Z | 2021-07-05T00:01:24.042207Z |
| pysec-2014-11 |
|
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of pack… | pip | 2014-11-24T15:59:00Z | 2021-07-05T00:01:24.413265Z |
| pysec-2013-9 |
|
pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a … | pip | 2013-08-17T06:54:00Z | 2021-07-05T00:01:24.378636Z |
| pysec-2013-8 |
|
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perf… | pip | 2013-08-06T02:52:00Z | 2021-07-05T00:01:24.339020Z |
| pysec-2010-9 |
|
ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST com… | pyftpdlib | 2010-10-19T20:00:00Z | 2021-07-05T00:01:24.817551Z |
| pysec-2010-8 |
|
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows r… | pyftpdlib | 2010-10-19T20:00:00Z | 2021-07-05T00:01:24.787287Z |
| pysec-2010-7 |
|
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows r… | pyftpdlib | 2010-10-19T20:00:00Z | 2021-07-05T00:01:24.754790Z |
| pysec-2010-6 |
|
The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticat… | pyftpdlib | 2010-10-19T20:00:00Z | 2021-07-05T00:01:24.722786Z |
| pysec-2010-5 |
|
ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an inv… | pyftpdlib | 2010-10-19T20:00:00Z | 2021-07-05T00:01:24.685476Z |
| pysec-2010-4 |
|
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 al… | pyftpdlib | 2010-10-19T20:00:00Z | 2021-07-05T00:01:24.654243Z |
| pysec-2010-11 |
|
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows r… | pyftpdlib | 2010-10-19T20:00:00Z | 2021-07-05T00:01:24.878652Z |
| pysec-2010-10 |
|
Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib before 0.5.2 allows… | pyftpdlib | 2010-10-19T20:00:00Z | 2021-07-05T00:01:24.847543Z |
| pysec-2018-47 |
|
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin b… | moin | 2018-10-15T19:29:00Z | 2021-07-05T00:01:23.080305Z |
| pysec-2017-22 |
|
An exploitable vulnerability exists in the YAML loading functionality of util.py in OwlMi… | owlmixin | 2017-11-08T03:29:00Z | 2021-07-05T00:01:23.384346Z |
| pysec-2017-21 |
|
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neu… | nova-lxd | 2017-04-12T22:59:00Z | 2021-07-05T00:01:23.183236Z |
| pysec-2017-20 |
|
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin b… | moin | 2017-01-30T22:59:00Z | 2021-07-05T00:01:23.049637Z |
| pysec-2016-6 |
|
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow befo… | pillow | 2016-04-13T16:59:00Z | 2021-07-05T00:01:23.974761Z |
| pysec-2016-5 |
|
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow… | pillow | 2016-04-13T16:59:00Z | 2021-07-05T00:01:23.915090Z |
| pysec-2015-16 |
|
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed… | pillow | 2015-01-16T16:59:00Z | 2021-07-05T00:01:23.853626Z |
| pysec-2015-15 |
|
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a de… | pillow | 2015-05-01T15:59:00Z | 2021-07-05T00:01:23.790243Z |
| pysec-2014-10 |
|
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x … | pillow | 2014-08-25T14:55:00Z | 2021-07-05T00:01:23.718339Z |
| pysec-2013-7 |
|
Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) a… | moin | 2013-01-03T01:55:00Z | 2021-07-05T00:01:23.010630Z |
| pysec-2019-153 |
|
modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided dat… | modulemd | 2019-01-10T21:29:00Z | 2021-07-05T00:01:22.789825Z |
| pysec-2017-19 |
|
An exploitable vulnerability exists in the YAML parsing functionality in the parse_yaml_q… | mlalchemy | 2017-11-08T03:29:00Z | 2021-07-05T00:01:22.762966Z |
| pysec-2017-18 |
|
Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune… | mistune | 2017-12-29T15:29:00Z | 2021-07-05T00:01:22.732782Z |
| pysec-2017-17 |
|
Multiple cross-site scripting (XSS) vulnerabilities in the administration pages in Kallit… | kallithea | 2017-09-19T15:29:00Z | 2021-07-05T00:01:22.152589Z |
| pysec-2017-16 |
|
Cross-site request forgery (CSRF) vulnerability in Kallithea before 0.2. | kallithea | 2017-09-21T14:29:00Z | 2021-07-05T00:01:22.120949Z |
| pysec-2016-4 |
|
The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3… | jwcrypto | 2016-09-01T23:59:00Z | 2021-07-05T00:01:22.078687Z |
| pysec-2015-14 |
|
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers t… | mercurial | 2015-03-31T14:59:00Z | 2021-07-05T00:01:22.697962Z |
| pysec-2015-13 |
|
CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject ar… | kallithea | 2015-10-29T20:59:00Z | 2021-07-05T00:01:22.184837Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-3438 | A vulnerability was found in SourceCodester Prison Management System 1.0 and classified a… | 2024-04-11T05:03:27.241051Z |
| gsd-2024-3437 | A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rat… | 2024-04-11T05:03:27.161557Z |
| gsd-2024-3436 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.357054Z |
| gsd-2024-3435 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.057928Z |
| gsd-2024-3434 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.313876Z |
| gsd-2024-3433 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.425332Z |
| gsd-2024-3432 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.149591Z |
| gsd-2024-3431 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.233402Z |
| gsd-2024-3430 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.098540Z |
| gsd-2024-3429 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.063794Z |
| gsd-2024-3428 | A vulnerability has been found in SourceCodester Online Courseware 1.0 and classified as … | 2024-04-11T05:03:27.190953Z |
| gsd-2024-3427 | A vulnerability, which was classified as problematic, was found in SourceCodester Online … | 2024-04-11T05:03:27.380682Z |
| gsd-2024-3426 | A vulnerability, which was classified as problematic, has been found in SourceCodester On… | 2024-04-11T05:03:27.392807Z |
| gsd-2024-3425 | A vulnerability classified as critical was found in SourceCodester Online Courseware 1.0.… | 2024-04-11T05:03:27.414444Z |
| gsd-2024-3424 | A vulnerability classified as critical has been found in SourceCodester Online Courseware… | 2024-04-11T05:03:27.283686Z |
| gsd-2024-3423 | A vulnerability was found in SourceCodester Online Courseware 1.0. It has been rated as c… | 2024-04-11T05:03:27.335996Z |
| gsd-2024-3422 | A vulnerability was found in SourceCodester Online Courseware 1.0. It has been declared a… | 2024-04-11T05:03:27.347364Z |
| gsd-2024-3421 | A vulnerability was found in SourceCodester Online Courseware 1.0. It has been classified… | 2024-04-11T05:03:27.102989Z |
| gsd-2024-3420 | A vulnerability was found in SourceCodester Online Courseware 1.0 and classified as criti… | 2024-04-11T05:03:27.247125Z |
| gsd-2024-3419 | A vulnerability has been found in SourceCodester Online Courseware 1.0 and classified as … | 2024-04-11T05:03:27.085806Z |
| gsd-2024-3418 | A vulnerability, which was classified as critical, was found in SourceCodester Online Cou… | 2024-04-11T05:03:27.234193Z |
| gsd-2024-3417 | A vulnerability, which was classified as critical, has been found in SourceCodester Onlin… | 2024-04-11T05:03:27.326834Z |
| gsd-2024-3416 | A vulnerability classified as critical was found in SourceCodester Online Courseware 1.0.… | 2024-04-11T05:03:27.302564Z |
| gsd-2024-3415 | A vulnerability was found in SourceCodester Human Resource Information System 1.0. It has… | 2024-04-11T05:03:27.120981Z |
| gsd-2024-3414 | A vulnerability was found in SourceCodester Human Resource Information System 1.0 and cla… | 2024-04-11T05:03:27.382122Z |
| gsd-2024-3413 | A vulnerability has been found in SourceCodester Human Resource Information System 1.0 an… | 2024-04-11T05:03:27.074349Z |
| gsd-2024-3412 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.071888Z |
| gsd-2024-3411 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.115935Z |
| gsd-2024-3410 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.356725Z |
| gsd-2024-3409 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.316530Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192531 | Malicious code in elf-stats-sparkly-fir-398 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T21:38:09Z |
| mal-2025-192528 | Malicious code in elf-stats-snowdusted-marshmallow-228 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T21:38:09Z |
| mal-2025-192340 | Malicious code in elf-stats-sparkly-icicle-845 (npm) | 2025-12-05T21:10:10Z | 2025-12-23T21:38:09Z |
| mal-2025-192283 | Malicious code in elf-stats-sparkly-candy-805 (npm) | 2025-12-03T19:42:46Z | 2025-12-23T21:38:09Z |
| mal-2025-192276 | Malicious code in elf-stats-snowy-northstar-860 (npm) | 2025-12-03T19:25:36Z | 2025-12-23T21:38:09Z |
| mal-2025-192267 | Malicious code in elf-stats-snowdusted-lantern-234 (npm) | 2025-12-03T18:57:54Z | 2025-12-23T21:38:09Z |
| mal-2025-192235 | Malicious code in elf-stats-sprucey-stockpile-628 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T21:38:09Z |
| mal-2025-192233 | Malicious code in elf-stats-snowy-candy-518 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T21:38:09Z |
| mal-2025-192167 | Malicious code in elf-stats-storybook-cookiejar-481 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192166 | Malicious code in elf-stats-storybook-cookiejar-394 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192165 | Malicious code in elf-stats-storybook-bow-866 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192163 | Malicious code in elf-stats-starlit-rocket-905 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192162 | Malicious code in elf-stats-starlit-northstar-873 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192160 | Malicious code in elf-stats-sprucey-train-471 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192157 | Malicious code in elf-stats-sprucey-icicle-606 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192152 | Malicious code in elf-stats-snuggly-workshop-421 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192150 | Malicious code in elf-stats-snuggly-rocket-941 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192149 | Malicious code in elf-stats-snuggly-cookie-673 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192148 | Malicious code in elf-stats-snowy-train-725 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192146 | Malicious code in elf-stats-snowy-snowman-433 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192145 | Malicious code in elf-stats-snowy-sleigh-766 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-192144 | Malicious code in elf-stats-snowy-cookiejar-589 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T21:38:09Z |
| mal-2025-191987 | Malicious code in elf-stats-starlit-ribbon-255 (npm) | 2025-12-03T15:38:17Z | 2025-12-23T21:38:09Z |
| MAL-2025-192533 | Malicious code in elf-stats-sprucey-train-710 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T21:38:09Z |
| MAL-2025-192532 | Malicious code in elf-stats-sparkly-toolkit-821 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T21:38:09Z |
| MAL-2025-192531 | Malicious code in elf-stats-sparkly-fir-398 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T21:38:09Z |
| MAL-2025-192528 | Malicious code in elf-stats-snowdusted-marshmallow-228 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T21:38:09Z |
| MAL-2025-192340 | Malicious code in elf-stats-sparkly-icicle-845 (npm) | 2025-12-05T21:10:10Z | 2025-12-23T21:38:09Z |
| MAL-2025-192283 | Malicious code in elf-stats-sparkly-candy-805 (npm) | 2025-12-03T19:42:46Z | 2025-12-23T21:38:09Z |
| MAL-2025-192276 | Malicious code in elf-stats-snowy-northstar-860 (npm) | 2025-12-03T19:25:36Z | 2025-12-23T21:38:09Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-1506 | Dell BSAFE: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-07-02T22:00:00.000+00:00 | 2025-02-11T23:00:00.000+00:00 |
| wid-sec-w-2023-1754 | IBM InfoSphere Information Server: Mehrere Schwachstellen | 2023-07-16T22:00:00.000+00:00 | 2025-02-11T23:00:00.000+00:00 |
| wid-sec-w-2022-1575 | wget: Schwachstelle ermöglicht Offenlegung von Informationen | 2021-04-28T22:00:00.000+00:00 | 2025-02-11T23:00:00.000+00:00 |
| wid-sec-w-2022-1115 | QEMU: Schwachstelle ermöglicht Denial of Service | 2021-06-20T22:00:00.000+00:00 | 2025-02-11T23:00:00.000+00:00 |
| wid-sec-w-2025-0313 | Siemens SIPROTEC: Mehrere Schwachstellen | 2025-02-10T23:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2025-0312 | Siemens SIMATIC S7: Mehrere Schwachstellen | 2025-02-10T23:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2025-0311 | Siemens TIA Portal: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-02-10T23:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2025-0310 | SolarWinds Kiwi Syslog Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-02-10T23:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2025-0308 | Octopus Deploy: Mehrere Schwachstellen | 2025-02-10T23:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2025-0307 | SAP Patchday Februar 2025: Mehrere Schwachstellen | 2025-02-10T23:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2025-0306 | ABB 800xA: Schwachstelle ermöglicht Manipulation | 2025-02-10T23:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2025-0303 | SolarWinds Platform: Mehrere Schwachstellen | 2025-02-10T23:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2024-3089 | Red Hat Enterprise Linux (Cryostat): Mehrere Schwachstellen ermöglichen Cross-Site Scripting | 2024-10-06T22:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2024-2151 | Ansible: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-09-16T22:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2024-1161 | Cacti: Schwachstelle ermöglicht Cross-Site Scripting | 2024-05-15T22:00:00.000+00:00 | 2025-02-10T23:00:00.000+00:00 |
| wid-sec-w-2025-0300 | NetApp ActiveIQ Unified Manager: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-02-09T23:00:00.000+00:00 | 2025-02-09T23:00:00.000+00:00 |
| wid-sec-w-2025-0299 | IBM Business Automation Workflow: Mehrere Schwachstellen | 2025-02-09T23:00:00.000+00:00 | 2025-02-09T23:00:00.000+00:00 |
| wid-sec-w-2025-0296 | D-LINK DIR-823X Router: Schwachstelle ermöglicht Denial of Service | 2025-02-09T23:00:00.000+00:00 | 2025-02-09T23:00:00.000+00:00 |
| wid-sec-w-2024-3488 | Red Hat OpenShift Container Platform: Mehrere Schwachstellen | 2024-11-18T23:00:00.000+00:00 | 2025-02-09T23:00:00.000+00:00 |
| wid-sec-w-2024-0854 | VMware Tanzu Spring Framework: Schwachstelle ermöglicht Manipulation von Daten | 2024-04-10T22:00:00.000+00:00 | 2025-02-09T23:00:00.000+00:00 |
| wid-sec-w-2025-0293 | Kaspersky Anti-Virus: Schwachstelle ermöglicht Denial of Service | 2025-02-06T23:00:00.000+00:00 | 2025-02-06T23:00:00.000+00:00 |
| wid-sec-w-2025-0290 | HP LaserJet: Schwachstelle ermöglicht Denial of Service | 2025-02-06T23:00:00.000+00:00 | 2025-02-06T23:00:00.000+00:00 |
| wid-sec-w-2025-0289 | Microsoft Dynamics 365: Schwachstelle ermöglicht Privilegieneskalation | 2025-02-06T23:00:00.000+00:00 | 2025-02-06T23:00:00.000+00:00 |
| wid-sec-w-2025-0288 | Sophos XG Firewall: Schwachstelle ermöglicht Codeausführung | 2020-06-29T22:00:00.000+00:00 | 2025-02-06T23:00:00.000+00:00 |
| wid-sec-w-2024-3453 | GitLab: Mehrere Schwachstellen | 2024-11-12T23:00:00.000+00:00 | 2025-02-06T23:00:00.000+00:00 |
| wid-sec-w-2024-0389 | Microsoft Office: Mehrere Schwachstellen | 2024-02-13T23:00:00.000+00:00 | 2025-02-06T23:00:00.000+00:00 |
| wid-sec-w-2022-0333 | Prozessoren: Schwachstelle ermöglicht Offenlegung von Informationen und Umgehung von Kryptografie | 2022-06-14T22:00:00.000+00:00 | 2025-02-06T23:00:00.000+00:00 |
| wid-sec-w-2025-0286 | Cisco IOS, IOS XE and IOS XR: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-02-05T23:00:00.000+00:00 | 2025-02-05T23:00:00.000+00:00 |
| wid-sec-w-2025-0282 | Kemp LoadMaster: Mehrere Schwachstellen | 2025-02-05T23:00:00.000+00:00 | 2025-02-05T23:00:00.000+00:00 |
| wid-sec-w-2025-0280 | Cisco Expressway: Schwachstelle ermöglicht Cross-Site Scripting | 2025-02-05T23:00:00.000+00:00 | 2025-02-05T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2024:0628 | Red Hat Security Advisory: libssh security update | 2024-01-31T08:48:54+00:00 | 2026-02-03T21:19:59+00:00 |
| rhsa-2024:0625 | Red Hat Security Advisory: libssh security update | 2024-01-31T08:36:02+00:00 | 2026-02-03T21:19:59+00:00 |
| rhsa-2024:0538 | Red Hat Security Advisory: libssh security update | 2024-01-29T11:50:44+00:00 | 2026-02-03T21:19:58+00:00 |
| rhsa-2024:0606 | Red Hat Security Advisory: openssh security update | 2024-01-30T14:59:23+00:00 | 2026-02-03T21:19:56+00:00 |
| rhsa-2024:0594 | Red Hat Security Advisory: openssh security update | 2024-01-30T14:13:55+00:00 | 2026-02-03T21:19:56+00:00 |
| rhsa-2024:0564 | Red Hat Security Advisory: container-tools:3.0 security update | 2024-01-30T12:31:12+00:00 | 2026-02-03T21:19:56+00:00 |
| rhsa-2024:0499 | Red Hat Security Advisory: libssh security update | 2024-01-25T15:36:48+00:00 | 2026-02-03T21:19:54+00:00 |
| rhsa-2024:0455 | Red Hat Security Advisory: openssh security update | 2024-01-25T09:21:45+00:00 | 2026-02-03T21:19:50+00:00 |
| rhsa-2024:0429 | Red Hat Security Advisory: openssh security update | 2024-01-25T08:14:09+00:00 | 2026-02-03T21:19:49+00:00 |
| rhsa-2024:0293 | Red Hat Security Advisory: OpenShift Container Platform 4.14.10 packages and security update | 2024-01-23T20:42:27+00:00 | 2026-02-03T21:19:47+00:00 |
| rhsa-2024:0292 | Red Hat Security Advisory: OpenShift Container Platform 4.14.10 security update | 2024-01-23T21:41:52+00:00 | 2026-02-03T21:19:46+00:00 |
| rhsa-2023:7663 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.0.0 operator/operand containers | 2023-12-06T05:00:32+00:00 | 2026-02-03T21:18:54+00:00 |
| rhsa-2023:6420 | Red Hat Security Advisory: grafana security and enhancement update | 2023-11-07T08:59:06+00:00 | 2026-02-03T21:17:46+00:00 |
| rhsa-2023:5447 | Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.0 security and bug fix update | 2023-10-05T01:03:01+00:00 | 2026-02-03T21:16:18+00:00 |
| rhsa-2023:5379 | Red Hat Security Advisory: Network Observability 1.4.0 for OpenShift | 2023-09-28T02:59:49+00:00 | 2026-02-03T21:16:15+00:00 |
| rhsa-2023:5376 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.3 security and bug fix update | 2023-09-27T14:22:37+00:00 | 2026-02-03T21:16:14+00:00 |
| rhsa-2023:4986 | Red Hat Security Advisory: Red Hat OpenShift Distributed Tracing 2.9.0 security update | 2023-09-06T07:56:11+00:00 | 2026-02-03T21:16:03+00:00 |
| rhsa-2023:5001 | Red Hat Security Advisory: OpenShift Container Platform 4.11.49 bug fix and security update | 2023-09-13T05:16:12+00:00 | 2026-02-03T21:16:00+00:00 |
| rhsa-2023:4983 | Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.4 security update | 2023-09-05T18:37:03+00:00 | 2026-02-03T21:15:58+00:00 |
| rhsa-2023:4892 | Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.12 security and bug fix update | 2023-08-31T00:59:09+00:00 | 2026-02-03T21:15:57+00:00 |
| rhsa-2023:4657 | Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.2 security update | 2023-08-23T00:17:54+00:00 | 2026-02-03T21:15:53+00:00 |
| rhsa-2023:4472 | Red Hat Security Advisory: Release of OpenShift Serverless 1.29.1 | 2023-08-03T15:51:26+00:00 | 2026-02-03T21:15:50+00:00 |
| rhsa-2023:4470 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update | 2023-08-03T14:15:32+00:00 | 2026-02-03T21:15:50+00:00 |
| rhsa-2023:4459 | Red Hat Security Advisory: OpenShift Container Platform 4.13.8 packages and security update | 2023-08-08T11:33:17+00:00 | 2026-02-03T21:15:49+00:00 |
| rhsa-2023:4420 | Red Hat Security Advisory: OpenShift Virtualization 4.12.5 RPMs security and bug fix update | 2023-08-01T14:38:32+00:00 | 2026-02-03T21:15:47+00:00 |
| rhsa-2023:4310 | Red Hat Security Advisory: OpenShift Container Platform 4.11.46 security update | 2023-08-02T01:03:06+00:00 | 2026-02-03T21:15:46+00:00 |
| rhsa-2023:4289 | Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.11 security and bug fix update | 2023-07-27T00:53:26+00:00 | 2026-02-03T21:15:45+00:00 |
| rhsa-2023:4093 | Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update | 2023-07-20T17:32:23+00:00 | 2026-02-03T21:15:39+00:00 |
| rhsa-2023:3998 | Red Hat Security Advisory: Logging Subsystem 5.7.3 - Red Hat OpenShift security update | 2023-07-12T17:58:01+00:00 | 2026-02-03T21:15:36+00:00 |
| rhsa-2023:3915 | Red Hat Security Advisory: OpenShift Container Platform 4.11.44 bug fix and security update | 2023-07-06T02:22:38+00:00 | 2026-02-03T21:15:34+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-21-110-05 | Delta Electronics CNCSoft-B | 2021-04-20T00:00:00.000000Z | 2021-04-20T00:00:00.000000Z |
| icsa-21-110-04 | Delta Electronics CNCSoft ScreenEditor | 2021-04-20T00:00:00.000000Z | 2021-04-20T00:00:00.000000Z |
| icsa-21-110-03 | Delta Industrial Automation COMMGR | 2021-04-20T00:00:00.000000Z | 2021-04-20T00:00:00.000000Z |
| icsa-21-110-02 | ICSA-21-110-02_Rockwell Automation Stratix Switches | 2021-04-20T00:00:00.000000Z | 2021-04-20T00:00:00.000000Z |
| icsa-21-110-01 | Hitachi ABB Power Grids Ellipse APM | 2021-04-20T00:00:00.000000Z | 2021-04-20T00:00:00.000000Z |
| icsa-21-096-01 | Hitachi Energy Relion 670, 650 and SAM600-IO | 2021-04-06T00:00:00.000000Z | 2021-04-20T00:00:00.000000Z |
| icsa-20-161-02 | Mitsubishi Electric MELSEC iQ-R Series (Update C) | 2020-06-09T00:00:00.000000Z | 2021-04-20T00:00:00.000000Z |
| icsa-21-105-02 | EIPStackGroup OpENer Ethernet/IP | 2021-04-15T00:00:00.000000Z | 2021-04-15T00:00:00.000000Z |
| icsa-21-105-01 | Schneider Electric C-Bus Toolkit | 2021-04-15T00:00:00.000000Z | 2021-04-15T00:00:00.000000Z |
| icsa-21-103-10 | Siemens and PKE Control Center Server | 2021-04-13T00:00:00.000000Z | 2021-04-13T00:00:00.000000Z |
| icsa-21-103-03 | JTEKT TOYOPUC products | 2021-04-13T00:00:00.000000Z | 2021-04-13T00:00:00.000000Z |
| icsa-21-103-02 | Advantech WebAccessSCADA | 2021-04-13T00:00:00.000000Z | 2021-04-13T00:00:00.000000Z |
| icsa-21-103-01 | Schneider Electric SoMachine Basic | 2021-04-13T00:00:00.000000Z | 2021-04-13T00:00:00.000000Z |
| icsa-19-344-02 | Siemens and PKE SiNVR, SiVMS Video Server (Update A) | 2019-12-10T00:00:00.000000Z | 2021-04-13T00:00:00.000000Z |
| icsma-19-080-01 | Medtronic Conexus Radio Frequency Telemetry Protocol (Update C) | 2019-03-21T00:00:00.000000Z | 2021-04-08T00:00:00.000000Z |
| icsa-21-098-01 | FATEK Automation WinProladder | 2021-04-08T00:00:00.000000Z | 2021-04-08T00:00:00.000000Z |
| icsa-21-091-01 | Rockwell Automation FactoryTalk AssetCentre | 2021-04-01T00:00:00.000000Z | 2021-04-01T00:00:00.000000Z |
| icsma-21-084-01 | Philips Gemini PET/CT Family | 2021-03-25T00:00:00.000000Z | 2021-03-25T00:00:00.000000Z |
| icsa-21-082-03 | GE Reason DR60 | 2021-03-23T00:00:00.000000Z | 2021-03-23T00:00:00.000000Z |
| icsa-21-082-02 | GE MU320E | 2021-03-23T00:00:00.000000Z | 2021-03-23T00:00:00.000000Z |
| icsa-21-082-01 | Weintek EasyWeb cMT | 2021-03-23T00:00:00.000000Z | 2021-03-23T00:00:00.000000Z |
| icsa-21-061-02 | Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers (Update A) | 2021-03-02T00:00:00.000000Z | 2021-03-23T00:00:00.000000Z |
| icsa-21-033-01 | Rockwell Automation MicroLogix 1400 (Update A) | 2021-02-02T00:00:00.000000Z | 2021-03-23T00:00:00.000000Z |
| icsa-21-077-03 | Hitachi ABB Power Grids eSOMS Telerik | 2021-03-18T00:00:00.000000Z | 2021-03-18T00:00:00.000000Z |
| icsa-21-077-02 | Hitachi ABB Power Grids eSOMS | 2021-03-18T00:00:00.000000Z | 2021-03-18T00:00:00.000000Z |
| icsa-21-077-01 | Johnson Controls Exacq Technologies exacqVision | 2021-03-18T00:00:00.000000Z | 2021-03-18T00:00:00.000000Z |
| icsa-21-056-03 | Rockwell Automation Logix Controllers (Update A) | 2021-02-25T00:00:00.000000Z | 2021-03-18T00:00:00.000000Z |
| icsma-17-017-02 | BD Alaris 8015 PC Unit (Update B) | 2017-01-17T00:00:00.000000Z | 2021-03-16T00:00:00.000000Z |
| icsa-21-075-03 | Hitachi ABB Power Grids AFS Series | 2021-03-16T00:00:00.000000Z | 2021-03-16T00:00:00.000000Z |
| icsa-21-075-02 | GE UR family | 2021-03-16T00:00:00.000000Z | 2021-03-16T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-vmanrce-4jtWT28P | Cisco SD-WAN vManage Software Remote Code Execution Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-vmandowndir-cvgvdkm3 | Cisco SD-WAN vManage Software Path Traversal Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-vmandowndir-CVGvdKM3 | Cisco SD-WAN vManage Software Path Traversal Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-visio-dir-sql-inj-fpm3mpft | Cisco Vision Dynamic Signage Director SQL Injection Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-visio-dir-sql-inj-fPm3MPfT | Cisco Vision Dynamic Signage Director SQL Injection Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-vedgfpdos-pkqqrnwv | Cisco SD-WAN vEdge Routers Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-vedgfpdos-PkqQrnwV | Cisco SD-WAN vEdge Routers Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sivm-m8wugr9o | Cisco SD-WAN vManage Software SQL Injection Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sivm-M8wugR9O | Cisco SD-WAN vManage Software SQL Injection Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sdw-dos-kwodyhnb | Cisco SD-WAN Solution Software Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sdw-dos-KWOdyHnB | Cisco SD-WAN Solution Software Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sdscred-hfwwfqbj | Cisco SD-WAN Solution Software Static Credentials Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sdscred-HfWWfqBj | Cisco SD-WAN Solution Software Static Credentials Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sb-rce-dos-9zajkx4 | Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Remote Code Execution and Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sb-rce-dos-9ZAjkx4 | Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Remote Code Execution and Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sb-dos-zn5gvnh7 | Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-sb-dos-ZN5GvNH7 | Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv110w-static-cred-bmtwbwty | Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv110w-static-cred-BMTWBWTy | Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-rce-m4feegwx | Cisco RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Multiple Vulnerabilities | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-rce-m4FEEGWX | Cisco RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Multiple Vulnerabilities | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-rce-aqkreqp | Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-rce-AQKREqp | Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-info-dis-fewbwgsd | Cisco Small Business RV110W and RV215W Series Routers Information Disclosure Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-info-dis-FEWBWgsD | Cisco Small Business RV110W and RV215W Series Routers Information Disclosure Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-auth-bypass-cgv9eruz | Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-rv-auth-bypass-cGv9EruZ | Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-fpdos-horbfd9f | Cisco SD-WAN vEdge Routers Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-fpdos-hORBfd9f | Cisco SD-WAN vEdge Routers Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| cisco-sa-emvman-3y6lutcz | Cisco SD-WAN vManage Software Denial of Service Vulnerability | 2020-07-15T16:00:00+00:00 | 2020-07-15T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-11831 | Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript | 2025-02-02T00:00:00.000Z | 2025-09-03T23:04:58.000Z |
| msrc_cve-2024-49994 | block: fix integer overflow in BLKSECDISCARD | 2024-10-01T07:00:00.000Z | 2025-09-03T23:03:34.000Z |
| msrc_cve-2024-39463 | 9p: add missing locking around taking dentry fid list | 2024-06-02T07:00:00.000Z | 2025-09-03T23:03:27.000Z |
| msrc_cve-2024-33394 | An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component. | 2024-05-02T07:00:00.000Z | 2025-09-03T23:00:32.000Z |
| msrc_cve-2023-24538 | Backticks not treated as string delimiters in html/template | 2023-04-01T00:00:00.000Z | 2025-09-03T23:00:31.000Z |
| msrc_cve-2019-11324 | The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. | 2019-04-02T00:00:00.000Z | 2025-09-03T23:00:29.000Z |
| msrc_cve-2025-8842 | NASM Netwide Assember preproc.c do_directive use after free | 2025-08-02T00:00:00.000Z | 2025-09-03T23:00:16.000Z |
| msrc_cve-2025-38664 | ice: Fix a null pointer dereference in ice_copy_and_init_pkg() | 2025-08-02T00:00:00.000Z | 2025-09-03T23:00:09.000Z |
| msrc_cve-2024-30251 | Denial of service when trying to parse malformed POST requests in aiohttp | 2024-05-02T07:00:00.000Z | 2025-09-03T23:00:09.000Z |
| msrc_cve-2024-11218 | Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile | 2025-01-02T00:00:00.000Z | 2025-09-03T22:59:20.000Z |
| msrc_cve-2025-6032 | Podman: podman missing tls verification | 2025-06-02T00:00:00.000Z | 2025-09-03T22:57:29.000Z |
| msrc_cve-2025-38625 | vfio/pds: Fix missing detach_ioas op | 2025-08-02T00:00:00.000Z | 2025-09-03T22:57:09.000Z |
| msrc_cve-2025-38379 | smb: client: fix warning when reconnecting channel | 2025-07-02T00:00:00.000Z | 2025-09-03T22:56:14.000Z |
| msrc_cve-2024-49897 | drm/amd/display: Check phantom_stream before it is used | 2024-10-01T07:00:00.000Z | 2025-09-03T22:55:58.000Z |
| msrc_cve-2022-49125 | drm/sprd: fix potential NULL dereference | 2025-02-02T00:00:00.000Z | 2025-09-03T22:55:52.000Z |
| msrc_cve-2022-4087 | iPXE TLS tls.c tls_new_ciphertext information exposure | 2022-11-02T00:00:00.000Z | 2025-09-03T22:55:05.000Z |
| msrc_cve-2022-48893 | drm/i915/gt: Cleanup partial engine discovery failures | 2024-08-02T00:00:00.000Z | 2025-09-03T22:55:01.000Z |
| msrc_cve-2025-52555 | CephFS Permission Escalation Vulnerability in Ceph Fuse mounted FS | 2025-06-02T00:00:00.000Z | 2025-09-03T22:54:54.000Z |
| msrc_cve-2023-6856 | The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. | 2023-12-01T08:00:00.000Z | 2025-09-03T22:54:52.000Z |
| msrc_cve-2024-37676 | An issue in htop-dev htop v.2.20 allows a local attacker to cause an out-of-bounds access in the Header_populateFromSettings function. | 2024-06-02T07:00:00.000Z | 2025-09-03T22:54:51.000Z |
| msrc_cve-2025-38623 | PCI: pnv_php: Fix surprise plug detection and recovery | 2025-08-02T00:00:00.000Z | 2025-09-03T22:54:25.000Z |
| msrc_cve-2024-6603 | In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. | 2024-07-01T07:00:00.000Z | 2025-09-03T22:54:02.000Z |
| msrc_cve-2025-1118 | Grub2: commands/dump: the dump command is not in lockdown when secure boot is enabled | 2025-02-02T00:00:00.000Z | 2025-09-03T22:53:33.000Z |
| msrc_cve-2022-49108 | clk: mediatek: Fix memory leaks on probe | 2025-02-02T00:00:00.000Z | 2025-09-03T22:53:13.000Z |
| msrc_cve-2025-37855 | drm/amd/display: Guard Possible Null Pointer Dereference | 2025-05-02T00:00:00.000Z | 2025-09-03T22:53:06.000Z |
| msrc_cve-2023-52572 | cifs: Fix UAF in cifs_demultiplex_thread() | 2024-03-02T08:00:00.000Z | 2025-09-03T22:52:49.000Z |
| msrc_cve-2022-41716 | Unsanitized NUL in environment variables on Windows in syscall and os/exec | 2022-11-02T00:00:00.000Z | 2025-09-03T22:52:17.000Z |
| msrc_cve-2025-8732 | libxml2 xmlcatalog xmlParseSGMLCatalog recursion | 2025-08-02T00:00:00.000Z | 2025-09-03T22:52:04.000Z |
| msrc_cve-2023-49556 | Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term function in the libyasm/expr.c component. | 2024-01-01T08:00:00.000Z | 2025-09-03T22:51:24.000Z |
| msrc_cve-2025-38663 | nilfs2: reject invalid file types when reading inodes | 2025-08-02T00:00:00.000Z | 2025-09-03T22:51:05.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2024:13606-1 | jupyter-notebook-7.0.7-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13605-1 | jupyter-jupyterlab-4.0.11-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13604-1 | golang-github-prometheus-prometheus-2.48.1-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13603-1 | ungoogled-chromium-120.0.6099.224-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13602-1 | java-11-openjdk-11.0.22.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13601-1 | jupyter-lsp-2.2.2-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13600-1 | nodejs-electron-27.2.3-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13599-1 | golang-github-prometheus-alertmanager-0.26.0-4.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13598-1 | xwayland-23.2.4-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13597-1 | xorg-x11-server-21.1.11-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13596-1 | tomcat10-10.1.18-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13595-1 | python310-imagecodecs-2024.1.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13594-1 | java-21-openjdk-21.0.2.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13593-1 | gnutls-3.8.3-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13592-1 | erlang-26.2.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13591-1 | chromedriver-120.0.6099.224-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13590-1 | tomcat-9.0.85-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13589-1 | libBasicUsageEnvironment2-2023.11.30-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13588-1 | libebml-devel-1.4.5-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13587-1 | java-17-openjdk-17.0.10.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13586-1 | grafana-10.1.5-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13585-1 | ungoogled-chromium-120.0.6099.216-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13584-1 | perl-Spreadsheet-ParseXLSX-0.290.0-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13583-1 | chromedriver-120.0.6099.216-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13582-1 | SDL2-devel-2.28.5-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13581-1 | python310-Jinja2-3.1.3-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13580-1 | jsch-0.2.15-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13579-1 | ctdb-4.19.4+git.339.acf1ccaa020-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13578-1 | libuev-devel-2.4.1-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13577-1 | libpng16-16-1.6.40-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-envoy-2021-32780 | Incorrect handling of H/2 GOAWAY followed by SETTINGS frames | 2024-03-06T10:57:54.997Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2021-32779 | Incorrectly handling of URI '#fragment' element as part of the path element | 2024-03-06T10:58:04.972Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2021-32778 | Excessive CPU utilization when closing HTTP/2 streams | 2024-03-06T10:58:13.992Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2021-32777 | Incorrect concatenation of multiple value request headers in ext-authz extension | 2024-03-06T10:58:27.361Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2021-29492 | Bypass of path matching rules using escaped slash characters | 2024-03-06T10:58:39.469Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2021-21378 | JWT authentication bypass with unknown issuer token | 2024-03-06T10:59:25.814Z | 2025-05-20T10:02:07.006Z |
| bit-envoy-2020-15104 | TLS Validation Vulnerability in Envoy | 2024-03-06T11:00:31.369Z | 2025-05-20T10:02:07.006Z |
| bit-elk-2025-25016 | Kibana Unrestricted Upload of File | 2025-05-03T05:39:08.441Z | 2025-05-20T10:02:07.006Z |
| bit-elk-2025-25015 | Kibana arbitrary code execution via prototype pollution | 2025-03-07T20:52:06.865Z | 2025-05-20T10:02:07.006Z |
| bit-elk-2024-52972 | Kibana allocation of resources without limits or throttling leads to crash | 2025-01-27T07:09:41.033Z | 2025-05-20T10:02:07.006Z |
| bit-elk-2024-43710 | Kibana server-side request forgery | 2025-01-27T07:09:48.425Z | 2025-05-20T10:02:07.006Z |
| bit-elk-2024-37281 | Kibana Denial of Service issue | 2024-08-01T07:17:29.618Z | 2025-05-20T10:02:07.006Z |
| bit-elk-2024-37279 | Kibana Broken Access Control issue | 2024-06-17T07:17:38.239Z | 2025-05-20T10:02:07.006Z |
| bit-elk-2024-23442 | Kibana open redirect issue | 2024-06-18T07:17:33.634Z | 2025-05-20T10:02:07.006Z |
| bit-elk-2024-11390 | Kibana Unrestricted Upload of File with Dangerous Type Can Lead to XSS | 2025-05-03T05:37:15.652Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-52980 | Elasticsearch Uncontrolled Resource Consumption vulnerability | 2025-04-10T07:10:13.338Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-43709 | Elasticsearch allocation of resources without limits or throttling leads to crash | 2025-02-01T07:09:48.913Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-37280 | Elasticsearch StackOverflow vulnerability | 2024-06-17T07:17:36.635Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-23451 | Elasticsearch Incorrect Authorization in the Remote Cluster Security API key based security model | 2024-05-14T07:16:58.593Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-23450 | Elasticsearch Uncontrolled Resource Consumption vulnerability | 2024-05-14T07:17:11.184Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-23449 | Elasticsearch Uncaught Exception | 2024-05-14T07:17:25.293Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-23445 | Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions | 2024-06-17T07:18:35.231Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-23444 | Elasticsearch elasticsearch-certutil csr fails to encrypt private key | 2024-08-02T07:18:37.023Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2024-12539 | Elasticsearch Incorrect Authorization | 2024-12-19T07:08:44.980Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2023-46674 | Elasticsearch-hadoop Unsafe Deserialization | 2024-03-06T10:51:29.796Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2023-31419 | Elasticsearch StackOverflow vulnerability | 2024-03-06T10:51:47.965Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2023-31418 | Elasticsearch uncontrolled resource consumption | 2024-03-06T10:51:58.187Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2023-31417 | Elasticsearch Insertion of sensitive information in audit logs | 2024-03-06T10:52:07.793Z | 2025-05-20T10:02:07.006Z |
| bit-elasticsearch-2021-37937 | Elasticsearch privilege escalation | 2024-03-06T10:52:41.376Z | 2025-05-20T10:02:07.006Z |
| bit-drupal-2025-31674 | Drupal core - Moderately critical - Gadget Chain - SA-CORE-2025-003 | 2025-05-02T05:46:04.051Z | 2025-05-20T10:02:07.006Z |
| ID | Description | Updated |
|---|---|---|
| var-202002-0214 | In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write… | 2024-02-27T23:07:41.847000Z |
| var-202402-1803 | An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS versi… | 2024-02-27T23:06:09.479000Z |
| var-200505-0198 | Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other vers… | 2024-02-27T22:53:51.996000Z |
| var-200907-0445 | Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (m… | 2024-02-27T22:16:58.978000Z |
| var-202105-1476 | An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and… | 2024-02-27T21:58:56.714000Z |
| var-202105-1429 | An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, … | 2024-02-27T20:24:19.155000Z |
| var-202105-1477 | An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3… | 2024-02-27T19:14:44.708000Z |
| var-200203-0011 | Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or r… | 2024-02-26T22:51:43.141000Z |
| var-201706-0438 | Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware vers… | 2024-02-26T22:48:07.734000Z |
| var-201104-0076 | Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.1… | 2024-02-26T22:22:58.648000Z |
| var-200711-0249 | Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.… | 2024-02-26T21:58:59.668000Z |
| var-202402-1248 | A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All version… | 2024-02-24T22:55:23.183000Z |
| var-202309-0575 | A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visua… | 2024-02-23T20:27:35.795000Z |
| var-200711-0210 | Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyon… | 2024-02-22T23:05:04.317000Z |
| var-202312-1526 | An improper neutralization of input during web page generation ('cross-site scripting') i… | 2024-02-22T23:00:21.326000Z |
| var-202007-1057 | A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) … | 2024-02-22T23:00:06.178000Z |
| var-200901-0408 | Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stac… | 2024-02-22T22:59:46.486000Z |
| var-202401-2083 | TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vul… | 2024-02-22T22:59:00.640000Z |
| var-200802-0381 | The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56… | 2024-02-22T22:49:53.121000Z |
| var-200911-0246 | Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote a… | 2024-02-22T22:49:51.008000Z |
| var-202401-2215 | TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vul… | 2024-02-22T22:46:17.642000Z |
| var-202312-1696 | A improper neutralization of input during web page generation ('cross-site scripting') in… | 2024-02-22T22:46:17.839000Z |
| var-200709-0395 | Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.… | 2024-02-22T22:44:28.185000Z |
| var-200801-0123 | OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 sends the … | 2024-02-22T22:42:05.608000Z |
| var-200212-0658 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the retu… | 2024-02-22T22:41:24.411000Z |
| var-202402-1322 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < … | 2024-02-22T22:23:10.829000Z |
| var-200812-0329 | The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext conf… | 2024-02-22T22:22:40.709000Z |
| var-200902-0476 | XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with… | 2024-02-22T22:11:14.505000Z |
| var-202402-1324 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < … | 2024-02-22T20:48:02.808000Z |
| var-201912-0889 | Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of un… | 2024-02-22T20:10:54.285000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2009-000034 | IMG-BBS from MT312 vulnerable to cross-site scripting | 2009-05-29T16:19+09:00 | 2009-05-29T16:19+09:00 |
| jvndb-2009-000033 | REP-BBS from MT312 vulnerable to cross-site scripting | 2009-05-29T16:19+09:00 | 2009-05-29T16:19+09:00 |
| jvndb-2009-000032 | Directory traversal vulnerability in multiple Cisco Systems products | 2009-05-29T16:19+09:00 | 2009-05-29T16:19+09:00 |
| jvndb-2009-000031 | Cross-site scripting vulnerability in leger (free edition) | 2009-05-27T18:28+09:00 | 2009-05-27T18:28+09:00 |
| jvndb-2009-000030 | a-News from Appleple vulnerable to cross-site scripting | 2009-05-22T14:31+09:00 | 2009-05-22T14:31+09:00 |
| jvndb-2009-000029 | HP System Management Homepage vulnerable to cross-site scripting | 2009-05-20T16:01+09:00 | 2009-05-20T16:01+09:00 |
| jvndb-2009-000028 | Trees from CGI RESCUE vulnerable to cross-site scripting | 2009-05-19T13:41+09:00 | 2009-05-19T13:41+09:00 |
| jvndb-2009-000027 | Sun GlassFish Enterprise Server and Sun Java System Application Server vulnerable to cross-site scripting | 2009-05-13T15:37+09:00 | 2009-05-13T15:37+09:00 |
| jvndb-2009-000026 | SQL injection vulnerability in SKIP from SKIP User Group | 2009-05-12T17:50+09:00 | 2009-05-12T17:50+09:00 |
| jvndb-2009-000025 | Cross-site scripting vulnerability in SKIP from SKIP User Group | 2009-05-12T17:50+09:00 | 2009-05-12T17:50+09:00 |
| jvndb-2008-000078 | CGI RESCUE MiniBBS2000 directory traversal vulnerability | 2008-11-26T17:50+09:00 | 2009-04-30T15:35+09:00 |
| jvndb-2009-000024 | Web Mailer from CGI RESCUE vulnerable to HTTP header injection | 2009-04-28T16:36+09:00 | 2009-04-28T16:36+09:00 |
| jvndb-2009-000023 | FORM2MAIL from CGI RESCUE allows unauthorized email transmission | 2009-04-28T16:35+09:00 | 2009-04-28T16:35+09:00 |
| jvndb-2009-000022 | Cross-site scripting vulnerability in MiniBBS from CGI RESCUE | 2009-04-28T16:35+09:00 | 2009-04-28T16:35+09:00 |
| jvndb-2009-000021 | MiniBBS22 from CGI RESCUE allows unauthorized email transmission | 2009-04-28T16:35+09:00 | 2009-04-28T16:35+09:00 |
| jvndb-2009-000019 | Cross-site scripting vulnerability in apricot.php from LovPop.net | 2009-04-17T14:40+09:00 | 2009-04-17T14:40+09:00 |
| jvndb-2009-001135 | Fujitsu Jasmine HTTP Response Splitting Vulnerability When Executing WebLink Template | 2009-04-17T14:13+09:00 | 2009-04-17T14:13+09:00 |
| jvndb-2009-000017 | XOOPS Cube Legacy cross-site scripting vulnerability | 2009-04-07T17:06+09:00 | 2009-04-07T17:06+09:00 |
| jvndb-2009-000016 | Access Analyzer CGI Professional Version vulnerability allows third party to gain administrative privileges | 2009-03-31T16:08+09:00 | 2009-03-31T16:08+09:00 |
| jvndb-2008-001647 | Jasmine WebLink Template Multiple Vulnerabilities | 2008-09-18T11:48+09:00 | 2009-03-30T14:29+09:00 |
| jvndb-2009-001087 | Fujitsu Enhanced Support Facility HRM-S Hardware/Software Information Disclosure Vulnerability | 2009-03-24T17:35+09:00 | 2009-03-24T17:35+09:00 |
| jvndb-2009-000015 | Cross-site scripting vulnerability in Access Analyzer CGI Standard Version (Ver. 3.x) | 2009-03-16T17:07+09:00 | 2009-03-16T17:07+09:00 |
| jvndb-2009-000014 | MP Form Mail CGI vulnerability allows third party to gain administrative privileges | 2009-03-13T16:25+09:00 | 2009-03-13T16:25+09:00 |
| jvndb-2009-000012 | Buffer overflow vulnerability in ActiveX Control for Sony SNC series network cameras | 2009-03-09T16:27+09:00 | 2009-03-09T16:27+09:00 |
| jvndb-2009-000013 | PEAK XOOPS piCal cross-site scripting vulnerability | 2009-03-03T16:37+09:00 | 2009-03-03T16:37+09:00 |
| jvndb-2009-001033 | Multiple Vulnerabilities in uCosminexus Portal Framework | 2009-03-02T17:38+09:00 | 2009-03-02T17:38+09:00 |
| jvndb-2009-001032 | JP1/Cm2/Network Node Manager Denial of Service (DoS) Vulnerability | 2009-03-02T17:38+09:00 | 2009-03-02T17:38+09:00 |
| jvndb-2009-000010 | Apache Tomcat information disclosure vulnerability | 2009-02-26T15:28+09:00 | 2009-02-26T15:28+09:00 |
| jvndb-2009-001025 | Vulnerability allowing Viewing/Updating of Other Users' Information in Groupmax World Wide Web Desktop Version 6 | 2009-02-26T11:55+09:00 | 2009-02-26T11:55+09:00 |
| jvndb-2009-000009 | FAST ESP cross-site scripting vulnerability | 2009-02-17T11:55+09:00 | 2009-02-17T11:55+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2025:01611-1 | Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) | 2025-05-21T08:03:50Z | 2025-05-21T08:03:50Z |
| suse-su-2025:01610-1 | Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) | 2025-05-21T07:03:54Z | 2025-05-21T07:03:54Z |
| suse-su-2025:01603-1 | Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6) | 2025-05-20T12:04:02Z | 2025-05-20T12:04:02Z |
| suse-su-2025:01601-1 | Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) | 2025-05-20T12:03:40Z | 2025-05-20T12:03:40Z |
| suse-su-2025:01600-1 | Security update for the Linux Kernel | 2025-05-20T11:49:32Z | 2025-05-20T11:49:32Z |
| suse-su-2025:01599-1 | Security update for glib2 | 2025-05-20T10:52:51Z | 2025-05-20T10:52:51Z |
| suse-su-2025:20331-1 | Security update for python-httpcore, python-h11 | 2025-05-20T08:49:02Z | 2025-05-20T08:49:02Z |
| suse-su-2025:20330-1 | Security update for python-h11, python-httpcore | 2025-05-20T08:39:06Z | 2025-05-20T08:39:06Z |
| suse-su-2025:01598-1 | Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5) | 2025-05-20T08:34:45Z | 2025-05-20T08:34:45Z |
| suse-su-2025:01596-1 | Security update for helm | 2025-05-20T07:55:08Z | 2025-05-20T07:55:08Z |
| suse-su-2025:01593-1 | Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5) | 2025-05-20T00:35:35Z | 2025-05-20T00:35:35Z |
| suse-su-2025:01591-1 | Security update for python-maturin | 2025-05-19T21:24:46Z | 2025-05-19T21:24:46Z |
| suse-su-2025:01590-1 | Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) | 2025-05-19T20:39:22Z | 2025-05-19T20:39:22Z |
| suse-su-2025:01586-1 | Security update for rubygem-rack | 2025-05-19T17:23:40Z | 2025-05-19T17:23:40Z |
| suse-su-2025:01585-1 | Security update for apache2-mod_auth_openidc | 2025-05-19T17:21:51Z | 2025-05-19T17:21:51Z |
| suse-su-2025:1583-1 | Security update for brltty | 2025-05-19T14:23:41Z | 2025-05-19T14:23:41Z |
| suse-su-2025:1582-1 | Security update for brltty | 2025-05-19T14:23:04Z | 2025-05-19T14:23:04Z |
| suse-su-2025:1579-1 | Security update for brltty | 2025-05-19T12:40:43Z | 2025-05-19T12:40:43Z |
| suse-su-2025:1576-1 | Security update for openssh | 2025-05-19T04:49:08Z | 2025-05-19T04:49:08Z |
| suse-su-2025:1574-1 | Security update for the Linux Kernel | 2025-05-16T18:36:34Z | 2025-05-16T18:36:34Z |
| suse-su-2025:1573-1 | Security update for the Linux Kernel | 2025-05-16T16:32:08Z | 2025-05-16T16:32:08Z |
| suse-su-2025:1572-1 | Security update for libraw | 2025-05-16T14:07:06Z | 2025-05-16T14:07:06Z |
| suse-su-2025:1571-1 | Security update for gimp | 2025-05-16T13:48:57Z | 2025-05-16T13:48:57Z |
| suse-su-2025:1570-1 | Security update for cargo-c | 2025-05-16T13:44:03Z | 2025-05-16T13:44:03Z |
| suse-su-2025:1569-1 | Security update for libraw | 2025-05-16T13:43:41Z | 2025-05-16T13:43:41Z |
| suse-su-2025:1567-1 | Security update for microcode_ctl | 2025-05-16T13:38:05Z | 2025-05-16T13:38:05Z |
| suse-su-2025:20323-1 | Security update for sqlite3 | 2025-05-16T12:45:12Z | 2025-05-16T12:45:12Z |
| suse-su-2025:1566-1 | Security update for valkey | 2025-05-16T12:02:15Z | 2025-05-16T12:02:15Z |
| suse-su-2025:1565-1 | Security update for open-vm-tools | 2025-05-16T11:05:10Z | 2025-05-16T11:05:10Z |
| suse-su-2025:1550-1 | Security update for openssl-3 | 2025-05-16T00:16:12Z | 2025-05-16T00:16:12Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-25737 | Job Diary view-emp.php文件SQL注入漏洞 | 2025-07-21 | 2025-10-29 |
| cnvd-2025-25736 | Job Diary view-all.php文件SQL注入漏洞 | 2025-07-21 | 2025-10-29 |
| cnvd-2025-25734 | Job Diary user-apply.php文件SQL注入漏洞 | 2025-08-20 | 2025-10-29 |
| cnvd-2025-25733 | Job Diary edit-details.php文件SQL注入漏洞 | 2025-08-20 | 2025-10-29 |
| cnvd-2025-25732 | Job Diary admin-inbox.php文件SQL注入漏洞 | 2025-08-20 | 2025-10-29 |
| cnvd-2025-25715 | Automated Voting System update_user.php文件SQL注入漏洞 | 2025-10-17 | 2025-10-29 |
| cnvd-2025-25714 | Automated Voting System add_candidate_modal.php文件SQL注入漏洞 | 2025-10-17 | 2025-10-29 |
| cnvd-2025-25713 | Microsoft Inbox COM Objects代码执行漏洞(CNVD-2025-25713) | 2025-10-17 | 2025-10-29 |
| cnvd-2025-25712 | Microsoft Inbox COM Objects代码执行漏洞 | 2025-10-17 | 2025-10-29 |
| cnvd-2025-25601 | D-Link DIR-2150操作系统命令注入漏洞 | 2022-09-19 | 2025-10-29 |
| cnvd-2025-25599 | D-Link DIR-2640命令注入漏洞 | 2024-07-12 | 2025-10-29 |
| cnvd-2025-25581 | Huawei HarmonyOS和EMUI目录遍历漏洞 | 2024-09-10 | 2025-10-29 |
| cnvd-2025-25577 | Apple macOS Sequoia信息泄露漏洞 | 2025-03-27 | 2025-10-29 |
| cnvd-2025-25576 | Apple macOS Sonoma权限问题漏洞 | 2025-03-31 | 2025-10-29 |
| cnvd-2025-25575 | Apple macOS Sonoma越界读取漏洞 | 2025-04-01 | 2025-10-29 |
| cnvd-2025-25570 | Online Banquet Booking System login.php文件跨站脚本漏洞 | 2025-07-23 | 2025-10-29 |
| cnvd-2025-25569 | Online Banquet Booking System booking-search.php文件跨站脚本漏洞 | 2025-07-23 | 2025-10-29 |
| cnvd-2025-25600 | Huawei HarmonyOS和EMUI静默截图漏洞 | 2024-06-21 | 2025-10-28 |
| cnvd-2025-25598 | D-Link DAP-1325 SubnetMask命令注入漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25597 | D-Link DAP-1325 SetAPLanSettings命令注入漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25596 | D-Link DAP-1325 lan_ipaddr堆栈缓冲区溢出漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25595 | D-Link DAP-1325 StaticPrefixLength堆栈缓冲区溢出漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25594 | D-Link DAP-1325 StaticDNS2堆栈缓冲区溢出漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25593 | D-Link DAP-1325 StaticDNS1堆栈缓冲区溢出漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25592 | D-Link DAP-1325 StaticDefaultGateway堆栈缓冲区溢出漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25591 | D-Link DAP-1325 SetHostIPv6StaticSettings堆栈缓冲区溢出漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25590 | D-Link DAP-1325 SubnetMask栈缓冲区溢出漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25589 | D-Link DAP-1325 secondaryDNS栈缓冲区溢出漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25588 | D-Link DAP-1325 SetAPLanSettings栈缓冲区溢出漏洞 | 2024-07-19 | 2025-10-28 |
| cnvd-2025-25587 | Huawei HarmonyOS和EMUI明文漏洞 | 2024-07-29 | 2025-10-28 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0975 | Multiples vulnérabilités dans Microsoft Windows | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0974 | Multiples vulnérabilités dans Microsoft Office | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0973 | Vulnérabilité dans les produits Citrix | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0972 | Vulnérabilité dans les produits Adobe | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0971 | Multiples vulnérabilités dans Grafana | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0970 | Multiples vulnérabilités dans Google Chrome | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0968 | Multiples vulnérabilités dans les produits Siemens | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0967 | Multiples vulnérabilités dans les produits Ivanti | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0966 | Multiples vulnérabilités dans Nagios XI | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0965 | Multiples vulnérabilités dans les produits PrimX | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0964 | Multiples vulnérabilités dans les produits Citrix | 2024-11-12T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0982 | Vulnérabilité dans CPython | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0981 | Multiples vulnérabilités dans GitLab | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0980 | Multiples vulnérabilités dans les produits Intel | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0979 | Multiples vulnérabilités dans les produits Fortinet | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0978 | Multiples vulnérabilités dans les produits Microsoft | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0977 | Multiples vulnérabilités dans Microsoft Azure | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0976 | Multiples vulnérabilités dans Microsoft .Net | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0975 | Multiples vulnérabilités dans Microsoft Windows | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0974 | Multiples vulnérabilités dans Microsoft Office | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0973 | Vulnérabilité dans les produits Citrix | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0972 | Vulnérabilité dans les produits Adobe | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0971 | Multiples vulnérabilités dans Grafana | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0970 | Multiples vulnérabilités dans Google Chrome | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0968 | Multiples vulnérabilités dans les produits Siemens | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0967 | Multiples vulnérabilités dans les produits Ivanti | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0966 | Multiples vulnérabilités dans Nagios XI | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0965 | Multiples vulnérabilités dans les produits PrimX | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| CERTFR-2024-AVI-0964 | Multiples vulnérabilités dans les produits Citrix | 2024-11-12T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0963 | Multiples vulnérabilités dans Xen | 2024-11-12T00:00:00.000000 | 2024-11-12T00:00:00.000000 |