Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-0398 |
5.3 (3.1)
|
Crafted zones can lead to increased resource usage and… |
PowerDNS |
Recursor |
2026-02-09T14:20:46.592Z | 2026-02-09T15:37:04.885Z |
| CVE-2026-22903 |
9.8 (3.1)
|
Stack Overflow via SESSIONID Cookie in lighttpd |
WAGO |
0852-1322 |
2026-02-09T07:39:42.537Z | 2026-02-09T15:36:36.790Z |
| CVE-2026-22904 |
9.8 (3.1)
|
Stack Overflow via Oversized Cookie Fields in lighttpd |
WAGO |
0852-1322 |
2026-02-09T07:40:00.484Z | 2026-02-09T15:34:53.334Z |
| CVE-2026-22905 |
7.5 (3.1)
|
Authentication Bypass via URI Traversal |
WAGO |
0852-1322 |
2026-02-09T07:40:17.801Z | 2026-02-09T15:33:33.687Z |
| CVE-2026-22906 |
9.8 (3.1)
|
Hardcoded Key Allows Credential Disclosure |
WAGO |
0852-1322 |
2026-02-09T07:40:33.546Z | 2026-02-09T15:31:17.549Z |
| CVE-2026-24416 |
8.7 (4.0)
|
OpenSTAManager has a Time-Based Blind SQL Injection in… |
devcode-it |
openstamanager |
2026-02-06T18:08:44.717Z | 2026-02-09T15:29:19.281Z |
| CVE-2025-69216 |
8.7 (4.0)
|
OpenSTAManager has an SQL Injection in Scadenzario Pri… |
devcode-it |
openstamanager |
2026-02-06T18:10:33.838Z | 2026-02-09T15:29:13.943Z |
| CVE-2025-69214 |
8.7 (4.0)
|
OpenSTAManager has a SQL Injection in ajax_select.php … |
devcode-it |
openstamanager |
2026-02-06T18:11:34.102Z | 2026-02-09T15:29:08.194Z |
| CVE-2025-69212 |
9.4 (4.0)
|
OpenSTAManager has an OS Command Injection in P7M File… |
devcode-it |
openstamanager |
2026-02-06T18:12:38.391Z | 2026-02-09T15:29:00.443Z |
| CVE-2026-24050 |
1.1 (4.0)
|
Zulip affected by Stored XSS in user profile modal |
zulip |
zulip |
2026-02-06T18:20:33.160Z | 2026-02-09T15:28:55.237Z |
| CVE-2026-25651 |
6.1 (3.1)
|
client-certificate-auth has an Open Redirect via Host … |
tgies |
client-certificate-auth |
2026-02-06T18:50:26.046Z | 2026-02-09T15:28:48.992Z |
| CVE-2026-25650 |
6.6 (4.0)
|
MCP Salesforce Connector has arbitrary attribute acces… |
smn2gnt |
MCP-Salesforce |
2026-02-06T18:53:58.009Z | 2026-02-09T15:28:43.765Z |
| CVE-2026-25753 |
9.3 (4.0)
|
PlaciPy has a Hard-Coded Default Password for All Stud… |
Praskla-Technology |
assessment-placipy |
2026-02-06T18:57:31.419Z | 2026-02-09T15:28:38.433Z |
| CVE-2026-25647 |
4.6 (3.1)
|
Lute has a Stored Cross-Site Scripting (XSS) via Markd… |
siyuan-note |
siyuan |
2026-02-06T19:03:36.847Z | 2026-02-09T15:28:33.222Z |
| CVE-2026-25752 |
9.3 (4.0)
|
FUXA Unauthenticated Remote Arbitrary Device Tag Write |
frangoteam |
FUXA |
2026-02-06T19:05:57.771Z | 2026-02-09T15:28:27.869Z |
| CVE-2026-25751 |
9.1 (4.0)
|
FUXA Unauthenticated Exposure of Plaintext Database Cr… |
frangoteam |
FUXA |
2026-02-06T19:07:17.314Z | 2026-02-09T15:28:22.521Z |
| CVE-2026-22254 |
0 (3.1)
|
Winter Affected by Stored Cross-Site Scripting (XSS) i… |
wintercms |
winter |
2026-02-06T19:11:27.260Z | 2026-02-09T15:28:17.194Z |
| CVE-2026-25592 |
10 (3.1)
|
Semantic Kernel has an Arbitrary File Write via AI Age… |
microsoft |
semantic-kernel |
2026-02-06T20:38:28.770Z | 2026-02-09T15:27:59.698Z |
| CVE-2026-25597 |
5.3 (3.1)
|
PrestaShop has a time based enumeration in FO login form |
PrestaShop |
PrestaShop |
2026-02-06T20:47:24.793Z | 2026-02-09T15:27:54.047Z |
| CVE-2026-25593 |
8.4 (3.1)
|
OpenClaw Affected by Unauthenticated Local RCE via Web… |
openclaw |
openclaw |
2026-02-06T20:56:02.824Z | 2026-02-09T15:27:48.829Z |
| CVE-2026-25581 |
5.4 (3.1)
|
SCEditor affected by DOM XSS via emoticon URL/HTML injection |
samclarke |
SCEditor |
2026-02-06T20:58:02.788Z | 2026-02-09T15:27:43.193Z |
| CVE-2026-1709 |
9.4 (3.1)
|
Keylime: keylime: authentication bypass allows unautho… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-02-06T19:13:27.695Z | 2026-02-09T15:27:42.142Z |
| CVE-2026-25580 |
8.6 (3.1)
|
Pydantic AI Affected by Server-Side Request Forgery (S… |
pydantic |
pydantic-ai |
2026-02-06T21:01:38.035Z | 2026-02-09T15:27:37.772Z |
| CVE-2026-25574 |
5.4 (3.1)
|
Payload Affected by Cross-Collection IDOR in payload-p… |
payloadcms |
payload |
2026-02-06T21:04:48.036Z | 2026-02-09T15:27:32.333Z |
| CVE-2026-25544 |
9.8 (3.1)
|
Payload has an SQL Injection in JSON/RichText Queries … |
payloadcms |
payload |
2026-02-06T21:07:01.122Z | 2026-02-09T15:27:26.616Z |
| CVE-2026-25732 |
7.5 (3.1)
|
NiceGUI's Path Traversal via Unsanitized FileUpload.na… |
zauberzeug |
nicegui |
2026-02-06T21:09:58.389Z | 2026-02-09T15:27:21.089Z |
| CVE-2026-25516 |
6.1 (3.1)
|
NiceGUI's XSS vulnerability in ui.markdown() allows ar… |
zauberzeug |
nicegui |
2026-02-06T21:12:19.501Z | 2026-02-09T15:27:15.351Z |
| CVE-2026-25533 |
6.4 (4.0)
|
Enclave has a sandbox escape via infinite recursion an… |
agentfront |
enclave |
2026-02-06T21:16:57.162Z | 2026-02-09T15:27:09.399Z |
| CVE-2026-25123 |
5.3 (3.1)
|
Homarr affected by Unauthenticated SSRF / Port-Scan Pr… |
homarr-labs |
homarr |
2026-02-06T21:19:40.212Z | 2026-02-09T15:27:03.275Z |
| CVE-2025-68621 |
7.4 (3.1)
|
Trilium Notes has a Timing Attack Vulnerability in /ap… |
TriliumNext |
Trilium |
2026-02-06T21:21:19.308Z | 2026-02-09T15:26:56.399Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-15542 |
6.3 (4.0)
|
Denial of Service (DoS) of VoIP Communication on TP-Li… |
TP-Link Systems Inc. |
VX800v v1.0 |
2026-01-29T18:06:21.474Z | 2026-01-29T18:47:56.331Z |
| CVE-2025-15541 |
6.9 (4.0)
|
Access to System Files via SFTP on TP-Link VX800v |
TP-Link Systems Inc. |
VX800v v1.0 |
2026-01-29T18:05:57.407Z | 2026-01-29T20:37:28.996Z |
| CVE-2025-13399 |
7.7 (4.0)
|
Insecure Encryption in Communication with the Web Inte… |
TP-Link Systems Inc. |
VX800v v1.0 |
2026-01-29T18:05:28.668Z | 2026-01-30T04:55:41.785Z |
| CVE-2026-25211 |
3.2 (3.1)
|
Llama Stack (aka llama-stack) before 0.4.0rc3 doe… |
llamastack |
Llama Stack |
2026-01-30T07:16:14.350Z | 2026-02-03T16:42:00.560Z |
| CVE-2026-25210 |
6.9 (3.1)
|
In libexpat before 2.7.4, the doContent function … |
libexpat project |
libexpat |
2026-01-30T06:40:27.917Z | 2026-02-03T16:42:10.810Z |
| CVE-2026-25154 |
6.1 (3.1)
|
LocalSend has Stored XSS in Web Share Interface via Filename |
localsend |
localsend |
2026-01-30T21:59:30.234Z | 2026-02-02T16:29:18.825Z |
| CVE-2026-25153 |
7.7 (3.1)
|
@backstage/plugin-techdocs-node vulnerable to arbitrar… |
backstage |
backstage |
2026-01-30T21:31:58.870Z | 2026-02-02T16:29:34.938Z |
| CVE-2026-25152 |
5.3 (3.1)
|
@backstage/plugin-techdocs-node vulnerable to possible… |
backstage |
backstage |
2026-01-30T21:51:22.277Z | 2026-02-02T16:29:27.963Z |
| CVE-2026-25141 |
9.3 (4.0)
|
Orval has a code injection via unsanitized x-enum-desc… |
orval-labs |
orval |
2026-01-30T20:19:04.333Z | 2026-02-02T18:00:17.681Z |
| CVE-2026-25130 |
9.7 (3.1)
|
Cybersecurity AI vulnerable to command Injection throu… |
aliasrobotics |
cai |
2026-01-30T20:15:51.772Z | 2026-02-02T18:01:06.518Z |
| CVE-2026-25129 |
6.7 (3.1)
|
PsySH has Local Privilege Escalation via CWD .psysh.ph… |
bobthecow |
psysh |
2026-01-30T20:12:48.651Z | 2026-02-02T15:45:55.276Z |
| CVE-2026-25126 |
7.1 (3.1)
|
PolarLearn's unvalidated vote direction allows vote co… |
polarnl |
PolarLearn |
2026-01-29T22:06:37.224Z | 2026-02-02T16:34:07.949Z |
| CVE-2026-25117 |
8.3 (4.0)
|
pwn.college DOJO vulnerable to sandbox escape leading … |
pwncollege |
dojo |
2026-01-29T21:53:57.243Z | 2026-02-02T16:34:41.953Z |
| CVE-2026-25116 |
7.6 (3.1)
|
Runtipi vulnerable to unauthenticated docker-compose.y… |
runtipi |
runtipi |
2026-01-29T21:49:49.450Z | 2026-02-02T16:34:53.306Z |
| CVE-2026-25050 |
2.7 (4.0)
|
Vendure vulnerable to timing attack that enables user … |
vendurehq |
vendure |
2026-01-30T15:11:40.296Z | 2026-01-30T15:45:50.463Z |
| CVE-2026-25047 |
9.4 (4.0)
|
deepHas vulnerable to Prototype Pollution via construc… |
sharpred |
deepHas |
2026-01-29T21:39:48.498Z | 2026-02-02T16:35:22.701Z |
| CVE-2026-25046 |
2.9 (3.1)
|
[Kimi VS Code] Command Injection in publish scripts vs… |
MoonshotAI |
kimi-agent-sdk |
2026-01-29T21:37:02.791Z | 2026-02-02T16:35:37.121Z |
| CVE-2026-25040 |
5.7 (4.0)
|
Budibase Vulnerable to Privilege Escalation via API Ab… |
Budibase |
budibase |
2026-01-29T21:33:57.328Z | 2026-02-02T16:35:49.534Z |
| CVE-2026-24905 |
6.6 (4.0)
|
Inspektor Gadget has a Command Injection vulnerability… |
inspektor-gadget |
inspektor-gadget |
2026-01-29T21:29:24.260Z | 2026-02-02T16:35:58.554Z |
| CVE-2026-24904 |
5.3 (3.1)
|
TrustTunnel has `client_random_prefix` rule bypass via… |
TrustTunnel |
TrustTunnel |
2026-01-29T21:19:53.261Z | 2026-01-29T21:34:31.465Z |
| CVE-2026-24902 |
7.1 (3.1)
|
TrustTunnel has SSRF and private network restriction b… |
TrustTunnel |
TrustTunnel |
2026-01-29T21:21:38.878Z | 2026-01-29T21:33:10.256Z |
| CVE-2026-24855 |
7.2 (4.0)
|
ChurchCRM has Stored Cross-Site Scripting (XSS) in Cre… |
ChurchCRM |
CRM |
2026-01-30T15:08:31.006Z | 2026-01-30T15:50:58.147Z |
| CVE-2026-24854 |
8.8 (3.1)
|
Church CRM has SQL injection in PaddleNumEditor.php |
ChurchCRM |
CRM |
2026-01-30T15:05:12.017Z | 2026-01-30T15:57:32.491Z |
| CVE-2026-24846 |
5.5 (3.1)
|
malcontent's archive extraction could write outside ex… |
chainguard-dev |
malcontent |
2026-01-29T21:12:18.991Z | 2026-01-29T21:37:29.730Z |
| CVE-2026-24845 |
6.5 (3.1)
|
malcontent's OCI image scanning could expose registry … |
chainguard-dev |
malcontent |
2026-01-29T21:02:24.371Z | 2026-01-29T21:40:17.926Z |
| CVE-2026-24729 |
10 (4.0)
|
Interinfo DreamMaker - Unrestricted Upload of File wit… |
Internet Information Co., Ltd |
DreamMaker |
2026-01-30T03:50:31.763Z | 2026-01-30T18:06:51.293Z |
| CVE-2026-24728 |
9.3 (4.0)
|
Interinfo DreamMaker - Missing Authentication for Crit… |
Internet Information Co., Ltd |
DreamMaker |
2026-01-30T03:48:28.100Z | 2026-01-30T18:19:12.243Z |
| CVE-2026-24714 |
7.5 (3.0)
8.7 (4.0)
|
Some end of service NETGEAR products provide "Tel… |
NETGEAR |
NETGEAR products |
2026-01-30T03:53:30.144Z | 2026-01-30T17:59:45.410Z |
| CVE-2026-24687 |
6 (4.0)
|
Umbraco.Forms has path traversal and file enumeration … |
umbraco |
Umbraco.Forms.Issues |
2026-01-29T19:57:24.484Z | 2026-01-29T20:47:23.180Z |
| CVE-2026-23835 |
5.7 (4.0)
|
LobeHub Vulnerable to Improper Authorization in Presig… |
lobehub |
lobe-chat |
2026-01-30T20:04:23.284Z | 2026-01-30T20:21:57.205Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-15541 | Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to… | 2026-01-29T19:16:11.143 | 2026-02-04T16:34:32.453 |
| fkie_cve-2025-13399 | A weakness in the web interface’s application layer encryption in VX800v v1.0 allows an adjacent at… | 2026-01-29T19:16:10.220 | 2026-02-04T16:34:32.453 |
| fkie_cve-2026-25211 | Llama Stack (aka llama-stack) before 0.4.0rc3 does not censor the pgvector password in the initiali… | 2026-01-30T08:16:02.563 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25210 | In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSiz… | 2026-01-30T07:16:15.570 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25154 | LocalSend is a free, open-source app that allows users to share files and messages with nearby devi… | 2026-01-30T22:15:56.490 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25153 | Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node … | 2026-01-30T22:15:56.343 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25152 | Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node … | 2026-01-30T22:15:56.190 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25141 | Orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specifica… | 2026-01-30T21:15:58.603 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25130 | Cybersecurity AI (CAI) is a framework for AI Security. In versions up to and including 0.5.10, the … | 2026-01-30T21:15:58.443 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25129 | PsySH is a runtime developer console, interactive debugger, and REPL for PHP. Prior to versions 0.1… | 2026-01-30T21:15:58.260 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25126 | PolarLearn is a free and open-source learning program. Prior to version 0-PRERELEASE-15, the vote A… | 2026-01-29T22:15:56.423 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25117 | pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit e33da14449a5a… | 2026-01-29T22:15:56.270 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25116 | Runtipi is a personal homeserver orchestrator. Starting in version 4.5.0 and prior to version 4.7.2… | 2026-01-29T22:15:56.110 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25050 | Vendure is an open-source headless commerce platform. Prior to version 3.5.3, the `NativeAuthentica… | 2026-01-30T16:16:13.967 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25047 | deepHas provides a test for the existence of a nested object key and optionally returns that key. A… | 2026-01-29T22:15:55.647 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25046 | Kimi Agent SDK is a set of libraries that expose the Kimi Code (Kimi CLI) agent runtime in applicat… | 2026-01-29T22:15:55.493 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-25040 | Budibase is a low code platform for creating internal tools, workflows, and admin panels. In versio… | 2026-01-29T22:15:55.347 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24905 | Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kuber… | 2026-01-29T22:15:55.200 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24904 | TrustTunnel is an open-source VPN protocol with a rule bypass issue in versions prior to 0.9.115. I… | 2026-01-29T22:15:55.047 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24902 | TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private netwo… | 2026-01-29T22:15:54.893 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24855 | ChurchCRM is an open-source church management system. Versions prior to 6.7.2 have a Stored Cross-S… | 2026-01-30T16:16:13.790 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24854 | ChurchCRM is an open-source church management system. A SQL Injection vulnerability exists in endpo… | 2026-01-30T16:16:13.620 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24846 | malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. St… | 2026-01-29T22:15:54.740 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24845 | malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. St… | 2026-01-29T22:15:54.583 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24729 | An unrestricted upload of file with dangerous type vulnerability in the file upload function of Int… | 2026-01-30T05:16:33.490 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24728 | A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of … | 2026-01-30T05:16:33.347 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24714 | Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic pac… | 2026-01-30T05:16:33.093 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-24687 | Umbraco Forms is a form builder that integrates with the Umbraco content management system. It's po… | 2026-01-29T20:16:10.430 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-23835 | LobeHub is an open source human-and-AI-agent network. Prior to version 1.143.3, the file upload fea… | 2026-01-30T20:16:41.893 | 2026-02-04T16:34:21.763 |
| fkie_cve-2026-22806 | vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and … | 2026-01-29T20:16:10.277 | 2026-02-04T16:34:21.763 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-68c6-w8q5-f84g |
5.3 (3.1)
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-5rqg-fqph-5w7w |
7.5 (3.1)
6.6 (4.0)
|
A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause … | 2026-01-15T21:31:47Z | 2026-01-31T00:30:28Z |
| ghsa-5qx9-7gxr-8h58 |
8.4 (3.1)
8.6 (4.0)
|
Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-57xq-84f3-8vpw |
9.8 (3.1)
8.4 (4.0)
|
NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP fi… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-57hm-3rjw-cqfh |
7.5 (3.1)
8.7 (4.0)
|
HelloWeb 2.0 contains an arbitrary file download vulnerability that allows remote attackers to down… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-52pj-q5jq-xr5g |
7.3 (3.1)
8.4 (4.0)
|
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in t… | 2026-01-21T18:30:32Z | 2026-01-31T00:30:28Z |
| ghsa-4pj4-p4gx-6rw5 |
8.4 (3.1)
8.4 (4.0)
|
FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that a… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-49g9-689m-w7vr |
6.5 (3.1)
|
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 could allow an au… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-44v3-67p5-8x9h |
5.3 (3.1)
5.1 (4.0)
|
Sickbeard alpha contains a cross-site request forgery vulnerability that allows attackers to disabl… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-4364-jq2q-6hrc |
6.5 (3.1)
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-3m38-cq7f-rwm2 |
9.8 (3.1)
9.3 (4.0)
|
Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attac… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-2vf6-7r77-ggp5 |
6.5 (3.1)
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1… | 2026-01-31T00:30:28Z | 2026-01-31T00:30:28Z |
| ghsa-rvrx-h594-44jq |
5.3 (3.1)
|
Missing Authorization vulnerability in WebAppick CTX Feed webappick-product-feed-for-woocommerce al… | 2026-01-22T18:30:40Z | 2026-01-30T21:30:22Z |
| ghsa-qwj2-4vw8-pgf8 |
9.2 (4.0)
|
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerab… | 2026-01-30T21:30:22Z | 2026-01-30T21:30:22Z |
| ghsa-9574-3pr7-m343 |
6.9 (4.0)
|
Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embed… | 2026-01-30T21:30:22Z | 2026-01-30T21:30:22Z |
| ghsa-5xxr-8rpp-gr43 |
9.8 (3.1)
|
aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated attackers to execute… | 2026-01-30T21:30:22Z | 2026-01-30T21:30:22Z |
| ghsa-4vwr-5vph-4mjg |
3.8 (4.0)
|
Insufficient epoch key slot processing in OpenVPN 2.7_alpha1 through 2.7_rc5 allows remote authenti… | 2026-01-30T18:31:16Z | 2026-01-30T21:30:22Z |
| ghsa-2jhx-qqh2-9q63 |
8.8 (4.0)
|
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression L… | 2026-01-30T21:30:22Z | 2026-01-30T21:30:22Z |
| ghsa-38m8-39f8-gq75 |
6.5 (3.1)
|
A memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` certificate fields to… | 2026-01-20T21:31:35Z | 2026-01-30T21:30:21Z |
| ghsa-fg67-2rcj-c4j8 |
7.5 (3.1)
6.3 (4.0)
|
A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP… | 2026-01-15T18:31:33Z | 2026-01-30T21:30:20Z |
| ghsa-9h7p-fwvj-rw42 |
5.4 (3.1)
9.4 (4.0)
|
Lack of input filterung leads to a persistent XSS vulnerability in the forum post handling of the E… | 2026-01-16T15:31:25Z | 2026-01-30T21:30:20Z |
| ghsa-9ff2-h59x-3rvx |
8.8 (3.1)
4.8 (4.0)
|
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads a… | 2026-01-16T15:31:26Z | 2026-01-30T21:30:20Z |
| ghsa-8w73-pq5f-qccf |
5.4 (3.1)
9.4 (4.0)
|
Lack of input filterung leads to a persistent XSS vulnerability in the user avatar text handling of… | 2026-01-16T15:31:26Z | 2026-01-30T21:30:20Z |
| ghsa-xv5w-q5wq-r3c3 |
7.5 (3.1)
4.6 (4.0)
|
Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.7_rc1 allows an attac… | 2025-12-03T21:31:05Z | 2026-01-30T21:30:19Z |
| ghsa-w359-ppwg-hrqh |
6.1 (3.1)
5.9 (4.0)
|
Lack of input filtering leads to an XSS vector in the HTML filter code related to data URLs in img tags. | 2026-01-06T18:31:35Z | 2026-01-30T21:30:19Z |
| ghsa-rwr4-4f3w-p582 |
7.6 (4.0)
|
A vulnerability in Apigee-X allowed an attacker to gain unauthorized read and write access to Apige… | 2025-12-06T06:30:16Z | 2026-01-30T21:30:19Z |
| ghsa-fr9h-7cq2-wq74 |
6.1 (3.1)
5.9 (4.0)
|
Lack of output escaping leads to a XSS vector in the pagebreak plugin. | 2026-01-06T18:31:35Z | 2026-01-30T21:30:19Z |
| ghsa-ff5f-4h34-m3c8 |
6.5 (3.1)
6.9 (4.0)
|
Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid… | 2025-12-02T15:30:33Z | 2026-01-30T21:30:19Z |
| ghsa-74jr-8vhj-2c3f |
5.5 (3.1)
1.3 (4.0)
|
Interactive service agent in OpenVPN version 2.5.0 through 2.7_rc2 on Windows allows a local authen… | 2025-12-03T18:30:25Z | 2026-01-30T21:30:19Z |
| ghsa-5j4f-jq8r-vg77 |
7.5 (3.1)
2.4 (4.0)
|
Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to erro… | 2025-12-09T21:31:49Z | 2026-01-30T21:30:19Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2018-9 |
|
** DISPUTED ** OpenStack Keystone through 14.0.1 has a user enumeration vulnerability bec… | keystone | 2018-12-17T07:29:00Z | 2021-06-10T06:51:56.696140Z |
| pysec-2019-141 |
|
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure f… | ansible | 2019-01-03T15:29:00Z | 2021-06-10T06:51:54.692225Z |
| pysec-2018-10 |
|
Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as … | kotti | 2018-04-09T07:29:00Z | 2021-06-10T06:51:50.431238Z |
| pysec-2018-15 |
|
An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has XSS because tag labe… | mayan-edms | 2018-09-03T19:29:00Z | 2021-06-10T06:51:46.544830Z |
| pysec-2018-11 |
|
Luigi version prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aa… | luigi | 2018-12-20T15:29:00Z | 2021-06-10T06:51:41.493009Z |
| pysec-2018-27 |
|
qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that … | qutebrowser | 2018-07-12T12:29:00Z | 2021-06-10T06:51:37.378319Z |
| pysec-2019-144 |
|
An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the rep… | arrayfire | 2019-08-26T18:15:00Z | 2021-06-10T06:51:33.535067Z |
| pysec-2018-8 |
|
io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arb… | eve | 2018-03-14T12:29:00Z | 2021-06-10T06:51:29.570871Z |
| pysec-2019-143 |
|
The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1… | apache-airflow | 2019-01-23T17:29:00Z | 2021-06-10T06:51:25.502672Z |
| pysec-2018-17 |
|
Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert resp… | notebook | 2018-11-18T17:29:00Z | 2021-06-10T06:51:21.489049Z |
| pysec-2018-30 |
|
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to byp… | salt | 2018-10-24T22:29:00Z | 2021-06-10T06:51:17.561337Z |
| pysec-2018-20 |
|
privacyIDEA version 2.23.1 and earlier contains a Improper Input Validation vulnerability… | privacyidea | 2018-10-08T15:29:00Z | 2021-06-10T06:51:13.416740Z |
| pysec-2018-2 |
|
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x befor… | django | 2018-08-03T17:29:00Z | 2021-06-10T06:51:09.426505Z |
| pysec-2018-32 |
|
urllib3 before version 1.23 does not remove the Authorization HTTP header when following … | urllib3 | 2018-12-11T17:29:00Z | 2021-06-10T06:51:03.467032Z |
| pysec-2018-24 |
|
Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Fai… | pyopenssl | 2018-10-08T15:29:00Z | 2021-06-10T06:50:57.188381Z |
| pysec-2018-22 |
|
OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management… | pykmip | 2018-12-20T17:29:00Z | 2021-06-10T06:50:52.184344Z |
| pysec-2018-19 |
|
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.… | paramiko | 2018-03-13T18:29:00Z | 2021-06-10T06:50:48.065198Z |
| pysec-2018-3 |
|
An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read … | django | 2018-10-02T18:29:00Z | 2021-06-10T06:50:43.349902Z |
| pysec-2018-23 |
|
Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-4… | pyopenssl | 2018-10-08T15:29:00Z | 2021-06-10T06:50:39.370732Z |
| pysec-2018-1 |
|
Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 befor… | cloudtoken | 2018-08-10T15:29:00Z | 2021-06-10T06:50:35.324330Z |
| pysec-2021-80 |
|
Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the… | plone | 2021-05-21T22:15:00Z | 2021-06-09T05:01:40.464417Z |
| pysec-2021-95 |
|
The aaugustin websockets library before 9.1 for Python has an Observable Timing Discrepan… | websockets | 2021-06-06T15:15:00Z | 2021-06-09T05:01:36.173811Z |
| pysec-2021-86 |
|
This affects all versions of package qlib. The workflow function in cli part of qlib was … | pyqlib | 2021-02-15T16:15:00Z | 2021-06-09T05:01:32.318077Z |
| pysec-2021-89 |
|
Datasette is an open source multi-tool for exploring and publishing data. The `?_trace=1`… | datasette | 2021-06-07T22:15:00Z | 2021-06-09T05:01:28.246179Z |
| pysec-2021-94 |
|
An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not prop… | pillow | 2021-06-02T16:15:00Z | 2021-06-09T05:01:24.292350Z |
| pysec-2021-82 |
|
Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an e… | plone | 2021-05-21T22:15:00Z | 2021-06-09T05:01:20.334920Z |
| pysec-2021-92 |
|
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly … | pillow | 2021-06-02T16:15:00Z | 2021-06-09T05:01:16.347355Z |
| pysec-2021-90 |
|
Flask-AppBuilder is a development framework, built on top of Flask. User enumeration in d… | flask-appbuilder | 2021-06-07T19:15:00Z | 2021-06-09T05:01:12.347920Z |
| pysec-2021-77 |
|
An issue was discovered in management/commands/hyperkitty_import.py in HyperKitty through… | hyperkitty | 2021-05-26T14:15:00Z | 2021-06-09T05:01:08.351404Z |
| pysec-2021-91 |
|
The Python "Flask-Security-Too" package is used for adding security features to your Flas… | flask-security-too | 2021-01-11T21:15:00Z | 2021-06-09T05:01:03.786366Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-3288 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.305270Z |
| gsd-2024-3287 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.175704Z |
| gsd-2024-3286 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.135179Z |
| gsd-2024-3285 | The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin … | 2024-04-11T05:03:27.327964Z |
| gsd-2024-3284 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.303695Z |
| gsd-2024-3283 | A vulnerability in mintplex-labs/anything-llm allows users with manager roles to escalate… | 2024-04-11T05:03:27.250915Z |
| gsd-2024-3282 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.407546Z |
| gsd-2024-3281 | A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3… | 2024-04-11T05:03:27.249211Z |
| gsd-2024-3280 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.226442Z |
| gsd-2024-3279 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.323337Z |
| gsd-2024-3278 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.119025Z |
| gsd-2024-3277 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.219739Z |
| gsd-2024-3276 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.221747Z |
| gsd-2024-3275 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.254081Z |
| gsd-2024-3274 | ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been… | 2024-04-11T05:03:27.126644Z |
| gsd-2024-3273 | ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which w… | 2024-04-11T05:03:27.405268Z |
| gsd-2024-3272 | ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which w… | 2024-04-11T05:03:27.427501Z |
| gsd-2024-3271 | A command injection vulnerability exists in the run-llama/llama_index repository, specifi… | 2024-04-11T05:03:27.231801Z |
| gsd-2024-3270 | A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. This vuln… | 2024-04-11T05:03:27.369628Z |
| gsd-2024-3269 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.349071Z |
| gsd-2024-3268 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.151900Z |
| gsd-2024-27460 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:27.848789Z |
| gsd-2024-26017 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:26.642287Z |
| gsd-2024-28888 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:24.734545Z |
| gsd-2024-28879 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:24.468608Z |
| gsd-2024-28043 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:24.134582Z |
| gsd-2024-28031 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:24.555102Z |
| gsd-2024-22091 | Mattermost versions 8.1.x <= 8.1.10, 9.6.x <= 9.6.0, 9.5.x <= 9.5.2 and 8.1.x <= 8.1.11 f… | 2024-04-11T05:03:23.914820Z |
| gsd-2024-25647 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:22.250030Z |
| gsd-2024-25577 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-11T05:03:21.798701Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192090 | Malicious code in elf-stats-midnight-drum-606 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| mal-2025-192087 | Malicious code in elf-stats-merry-cookiejar-915 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| mal-2025-192083 | Malicious code in elf-stats-marzipan-muffin-733 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| mal-2025-191975 | Malicious code in elf-stats-merry-cookiejar-987 (npm) | 2025-12-03T12:55:35Z | 2025-12-23T20:41:02Z |
| MAL-2025-192522 | Malicious code in elf-stats-peppermint-wishlist-307 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T20:41:02Z |
| MAL-2025-192520 | Malicious code in elf-stats-nutmeg-candy-869 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T20:41:02Z |
| MAL-2025-192514 | Malicious code in elf-stats-merry-cookiejar-796 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T20:41:02Z |
| MAL-2025-192334 | Malicious code in elf-stats-midnight-rocket-813 (npm) | 2025-12-05T21:10:10Z | 2025-12-23T20:41:02Z |
| MAL-2025-192304 | Malicious code in elf-stats-northbound-sparkler-410 (npm) | 2025-12-04T19:12:07Z | 2025-12-23T20:41:02Z |
| MAL-2025-192273 | Malicious code in elf-stats-merry-cookiejar-139 (npm) | 2025-12-03T19:22:08Z | 2025-12-23T20:41:02Z |
| MAL-2025-192263 | Malicious code in elf-stats-nutmeg-garland-645 (npm) | 2025-12-03T19:06:00Z | 2025-12-23T20:41:02Z |
| MAL-2025-192248 | Malicious code in elf-stats-marzipan-pantry-560 (npm) | 2025-12-03T17:50:51Z | 2025-12-23T20:41:02Z |
| MAL-2025-192223 | Malicious code in elf-stats-nutmeg-cocoa-967 (npm) | 2025-12-03T17:20:38Z | 2025-12-23T20:41:02Z |
| MAL-2025-192221 | Malicious code in elf-stats-midnight-chimney-291 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T20:41:02Z |
| MAL-2025-192220 | Malicious code in elf-stats-merry-cookiejar-646 (npm) | 2025-12-03T17:31:24Z | 2025-12-23T20:41:02Z |
| MAL-2025-192219 | Malicious code in elf-stats-merry-cookiejar-511 (npm) | 2025-12-03T17:31:24Z | 2025-12-23T20:41:02Z |
| MAL-2025-192201 | Malicious code in elf-stats-merry-garland-548 (npm) | 2025-12-03T16:32:02Z | 2025-12-23T20:41:02Z |
| MAL-2025-192116 | Malicious code in elf-stats-piney-garland-824 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192114 | Malicious code in elf-stats-peppermint-stocking-949 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192113 | Malicious code in elf-stats-peppermint-icicle-890 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192109 | Malicious code in elf-stats-nutmeg-giftbox-398 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192100 | Malicious code in elf-stats-mulled-drum-529 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192099 | Malicious code in elf-stats-mistletoe-sparkler-211 (npm) | 2025-12-03T13:02:43Z | 2025-12-23T20:41:02Z |
| MAL-2025-192096 | Malicious code in elf-stats-midnight-wreath-655 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192095 | Malicious code in elf-stats-midnight-workbench-208 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192093 | Malicious code in elf-stats-midnight-star-734 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192090 | Malicious code in elf-stats-midnight-drum-606 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192087 | Malicious code in elf-stats-merry-cookiejar-915 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-192083 | Malicious code in elf-stats-marzipan-muffin-733 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T20:41:02Z |
| MAL-2025-191975 | Malicious code in elf-stats-merry-cookiejar-987 (npm) | 2025-12-03T12:55:35Z | 2025-12-23T20:41:02Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-3745 | Linux Kernel - BlueZ: Mehrere Schwachstellen | 2020-10-14T22:00:00.000+00:00 | 2025-01-27T23:00:00.000+00:00 |
| wid-sec-w-2024-1894 | FRRouting Project FRRouting: Schwachstelle ermöglicht Denial of Service | 2024-08-21T22:00:00.000+00:00 | 2025-01-27T23:00:00.000+00:00 |
| wid-sec-w-2024-0536 | Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2024-03-03T23:00:00.000+00:00 | 2025-01-27T23:00:00.000+00:00 |
| wid-sec-w-2023-0953 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2023-04-12T22:00:00.000+00:00 | 2025-01-27T23:00:00.000+00:00 |
| wid-sec-w-2025-0197 | Apache Solr: Mehrere Schwachstellen | 2025-01-26T23:00:00.000+00:00 | 2025-01-26T23:00:00.000+00:00 |
| wid-sec-w-2025-0196 | Microsoft Edge: Schwachstelle ermöglicht Darstellen falscher Informationen | 2025-01-26T23:00:00.000+00:00 | 2025-01-26T23:00:00.000+00:00 |
| wid-sec-w-2025-0195 | Apache Wicket: Schwachstelle ermöglicht Denial of Service | 2025-01-26T23:00:00.000+00:00 | 2025-01-26T23:00:00.000+00:00 |
| wid-sec-w-2025-0193 | OTRS: Mehrere Schwachstellen | 2025-01-26T23:00:00.000+00:00 | 2025-01-26T23:00:00.000+00:00 |
| wid-sec-w-2025-0192 | Wind River VxWorks: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-01-26T23:00:00.000+00:00 | 2025-01-26T23:00:00.000+00:00 |
| wid-sec-w-2024-1372 | Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2021-10-24T22:00:00.000+00:00 | 2025-01-26T23:00:00.000+00:00 |
| wid-sec-w-2023-1250 | Linux Kernel: Mehrere Schwachstellen | 2023-05-18T22:00:00.000+00:00 | 2025-01-26T23:00:00.000+00:00 |
| wid-sec-w-2022-0159 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-03-23T23:00:00.000+00:00 | 2025-01-26T23:00:00.000+00:00 |
| wid-sec-w-2025-0185 | Cambium Networks cnPilot und cnMaestro: Schwachstelle ermöglicht Codeausführung | 2025-01-23T23:00:00.000+00:00 | 2025-01-23T23:00:00.000+00:00 |
| wid-sec-w-2025-0184 | Checkmk: Schwachstelle ermöglicht Injektion von Kommandos | 2025-01-23T23:00:00.000+00:00 | 2025-01-23T23:00:00.000+00:00 |
| wid-sec-w-2025-0174 | SonicWall SMA: Schwachstelle ermöglicht Ausführung von Kommandos | 2025-01-22T23:00:00.000+00:00 | 2025-01-23T23:00:00.000+00:00 |
| wid-sec-w-2024-3709 | Mattermost: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-12-16T23:00:00.000+00:00 | 2025-01-23T23:00:00.000+00:00 |
| wid-sec-w-2024-3122 | Microsoft SystemCenter: Mehrere Schwachstellen | 2024-10-08T22:00:00.000+00:00 | 2025-01-23T23:00:00.000+00:00 |
| wid-sec-w-2024-1291 | cyrus imapd: Schwachstelle ermöglicht Denial of Service | 2024-06-04T22:00:00.000+00:00 | 2025-01-23T23:00:00.000+00:00 |
| wid-sec-w-2022-2247 | Cacti: Schwachstelle ermöglicht Codeausführung | 2022-12-06T23:00:00.000+00:00 | 2025-01-23T23:00:00.000+00:00 |
| wid-sec-w-2022-0389 | cyrus imapd: Schwachstelle ermöglicht Denial of Service | 2021-08-31T22:00:00.000+00:00 | 2025-01-23T23:00:00.000+00:00 |
| wid-sec-w-2022-0388 | cyrus imapd: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2019-11-19T23:00:00.000+00:00 | 2025-01-23T23:00:00.000+00:00 |
| wid-sec-w-2025-0183 | Drupal: Mehrere Schwachstellen | 2025-01-22T23:00:00.000+00:00 | 2025-01-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0182 | Octopus Deploy: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-01-22T23:00:00.000+00:00 | 2025-01-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0181 | M-Files Server: Mehrere Schwachstellen | 2025-01-22T23:00:00.000+00:00 | 2025-01-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0180 | Ubiquiti UniFi: Schwachstelle ermöglicht Umgehung von Sicherheitsmechanismen | 2025-01-22T23:00:00.000+00:00 | 2025-01-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0179 | Kibana: Mehrere Schwachstellen | 2025-01-22T23:00:00.000+00:00 | 2025-01-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0176 | Cisco Meeting Management: Schwachstelle ermöglicht Privilegieneskalation | 2025-01-22T23:00:00.000+00:00 | 2025-01-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0175 | Jenkins Plugins: Mehrere Schwachstellen | 2025-01-22T23:00:00.000+00:00 | 2025-01-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0171 | GitLab: Mehrere Schwachstellen | 2025-01-22T23:00:00.000+00:00 | 2025-01-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0169 | Unify OpenScape 4000: Mehrere Schwachstellen ermöglichen Privilegieneskalation | 2025-01-22T23:00:00.000+00:00 | 2025-01-22T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2024:1536 | Red Hat Security Advisory: Satellite 6.14.3 Async Security Update | 2024-03-27T13:22:31+00:00 | 2026-02-04T20:22:14+00:00 |
| rhsa-2025:23530 | Red Hat Security Advisory: python39:3.9 security update | 2025-12-18T01:35:54+00:00 | 2026-02-04T19:40:31+00:00 |
| rhsa-2025:23342 | Red Hat Security Advisory: python3.9 security update | 2025-12-18T13:21:05+00:00 | 2026-02-04T19:40:15+00:00 |
| rhsa-2019:1821 | Red Hat Security Advisory: rh-nodejs8-nodejs security update | 2019-07-22T13:39:40+00:00 | 2026-02-04T19:03:24+00:00 |
| rhsa-2026:1935 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 XP 6.0.2.GA release | 2026-02-04T14:34:28+00:00 | 2026-02-04T18:56:12+00:00 |
| rhsa-2026:1872 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update | 2026-02-04T04:47:19+00:00 | 2026-02-04T18:56:08+00:00 |
| rhsa-2026:1871 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update | 2026-02-04T05:16:20+00:00 | 2026-02-04T18:56:08+00:00 |
| rhsa-2026:1870 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update | 2026-02-04T11:35:41+00:00 | 2026-02-04T18:56:08+00:00 |
| rhsa-2026:1823 | Red Hat Security Advisory: JMC bug fix and enhancement update | 2026-02-03T13:51:18+00:00 | 2026-02-04T18:56:06+00:00 |
| rhsa-2026:0752 | Red Hat Security Advisory: jmc security update | 2026-01-19T01:17:13+00:00 | 2026-02-04T18:56:05+00:00 |
| rhsa-2026:0751 | Red Hat Security Advisory: jmc security update | 2026-01-19T01:16:23+00:00 | 2026-02-04T18:56:04+00:00 |
| rhsa-2026:0726 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14.2.P1 for Spring Boot release. | 2026-01-15T19:53:18+00:00 | 2026-02-04T18:56:03+00:00 |
| rhsa-2026:0468 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.1.SP1) | 2026-01-12T15:22:38+00:00 | 2026-02-04T18:56:02+00:00 |
| rhsa-2026:0467 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available (RHBQ 3.20.4.SP1) | 2026-01-12T15:04:27+00:00 | 2026-02-04T18:56:02+00:00 |
| rhsa-2025:19804 | Red Hat Security Advisory: RHACS 4.7.8 security and bug fix update | 2025-11-05T13:15:10+00:00 | 2026-02-04T15:54:41+00:00 |
| rhsa-2025:18252 | Red Hat Security Advisory: Kiali 2.11.4 for Red Hat OpenShift Service Mesh 3.1 | 2025-10-16T13:13:12+00:00 | 2026-02-04T15:54:36+00:00 |
| rhsa-2025:16747 | Red Hat Security Advisory: Red Hat Developer Hub 1.6.5 release. | 2025-09-25T11:13:18+00:00 | 2026-02-04T15:54:34+00:00 |
| rhsa-2024:2729 | Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update | 2024-05-22T20:41:23+00:00 | 2026-02-04T13:50:58+00:00 |
| rhsa-2024:2767 | Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (collectd-sensubility) security update | 2024-05-22T20:14:09+00:00 | 2026-02-04T13:50:56+00:00 |
| rhsa-2024:2730 | Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (collectd-sensubility) security update | 2024-05-22T20:41:27+00:00 | 2026-02-04T13:50:55+00:00 |
| rhsa-2024:2272 | Red Hat Security Advisory: containernetworking-plugins security update | 2024-04-30T09:51:34+00:00 | 2026-02-04T13:50:55+00:00 |
| rhsa-2024:2245 | Red Hat Security Advisory: buildah security update | 2024-04-30T10:08:31+00:00 | 2026-02-04T13:50:55+00:00 |
| rhsa-2024:2193 | Red Hat Security Advisory: podman security update | 2024-04-30T10:26:58+00:00 | 2026-02-04T13:50:54+00:00 |
| rhsa-2024:2160 | Red Hat Security Advisory: toolbox security update | 2024-04-30T10:17:44+00:00 | 2026-02-04T13:50:54+00:00 |
| rhsa-2024:1434 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.1.1 operator/operand containers | 2024-03-20T07:40:21+00:00 | 2026-02-04T13:50:52+00:00 |
| rhsa-2024:1244 | Red Hat Security Advisory: rhc-worker-script security update | 2024-03-11T16:11:10+00:00 | 2026-02-04T13:50:52+00:00 |
| rhsa-2024:1149 | Red Hat Security Advisory: skopeo security update | 2024-03-05T18:17:11+00:00 | 2026-02-04T13:50:50+00:00 |
| rhsa-2024:1131 | Red Hat Security Advisory: golang security update | 2024-03-05T18:14:46+00:00 | 2026-02-04T13:50:50+00:00 |
| rhsa-2024:1078 | Red Hat Security Advisory: Service Telemetry Framework 1.5.4 security update | 2024-03-05T00:34:10+00:00 | 2026-02-04T13:50:50+00:00 |
| rhsa-2024:1041 | Red Hat Security Advisory: go-toolset-1.19-golang security update | 2024-02-29T09:06:38+00:00 | 2026-02-04T13:50:50+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-20-294-01 | Rockwell Automation 1794-AENT Flex I/O Series B | 2020-10-20T00:00:00.000000Z | 2020-10-20T00:00:00.000000Z |
| icsa-20-289-02 | Advantech R-SeeNet | 2020-10-15T00:00:00.000000Z | 2020-10-15T00:00:00.000000Z |
| icsa-20-289-01 | Advantech WebAccess/SCADA | 2020-10-15T00:00:00.000000Z | 2020-10-15T00:00:00.000000Z |
| icsa-20-287-06 | Siemens SIPORT MP | 2020-10-13T00:00:00.000000Z | 2020-10-13T00:00:00.000000Z |
| icsa-20-287-05 | Siemens Desigo Insight | 2020-10-13T00:00:00.000000Z | 2020-10-13T00:00:00.000000Z |
| icsa-20-287-04 | Fieldcomm Group HART-IP and hipserver | 2020-10-13T00:00:00.000000Z | 2020-10-13T00:00:00.000000Z |
| icsa-20-287-03 | Flexera InstallShield | 2020-10-13T00:00:00.000000Z | 2020-10-13T00:00:00.000000Z |
| icsa-20-287-02 | LCDS LAquis SCADA | 2020-10-13T00:00:00.000000Z | 2020-10-13T00:00:00.000000Z |
| icsa-20-287-01 | MOXA NPort IAW5000A-I/O Series | 2020-10-13T00:00:00.000000Z | 2020-10-13T00:00:00.000000Z |
| icsa-20-273-03 | B&R Automation SiteManager and GateManager | 2020-09-29T00:00:00.000000Z | 2020-09-29T00:00:00.000000Z |
| icsa-20-273-02 | Yokogawa WideField3 | 2020-09-29T00:00:00.000000Z | 2020-09-29T00:00:00.000000Z |
| icsa-20-273-01 | ICSA-20-273-01_MB Connect line mbCONNECT24, mymbCONNECT24 | 2020-09-29T00:00:00.000000Z | 2020-09-29T00:00:00.000000Z |
| icsa-20-266-02 | GE Reason S20 Ethernet Switch | 2020-09-22T00:00:00.000000Z | 2020-09-22T00:00:00.000000Z |
| icsa-20-266-01 | GE Digital APM Classic | 2020-09-22T00:00:00.000000Z | 2020-09-22T00:00:00.000000Z |
| icsma-20-261-01 | ICSMA-20-261-01_Philips Clinical Collaboration Platform | 2020-09-17T00:00:00.000000Z | 2020-09-17T00:00:00.000000Z |
| icsa-20-261-01 | Advantech WebAccess Node | 2020-09-17T00:00:00.000000Z | 2020-09-17T00:00:00.000000Z |
| icsa-20-177-01 | ENTTEC Lighting Controllers (Update A) | 2020-06-25T00:00:00.000000Z | 2020-09-15T00:00:00.000000Z |
| icsa-20-254-03 | HMS Networks Ewon Flexy and Cosy | 2020-09-10T00:00:00.000000Z | 2020-09-10T00:00:00.000000Z |
| icsa-20-254-02 | FATEK Automation PLC WinProladder | 2020-09-10T00:00:00.000000Z | 2020-09-10T00:00:00.000000Z |
| icsa-20-254-01 | AVEVA Enterprise Data Management Web | 2020-09-10T00:00:00.000000Z | 2020-09-10T00:00:00.000000Z |
| icsa-20-252-08 | Siemens Polarion Subversion Webclient | 2020-09-08T00:00:00.000000Z | 2020-09-08T00:00:00.000000Z |
| icsa-20-252-05 | Siemens Siveillance Video Client | 2020-09-08T00:00:00.000000Z | 2020-09-08T00:00:00.000000Z |
| icsa-20-252-04 | Siemens Spectrum Power | 2020-09-08T00:00:00.000000Z | 2020-09-08T00:00:00.000000Z |
| icsa-20-252-03 | Siemens License Management Utility | 2020-09-08T00:00:00.000000Z | 2020-09-08T00:00:00.000000Z |
| icsa-20-252-01 | Siemens SIMATIC RTLS Locating Manager | 2020-09-08T00:00:00.000000Z | 2020-09-08T00:00:00.000000Z |
| icsa-20-105-05 | Siemens RUGGEDCOM, SCALANCE, SIMATIC, SINEMA (Update B) | 2020-04-14T00:00:00.000000Z | 2020-09-08T00:00:00.000000Z |
| icsa-20-240-01 | Red Lion N-Tron 702-W, 702M12-W | 2020-08-27T00:00:00.000000Z | 2020-08-27T00:00:00.000000Z |
| icsa-20-238-02 | Emerson OpenEnterprise | 2020-08-25T00:00:00.000000Z | 2020-08-25T00:00:00.000000Z |
| icsa-20-238-01 | Advantech iView | 2020-08-25T00:00:00.000000Z | 2020-08-25T00:00:00.000000Z |
| icsma-20-233-01 | Philips SureSigns VS4 | 2020-08-20T00:00:00.000000Z | 2020-08-20T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-iosxe-ewlc-dos-tkupvmzn | Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-iosxe-ewlc-dos-TkuPVmZN | Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-iosxe-digsig-bypass-fyq3bmvq | Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-iosxe-digsig-bypass-FYQ3bmVq | Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-nxos-onepk-rce-6hhyt4dc | Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC | Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-ir800-img-verif-whhlyhjk | Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Verification Bypass Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-ir800-img-verif-wHhLYHjK | Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Verification Bypass Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-vds-cred-upmp9zby | Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-vds-cred-uPMp9zbY | Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-vds-cmd-inj-vfjtqghe | Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-vds-cmd-inj-VfJtqGhE | Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-udp-vds-inj-f2d5jzrt | Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Inter-VM Channel Command Injection Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-udp-vds-inj-f2D5Jzrt | Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Inter-VM Channel Command Injection Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-rce-xyrsemnh | Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-rce-xYRSeMNH | Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-gos-vuln-s9qs8kyl | Cisco IOx Application Environment for IOS Software for Cisco Industrial Routers Vulnerabilities | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ios-iot-gos-vuln-s9qS8kYL | Cisco IOx Application Environment for IOS Software for Cisco Industrial Routers Vulnerabilities | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ikev2-9p23jj2a | Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ikev2-9p23Jj2a | Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ewlc-dos-anvkvmxr | Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-ewlc-dos-AnvKvMxR | Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-dnac-audit-log-59rbdwb6 | Cisco Digital Network Architecture Center Information Disclosure Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-dnac-audit-log-59RBdwb6 | Cisco Digital Network Architecture Center Information Disclosure Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-cipdos-hkftzxex | Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-cipdos-hkfTZXEx | Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-caf-file-mvnpqkw9 | Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-caf-file-mVnPqKW9 | Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-caf-3dxm8exv | Cisco IOx Application Framework Arbitrary File Creation Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| cisco-sa-caf-3dXM8exv | Cisco IOx Application Framework Arbitrary File Creation Vulnerability | 2020-06-03T16:00:00+00:00 | 2020-06-03T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2023-52590 | ocfs2: Avoid touching renamed directory if parent does not change | 2024-03-02T08:00:00.000Z | 2025-09-03T22:15:16.000Z |
| msrc_cve-2023-52812 | drm/amd: check num of link levels when update pcie param | 2024-05-02T07:00:00.000Z | 2025-09-03T22:14:59.000Z |
| msrc_cve-2011-3048 | The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. | 2012-05-02T00:00:00.000Z | 2025-09-03T22:14:56.000Z |
| msrc_cve-2025-6497 | HTACG tidy-html5 parser.c prvTidyParseNamespace assertion | 2025-06-02T00:00:00.000Z | 2025-09-03T22:14:40.000Z |
| msrc_cve-2022-49134 | mlxsw: spectrum: Guard against invalid local ports | 2025-02-02T00:00:00.000Z | 2025-09-03T22:14:37.000Z |
| msrc_cve-2022-48979 | drm/amd/display: fix array index out of bound error in DCN32 DML | 2024-10-01T07:00:00.000Z | 2025-09-03T22:14:34.000Z |
| msrc_cve-2024-11738 | Rustls: rustls network-reachable panic in `acceptor::accept` | 2024-12-02T00:00:00.000Z | 2025-09-03T22:13:58.000Z |
| msrc_cve-2019-14197 | An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. | 2019-07-02T00:00:00.000Z | 2025-09-03T22:13:52.000Z |
| msrc_cve-2025-21521 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2025-01-02T00:00:00.000Z | 2025-09-03T22:13:42.000Z |
| msrc_cve-2024-35866 | smb: client: fix potential UAF in cifs_dump_full_key() | 2024-05-02T07:00:00.000Z | 2025-09-03T22:12:44.000Z |
| msrc_cve-2023-29543 | An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. | 2023-06-01T07:00:00.000Z | 2025-09-03T22:12:19.000Z |
| msrc_cve-2024-40977 | wifi: mt76: mt7921s: fix potential hung tasks during chip recovery | 2024-07-01T07:00:00.000Z | 2025-09-03T22:11:37.000Z |
| msrc_cve-2023-52596 | sysctl: Fix out of bounds access for empty sysctl registers | 2024-03-02T08:00:00.000Z | 2025-09-03T22:11:24.000Z |
| msrc_cve-2025-6498 | HTACG tidy-html5 alloc.c defaultAlloc memory leak | 2025-06-02T00:00:00.000Z | 2025-09-03T22:10:38.000Z |
| msrc_cve-2024-6611 | A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128. | 2024-07-01T07:00:00.000Z | 2025-09-03T22:10:27.000Z |
| msrc_cve-2020-10723 | A memory corruption issue was found in DPDK versions 17.05 and above | 2020-05-02T00:00:00.000Z | 2025-09-03T22:10:21.000Z |
| msrc_cve-2025-21861 | mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() | 2025-03-02T00:00:00.000Z | 2025-09-03T22:10:12.000Z |
| msrc_cve-2021-47432 | lib/generic-radix-tree.c: Don't overflow in peek() | 2024-05-02T07:00:00.000Z | 2025-09-03T22:09:22.000Z |
| msrc_cve-2023-52488 | serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO | 2024-02-02T08:00:00.000Z | 2025-09-03T22:09:17.000Z |
| msrc_cve-2024-50183 | scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance | 2024-11-02T00:00:00.000Z | 2025-09-03T22:08:49.000Z |
| msrc_cve-2025-22104 | ibmvnic: Use kernel helpers for hex dumps | 2025-04-02T00:00:00.000Z | 2025-09-03T22:08:41.000Z |
| msrc_cve-2024-38557 | net/mlx5: Reload only IB representors upon lag disable/enable | 2024-06-02T07:00:00.000Z | 2025-09-03T22:08:20.000Z |
| msrc_cve-2025-38396 | fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass | 2025-07-02T00:00:00.000Z | 2025-09-03T22:07:59.000Z |
| msrc_cve-2025-38203 | jfs: Fix null-ptr-deref in jfs_ioc_trim | 2025-07-02T00:00:00.000Z | 2025-09-03T22:07:31.000Z |
| msrc_cve-2024-5690 | By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. | 2024-06-02T07:00:00.000Z | 2025-09-03T22:07:20.000Z |
| msrc_cve-2025-3770 | SMM IDT Privilege Escalation Vulnerability | 2025-08-02T00:00:00.000Z | 2025-09-03T22:07:10.000Z |
| msrc_cve-2024-34155 | Stack exhaustion in all Parse functions in go/parser | 2024-09-01T07:00:00.000Z | 2025-09-03T22:07:10.000Z |
| msrc_cve-2024-35862 | smb: client: fix potential UAF in smb2_is_network_name_deleted() | 2024-05-02T07:00:00.000Z | 2025-09-03T22:07:06.000Z |
| msrc_cve-2024-2614 | Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. | 2024-03-02T08:00:00.000Z | 2025-09-03T22:07:01.000Z |
| msrc_cve-2024-44955 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2024-09-01T07:00:00.000Z | 2025-09-03T22:07:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2024:13469-1 | docker-24.0.7_ce-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13468-1 | MozillaFirefox-120.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13467-1 | xwayland-23.2.2-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13466-1 | velero-1.12.2-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13465-1 | python310-aiohttp-3.9.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13464-1 | cmake-3.27.8-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13463-1 | libntpc1-1.2.2a-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13462-1 | libQt5Pdf5-5.15.16-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13461-1 | davix-0.8.5-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13460-1 | python310-geopandas-0.14.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13459-1 | MozillaThunderbird-115.5.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13458-1 | libwireshark16-4.0.11-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13457-1 | java-1_8_0-openj9-1.8.0.392-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13456-1 | java-17-openj9-17.0.9.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13455-1 | java-11-openj9-11.0.21.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13454-1 | python310-pip-23.3.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13453-1 | python310-mistune2-2.0.5-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13452-1 | python310-azure-storage-queue-12.8.0-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13451-1 | ovmf-202308-3.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13450-1 | doxygen2man-2.0.8+20230721.002171b-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13449-1 | libgit2-1_7-1.7.1-3.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13448-1 | libX11-6-1.8.7-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13447-1 | ungoogled-chromium-119.0.6045.159-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13446-1 | libipa_hbac-devel-2.9.3-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13445-1 | jbig2dec-0.20-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13444-1 | gnutls-3.8.2-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13443-1 | kubevirt-container-disk-1.1.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13442-1 | xen-4.18.0_02-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13441-1 | tomcat10-10.1.14-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:13440-1 | ruby3.2-rubygem-nokogiri-1.15.4-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-discourse-2023-48297 | Discourse vulnerable to unlimited mentioned users in message serializer | 2024-03-06T10:51:42.888Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-47121 | Discourse SSRF vulnerability in Embedding | 2024-03-06T10:51:53.707Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-47120 | Discourse DoS through Onebox favicon URL | 2024-03-06T10:52:05.069Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-47119 | HTML injection in oneboxed links | 2024-03-06T10:52:15.470Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-46130 | Bypassing height value allowed in some theme components | 2024-03-06T10:52:27.869Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-45816 | Unread bookmark reminder notifications that the user cannot access can be seen | 2024-03-06T10:52:43.699Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-45806 | Discourse vulnerable to DoS via Regexp Injection in Full Name | 2024-03-06T10:52:56.903Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-41043 | Discourse DoS via SvgSprite cache | 2024-03-06T10:54:15.062Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-41042 | Discourse DoS via remote theme assets | 2024-03-06T10:54:27.492Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-40588 | Discourse DoS via 2FA and Security Key Names | 2024-03-06T10:54:39.287Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-38706 | Discourse vulnerable to DoS via drafts | 2024-03-06T10:54:51.089Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-38685 | Discourse's restricted tag information visible to unauthenticated users | 2024-03-06T10:55:02.602Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-38684 | Discourse vulnerable to ossible DDoS due to unbounded limits in various controller actions | 2024-03-06T10:55:14.077Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-38498 | Discourse vulnerable to DoS via defer queue | 2024-03-06T10:55:24.002Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-37906 | Discourse vulnerable to DoS via post edit reason | 2024-03-06T10:55:36.996Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-37904 | Discourse Race Condition in Accept Invite | 2024-03-06T10:55:52.161Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-36473 | CSP nonce reuse vulnerability in Discourse | 2024-03-06T10:56:25.676Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-36466 | Topic Title Validation Skipped When Changing Category in Discourse | 2024-03-06T10:56:37.660Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-34250 | Discourse vulnerable to exposure of number of topics recently created in private categories | 2024-03-06T10:56:49.410Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-32301 | Discourse's canonical url not being used for topic embeddings | 2024-03-06T10:57:01.167Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-32061 | Discourse Topic Creation Page Allows iFrame Tag without Restrictions | 2024-03-06T10:57:13.893Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-31142 | Discourse's general category permissions could be set back to default | 2024-03-06T10:57:22.997Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-30606 | Multisite denial of service through unsanitized dynamic dispatch to SiteSetting in Discourse | 2024-03-06T10:57:34.776Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-30538 | Stored Cross-site Scripting via improper sanitization of svg files in Discourse | 2024-03-06T10:57:47.289Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-29196 | HTML injection via topic embedding in Discourse | 2024-03-06T10:57:57.969Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-28440 | Denial of service via admin theme import route in Discourse | 2024-03-06T10:58:07.559Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-28112 | Discourse's SSRF protection missing for some FastImage requests | 2024-03-06T10:58:19.088Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-28111 | Discourse vulnerable to SSRF protection bypass possible with IPv4-mapped IPv6 addresses | 2024-03-06T10:58:28.677Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-28107 | Discourse vulnerable to multisite DoS by spamming backups | 2024-03-06T10:58:39.576Z | 2025-05-20T10:02:07.006Z |
| bit-discourse-2023-25819 | Discourse tags with no visibility are leaking into og:article:tag | 2024-03-06T10:59:03.903Z | 2025-05-20T10:02:07.006Z |
| ID | Description | Updated |
|---|---|---|
| var-201105-0048 | Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in … | 2024-02-14T22:47:00.411000Z |
| var-201105-0047 | Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before … | 2024-02-14T22:47:00.291000Z |
| var-201105-0046 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (… | 2024-02-14T22:47:00.450000Z |
| var-202106-1772 | There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2… | 2024-02-14T22:46:14.432000Z |
| var-202112-1786 | A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before… | 2024-02-14T22:46:10.691000Z |
| var-200208-0198 | Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote attackers to execute a… | 2024-02-14T22:44:39.654000Z |
| var-202206-1494 | A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versio… | 2024-02-14T21:27:38.469000Z |
| var-201003-1085 | modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.… | 2024-02-14T21:26:53.841000Z |
| var-202208-1483 | Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulner… | 2024-02-14T21:16:26.456000Z |
| var-200512-0910 | Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, when magic_quotes_… | 2024-02-13T23:05:10.655000Z |
| var-201510-0193 | Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm Portal application i… | 2024-02-13T23:05:04.025000Z |
| var-201903-1015 | AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Exe… | 2024-02-13T23:04:58.218000Z |
| var-201806-0161 | node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE)… | 2024-02-13T23:04:58.992000Z |
| var-201912-1673 | Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for Woo… | 2024-02-13T23:04:57.348000Z |
| var-202009-0114 | Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker veri… | 2024-02-13T23:04:56.587000Z |
| var-202007-0050 | This vulnerability allows network-adjacent attackers to bypass authentication on affected… | 2024-02-13T23:04:56.751000Z |
| var-202201-1373 | On BIG-IP versions 15.1.x before 15.1.4.1 and 14.1.x before 14.1.4.5, when the HTTP/2 pro… | 2024-02-13T23:04:55.111000Z |
| var-202201-1272 | On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with… | 2024-02-13T23:04:55.140000Z |
| var-202204-1101 | A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software… | 2024-02-13T23:04:54.019000Z |
| var-202203-0913 | ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS)… | 2024-02-13T23:04:54.167000Z |
| var-202202-1477 | IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with a password hash tha… | 2024-02-13T23:04:54.364000Z |
| var-202202-1288 | A vulnerability in the Cisco Umbrella Secure Web Gateway service could allow an unauthent… | 2024-02-13T23:04:54.455000Z |
| var-202201-1963 | In all versions before 7.2.1.4, when proxy settings are configured in the network access … | 2024-02-13T23:04:54.781000Z |
| var-202201-1961 | On BIG-IP DNS & GTM version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.… | 2024-02-13T23:04:54.814000Z |
| var-202201-1959 | On BIG-IP FPS, ASM, and Advanced WAF versions 16.1.x before 16.1.1, 15.1.x before 15.1.4,… | 2024-02-13T23:04:54.841000Z |
| var-202201-1669 | In Directus, versions 9.0.0-alpha.4 through 9.4.1 are vulnerable to stored Cross-Site Scr… | 2024-02-13T23:04:54.905000Z |
| var-201305-0163 | The HTTP implementation in Cisco WebEx Node for MCS, WebEx Meetings Server, and WebEx Nod… | 2024-02-13T23:04:10.202000Z |
| var-201504-0279 | SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Un… | 2024-02-13T23:04:09.354000Z |
| var-201405-0213 | Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X … | 2024-02-13T23:04:09.784000Z |
| var-201710-1140 | There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as dem… | 2024-02-13T23:04:08.030000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000921 | Groupmax Collaboration Schedule Information Disclosure Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000878 | Ichitaro series buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000877 | Ichitaro series buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000876 | Ichitaro series buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000875 | AirStation series and BroadStation series vulnerable to cross-site request forgery | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000824 | GreaseKit and Creammonkey allows execution of userscript functions | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000823 | Cross-site scripting in Sun Java System Web Server and Sun Java System Web Proxy Server | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000822 | WinAce buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000820 | Google Web Toolkit vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000816 | Rainboard cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000815 | Multiple Cybozu products vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000814 | Multiple Cybozu products vulnerable to HTTP header injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000813 | Multiple Cybozu products vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000812 | Cybozu Office denial of service (DoS) vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000811 | HttpLogger vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000810 | JP1/Cm2/Network Node Manager vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000809 | SonicStage CP buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000808 | Lhaplus buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000807 | FileMaker cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000806 | Feed2JS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000805 | RoundCube Webmail cross-site request forgery vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000804 | Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000803 | Cross-site scripting vulnerability in updir.php in UPDIR.NET | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000802 | Lotus Domino cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000801 | NetCommons cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000779 | MouseoverDictionary vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000745 | PowerArchiver buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000730 | Webmin OS command injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000729 | Aipo session fixation vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000727 | Safari allows access from HTTP to HTTPS | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2025:1370-1 | Security update for govulncheck-vulndb | 2025-04-25T08:23:27Z | 2025-04-25T08:23:27Z |
| suse-su-2025:20283-1 | Security update for the Linux Kernel | 2025-04-25T07:35:12Z | 2025-04-25T07:35:12Z |
| suse-su-2025:1369-1 | Security update for ruby2.5 | 2025-04-24T17:11:21Z | 2025-04-24T17:11:21Z |
| suse-su-2025:20205-1 | Security update for docker | 2025-04-24T14:50:44Z | 2025-04-24T14:50:44Z |
| suse-su-2025:20204-1 | Security update for freetype2 | 2025-04-24T14:44:51Z | 2025-04-24T14:44:51Z |
| suse-su-2025:1367-1 | Security update for glib2 | 2025-04-24T14:38:49Z | 2025-04-24T14:38:49Z |
| suse-su-2025:1366-1 | Security update for MozillaThunderbird | 2025-04-24T12:42:07Z | 2025-04-24T12:42:07Z |
| suse-su-2025:1365-1 | Security update for mozjs60 | 2025-04-24T12:07:30Z | 2025-04-24T12:07:30Z |
| suse-su-2025:20201-1 | Security update for libxslt | 2025-04-23T13:11:10Z | 2025-04-23T13:11:10Z |
| suse-su-2025:20199-1 | Security update for pam_pkcs11 | 2025-04-22T14:17:16Z | 2025-04-22T14:17:16Z |
| suse-su-2025:20198-1 | Security update for podman | 2025-04-22T14:17:16Z | 2025-04-22T14:17:16Z |
| suse-su-2025:20197-1 | Security update for git | 2025-04-22T14:08:15Z | 2025-04-22T14:08:15Z |
| suse-su-2025:20196-1 | Security update for helm | 2025-04-22T14:08:15Z | 2025-04-22T14:08:15Z |
| suse-su-2025:20279-1 | Security update for podman | 2025-04-22T13:50:31Z | 2025-04-22T13:50:31Z |
| suse-su-2025:20278-1 | Security update for helm | 2025-04-22T13:49:38Z | 2025-04-22T13:49:38Z |
| suse-su-2025:20277-1 | Security update for libxslt | 2025-04-22T13:46:18Z | 2025-04-22T13:46:18Z |
| suse-su-2025:20275-1 | Security update for libtasn1 | 2025-04-22T13:27:45Z | 2025-04-22T13:27:45Z |
| suse-su-2025:20274-1 | Security update for libxml2 | 2025-04-22T12:11:27Z | 2025-04-22T12:11:27Z |
| suse-su-2025:20272-1 | Security update for orc | 2025-04-22T12:08:14Z | 2025-04-22T12:08:14Z |
| suse-su-2025:1359-1 | Security update for govulncheck-vulndb | 2025-04-22T10:49:18Z | 2025-04-22T10:49:18Z |
| suse-su-2025:1357-1 | Security update for erlang | 2025-04-22T09:30:11Z | 2025-04-22T09:30:11Z |
| suse-su-2025:1356-1 | Security update for erlang26 | 2025-04-22T09:29:26Z | 2025-04-22T09:29:26Z |
| suse-su-2025:1349-1 | Security update for GraphicsMagick | 2025-04-18T10:06:16Z | 2025-04-18T10:06:16Z |
| suse-su-2025:1346-1 | Security update for containerd | 2025-04-17T15:15:09Z | 2025-04-17T15:15:09Z |
| suse-su-2025:1345-1 | Security update for containerd | 2025-04-17T15:14:43Z | 2025-04-17T15:14:43Z |
| suse-su-2025:1344-1 | Security update for docker-stable | 2025-04-17T15:14:06Z | 2025-04-17T15:14:06Z |
| suse-su-2025:20192-1 | Security update for the Linux Kernel | 2025-04-17T14:37:10Z | 2025-04-17T14:37:10Z |
| suse-su-2025:20270-1 | Security update for the Linux Kernel | 2025-04-17T14:30:40Z | 2025-04-17T14:30:40Z |
| suse-su-2025:1342-1 | Security update for poppler | 2025-04-17T14:01:36Z | 2025-04-17T14:01:36Z |
| suse-su-2025:1341-1 | Security update for docker | 2025-04-17T14:01:23Z | 2025-04-17T14:01:23Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-24728 | Apache StreamPark存在未明漏洞(CNVD-2025-24728) | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24727 | D-Link DIR-816A2缓冲区溢出漏洞 | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24726 | D-Link DIR-820L访问控制错误漏洞 | 2025-10-22 | 2025-10-23 |
| cnvd-2025-24725 | ZOHO ManageEngine ADManager Plus命令注入漏洞 | 2025-10-23 | 2025-10-23 |
| cnvd-2025-24724 | ChanCMS代码注入漏洞 | 2025-10-23 | 2025-10-23 |
| cnvd-2025-24723 | ChanCMS /cms/article/findField文件SQL注入漏洞 | 2025-10-23 | 2025-10-23 |
| cnvd-2025-24706 | SAMSUNG Notes越界读取漏洞(CNVD-2025-24706) | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24705 | SAMSUNG Notes越界读取漏洞(CNVD-2025-24705) | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24704 | SAMSUNG Notes越界读取漏洞(CNVD-2025-24704) | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24703 | SAMSUNG Notes越界读取漏洞(CNVD-2025-24703) | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24656 | D-Link DI-7001 MINI操作系统命令注入漏洞 | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24655 | D-Link DI-7001 MINI缓冲区溢出漏洞 | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24654 | Portábilis i-Educar授权问题漏洞 | 2025-09-29 | 2025-10-23 |
| cnvd-2025-24653 | 多款Mozilla产品信息泄露漏洞(CNVD-2025-24653) | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24652 | 多款Mozilla产品安全绕过漏洞(CNVD-2025-24652) | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24651 | 多款Mozilla产品代码执行漏洞(CNVD-2025-24651) | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24649 | Centreon跨站脚本漏洞(CNVD-2025-24649) | 2025-10-17 | 2025-10-23 |
| cnvd-2025-24646 | 多款Mozilla产品安全绕过漏洞(CNVD-2025-24646) | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24645 | Microsoft Azure存在未明漏洞(CNVD-2025-24645) | 2025-10-17 | 2025-10-23 |
| cnvd-2025-24644 | Microsoft Windows存在未明漏洞(CNVD-2025-24644) | 2025-10-17 | 2025-10-23 |
| cnvd-2025-24642 | ZenML输入验证错误漏洞 | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24641 | Opencast跨站脚本漏洞 | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24640 | ChurchCRM身份验证错误漏洞 | 2025-10-21 | 2025-10-23 |
| cnvd-2025-24639 | Mozilla Firefox和Mozilla Thunderbird安全绕过漏洞(CNVD-2025-24639) | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24638 | 多款Mozilla产品代码执行漏洞(CNVD-2025-24638) | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24637 | Mozilla Firefox和Mozilla Thunderbird欺骗漏洞 | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24636 | 多款Mozilla产品安全绕过漏洞(CNVD-2025-24636) | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24635 | Mozilla Firefox信息泄露漏洞(CNVD-2025-24635) | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24634 | Mozilla Focus for iOS欺骗漏洞(CNVD-2025-24634) | 2025-09-18 | 2025-10-23 |
| cnvd-2025-24633 | Mozilla Firefox安全绕过漏洞(CNVD-2025-24633) | 2025-10-17 | 2025-10-23 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTFR-2024-AVI-0912 | Multiples vulnérabilités dans Liferay | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0911 | Vulnérabilité dans les produits Moxa | 2024-10-22T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0910 | Vulnérabilité dans MongoDB | 2024-10-22T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0909 | Multiples vulnérabilités dans les produits Synology | 2024-10-21T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0792 | Multiples vulnérabilités dans VMware vCenter Server | 2024-09-18T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0426 | Multiples vulnérabilités dans Roundcube | 2024-05-21T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| CERTFR-2024-AVI-0911 | Vulnérabilité dans les produits Moxa | 2024-10-22T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| CERTFR-2024-AVI-0910 | Vulnérabilité dans MongoDB | 2024-10-22T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| CERTFR-2024-AVI-0909 | Multiples vulnérabilités dans les produits Synology | 2024-10-21T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| CERTFR-2024-AVI-0792 | Multiples vulnérabilités dans VMware vCenter Server | 2024-09-18T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| CERTFR-2024-AVI-0426 | Multiples vulnérabilités dans Roundcube | 2024-05-21T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0908 | Vulnérabilité dans Microsoft Edge | 2024-10-21T00:00:00.000000 | 2024-10-21T00:00:00.000000 |
| certfr-2024-avi-0899 | Vulnérabilité dans Grafana | 2024-10-18T00:00:00.000000 | 2024-10-21T00:00:00.000000 |
| certfr-2024-avi-0893 | Multiples vulnérabilités dans les produits F5 | 2024-10-17T00:00:00.000000 | 2024-10-21T00:00:00.000000 |
| CERTFR-2024-AVI-0908 | Vulnérabilité dans Microsoft Edge | 2024-10-21T00:00:00.000000 | 2024-10-21T00:00:00.000000 |
| CERTFR-2024-AVI-0899 | Vulnérabilité dans Grafana | 2024-10-18T00:00:00.000000 | 2024-10-21T00:00:00.000000 |
| CERTFR-2024-AVI-0893 | Multiples vulnérabilités dans les produits F5 | 2024-10-17T00:00:00.000000 | 2024-10-21T00:00:00.000000 |
| certfr-2024-avi-0907 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0906 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0905 | Multiples vulnérabilités dans les produits Moxa | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0904 | Multiples vulnérabilités dans Foxit PDF Editor | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0903 | Multiples vulnérabilités dans les produits IBM | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0902 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0901 | Multiples vulnérabilités dans Microsoft Edge | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0900 | Multiples vulnérabilités dans Spring Framework | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0895 | Vulnérabilité dans OpenSSL | 2024-10-17T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| CERTFR-2024-AVI-0907 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| CERTFR-2024-AVI-0906 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| CERTFR-2024-AVI-0905 | Multiples vulnérabilités dans les produits Moxa | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| CERTFR-2024-AVI-0904 | Multiples vulnérabilités dans Foxit PDF Editor | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |