Recent vulnerabilities

ID CVSS Description Vendor Product Published Updated
CVE-2025-33180
8 (3.1)
NVIDIA Cumulus Linux and NVOS products contain a … NVIDIA
 Cumulus Linux GA
 2026-02-24T18:41:48.632Z 2026-02-24T21:31:41.482Z
CVE-2025-33179
8 (3.1)
NVIDIA Cumulus Linux and NVOS products contain a … NVIDIA
 Cumulus Linux GA
 2026-02-24T18:41:32.821Z 2026-02-24T18:41:32.821Z
CVE-2026-26342
8.7 (4.0)
Tattile Smart+ / Vega / Basic <= 1.181.5 Insufficient … Tattile s.r.l.
 Smart+
 2026-02-24T18:41:09.935Z 2026-02-24T18:41:09.935Z
CVE-2026-26341
9.3 (4.0)
Tattile Smart+ / Vega / Basic <= 1.181.5 Default Credentials Tattile s.r.l.
 Smart+
 2026-02-24T18:40:54.212Z 2026-02-24T21:33:18.810Z
CVE-2026-26340
8.7 (4.0)
Tattile Smart+ / Vega / Basic <= 1.181.5 Unauthenticat… Tattile s.r.l.
 Smart+
 2026-02-24T18:40:35.393Z 2026-02-24T21:34:06.523Z
CVE-2026-3105
7.6 (3.1)
SQL Injection in Contact Activity API Sorting Mautic
 Mautic
 2026-02-24T18:39:03.352Z 2026-02-24T18:39:03.352Z
CVE-2026-26222
10 (4.0)
DocLink .NET Remoting Unauthenticated Arbitrary File R… Beyond Limits Inc.
 Altec DocLink
 2026-02-24T17:33:12.136Z 2026-02-24T17:36:46.668Z
CVE-2026-25603
6.6 (3.1)
Path Traversal vulnerability in Linksys MR9600, Linksy… Linksys
 MR9600
 2026-02-24T17:14:36.141Z 2026-02-24T18:13:33.449Z
CVE-2026-27468
4.8 (4.0)
Mastodon may allow unconfirmed FASP to make subscriptions mastodon
 mastodon
 2026-02-24T17:12:40.349Z 2026-02-24T17:12:40.349Z
CVE-2025-14963
6.2 (4.0)
A vulnerability identified in the HX Agent driver… Trellix
 Endpoint HX Agent (xAgent)
 2026-02-24T17:11:06.812Z 2026-02-26T07:36:15.415Z
CVE-2026-27156
6.1 (3.1)
NiceGUI has XSS via Code Injection zauberzeug
 nicegui
 2026-02-24T17:00:21.628Z 2026-02-24T17:00:21.628Z
CVE-2025-62512
5.5 (4.0)
Piwigo Vulnerable to User Enumeration via Password Res… Piwigo
 Piwigo
 2026-02-24T16:43:28.919Z 2026-02-24T16:43:28.919Z
CVE-2024-48928
2.7 (4.0)
Piwigo's secret key can be brute forced Piwigo
 Piwigo
 2026-02-24T16:39:56.944Z 2026-02-24T16:39:56.944Z
CVE-2026-27590
8.9 (4.0)
Caddy: Unicode case-folding length expansion causes in… caddyserver
 caddy
 2026-02-24T16:33:41.353Z 2026-02-24T16:33:41.353Z
CVE-2026-27589
6.9 (4.0)
Caddy vulnerable to cross-origin config application vi… caddyserver
 caddy
 2026-02-24T16:30:52.016Z 2026-02-24T16:31:35.510Z
CVE-2026-27588
7.7 (4.0)
Caddy: MatchHost becomes case-sensitive for large host… caddyserver
 caddy
 2026-02-24T16:28:28.106Z 2026-02-24T16:28:28.106Z
CVE-2026-27587
7.7 (4.0)
Caddy: MatchPath %xx (escaped-path) branch skips case … caddyserver
 caddy
 2026-02-24T16:26:40.222Z 2026-02-24T16:26:40.222Z
CVE-2026-27586
8.8 (4.0)
Caddy's mTLS client authentication silently fails open… caddyserver
 caddy
 2026-02-24T16:08:20.569Z 2026-02-24T16:08:20.569Z
CVE-2026-27585
6.9 (4.0)
Caddy's improper sanitization of glob characters in fi… caddyserver
 caddy
 2026-02-24T16:06:05.030Z 2026-02-24T16:06:05.030Z
CVE-2026-27571
5.9 (3.1)
nats-server websockets are vulnerable to pre-auth memory DoS nats-io
 nats-server
 2026-02-24T15:59:17.926Z 2026-02-24T15:59:17.926Z
CVE-2025-13776
8.6 (4.0)
Hard-coded database credentials in Finka software TIK-SOFT
 Finka-FK
 2026-02-24T15:58:30.096Z 2026-02-24T15:58:30.096Z
CVE-2025-47904
5.7 (4.0)
Unsigned upgrade package Microchip
 Time Provider 4100
 2026-02-24T15:34:20.905Z 2026-02-24T15:34:20.905Z
CVE-2026-27521
6.9 (4.0)
6.5 (3.1)
Binardat 10G08-0800GSM Network Switch Missing Login Ra… Binardat Ltd.
 10G08-0800GSM Network Switch
 2026-02-24T15:08:14.170Z 2026-02-24T15:08:14.170Z
CVE-2026-27520
8.7 (4.0)
7.5 (3.1)
Binardat 10G08-0800GSM Network Switch Base64-encoded P… Binardat Ltd.
 10G08-0800GSM Network Switch
 2026-02-24T15:07:41.085Z 2026-02-24T15:07:41.085Z
CVE-2026-27519
8.7 (4.0)
7.5 (3.1)
Binardat 10G08-0800GSM Network Switch Hard-coded RC4 E… Binardat Ltd.
 10G08-0800GSM Network Switch
 2026-02-24T15:07:10.410Z 2026-02-24T15:07:10.410Z
CVE-2026-27518
5.1 (4.0)
4.3 (3.1)
Binardat 10G08-0800GSM Network Switch CSRF Binardat Ltd.
 10G08-0800GSM Network Switch
 2026-02-24T15:06:39.513Z 2026-02-24T15:06:39.513Z
CVE-2026-27517
5.1 (4.0)
5.4 (3.1)
Binardat 10G08-0800GSM Network Switch XSS Binardat Ltd.
 10G08-0800GSM Network Switch
 2026-02-24T15:06:08.974Z 2026-02-24T15:06:08.974Z
CVE-2026-27516
8.6 (4.0)
8.1 (3.1)
Binardat 10G08-0800GSM Network Switch Plaintext Passwo… Binardat Ltd.
 10G08-0800GSM Network Switch
 2026-02-24T15:05:12.384Z 2026-02-24T15:05:12.384Z
CVE-2026-27515
9.3 (4.0)
9.1 (3.1)
Binardat 10G08-0800GSM Network Switch Predictable Sess… Binardat Ltd.
 10G08-0800GSM Network Switch
 2026-02-24T15:04:41.427Z 2026-02-24T15:04:41.427Z
CVE-2026-27507
9.3 (4.0)
9.8 (3.1)
Binardat 10G08-0800GSM Network Switch Hard-coded Credentials Binardat Ltd.
 10G08-0800GSM Network Switch
 2026-02-24T15:04:16.616Z 2026-02-24T15:04:16.616Z
ID CVSS Description Vendor Product Published Updated
ID Description Published Updated
ID Severity Description Published Updated
ghsa-m65f-px5x-xq9x
9.8 (3.1)
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Fir… 2026-02-24T15:30:31Z 2026-02-25T18:31:35Z
ghsa-h67m-x9c3-v9wp
8.8 (3.1)
Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firef… 2026-02-24T15:30:31Z 2026-02-24T18:31:01Z
ghsa-h3qc-gf9h-42g6
9.8 (3.1)
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Fire… 2026-02-24T15:30:31Z 2026-02-25T18:31:35Z
ghsa-gxg5-574v-j5f6
9.8 (3.1)
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Fi… 2026-02-24T15:30:31Z 2026-02-25T18:31:35Z
ghsa-gwgg-r543-4wvw
9.8 (3.1)
Malicious scripts could cause desynchronization between the address bar and web content before a re… 2026-02-24T15:30:31Z 2026-02-25T18:31:31Z
ghsa-g5w7-69g8-vcwp
10.0 (3.1)
Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Fire… 2026-02-24T15:30:31Z 2026-02-25T18:31:33Z
ghsa-99p8-j693-qhpc
9.8 (3.1)
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fir… 2026-02-24T15:30:31Z 2026-02-25T18:31:34Z
ghsa-8hm4-jmvc-cfg9
7.4 (4.0)
A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter … 2026-02-24T15:30:31Z 2026-02-24T15:30:31Z
ghsa-76rw-rj58-mpqc
10.0 (3.1)
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148 and Fi… 2026-02-24T15:30:31Z 2026-02-25T18:31:35Z
ghsa-5mg4-r7qx-2frp
9.8 (3.1)
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, F… 2026-02-24T15:30:31Z 2026-02-25T18:31:34Z
ghsa-59x3-pvmj-2pw2
9.8 (3.1)
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148 an… 2026-02-24T15:30:31Z 2026-02-25T18:31:35Z
ghsa-3jr5-gwfp-7mfw
9.8 (3.1)
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affe… 2026-02-24T15:30:31Z 2026-02-25T18:31:34Z
ghsa-3hhv-j9r2-hr9c
9.8 (3.1)
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firef… 2026-02-24T15:30:31Z 2026-02-25T18:31:32Z
ghsa-3cg8-wjp5-4rm6
9.8 (3.1)
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox E… 2026-02-24T15:30:31Z 2026-02-25T18:31:32Z
ghsa-2255-92v8-4pvj
10.0 (3.1)
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vuln… 2026-02-24T15:30:31Z 2026-02-25T18:31:32Z
ghsa-q2vg-xgjr-32v3
8.7 (4.0)
IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product… 2026-02-24T15:30:30Z 2026-02-24T15:30:30Z
ghsa-pwpc-5pp8-7qw9
5.3 (4.0)
RTU500 web interface: An unprivileged user can read user management information. The information ca… 2026-02-24T15:30:30Z 2026-02-24T15:30:30Z
ghsa-mwf2-qr4v-94h2
7.1 (4.0)
An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated u… 2026-02-24T15:30:30Z 2026-02-24T21:31:45Z
ghsa-h294-8fxm-m2pj
6.5 (3.1)
2.3 (4.0)
A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to r… 2026-02-24T15:30:30Z 2026-02-25T15:31:37Z
ghsa-gvxg-9hqx-f4rg
6.5 (3.1)
5.3 (4.0)
Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability i… 2026-02-24T15:30:30Z 2026-02-25T15:31:37Z
ghsa-48m2-v2r8-h23m
5.3 (4.0)
Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execu… 2026-02-24T15:30:30Z 2026-02-24T21:31:45Z
ghsa-3m2g-v7jf-7fxc
6.5 (3.1)
7.1 (4.0)
An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user… 2026-02-24T15:30:30Z 2026-02-25T15:31:37Z
ghsa-266v-99c5-7x8c
9.3 (4.0)
Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote … 2026-02-24T15:30:30Z 2026-02-24T15:30:30Z
ghsa-gm37-qx7w-p258
5.3 (3.1)
ImageMagick: Possible memory leak in ASHLAR encoder 2026-02-24T15:30:16Z 2026-02-24T15:30:16Z
ghsa-jv4p-gjwq-9r2j
5.1 (3.1)
ImageMagick: Out of bounds read in multiple coders read raw pixel data 2026-02-24T15:29:46Z 2026-02-24T15:29:47Z
ghsa-pqgj-2p96-rx85
7.5 (3.1)
ImageMagick: Infinite loop vulnerability when parsing a PCD file 2026-02-24T15:29:12Z 2026-02-24T15:29:12Z
ghsa-wg3g-gvx5-2pmv
5.3 (3.1)
ImageMagick: Converting multi-layer nested MVG to SVG can cause DoS 2026-02-24T15:28:17Z 2026-02-24T15:28:17Z
ghsa-96pc-27rx-pr36
7.5 (3.1)
ImageMagick has Possible Heap Information Disclosure in PSD ZIP Decompression 2026-02-24T15:27:28Z 2026-02-24T15:27:28Z
ghsa-x7c5-fjpp-2mcc
6.8 (4.0)
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker… 2026-02-24T12:31:40Z 2026-02-24T12:31:40Z
ghsa-r837-hpv7-pc2f
8.4 (3.1)
Apache Airflow vulnerable to Code Injection in the web-server context via LogTemplate table 2026-02-24T12:31:40Z 2026-02-25T19:20:56Z
ID Severity Description Package Published Updated
pysec-2024-129
7.5 (3.1)
FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash… paddlepaddle 2024-01-03T09:15:00+00:00 2024-11-21T14:22:57.364643+00:00
pysec-2023-271
5.3 (3.1)
Hail is an open-source, general-purpose, Python-based data analysis tool with additional … hail 2023-12-29T17:16:00+00:00 2024-11-21T14:22:51.672042+00:00
pysec-2023-259
9.8 (3.1)
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1… micropython-select 2023-12-29T05:15:00+00:00 2024-02-29T07:20:31.851255+00:00
pysec-2023-258
9.8 (3.1)
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1… micropython-os 2023-12-29T05:15:00+00:00 2024-02-29T07:20:31.721783+00:00
pysec-2023-257
9.8 (3.1)
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1… micropython-io 2023-12-29T05:15:00+00:00 2024-02-29T07:20:31.603749+00:00
pysec-2023-256
9.8 (3.1)
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1… micropython-copy 2023-12-29T05:15:00+00:00 2024-02-29T07:20:31.464203+00:00
pysec-2023-248
6.1 (3.1)
An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows at… flask-security-too 2023-12-26T22:15:00+00:00 2024-01-17T11:19:18.188431+00:00
pysec-2023-279
9.1 (3.1)
MindsDB is a SQL Server for artificial intelligence. Prior to version 23.11.4.1, the `put… mindsdb 2023-12-22T21:15:00+00:00 2024-11-21T14:22:54.549778+00:00
pysec-2023-249
7.5 (3.1)
Gradio is an open-source Python package that allows you to quickly build a demo or web ap… gradio 2023-12-22T21:15:00+00:00 2024-01-17T11:19:18.252182+00:00
pysec-2023-287
4.3 (3.1)
Nautobot is a Network Source of Truth and Network Automation Platform built as a web appl… nautobot 2023-12-22T17:15:00+00:00 2024-11-21T14:22:55.764934+00:00
pysec-2023-267
6.5 (3.1)
Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an auth… apache-airflow 2023-12-21T10:15:00+00:00 2024-11-21T14:22:40.744438+00:00
pysec-2023-266
6.5 (3.1)
Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker … apache-airflow 2023-12-21T10:15:00+00:00 2024-11-21T14:22:40.683792+00:00
pysec-2023-265
4.3 (3.1)
Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows… apache-airflow 2023-12-21T10:15:00+00:00 2024-11-21T14:22:40.621314+00:00
pysec-2023-264
5.4 (3.1)
Apache Airflow, versions 2.6.0 through 2.7.3 has a stored XSS vulnerability that allows a… apache-airflow 2023-12-21T10:15:00+00:00 2024-11-21T14:22:40.559945+00:00
pysec-2023-301
7.8 (3.1)
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36. transformers 2023-12-20T17:15:00+00:00 2024-11-21T14:23:01.933055+00:00
pysec-2023-300
8.8 (3.1)
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36. transformers 2023-12-19T13:15:00+00:00 2024-11-21T14:23:01.871022+00:00
pysec-2023-252
7.5 (3.1)
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. mlflow 2023-12-18T04:15:00+00:00 2024-02-06T22:20:23.832000+00:00
pysec-2023-253
8.1 (3.1)
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. mlflow 2023-12-15T01:15:00+00:00 2024-02-14T00:26:12.242703+00:00
pysec-2023-255
8.1 (3.1)
Command Injection in GitHub repository gradio-app/gradio prior to main. gradio 2023-12-14T14:15:00+00:00 2024-02-28T16:22:37.359017+00:00
pysec-2023-307
7.5 (3.1)
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). Contr… vyper 2023-12-13T20:15:00+00:00 2024-11-21T14:23:02.808922+00:00
pysec-2023-297
7.5 (3.1)
A path traversal vulnerability has been detected in Repox, which allows an attacker to re… repox 2023-12-13T10:15:00Z 2024-11-21T14:23:00.892241Z
pysec-2023-296
7.5 (3.1)
An XEE vulnerability has been found in Repox, which allows a remote attacker to interfere… repox 2023-12-13T10:15:00Z 2024-11-21T14:23:00.841929Z
pysec-2023-295
5.4 (3.1)
An XSS vulnerability stored in Repox has been identified, which allows a local attacker t… repox 2023-12-13T10:15:00Z 2024-11-21T14:23:00.792103Z
pysec-2023-294
6.1 (3.1)
An XSS vulnerability has been detected in Repox, which allows an attacker to compromise i… repox 2023-12-13T10:15:00Z 2024-11-21T14:23:00.74018Z
pysec-2023-293
7.5 (3.1)
An authentication bypass vulnerability has been found in Repox, which allows a remote use… repox 2023-12-13T09:15:00Z 2024-11-21T14:23:00.689595Z
pysec-2023-309
8.8 (3.1)
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. mlflow 2023-12-13T00:15:07+00:00 2025-04-09T17:27:26.271200+00:00
pysec-2023-286
5.3 (3.1)
Nautobot is a Network Source of Truth and Network Automation Platform built as a web appl… nautobot 2023-12-12T23:15:00+00:00 2024-11-21T14:22:55.664554+00:00
pysec-2023-262
9.8 (3.1)
main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code … searchor 2023-12-12T18:15:00+00:00 2024-10-09T19:20:24.594458+00:00
pysec-2023-281
8.8 (3.1)
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repositor… mlflow 2023-12-12T04:15:00+00:00 2024-11-21T14:22:54.938745+00:00
pysec-2023-261
9.8 (3.1)
SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0, al… sap-xssec 2023-12-12T02:15:00+00:00 2024-09-29T00:37:11.092461+00:00
ID Description Type
ID Description Updated
ID Description Published Updated
mal-2026-722 Malicious code in express-groups-routes (npm) 2026-02-04T04:56:58Z 2026-02-06T03:05:23Z
mal-2026-716 Malicious code in si-wsl (npm) 2026-02-04T04:41:11Z 2026-02-06T03:05:26Z
mal-2026-715 Malicious code in rreact-sdk (npm) 2026-02-04T04:41:11Z 2026-02-06T03:05:26Z
mal-2026-714 Malicious code in reactt-sdkk (npm) 2026-02-04T04:41:11Z 2026-02-06T03:05:26Z
mal-2026-713 Malicious code in react-sdkk (npm) 2026-02-04T04:41:11Z 2026-02-06T03:05:26Z
mal-2026-712 Malicious code in ongose (npm) 2026-02-04T04:41:11Z 2026-02-06T03:05:25Z
mal-2026-711 Malicious code in mongoose_update (npm) 2026-02-04T04:41:11Z 2026-02-06T03:05:25Z
mal-2026-709 Malicious code in mongooose_update (npm) 2026-02-04T04:41:11Z 2026-02-06T03:05:25Z
mal-2026-710 Malicious code in mongooose_updated (npm) 2026-02-04T04:41:10Z 2026-02-06T03:05:25Z
mal-2026-708 Malicious code in incode-kyc-backend (npm) 2026-02-03T21:30:33Z 2026-02-06T03:05:24Z
mal-2026-707 Malicious code in js-unpack (npm) 2026-02-03T17:41:26Z 2026-02-06T03:05:24Z
mal-2026-706 Malicious code in @devgandhi/healthpulse (npm) 2026-02-03T17:39:11Z 2026-02-06T03:05:22Z
mal-2026-705 Malicious code in @devgandhi/cpp (npm) 2026-02-03T17:39:11Z 2026-02-06T03:05:22Z
mal-2026-704 Malicious code in testing-package-xdsfdsfsc (npm) 2026-02-03T16:22:25Z 2026-02-07T10:45:40Z
mal-2026-703 Malicious code in @x-clients/features (npm) 2026-02-03T15:41:03Z 2026-02-06T03:05:22Z
mal-2026-702 Malicious code in serpapi-python (PyPI) 2026-02-03T11:52:58Z 2026-02-03T11:52:58Z
mal-2026-701 Malicious code in filespath (PyPI) 2026-02-03T10:31:19Z 2026-02-03T10:31:19Z
mal-2026-700 Malicious code in tabulapys (PyPI) 2026-02-03T10:04:45Z 2026-02-03T10:04:45Z
mal-2026-699 Malicious code in tokyo-ppe-test (PyPI) 2026-02-03T09:32:04Z 2026-02-03T09:32:04Z
mal-2026-698 Malicious code in tableshow (PyPI) 2026-02-03T09:30:09Z 2026-02-03T09:30:09Z
mal-2026-697 Malicious code in pathlib-v2-utility (PyPI) 2026-02-03T09:17:38Z 2026-02-03T09:17:38Z
mal-2026-696 Malicious code in pathfiles (PyPI) 2026-02-03T09:15:58Z 2026-02-03T10:19:00Z
mal-2026-690 Malicious code in fileupload-util (npm) 2026-02-03T07:56:03Z 2026-02-06T03:05:23Z
mal-2026-693 Malicious code in tailwindcss-forms-kit (npm) 2026-02-03T07:51:18Z 2026-02-06T03:05:26Z
mal-2026-686 Malicious code in tableapys (PyPI) 2026-02-03T07:49:06Z 2026-02-03T09:19:13Z
mal-2026-695 Malicious code in tsconfig-stitch (npm) 2026-02-03T07:48:27Z 2026-02-06T03:05:27Z
mal-2026-691 Malicious code in fingerprint-stitch (npm) 2026-02-03T07:48:27Z 2026-02-06T03:05:23Z
mal-2026-689 Malicious code in eslint-config-stitch (npm) 2026-02-03T07:48:27Z 2026-02-06T03:05:23Z
mal-2026-688 Malicious code in eslint-config-nlx (npm) 2026-02-03T07:48:27Z 2026-02-06T03:05:23Z
mal-2026-692 Malicious code in graphrix (npm) 2026-02-03T07:44:00Z 2026-02-06T03:05:24Z
ID Description Published Updated
bit-moodle-2025-62398 Moodle: possible to bypass mfa 2025-11-17T23:47:46.528Z 2025-11-18T00:06:24.423Z
bit-moodle-2025-62397 Moodle: router produces json instead of 404 error for invalid course id 2025-11-17T23:47:45.012Z 2025-11-18T00:06:24.423Z
bit-moodle-2025-62396 Moodle: router (r.php) could expose application directories 2025-11-17T23:47:43.645Z 2025-11-18T00:06:24.423Z
bit-moodle-2025-62395 Moodle: external cohort search service leaks system cohort data 2025-11-17T23:47:42.131Z 2025-11-18T00:06:24.423Z
bit-moodle-2025-62394 Moodle: quiz notifications sent to suspended participants 2025-11-17T23:47:40.687Z 2025-11-18T00:06:24.423Z
bit-moodle-2025-62393 Moodle: course access permissions not properly checked in course_output_fragment_course_overview 2025-11-17T23:47:39.287Z 2025-11-18T00:06:24.423Z
bit-kibana-2025-37734 Kibana Origin Validation Error 2025-11-14T14:40:47.948Z 2025-11-14T15:09:14.122Z
bit-elk-2025-37734 Kibana Origin Validation Error 2025-11-14T14:38:05.480Z 2025-11-14T15:09:14.122Z
bit-parse-2025-64502 Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details 2025-11-12T11:45:03.650Z 2026-01-08T18:07:34.629Z
bit-parse-2025-64430 Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format 2025-11-12T11:45:02.117Z 2025-11-12T12:05:53.614Z
bit-django-2025-64459 Potential SQL injection via _connector keyword argument in QuerySet and Q objects 2025-11-11T11:36:39.904Z 2025-11-11T12:05:08.739Z
bit-django-2025-64458 Potential denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows 2025-11-11T11:36:38.456Z 2025-11-11T12:05:08.739Z
bit-wildfly-2022-0866 2025-11-07T11:01:40.946Z 2025-11-07T11:28:28.483Z
bit-mlflow-2025-11201 MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability 2025-11-07T10:57:31.684Z 2025-11-07T11:28:28.483Z
bit-redis-2025-62507 Redis: Bug in XACKDEL may lead to stack overflow and potential RCE 2025-11-07T08:49:33.083Z 2025-11-07T09:06:54.375Z
bit-keydb-2025-62507 Redis: Bug in XACKDEL may lead to stack overflow and potential RCE 2025-11-07T08:40:53.783Z 2025-11-07T09:06:54.375Z
bit-mastodon-2022-2166 Improper Restriction of Excessive Authentication Attempts in mastodon/mastodon 2025-11-06T15:08:22.357Z 2025-11-06T15:44:17.098Z
bit-gitlab-2025-11702 Missing Authorization in GitLab 2025-11-06T13:22:05.051Z 2025-11-06T13:25:46.476Z
bit-tomcat-2025-61795 Apache Tomcat: Delayed cleaning of multi-part upload temporary files may lead to DoS 2025-11-06T13:00:35.478Z 2025-11-06T13:25:46.476Z
bit-tomcat-2025-55754 Apache Tomcat: console manipulation via escape sequences in log messages 2025-11-06T13:00:33.572Z 2025-11-06T13:25:46.476Z
bit-tomcat-2025-55752 Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled 2025-11-06T13:00:31.694Z 2025-11-11T12:05:08.739Z
bit-discourse-2025-61598 Discourse is missing Cache-Control response header on error responses 2025-11-06T12:59:31.285Z 2025-11-06T13:25:46.476Z
bit-golang-2025-61725 Excessive CPU consumption in ParseAddress in net/mail 2025-11-06T12:58:41.872Z 2025-12-10T12:06:24.101Z
bit-golang-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto 2025-11-06T12:58:38.217Z 2025-11-06T13:25:46.476Z
bit-golang-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem 2025-11-06T12:58:34.335Z 2025-11-06T13:25:46.476Z
bit-golang-2025-58189 ALPN negotiation error contains attacker controlled information in crypto/tls 2025-11-06T12:58:30.596Z 2025-11-06T13:25:46.476Z
bit-golang-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509 2025-11-06T12:58:26.740Z 2025-11-06T13:25:46.476Z
bit-golang-2025-58187 Quadratic complexity when checking name constraints in crypto/x509 2025-11-06T12:58:22.304Z 2025-11-21T09:06:15.683Z
bit-golang-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http 2025-11-06T12:58:17.587Z 2025-11-06T13:25:46.476Z
bit-golang-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1 2025-11-06T12:58:12.795Z 2025-11-06T13:25:46.476Z
ID Description Published Updated
ID Description Published Updated
drupal-contrib-2021-019 2021-06-23T16:51:26.000Z 2023-08-11T17:10:31.000Z
drupal-contrib-2021-018 2021-06-23T16:47:59.000Z 2023-08-11T17:09:57.000Z
drupal-contrib-2021-017 2021-06-16T16:15:21.000Z 2023-08-11T17:09:04.000Z
drupal-contrib-2021-016 2021-06-16T16:05:14.000Z 2023-08-11T17:08:37.000Z
drupal-contrib-2021-015 2021-06-16T15:58:47.000Z 2023-08-11T17:08:06.000Z
drupal-contrib-2021-014 2021-06-02T16:59:12.000Z 2023-08-11T17:07:36.000Z
drupal-contrib-2021-013 2021-06-02T16:56:19.000Z 2023-08-11T17:07:00.000Z
drupal-contrib-2021-011 2021-06-02T16:51:10.000Z 2023-08-11T17:22:44.000Z
drupal-contrib-2021-010 2021-06-02T16:49:49.000Z 2023-08-11T17:21:33.000Z
drupal-contrib-2021-009 2021-05-12T16:23:23.000Z 2023-08-11T17:18:42.000Z
drupal-contrib-2021-008 2021-05-12T16:14:35.000Z 2023-08-11T17:17:58.000Z
drupal-contrib-2021-007 2021-05-12T16:08:34.000Z 2023-08-11T17:17:34.000Z
drupal-contrib-2021-006 2021-04-28T16:47:09.000Z 2023-08-11T17:16:38.000Z
drupal-contrib-2021-005 2021-03-17T18:36:07.000Z 2023-08-11T17:15:48.000Z
drupal-contrib-2021-004 2021-03-03T16:49:33.000Z 2023-08-11T17:15:22.000Z
drupal-contrib-2021-003 2021-01-27T17:53:09.000Z 2023-08-11T17:13:06.000Z
drupal-contrib-2021-002 2021-01-27T17:27:57.000Z 2023-08-11T17:25:36.000Z
drupal-contrib-2021-001 2021-01-27T17:17:43.000Z 2023-08-11T17:24:49.000Z
drupal-contrib-2020-038 2020-11-18T17:27:58.000Z 2023-08-11T17:45:32.000Z
drupal-contrib-2020-035 2020-11-18T17:15:24.000Z 2023-08-11T17:43:11.000Z
drupal-contrib-2020-034 2020-10-14T14:38:16.000Z 2023-08-11T17:32:53.000Z
drupal-contrib-2020-033 2020-08-05T20:05:36.000Z 2023-08-11T17:31:14.000Z
drupal-contrib-2020-032 2020-08-05T15:47:56.000Z 2023-08-11T17:31:20.000Z
drupal-contrib-2020-030 2020-07-29T12:23:17.000Z 2023-08-11T17:46:26.000Z
drupal-contrib-2020-029 2020-07-22T18:53:26.000Z 2023-08-11T17:49:52.000Z
drupal-contrib-2020-028 2020-07-22T18:48:10.000Z 2023-08-11T17:49:38.000Z
drupal-contrib-2020-027 2020-07-22T17:58:17.000Z 2023-08-11T17:49:02.000Z
drupal-contrib-2020-024 2020-06-10T16:44:34.000Z 2023-08-11T17:47:56.000Z
drupal-contrib-2020-021 2020-05-27T15:47:10.000Z 2023-08-11T17:47:04.000Z
drupal-contrib-2020-020 2020-05-27T15:32:52.000Z 2023-08-11T17:51:01.000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Updated
ID Description Published Updated
jvndb-2024-000066 WordPress plugins "WP Tweet Walls" and "Sola Testimonials" vulnerable to cross-site request forgery 2024-06-26T14:25+09:00 2024-06-26T14:25+09:00
jvndb-2024-003699 LINE client for iOS vulnerable to universal cross-site scripting 2024-06-24T11:05+09:00 2024-06-24T11:05+09:00
jvndb-2024-003645 Multiple vulnerabilities in multiple Trend Micro products 2024-06-20T14:59+09:00 2024-06-20T14:59+09:00
jvndb-2024-000065 "ZOZOTOWN" App for Android fails to restrict custom URL schemes properly 2024-06-19T16:04+09:00 2024-06-19T16:04+09:00
jvndb-2024-000064 WordPress plugin "SiteGuard WP Plugin" may leak the customized path to the login page 2024-06-19T14:25+09:00 2024-06-19T14:25+09:00
jvndb-2024-000061 Multiple vulnerabilities in Ricoh Streamline NX PC Client 2024-06-18T14:56+09:00 2024-06-18T14:56+09:00
jvndb-2024-000063 Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR 2024-06-18T13:43+09:00 2024-06-18T13:43+09:00
jvndb-2024-003539 Multiple vulnerabilities in Toshiba Tec and Oki Electric Industry MFPs 2024-06-17T15:21+09:00 2024-06-17T15:21+09:00
jvndb-2024-000062 Denial-of-service (DoS) vulnerability in IPCOM WAF function 2024-06-12T15:03+09:00 2024-06-12T15:03+09:00
jvndb-2024-000058 WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection 2024-06-07T15:24+09:00 2024-06-10T17:08+09:00
jvndb-2024-000060 Multiple vulnerabilities in "FreeFrom - the nostr client" App 2024-06-07T14:51+09:00 2024-06-07T14:51+09:00
jvndb-2024-000057 Multiple vulnerabilities in UNIVERSAL PASSPORT RX 2024-06-03T15:32+09:00 2024-06-03T15:32+09:00
jvndb-2024-003254 Seiko Solutions SkyBridge MB-A100/MB-A110 and SkyBridge BASIC MB-A130 vulnerable to OS command injection 2024-06-03T14:53+09:00 2024-06-03T14:53+09:00
jvndb-2024-003253 Multiple vulnerabilities in Sharp and Toshiba Tec MFPs 2024-06-03T14:36+09:00 2024-06-03T14:36+09:00
jvndb-2024-000056 awkblog vulnerable to OS command injection 2024-05-30T14:39+09:00 2024-05-30T14:39+09:00
jvndb-2024-000055 Redmine DMSF Plugin vulnerable to path traversal 2024-05-29T14:13+09:00 2024-05-29T14:13+09:00
jvndb-2024-000054 EC-Orange vulnerable to authorization bypass 2024-05-29T14:06+09:00 2024-05-29T14:06+09:00
jvndb-2024-003249 ELECOM wireless LAN routers vulnerable to OS command injection 2024-05-29T12:33+09:00 2024-05-29T12:33+09:00
jvndb-2024-000053 Multiple vulnerabilities in Unifier and Unifier Cast 2024-05-28T14:47+09:00 2024-05-28T14:47+09:00
jvndb-2024-000052 Multiple vulnerabilities in UTAU 2024-05-28T14:23+09:00 2024-05-28T14:23+09:00
jvndb-2024-003242 OMRON NJ/NX series vulnerable to insufficient verification of data authenticity 2024-05-28T12:28+09:00 2024-07-26T16:27+09:00
jvndb-2024-000051 Splunk Config Explorer vulnerable to cross-site scripting 2024-05-24T13:50+09:00 2024-05-24T13:50+09:00
jvndb-2024-000050 WordPress Plugin "WP Booking" vulnerable to cross-site scripting 2024-05-24T13:41+09:00 2024-05-24T13:41+09:00
jvndb-2024-000046 Android App "TP-Link Tether" and "TP-Link Tapo" vulnerable to improper server certificate verification 2024-05-21T13:33+09:00 2024-05-21T13:33+09:00
jvndb-2024-003188 Panasonic KW Watcher vulnerable to memory buffer error 2024-05-17T15:46+09:00 2024-05-17T15:46+09:00
jvndb-2023-021762 Ruijie BCR810W/BCR860 vulnerable to OS command injection 2024-05-17T13:54+09:00 2024-05-17T13:54+09:00
jvndb-2024-000049 WordPress Plugin "Download Plugins and Themes from Dashboard" vulnerable to path traversal 2024-05-17T13:33+09:00 2024-05-17T13:33+09:00
jvndb-2024-003187 Multiple vulnerabilities in Field Logic DataCube 2024-05-17T12:05+09:00 2024-05-17T12:05+09:00
jvndb-2024-002342 Central Dogma vulnerable to cross-site scripting 2024-05-13T17:27+09:00 2024-05-13T17:27+09:00
jvndb-2024-000047 Multiple vulnerabilities in Cybozu Garoon 2024-05-13T15:19+09:00 2024-05-13T15:19+09:00
ID Description Updated
ID Description
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
cnvd-2026-00557 CMSimple代码执行漏洞 2025-12-29 2026-01-06
cnvd-2026-04455 北京神州视翰科技有限公司多媒体综合业务显示系统存在SQL注入漏洞(CNVD-C-2025-1203509) 2025-12-27 2026-01-21
cnvd-2026-10343 D-Link DAP-1325访问控制错误漏洞 2025-12-25 2026-02-05
cnvd-2026-07555 WordPress插件eRoom信息泄露漏洞 2025-12-25 2026-01-28
cnvd-2026-06567 中科方德软件有限公司方德桌面操作系统存在本地提权漏洞 2025-12-25 2026-01-31
cnvd-2026-05360 ChurchCRM跨站脚本漏洞(CNVD-2026-0536090) 2025-12-25 2026-01-19
cnvd-2026-05359 ChurchCRM信息泄露漏洞 2025-12-25 2026-01-19
cnvd-2026-05358 ChurchCRM代码执行漏洞(CNVD-2026-0535893) 2025-12-25 2026-01-19
cnvd-2026-05357 ChurchCRM 事件参与者编辑器SQL注入漏洞 2025-12-25 2026-01-19
cnvd-2026-05356 ChurchCRM访问控制错误漏洞 2025-12-25 2026-01-19
cnvd-2026-05355 ChurchCRM代码执行漏洞 2025-12-25 2026-01-19
cnvd-2026-05354 ChurchCRM跨站脚本漏洞(CNVD-2026-0535400) 2025-12-25 2026-01-19
cnvd-2026-05353 ChurchCRM跨站脚本漏洞 2025-12-25 2026-01-19
cnvd-2026-05352 ChurchCRM UserEditor.php文件SQL注入漏洞 2025-12-25 2026-01-19
cnvd-2026-05351 ChurchCRM ListEvents.php文件SQL注入漏洞 2025-12-25 2026-01-19
cnvd-2026-05350 ChurchCRM GroupEditor.php页面跨站脚本漏洞 2025-12-25 2026-01-19
cnvd-2026-05349 ChurchCRM eGive.php文件SQL注入漏洞 2025-12-25 2026-01-19
cnvd-2026-05348 ChurchCRM CartToFamily.php文件SQL注入漏洞 2025-12-25 2026-01-19
cnvd-2026-05344 RiteCMS存在未明漏洞 2025-12-25 2026-01-19
cnvd-2026-05343 RiteCMS文件包含漏洞 2025-12-25 2026-01-19
cnvd-2026-05342 RiteCMS访问控制不当漏洞 2025-12-25 2026-01-19
cnvd-2026-05341 RiteCMS跨站请求伪造漏洞 2025-12-25 2026-01-19
cnvd-2026-05340 RiteCMS跨站脚本漏洞 2025-12-25 2026-01-19
cnvd-2026-05339 RiteCMS代码执行漏洞 2025-12-25 2026-01-19
cnvd-2026-05332 Complete Online Beauty Parlor Management System /bwdates-reports-details.php文件跨站脚本漏洞 2025-12-25 2026-01-21
cnvd-2026-05331 Complete Online Beauty Parlor Management System /search-invoices.php文件SQL注入漏洞 2025-12-25 2026-01-21
cnvd-2026-05330 Complete Online Beauty Parlor Management System /view-appointment.php文件SQL注入漏洞 2025-12-25 2026-01-21
cnvd-2026-05130 Kentico Xperience信息泄露漏洞 2025-12-25 2026-01-20
cnvd-2026-05129 Kentico Xperience文件上传漏洞 2025-12-25 2026-01-20
cnvd-2026-05128 Kentico Xperience HTML注入漏洞 2025-12-25 2026-01-20
ID Description Published Updated
bdu:2026-01364 Уязвимость функции ffs_func_eps_enable() модуля drivers/usb/gadget/function/f_fs.c драйве… 06.02.2026 06.02.2026
bdu:2026-01363 Уязвимость функции multiq3_attach() модуля drivers/comedi/drivers/multiq3.c поддержки уст… 06.02.2026 06.02.2026
bdu:2026-01362 Уязвимость функции dc_stream_get_scanoutpos() модуля drivers/gpu/drm/amd/display/dc/core/… 06.02.2026 06.02.2026
bdu:2026-01361 Уязвимость функции f2fs_alloc_nid() модуля fs/f2fs/node.c файловой системы F2FS ядра опер… 06.02.2026 06.02.2026
bdu:2026-01360 Уязвимость функции find_sdca_entity_control() модуля sound/soc/sdca/sdca_functions.c подд… 06.02.2026 06.02.2026
bdu:2026-01359 Уязвимость функции mptcp_do_fastclose() модуля net/mptcp/protocol.c ядра операционной сис… 06.02.2026 06.02.2026
bdu:2026-01358 Уязвимость функции pci_aer_init() модуля drivers/pci/pcie/aer.c драйвера устройств PCI я… 06.02.2026 06.02.2026
bdu:2026-01357 Уязвимость функции init_amd_zen4() модуля arch/x86/kernel/cpu/amd.c поддержки платформы x… 06.02.2026 06.02.2026
bdu:2026-01356 Уязвимость функции __page_pool_alloc_netmems_slow() модуля net/core/page_pool.c поддержки… 06.02.2026 06.02.2026
bdu:2026-01355 Уязвимость функции copy_highpage() модуля arch/arm64/mm/copypage.c поддержки платформы AR… 06.02.2026 06.02.2026
bdu:2026-01354 Уязвимость функции devlink_notify_unregister() модуля net/devlink/leftover.c реализации с… 06.02.2026 06.02.2026
bdu:2026-01353 Уязвимость механизма обеспечения безопасности программной платформы Node.js, позволяющая … 06.02.2026 06.02.2026
bdu:2026-01352 Уязвимость функции stmmac_rx() ядра операционной системы Linux, позволяющая нарушителю, д… 06.02.2026 06.02.2026
bdu:2026-01351 Уязвимость функции blkg_conf_prep() модуля block/blk-cgroup.c поддержки блочного уровня я… 06.02.2026 06.02.2026
bdu:2026-01350 Уязвимость функции ufs_qcom_suspend() модуля drivers/ufs/host/ufs-qcom.c поддержки хост-к… 06.02.2026 06.02.2026
bdu:2026-01349 Уязвимость функции ext4_destroy_inline_data_nolock() модуля fs/ext4/inline.c файловой си… 06.02.2026 06.02.2026
bdu:2026-01348 Уязвимость функции ieee80211_register_hw() ядра операционной системы Linux, позволяющая н… 06.02.2026 06.02.2026
bdu:2026-01347 Уязвимость функции ext4_prepare_inline_data() модуля fs/ext4/inline.c файловой системы Ex… 06.02.2026 06.02.2026
bdu:2026-01346 Уязвимость функции stripe_io_hints() ядра операционной системы Linux, позволяющая нарушит… 06.02.2026 06.02.2026
bdu:2026-01345 Уязвимость функции bfs_iget() модуля fs/bfs/inode.c файловой системы ядра операционной си… 06.02.2026 06.02.2026
bdu:2026-01344 Уязвимость функций appendChild() и _clear_id_cache() интерпретатора языка программировани… 06.02.2026 06.02.2026
bdu:2026-01343 Уязвимость функции l2cap_connect_create_rsp() ядра операционной системы Linux, позволяюща… 06.02.2026 06.02.2026
bdu:2026-01342 Уязвимость функции machine_crash_nonpanic_core() модуля arch/arm/kernel/machine_kexec.c п… 06.02.2026 06.02.2026
bdu:2026-01341 Уязвимость функции SMB2_negotiate() ядра операционной системы Linux, позволяющая нарушите… 06.02.2026 06.02.2026
bdu:2026-01340 Уязвимость функции hfsplus_iget() модуля fs/hfsplus/super.c поддержки расширенной файлово… 06.02.2026 06.02.2026
bdu:2026-01339 Уязвимость функции hdr_find_e() ядра операционной системы Linux, позволяющая нарушителю п… 06.02.2026 06.02.2026
bdu:2026-01338 Уязвимость функции txInit() модуля fs/jfs/jfs_txnmgr.c файловой системы JFS ядра операцио… 06.02.2026 06.02.2026
bdu:2026-01337 Уязвимость функции ftrace_module_enable() модуля kernel/trace/ftrace.c поддержки трассиро… 06.02.2026 06.02.2026
bdu:2026-01336 Уязвимость функции drm_gem_dma_free() модуля drivers/gpu/drm/drm_gem_dma_helper.c драйвер… 06.02.2026 06.02.2026
bdu:2026-01335 Уязвимость функции hfs_asc2mac() ядра операционной системы Linux, позволяющая нарушителю … 06.02.2026 06.02.2026
ID Description Published Updated
certfr-2025-avi-1022 Multiples vulnérabilités dans Microsoft Edge 2025-11-19T00:00:00.000000 2025-11-19T00:00:00.000000
certfr-2025-avi-1021 Multiples vulnérabilités dans les produits HPE Aruba Networking 2025-11-19T00:00:00.000000 2025-11-19T00:00:00.000000
certfr-2025-avi-1020 Multiples vulnérabilités dans les produits SolarWinds 2025-11-19T00:00:00.000000 2025-11-19T00:00:00.000000
certfr-2025-avi-1019 Multiples vulnérabilités dans Mattermost Server 2025-11-18T00:00:00.000000 2025-11-18T00:00:00.000000
certfr-2025-avi-1018 Multiples vulnérabilités dans Google Chrome 2025-11-18T00:00:00.000000 2025-11-18T00:00:00.000000
certfr-2025-avi-1017 Multiples vulnérabilités dans Mattermost Server 2025-11-17T00:00:00.000000 2025-11-17T00:00:00.000000
certfr-2025-avi-1016 Multiples vulnérabilités dans Mozilla Thunderbird 2025-11-17T00:00:00.000000 2025-11-17T00:00:00.000000
certfr-2025-avi-1015 Multiples vulnérabilités dans les produits NetApp 2025-11-17T00:00:00.000000 2025-11-17T00:00:00.000000
certfr-2025-avi-1014 Vulnérabilité dans Fortinet FortiWeb 2025-11-14T00:00:00.000000 2025-11-14T00:00:00.000000
certfr-2025-avi-1013 Multiples vulnérabilités dans les produits IBM 2025-11-14T00:00:00.000000 2025-11-14T00:00:00.000000
certfr-2025-avi-1012 Vulnérabilité dans Microsoft Edge 2025-11-14T00:00:00.000000 2025-11-14T00:00:00.000000
certfr-2025-avi-1011 Multiples vulnérabilités dans le noyau Linux de Red Hat 2025-11-14T00:00:00.000000 2025-11-14T00:00:00.000000
certfr-2025-avi-1010 Multiples vulnérabilités dans le noyau Linux de Debian 2025-11-14T00:00:00.000000 2025-11-14T00:00:00.000000
certfr-2025-avi-1009 Multiples vulnérabilités dans le noyau Linux de SUSE 2025-11-14T00:00:00.000000 2025-11-14T00:00:00.000000
certfr-2025-avi-1008 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2025-11-14T00:00:00.000000 2025-11-14T00:00:00.000000
certfr-2025-avi-1007 Multiples vulnérabilités dans PostgreSQL 2025-11-14T00:00:00.000000 2025-11-14T00:00:00.000000
certfr-2025-avi-1006 Vulnérabilité dans Cisco Catalyst Center 2025-11-14T00:00:00.000000 2025-11-14T00:00:00.000000
certfr-2025-avi-1005 Multiples vulnérabilités dans les produits Siemens 2025-11-13T00:00:00.000000 2025-11-13T00:00:00.000000
certfr-2025-avi-1004 Multiples vulnérabilités dans les produits Palo Alto Networks 2025-11-13T00:00:00.000000 2025-11-13T00:00:00.000000
certfr-2025-avi-1003 Multiples vulnérabilités dans Drupal 2025-11-13T00:00:00.000000 2025-11-13T00:00:00.000000
certfr-2025-avi-1002 Multiples vulnérabilités dans GitLab 2025-11-13T00:00:00.000000 2025-11-13T00:00:00.000000
certfr-2025-avi-1001 Multiples vulnérabilités dans Elastic Kibana 2025-11-13T00:00:00.000000 2025-11-13T00:00:00.000000
certfr-2025-avi-1000 Multiples vulnérabilités dans les produits Splunk 2025-11-13T00:00:00.000000 2025-11-13T00:00:00.000000
certfr-2025-avi-0999 Vulnérabilité dans les produits Symfony 2025-11-13T00:00:00.000000 2025-11-13T00:00:00.000000
certfr-2025-avi-0998 Multiples vulnérabilités dans les produits Microsoft 2025-11-12T00:00:00.000000 2025-11-12T00:00:00.000000
certfr-2025-avi-0997 Multiples vulnérabilités dans Microsoft Azure 2025-11-12T00:00:00.000000 2025-11-12T00:00:00.000000
certfr-2025-avi-0996 Multiples vulnérabilités dans Microsoft Windows 2025-11-12T00:00:00.000000 2025-11-12T00:00:00.000000
certfr-2025-avi-0995 Multiples vulnérabilités dans Microsoft Office 2025-11-12T00:00:00.000000 2025-11-12T00:00:00.000000
certfr-2025-avi-0994 Multiples vulnérabilités dans Microsoft Edge 2025-11-12T00:00:00.000000 2025-11-12T00:00:00.000000
certfr-2025-avi-0993 Multiples vulnérabilités dans les produits Intel 2025-11-12T00:00:00.000000 2025-11-12T00:00:00.000000
ID Description Published Updated
certa-2004-ale-011 Diffusion de programmes exploitant la faille GDI+ 2004-09-23T00:00:00.000000 2004-09-23T00:00:00.000000
certa-2004-ale-010 Vulnérabilité du service Telnet de Cisco IOS 2004-08-30T00:00:00.000000 2004-08-30T00:00:00.000000
certa-2004-ale-009 Vulnérabilités d'Internet Explorer 2004-06-09T00:00:00.000000 2004-08-03T00:00:00.000000
certa-2004-ale-008 Vulnérabilité de Safari 2004-05-19T00:00:00.000000 2004-05-24T00:00:00.000000
certa-2004-ale-007 Exploitation de la vulnérabilité LSASS sous Windows : appration du ver Sasser 2004-05-02T00:00:00.000000 2004-05-02T00:00:00.000000
certa-2004-ale-006 Vulnérabilité SMB sous Windows 2004-04-28T00:00:00.000000 2004-04-28T00:00:00.000000
certa-2004-ale-005 Vulnérabilité d'Internet Explorer 2004-04-09T00:00:00.000000 2004-04-15T00:00:00.000000
certa-2004-ale-004 Vulnérabilité du composant dtlogin de CDE 2004-03-26T00:00:00.000000 2004-08-05T00:00:00.000000
certa-2004-ale-003 Propagation du ver Phatbot 2004-03-19T00:00:00.000000 2004-03-19T00:00:00.000000
certa-2004-ale-002 Propagation du virux Bizex 2004-02-26T00:00:00.000000 2004-02-26T00:00:00.000000
certa-2004-ale-001 Obstacles à la résolution d'incidents 2004-01-30T00:00:00.000000 2004-01-30T00:00:00.000000
certa-2003-ale-006 Vulnérabilité dans l'affichage des adresses réticulaires 2003-12-19T00:00:00.000000 2004-02-03T00:00:00.000000
certa-2003-ale-005 Vulnérabilité de sadmind sur Solaris 2003-09-19T00:00:00.000000 2003-09-19T00:00:00.000000
certa-2003-ale-004 Vulnérabilité d'Internet Explorer 2003-09-10T00:00:00.000000 2003-10-06T00:00:00.000000
certa-2003-ale-003 Exploitation massive de la vulnérabilité « include PHP » 2003-09-09T00:00:00.000000 2003-09-09T00:00:00.000000
certa-2003-ale-002 Exploitation d'une faille de Windows RPC 2003-08-01T00:00:00.000000 2003-08-19T00:00:00.000000
certa-2003-ale-001 Vulnérabilité dans l'implémentation des logiciels de lecture des documents PDF 2003-06-23T00:00:00.000000 2003-07-04T00:00:00.000000
certa-2002-ale-007 Cédérom Pages Pro 2002-09-04T00:00:00.000000 2002-09-04T00:00:00.000000
certa-2002-ale-006 Propagation du ver Spida (Microsoft SQL Server) 2002-05-22T00:00:00.000000 2002-06-04T00:00:00.000000
certa-2002-ale-005 Risque de compromission des auto-commutateurs (PABX) ALCATEL 4400 2002-02-20T00:00:00.000000 2002-02-20T00:00:00.000000
certa-2002-ale-004 Multiples implémentations de SNMP V1 vulnérables 2002-02-13T00:00:00.000000 2002-02-13T00:00:00.000000
certa-2002-ale-003 Propagation importante du virus « W32.Myparty@mm » 2002-01-29T00:00:00.000000 2002-01-29T00:00:00.000000
certa-2002-ale-002 Exploitation d'une faille de wu-ftpd 2002-01-28T00:00:00.000000 2002-01-28T00:00:00.000000
certa-2002-ale-001 Exploitation massive d'une faille de CDE 2002-01-24T00:00:00.000000 2002-01-24T00:00:00.000000
certa-2001-ale-016 Propagation du ver badtrans - variante B 2001-11-27T00:00:00.000000 2001-11-27T00:00:00.000000
certa-2001-ale-015 Exploitation massive d'une ancienne vulnérabilité de SSH 2001-11-19T00:00:00.000000 2001-11-19T00:00:00.000000
certa-2001-ale-014 Risque de divulgation de données personnelles/confidentielles par des produits Microsoft 2001-10-19T00:00:00.000000 2001-10-19T00:00:00.000000
certa-2001-ale-013 Propagation du ver/virus NIMDA (Concept Virus) 2001-09-19T00:00:00.000000 2001-09-19T00:00:00.000000
certa-2001-ale-012 Rappels concernant les virus 2001-09-13T00:00:00.000000 2002-01-09T00:00:00.000000
certa-2001-ale-011 <TT>antivirus2001</TT> est un cheval de Troie 2001-09-10T00:00:00.000000 2001-09-13T00:00:00.000000
ID Description Published Updated
osv-2024-1161 Security exception in java.base/java.util.Arrays.copyOfRange 2024-10-01T00:13:59.667902Z 2024-10-01T00:13:59.668243Z
osv-2024-1159 Use-of-uninitialized-value in decompress_yuv.cc 2024-09-30T00:15:17.123309Z 2024-09-30T00:15:17.123644Z
osv-2024-1158 Use-of-uninitialized-value in format_message 2024-09-30T00:06:39.149467Z 2024-09-30T00:06:39.149753Z
osv-2024-1150 Heap-buffer-overflow in extract_mr_data 2024-09-29T00:02:55.188981Z 2024-09-29T00:02:55.189369Z
osv-2024-1149 Use-of-uninitialized-value in ultrahdr::uhdr_gainmap_metadata_frac::encodeGainmapMetadata 2024-09-29T00:02:09.713795Z 2024-09-29T00:02:09.714134Z
osv-2024-1145 Heap-buffer-overflow in ultrahdr::getYuv444Pixel 2024-09-26T00:02:03.373431Z 2024-09-26T00:02:03.374156Z
osv-2024-1144 Security exception in graphql.schema.GraphQLTypeUtil.simplePrint 2024-09-24T00:15:39.106189Z 2024-09-24T00:15:39.106491Z
osv-2024-1133 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr 2024-09-24T00:07:55.850153Z 2024-09-24T00:07:55.850498Z
osv-2024-1128 Segv on unknown address in udiv 2024-09-24T00:01:39.913285Z 2024-09-24T00:01:39.913799Z
osv-2024-1124 Heap-buffer-overflow in ih264d_read_coeff4x4_cabac 2024-09-21T00:14:26.784483Z 2025-01-31T14:23:52.455197Z
osv-2024-1102 Security exception in java.xml/com.sun.org.apache.xalan.internal.xsltc.trax.DOM2TO.parse 2024-09-19T00:06:40.360965Z 2024-09-19T00:06:40.361615Z
osv-2024-1090 UNKNOWN READ in ggml_free 2024-09-19T00:00:17.390184Z 2025-01-10T05:12:48.974830Z
osv-2024-1076 Heap-buffer-overflow in readBytes48 2024-09-17T00:02:06.643980Z 2024-09-17T00:02:06.644304Z
osv-2024-1071 Use-of-uninitialized-value in Poco::Dynamic::Var::~Var 2024-09-15T00:06:58.342742Z 2025-03-18T00:25:32.915201Z
osv-2024-1066 Heap-buffer-overflow in StrLen 2024-09-13T00:14:35.159638Z 2025-01-10T05:47:49.595046Z
osv-2024-1062 UNKNOWN WRITE in std::__1::recursive_mutex::lock 2024-09-13T00:05:28.000784Z 2024-09-13T00:05:28.001152Z
osv-2024-1059 UNKNOWN READ in chunk_free_object 2024-09-13T00:04:01.817618Z 2024-09-13T00:04:01.817953Z
osv-2024-1056 UNKNOWN WRITE in bfd_elf_get_str_section 2024-09-13T00:02:11.288214Z 2024-09-13T00:02:11.288549Z
osv-2024-1054 Bad-cast to Assimp::LogStream from invalid vptr 2024-09-13T00:00:21.771518Z 2024-09-13T00:00:21.772014Z
osv-2024-1053 Heap-buffer-overflow in gguf_get_tensor_offset 2024-09-13T00:00:16.432562Z 2025-01-10T05:05:50.790792Z
osv-2024-1045 UNKNOWN READ in glslang::TInfoSinkBase::location 2024-08-23T00:05:10.053074Z 2024-08-23T00:05:10.053507Z
osv-2024-1044 UNKNOWN READ in H5FL_reg_malloc 2024-08-22T00:03:34.815128Z 2024-08-22T00:03:34.815744Z
osv-2024-1043 Heap-buffer-overflow in simdutf::haswell::implementation::convert_utf8_to_latin1 2024-08-21T00:14:12.263763Z 2024-08-21T14:20:12.835561Z
osv-2024-1042 UNKNOWN READ in chunk_free_object 2024-08-21T00:13:34.712386Z 2024-08-21T00:13:34.712770Z
osv-2024-1041 UNKNOWN READ in chunk_free_object 2024-08-21T00:11:49.349439Z 2024-08-21T00:11:49.350156Z
osv-2024-1036 UNKNOWN READ in chunk_free_object 2024-08-19T00:04:37.123473Z 2024-08-19T00:04:37.124078Z
osv-2024-1034 Heap-buffer-overflow in simdutf::haswell::implementation::convert_utf8_to_utf16be 2024-08-18T00:08:22.168066Z 2024-08-18T14:21:16.718581Z
osv-2024-1029 Stack-buffer-overflow in gf_hevc_parse_nalu_bs 2024-08-17T00:13:24.697197Z 2024-08-17T00:13:24.697938Z
osv-2024-1023 Use-of-uninitialized-value in pcpp::SomeIpLayer::parseSomeIpLayer 2024-08-16T00:17:01.984623Z 2025-12-22T14:18:12.391769Z
osv-2024-1010 UNKNOWN READ in H5SL_first 2024-08-16T00:16:31.692553Z 2025-08-14T14:39:40.358063Z
ID Description Published Updated
rustsec-2023-0077 Remotely exploitable DoS condition in Rosenpass <=0.2.0 2023-11-04T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2023-0069 sudo-rs: Path Traversal vulnerability 2023-11-01T12:00:00Z 2023-11-06T12:48:19Z
rustsec-2023-0094 `martin-mbtiles` has been renamed to `mbtiles` 2023-10-30T12:00:00Z 2025-09-14T19:19:34Z
rustsec-2023-0078 Potential stack use-after-free in `Instrumented::into_inner` 2023-10-19T12:00:00Z 2024-02-10T15:57:43Z
rustsec-2023-0068 Sequential calls of encryption API (`encrypt`, `wrap`, and `dump`) result in nonce reuse 2023-10-15T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2023-0087 `MaybeUninit` misuse in `simd-json-derive` 2023-10-14T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2023-0067 `fehler` is unmaintained; use `culpa` instead 2023-10-12T12:00:00Z 2023-10-14T15:01:02Z
rustsec-2023-0065 Tungstenite allows remote attackers to cause a denial of service 2023-09-25T12:00:00Z 2023-09-29T12:03:03Z
rustsec-2023-0064 gix-transport code execution vulnerability 2023-09-23T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2023-0063 Denial of service in Quinn servers 2023-09-21T12:00:00Z 2024-02-10T15:57:43Z
rustsec-2023-0083 blurhash: panic on parsing crafted blurhash inputs 2023-09-19T12:00:00Z 2024-03-02T17:22:42Z
rustsec-2023-0082 phonenumber: panic on parsing crafted RF3966 phonenumber inputs 2023-09-19T12:00:00Z 2024-02-29T21:46:35Z
rustsec-2023-0085 HPACK decoder panics on invalid input 2023-09-15T12:00:00Z 2024-04-11T16:16:20Z
rustsec-2023-0084 `hpack` is unmaintained 2023-09-15T12:00:00Z 2024-03-06T14:01:14Z
rustsec-2023-0062 BER/CER/DER decoder panics on invalid input 2023-09-13T12:00:00Z 2024-02-10T15:57:43Z
rustsec-2023-0061 libwebp: OOB write in BuildHuffmanTable 2023-09-12T12:00:00Z 2024-02-10T15:57:43Z
rustsec-2023-0060 libwebp: OOB write in BuildHuffmanTable 2023-09-12T12:00:00Z 2024-02-10T15:57:43Z
rustsec-2023-0059 Unaligned read of `*const *const c_char` pointer 2023-09-10T12:00:00Z 2024-02-10T15:57:43Z
rustsec-2023-0058 Exposes reference to non-Sync data to an arbitrary thread 2023-09-10T12:00:00Z 2024-02-10T15:57:43Z
rustsec-2023-0057 Fails to prohibit standard library access prior to initialization of Rust standard library runtime 2023-09-10T12:00:00Z 2024-02-10T15:57:43Z
rustsec-2023-0091 Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86\_64 2023-09-05T12:00:00Z 2025-05-02T08:23:27Z
rustsec-2023-0086 Multiple soundness issues 2023-09-03T12:00:00Z 2025-10-28T06:02:18Z
rustsec-2023-0055 Multiple soundness issues 2023-09-03T12:00:00Z 2024-09-16T14:15:37Z
rustsec-2023-0056 Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses 2023-09-01T12:00:00Z 2023-09-06T17:18:09Z
rustsec-2023-0053 rustls-webpki: CPU denial of service in certificate path building 2023-08-22T12:00:00Z 2023-08-27T15:52:52Z
rustsec-2023-0052 webpki: CPU denial of service in certificate path building 2023-08-22T12:00:00Z 2023-09-30T20:13:23Z
rustsec-2023-0054 Use-after-free in `vec_insert_bytes` 2023-08-07T12:00:00Z 2023-08-27T15:52:52Z
rustsec-2023-0049 `tui` is unmaintained; use `ratatui` instead 2023-08-07T12:00:00Z 2023-08-07T13:27:47Z
rustsec-2023-0095 Invalid Slice Split Results in Server Panic 2023-08-03T12:00:00Z 2025-12-22T18:53:25Z
rustsec-2023-0051 `dlopen_derive` is unmaintained 2023-07-30T12:00:00Z 2023-08-19T10:29:52Z
ID Description Published Updated
alsa-2025:20928 Important: ipa security update 2025-11-11T00:00:00Z 2025-12-01T08:16:32Z
alsa-2025:20926 Important: redis security update 2025-11-11T00:00:00Z 2025-11-19T09:23:20Z
alsa-2025:20922 Important: webkit2gtk3 security update 2025-11-11T00:00:00Z 2025-11-19T09:22:06Z
alsa-2025:20909 Important: podman security update 2025-11-11T00:00:00Z 2025-11-24T12:26:34Z
alsa-2025:20838 Moderate: zziplib security update 2025-11-11T00:00:00Z 2025-11-19T09:20:52Z
alsa-2025:20559 Low: shadow-utils security update 2025-11-11T00:00:00Z 2025-11-19T09:19:16Z
alsa-2025:20532 Moderate: grub2 security update 2025-11-11T00:00:00Z 2025-11-19T09:18:10Z
alsa-2025:20518 Moderate: kernel security update 2025-11-11T00:00:00Z 2025-11-19T09:15:54Z
alsa-2025:20478 Moderate: zziplib security update 2025-11-11T00:00:00Z 2025-11-24T10:49:03Z
alsa-2025:20181 Important: pam security update 2025-11-11T00:00:00Z 2025-11-24T10:46:53Z
alsa-2025:20155 Moderate: binutils security update 2025-11-11T00:00:00Z 2025-11-24T10:47:58Z
alsa-2025:20145 Low: shadow-utils security update 2025-11-11T00:00:00Z 2025-11-24T10:50:07Z
alsa-2025:20126 Moderate: openssh security update 2025-11-11T00:00:00Z 2025-11-24T10:51:19Z
alsa-2025:20095 Moderate: kernel security update 2025-11-11T00:00:00Z 2025-11-24T10:55:21Z
alsa-2025:20034 Important: libtiff security update 2025-11-10T00:00:00Z 2025-11-11T12:31:49Z
alsa-2025:19950 Important: bind9.18 security update 2025-11-10T00:00:00Z 2025-11-19T09:11:13Z
alsa-2025:19932 Moderate: kernel-rt security update 2025-11-10T00:00:00Z 2025-11-11T12:37:42Z
alsa-2025:19931 Moderate: kernel security update 2025-11-10T00:00:00Z 2025-11-11T14:31:40Z
alsa-2025:19930 Moderate: kernel security update 2025-11-10T00:00:00Z 2025-11-12T09:59:32Z
alsa-2025:19927 Important: runc security update 2025-11-07T00:00:00Z 2025-11-10T12:59:59Z
alsa-2025:19912 Important: bind security update 2025-11-06T00:00:00Z 2025-11-10T13:13:44Z
alsa-2025:19909 Important: tigervnc security update 2025-11-06T00:00:00Z 2025-11-07T13:19:40Z
alsa-2025:19906 Important: mingw-libtiff security update 2025-11-06T00:00:00Z 2025-11-07T13:28:57Z
alsa-2025:19835 Important: bind security update 2025-11-05T00:00:00Z 2025-11-07T07:49:33Z
alsa-2025:19793 Important: bind9.16 security update 2025-11-05T00:00:00Z 2025-11-07T08:08:22Z
alsa-2025:19772 Important: qt6-qtsvg security update 2025-11-05T00:00:00Z 2025-11-07T08:19:22Z
alsa-2025:19719 Important: pcs security update 2025-11-04T00:00:00Z 2025-11-20T09:07:50Z
alsa-2025:19714 Important: libsoup security update 2025-11-04T00:00:00Z 2025-11-07T08:29:27Z
alsa-2025:19675 Important: valkey security update 2025-11-04T00:00:00Z 2025-11-07T08:40:54Z
alsa-2025:19610 Important: sssd security update 2025-11-04T00:00:00Z 2025-11-07T09:17:41Z
ID Description Published Updated
ID Description Published Updated