Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-61144 |
9.8 (3.1)
|
libtiff up to v4.7.1 was discovered to contain a … |
n/a |
n/a |
2026-02-23T00:00:00.000Z | 2026-02-25T14:27:56.707Z |
| CVE-2025-61143 |
5.5 (3.1)
|
libtiff up to v4.7.1 was discovered to contain a … |
n/a |
n/a |
2026-02-23T00:00:00.000Z | 2026-02-25T14:24:54.699Z |
| CVE-2025-70058 |
7.4 (3.1)
|
An issue pertaining to CWE-295: Improper Certific… |
n/a |
n/a |
2026-02-23T00:00:00.000Z | 2026-02-25T14:22:25.041Z |
| CVE-2026-22383 |
5.4 (3.1)
|
WordPress PawFriends - Pet Shop and Veterinary WordPre… |
Mikado-Themes |
PawFriends - Pet Shop and Veterinary WordPress Theme |
2026-02-20T15:47:06.889Z | 2026-02-25T14:15:57.381Z |
| CVE-2026-3197 |
N/A
|
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | N/A | N/A | 2026-02-25T14:01:00.880Z | |
| CVE-2026-2794 |
N/A
|
Information disclosure due to uninitialized memory in … |
Mozilla |
Firefox |
2026-02-24T13:33:25.399Z | 2026-02-25T13:44:05.439Z |
| CVE-2026-2759 |
N/A
|
Incorrect boundary conditions in the Graphics: ImageLi… |
Mozilla |
Firefox |
2026-02-24T13:32:59.173Z | 2026-02-25T13:43:55.454Z |
| CVE-2025-7631 |
8.6 (3.1)
|
Time-Based Blind SQLi in Tumeva Internet Technologies'… |
Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. |
Tumeva Prime News Software |
2026-02-17T11:36:50.587Z | 2026-02-25T13:00:30.971Z |
| CVE-2025-41117 |
6.8 (3.1)
|
XSS in Grafana Explore stack trace |
Grafana |
grafana/grafana |
2026-02-12T08:49:08.545Z | 2026-02-25T12:35:46.784Z |
| CVE-2025-41115 |
10 (3.1)
|
Incorrect privilege assignment |
Grafana |
Grafana Enterprise |
2025-11-21T14:25:38.945Z | 2026-02-25T12:35:45.811Z |
| CVE-2026-21722 |
5.3 (3.1)
|
Public Dashboards time range restriction on annotation… |
Grafana |
grafana/grafana |
2026-02-12T08:49:05.678Z | 2026-02-25T12:35:44.164Z |
| CVE-2026-21721 |
8.1 (3.1)
|
Dashboard Permissions Scope Bypass Enables Cross‑Dashb… |
Grafana |
grafana/grafana |
2026-01-27T09:07:55.160Z | 2026-02-25T12:35:42.340Z |
| CVE-2026-21720 |
7.5 (3.1)
|
Unauthenticated DoS: avatar cache leaks goroutines whe… |
Grafana |
grafana/grafana-enterprise |
2026-01-27T09:07:04.758Z | 2026-02-25T12:35:41.319Z |
| CVE-2026-25701 |
7 (4.0)
|
An Insecure Temporary File vulnerability in openS… |
openSUSE |
sdbootutil |
2026-02-25T10:59:58.372Z | 2026-02-25T10:59:58.372Z |
| CVE-2026-26104 |
5.5 (3.1)
|
Udisks: missing authorization check allows unprivilege… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-02-25T10:51:15.204Z | 2026-02-25T10:51:15.204Z |
| CVE-2025-62878 |
9.9 (3.1)
|
Local Path Provisioner vulnerable to Path Traversal vi… |
SUSE |
Rancher |
2026-02-25T10:49:29.596Z | 2026-02-25T10:50:22.691Z |
| CVE-2025-67601 |
8.3 (3.1)
|
Rancher CLI skips TLS verification on Rancher CLI logi… |
SUSE |
rancher |
2026-02-25T10:36:57.771Z | 2026-02-25T10:36:57.771Z |
| CVE-2025-67860 |
3.8 (3.1)
|
NeuVector scanner insecurely handles passwords as comm… |
SUSE |
harvester |
2026-02-25T10:33:25.605Z | 2026-02-25T10:33:25.605Z |
| CVE-2026-26103 |
7.1 (3.1)
|
Udisks: missing authorization check allows unprivilege… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-02-25T10:31:50.913Z | 2026-02-25T10:31:50.913Z |
| CVE-2024-22128 |
4.7 (3.1)
|
Cross-Site Scripting (XSS) vulnerability in SAP NetWea… |
SAP_SE |
SAP NetWeaver Business Client for HTML |
2024-02-13T02:02:14.281Z | 2026-02-25T09:45:44.998Z |
| CVE-2026-2367 |
6.4 (3.1)
|
Secure Copy Content Protection and Content Locking <= … |
ays-pro |
Secure Copy Content Protection and Content Locking |
2026-02-25T09:26:51.702Z | 2026-02-25T09:26:51.702Z |
| CVE-2026-2301 |
4.3 (3.1)
|
Post Duplicator <= 3.0.8 - Missing Authorization to Au… |
metaphorcreations |
Post Duplicator |
2026-02-25T09:26:51.333Z | 2026-02-25T09:26:51.333Z |
| CVE-2026-2410 |
4.3 (3.1)
|
Disable Admin Notices – Hide Dashboard Notifications <… |
themeisle |
Disable Admin Notices – Hide Dashboard Notifications |
2026-02-25T09:26:50.985Z | 2026-02-25T09:26:50.985Z |
| CVE-2025-29481 |
6.2 (3.1)
|
Buffer Overflow vulnerability in libbpf 1.5.0 all… |
n/a |
n/a |
2025-04-07T00:00:00.000Z | 2026-02-25T07:51:20.699Z |
| CVE-2025-11563 |
N/A
|
wcurl path traversal with percent-encoded slashes |
curl |
curl |
2026-02-25T07:20:47.012Z | 2026-02-25T07:24:31.792Z |
| CVE-2026-3167 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda F453 httpd webtypelibrary formWebTypeLibrary buf… |
Tenda |
F453 |
2026-02-25T07:02:09.039Z | 2026-02-25T07:02:09.039Z |
| CVE-2026-1614 |
6.4 (3.1)
|
Rise Blocks – A Complete Gutenberg Page Builder <= 3.7… |
eaglethemes |
Rise Blocks – A Complete Gutenberg Page Builder |
2026-02-25T06:54:51.794Z | 2026-02-25T06:54:51.794Z |
| CVE-2026-3166 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda F453 httpd RouteStatic fromRouteStatic buffer overflow |
Tenda |
F453 |
2026-02-25T06:32:09.666Z | 2026-02-25T06:32:09.666Z |
| CVE-2026-3100 |
8.3 (4.0)
|
An improper certificate validation vulnerability was f… |
ASUSTOR |
ADM |
2026-02-25T05:52:20.196Z | 2026-02-25T06:13:16.227Z |
| CVE-2026-3165 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda F453 httpd AdvSetWrlsafeset fromSetWifiGusetBasi… |
Tenda |
F453 |
2026-02-25T06:02:12.166Z | 2026-02-25T06:02:12.166Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-14905 | A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `sch… | 2026-02-23T16:29:35.620 | 2026-02-25T00:16:31.587 |
| fkie_cve-2026-27593 | Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 6.3.3 and… | 2026-02-24T22:16:32.867 | 2026-02-24T22:39:03.967 |
| fkie_cve-2026-27117 | bit7z is a cross-platform C++ static library that allows the compression/extraction of archive file… | 2026-02-24T22:16:32.053 | 2026-02-24T22:39:03.967 |
| fkie_cve-2026-25899 | Fiber is an Express inspired web framework written in Go. In versions on the v3 branch prior to 3.1… | 2026-02-24T22:16:31.613 | 2026-02-24T22:39:03.967 |
| fkie_cve-2026-25891 | Fiber is an Express inspired web framework written in Go. A Path Traversal (CWE-22) vulnerability i… | 2026-02-24T22:16:31.440 | 2026-02-24T22:39:03.967 |
| fkie_cve-2026-25882 | Fiber is an Express inspired web framework written in Go. A denial of service vulnerability exists … | 2026-02-24T21:16:29.640 | 2026-02-24T22:16:31.310 |
| fkie_cve-2026-25404 | Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting I… | 2026-02-19T09:16:22.207 | 2026-02-24T22:16:31.120 |
| fkie_cve-2026-22346 | Deserialization of Untrusted Data vulnerability in A WP Life Slider Responsive Slideshow – Image sl… | 2026-02-20T16:22:33.667 | 2026-02-24T22:16:30.577 |
| fkie_cve-2026-22345 | Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Resp… | 2026-02-20T16:22:33.497 | 2026-02-24T22:16:30.377 |
| fkie_cve-2025-69405 | Deserialization of Untrusted Data vulnerability in ThemeREX Lorem Ipsum | Books & Media Store lorem… | 2026-02-20T16:22:26.417 | 2026-02-24T22:16:30.190 |
| fkie_cve-2025-69404 | Deserialization of Untrusted Data vulnerability in ThemeREX Extreme Store extremestore allows Objec… | 2026-02-20T16:22:26.290 | 2026-02-24T22:16:29.993 |
| fkie_cve-2025-69382 | Deserialization of Untrusted Data vulnerability in themesflat Themesflat Elementor themesflat-eleme… | 2026-02-20T16:22:22.873 | 2026-02-24T22:16:29.807 |
| fkie_cve-2025-69372 | Deserialization of Untrusted Data vulnerability in AncoraThemes SevenHills sevenhills allows Object… | 2026-02-20T16:22:21.440 | 2026-02-24T22:16:29.623 |
| fkie_cve-2025-69371 | Deserialization of Untrusted Data vulnerability in AncoraThemes KindlyCare kindlycare allows Object… | 2026-02-20T16:22:21.300 | 2026-02-24T22:16:29.433 |
| fkie_cve-2025-69370 | Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injecti… | 2026-02-20T16:22:21.153 | 2026-02-24T22:16:29.237 |
| fkie_cve-2025-69301 | Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe photome allows Object Injecti… | 2026-02-20T16:22:17.497 | 2026-02-24T22:16:29.007 |
| fkie_cve-2025-69297 | Missing Authorization vulnerability in GhostPool Aardvark Plugin aardvark-plugin allows Exploiting … | 2026-02-20T16:22:16.400 | 2026-02-24T22:16:28.810 |
| fkie_cve-2025-69294 | Deserialization of Untrusted Data vulnerability in fuelthemes PeakShops peakshops allows Object Inj… | 2026-02-20T16:22:15.597 | 2026-02-24T22:16:28.630 |
| fkie_cve-2025-69063 | Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiti… | 2026-02-20T16:22:15.450 | 2026-02-24T22:16:28.453 |
| fkie_cve-2025-68853 | Deserialization of Untrusted Data vulnerability in Kleor Contact Manager contact-manager allows Obj… | 2026-02-20T16:22:14.150 | 2026-02-24T22:16:28.270 |
| fkie_cve-2025-68542 | Missing Authorization vulnerability in vgdevsolutions Checkout Gateway for IRIS checkout-gateway-ir… | 2026-02-20T16:22:11.640 | 2026-02-24T22:16:28.080 |
| fkie_cve-2025-68541 | Deserialization of Untrusted Data vulnerability in BoldThemes Ippsum ippsum allows Object Injection… | 2026-02-20T16:22:11.510 | 2026-02-24T22:16:27.900 |
| fkie_cve-2025-68534 | Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploitin… | 2026-02-20T16:22:11.093 | 2026-02-24T22:16:27.713 |
| fkie_cve-2025-68531 | Deserialization of Untrusted Data vulnerability in modeltheme ModelTheme Addons for WPBakery and El… | 2026-02-20T16:22:10.963 | 2026-02-24T22:16:27.523 |
| fkie_cve-2025-68069 | Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly … | 2026-02-20T16:22:09.380 | 2026-02-24T22:16:27.333 |
| fkie_cve-2025-68050 | Missing Authorization vulnerability in Leadpages Leadpages leadpages allows Exploiting Incorrectly … | 2026-02-20T16:22:08.877 | 2026-02-24T22:16:27.147 |
| fkie_cve-2025-68043 | Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorr… | 2026-02-20T16:22:08.620 | 2026-02-24T22:16:26.950 |
| fkie_cve-2025-68026 | Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrec… | 2026-02-20T16:22:07.780 | 2026-02-24T22:16:26.763 |
| fkie_cve-2025-68024 | Missing Authorization vulnerability in Addonify Addonify – WooCommerce Wishlist addonify-wishlist a… | 2026-02-20T16:22:07.527 | 2026-02-24T22:16:26.567 |
| fkie_cve-2025-68022 | Missing Authorization vulnerability in soporteblue Plugin BlueX for WooCommerce bluex-for-woocommer… | 2026-02-20T16:22:07.247 | 2026-02-24T22:16:26.387 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-256m-r39j-gmcw |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:35Z |
| ghsa-wv4q-94jw-h996 |
8.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in A WP Life Modal Popup Box modal-popup-box allows… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-wfqx-gw86-rc8h |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-rr5c-93pp-mqfv |
9.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-q6xg-x4rx-4p97 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-jjpv-2mhh-mcmm |
9.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in LoftOcean PatioTime patiotime allows Object Inje… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-f3xp-j3c9-999x |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-97hf-p3f7-pjq2 |
8.5 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-7gx4-4vpm-w576 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-4ff7-6hm2-x86r |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-3h5g-fffj-jhx9 |
7.5 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-mwrf-hg69-6h5g |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:33Z |
| ghsa-f6p8-2gf3-784r |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:33Z | 2026-02-24T21:31:33Z |
| ghsa-733c-qhrf-7cmm |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:33Z |
| ghsa-58h5-w6gx-q297 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:33Z |
| ghsa-wm72-rvv8-pj93 |
7.6 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-19T18:31:51Z | 2026-02-24T21:31:32Z |
| ghsa-v6hg-mv73-76vg |
6.4 (3.1)
|
Server-Side Request Forgery (SSRF) vulnerability in Burhan Nasir Smart Auto Upload Images smart-aut… | 2026-02-19T18:31:51Z | 2026-02-24T21:31:32Z |
| ghsa-ggw3-fhv7-grw9 |
7.2 (3.1)
|
Deserialization of Untrusted Data vulnerability in Brainstorm Force CartFlows cartflows allows Obje… | 2026-02-19T18:31:52Z | 2026-02-24T21:31:32Z |
| ghsa-qgqm-fpvv-jgfh |
8.8 (3.1)
8.7 (4.0)
|
FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enab… | 2026-02-13T06:30:48Z | 2026-02-24T21:31:31Z |
| ghsa-29v6-6hr2-37cw |
7.2 (3.1)
|
Deserialization of Untrusted Data vulnerability in YITHEMES YITH WooCommerce Compare yith-woocommer… | 2026-02-19T18:31:51Z | 2026-02-24T21:31:31Z |
| ghsa-hg87-qqvm-4pr4 |
5.5 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profil… | 2026-01-25T15:30:27Z | 2026-02-24T21:31:30Z |
| ghsa-3p2r-ffrh-j979 |
5.3 (3.1)
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-02-06T18:30:32Z | 2026-02-24T21:31:30Z |
| ghsa-39p9-g2pq-q8r7 |
7.5 (3.1)
5.9 (4.0)
|
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_dis… | 2026-02-06T18:30:32Z | 2026-02-24T21:31:30Z |
| ghsa-jxq9-79vj-rgvw |
9.3 (3.1)
|
Statamic is vulnerable to account takeover via password reset link injection | 2026-02-24T21:09:23Z | 2026-02-24T21:09:23Z |
| ghsa-243v-98vx-264h |
6.9 (4.0)
|
Wasmtime can panic when adding excessive fields to a `wasi:http/types.fields` instance | 2026-02-24T21:08:06Z | 2026-02-24T21:08:06Z |
| ghsa-mrq8-rjmw-wpq3 |
6.9 (4.0)
|
Fiber has a Denial of Service Vulnerability via Route Parameter Overflow | 2026-02-24T21:04:07Z | 2026-02-24T21:04:07Z |
| ghsa-3ppc-4f35-3m26 |
8.7 (4.0)
|
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern | 2026-02-18T22:38:11Z | 2026-02-24T20:59:57Z |
| ghsa-2mr3-m5q5-wgp6 |
7.5 (3.1)
|
Fiber is Vulnerable to Denial of Service via Flash Cookie Unbounded Allocation | 2026-02-24T20:57:25Z | 2026-02-24T20:57:25Z |
| ghsa-m3c2-496v-cw3v |
8.7 (4.0)
|
Fiber has an Arbitrary File Read in Static Middleware on Windows | 2026-02-24T20:51:01Z | 2026-02-24T20:51:01Z |
| ghsa-852m-cvvp-9p4w |
5.9 (4.0)
|
Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion | 2026-02-24T20:47:08Z | 2026-02-24T20:47:09Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2011-26 |
|
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9… | products-plonehotfix20110928 | 2011-10-10T10:55:00Z | 2024-11-21T14:22:59.154748Z |
| pysec-2014-115 |
|
The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using… | portage | 2014-09-29T22:55:00Z | 2024-11-21T14:22:59.10272Z |
| pysec-2024-146 |
9.8 (3.1)
|
PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:58.401329+00:00 |
| pysec-2024-145 |
7.5 (3.1)
|
FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause … | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:58.341995+00:00 |
| pysec-2024-144 |
7.5 (3.1)
|
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a ru… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:58.282654+00:00 |
| pysec-2024-143 |
9.8 (3.1)
|
PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:58.223275+00:00 |
| pysec-2024-142 |
9.8 (3.1)
|
PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resul… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:58.166295+00:00 |
| pysec-2024-141 |
9.8 (3.1)
|
Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw … | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:58.106968+00:00 |
| pysec-2024-140 |
7.5 (3.1)
|
FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and … | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:58.044369+00:00 |
| pysec-2024-139 |
9.8 (3.1)
|
Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lea… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.974712+00:00 |
| pysec-2024-138 |
7.5 (3.1)
|
FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and … | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.913569+00:00 |
| pysec-2024-137 |
7.5 (3.1)
|
FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and … | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.844840+00:00 |
| pysec-2024-136 |
9.8 (3.1)
|
Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.785687+00:00 |
| pysec-2024-135 |
7.5 (3.1)
|
Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runt… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.726582+00:00 |
| pysec-2024-134 |
7.5 (3.1)
|
Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime c… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.667127+00:00 |
| pysec-2024-133 |
7.5 (3.1)
|
OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime cra… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.605277+00:00 |
| pysec-2024-132 |
7.5 (3.1)
|
FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime cras… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.546560+00:00 |
| pysec-2024-131 |
7.5 (3.1)
|
Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash a… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.485379+00:00 |
| pysec-2024-130 |
7.5 (3.1)
|
FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runt… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.427583+00:00 |
| pysec-2024-129 |
7.5 (3.1)
|
FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash… | paddlepaddle | 2024-01-03T09:15:00+00:00 | 2024-11-21T14:22:57.364643+00:00 |
| pysec-2022-43143 |
6.5 (3.1)
|
OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo f… | openzeppelin-cairo-contracts-test | 2022-07-15T18:15:00Z | 2024-11-21T14:22:57.304802Z |
| pysec-2018-153 |
5.5 (3.1)
|
Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmen… | opencc-py | 2018-09-13T02:29:00Z | 2024-11-21T14:22:57.249534Z |
| pysec-2022-43142 |
7.8 (3.1)
|
Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3. | octoprint | 2022-08-22T12:15:00+00:00 | 2024-11-21T14:22:57.145370+00:00 |
| pysec-2014-114 |
|
Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows rem… | ntopng | 2014-06-19T10:50:00Z | 2024-11-21T14:22:57.09034Z |
| pysec-2013-45 |
|
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an i… | nova | 2013-12-27T01:55:00Z | 2024-11-21T14:22:56.793365Z |
| pysec-2012-41 |
|
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM b… | nova | 2012-12-26T22:55:00Z | 2024-11-21T14:22:56.616552Z |
| pysec-2012-40 |
|
The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when D… | nova | 2012-07-17T21:55:00Z | 2024-11-21T14:22:56.558714Z |
| pysec-2012-39 |
|
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo … | nova | 2012-07-22T16:55:00Z | 2024-11-21T14:22:56.493974Z |
| pysec-2012-38 |
|
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom … | nova | 2012-07-22T16:55:00Z | 2024-11-21T14:22:56.434839Z |
| pysec-2012-37 |
|
The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), … | nova | 2012-06-21T15:55:00Z | 2024-11-21T14:22:55.891133Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-4249 | A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been classified as critical… | 2024-04-27T05:02:16.524020Z |
| gsd-2024-4279 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:16.521267Z |
| gsd-2024-32946 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:15.595218Z |
| gsd-2018-25102 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:03:04.675370Z |
| gsd-2024-33676 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.297185Z |
| gsd-2024-33666 | An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket co… | 2024-04-26T05:02:19.293701Z |
| gsd-2024-33630 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.283884Z |
| gsd-2024-33639 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-26T05:02:19.283203Z |
| gsd-2024-33668 | An issue was discovered in Zammad before 6.3.0. The Zammad Upload Cache uses insecure, pa… | 2024-04-26T05:02:19.281107Z |
| gsd-2024-33652 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.279059Z |
| gsd-2024-33669 | An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple … | 2024-04-26T05:02:19.275535Z |
| gsd-2024-33675 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.273998Z |
| gsd-2024-33665 | ** DISPUTED ** angular-translate through 2.19.1 allows XSS via a crafted key that is used… | 2024-04-26T05:02:19.265097Z |
| gsd-2024-33656 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.263057Z |
| gsd-2024-33667 | An issue was discovered in Zammad before 6.3.0. An authenticated agent could perform a re… | 2024-04-26T05:02:19.258447Z |
| gsd-2024-33637 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.257652Z |
| gsd-2024-33644 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.256945Z |
| gsd-2024-33661 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.254483Z |
| gsd-2024-33670 | Passbolt API before 4.6.2 allows HTML injection in a URL parameter, resulting in custom c… | 2024-04-26T05:02:19.244921Z |
| gsd-2024-33631 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.242437Z |
| gsd-2024-33645 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.239357Z |
| gsd-2024-33632 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.238835Z |
| gsd-2024-33671 | An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec… | 2024-04-26T05:02:19.236619Z |
| gsd-2024-33660 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.226651Z |
| gsd-2024-33658 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.225239Z |
| gsd-2024-33655 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.215383Z |
| gsd-2024-33641 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.213153Z |
| gsd-2024-33654 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.212436Z |
| gsd-2024-33653 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.211438Z |
| gsd-2024-33640 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.209462Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-773 | Malicious code in ethers-lint (npm) | 2026-02-05T21:21:25Z | 2026-02-06T03:05:23Z |
| mal-2026-772 | Malicious code in conp-dats-editor (npm) | 2026-02-05T08:16:03Z | 2026-02-06T03:05:23Z |
| mal-2026-768 | Malicious code in debug-logger-utils (npm) | 2026-02-05T17:31:41Z | 2026-02-06T03:05:23Z |
| mal-2026-764 | Malicious code in chai-as-advanced (npm) | 2026-02-05T14:54:55Z | 2026-02-06T03:05:23Z |
| mal-2026-761 | Malicious code in digital-checkout (npm) | 2026-02-05T14:22:06Z | 2026-02-06T03:05:23Z |
| mal-2026-756 | Malicious code in cat-retail-app (npm) | 2026-02-05T01:58:59Z | 2026-02-06T03:05:23Z |
| mal-2026-751 | Malicious code in express_update (npm) | 2026-02-05T01:50:12Z | 2026-02-06T03:05:23Z |
| mal-2026-750 | Malicious code in dspmobile (npm) | 2026-02-05T01:07:59Z | 2026-02-06T03:05:23Z |
| mal-2026-742 | Malicious code in dcf-commons (npm) | 2026-02-04T17:26:21Z | 2026-02-06T03:05:23Z |
| mal-2026-741 | Malicious code in confluence-analytics-support (npm) | 2026-02-04T17:08:45Z | 2026-02-06T03:05:23Z |
| mal-2026-735 | Malicious code in docusaurus-plugin-launchdarkly (npm) | 2026-02-04T09:46:59Z | 2026-02-06T03:05:23Z |
| mal-2026-733 | Malicious code in deuro-landing-page (npm) | 2026-02-04T09:21:07Z | 2026-02-06T03:05:23Z |
| mal-2026-722 | Malicious code in express-groups-routes (npm) | 2026-02-04T04:56:58Z | 2026-02-06T03:05:23Z |
| mal-2026-721 | Malicious code in dotenv-embedded (npm) | 2026-02-04T05:11:23Z | 2026-02-06T03:05:23Z |
| mal-2026-720 | Malicious code in chai-grab (npm) | 2026-02-04T05:22:34Z | 2026-02-06T03:05:23Z |
| mal-2026-719 | Malicious code in chai-async-promised (npm) | 2026-02-04T05:11:23Z | 2026-02-06T03:05:23Z |
| mal-2026-691 | Malicious code in fingerprint-stitch (npm) | 2026-02-03T07:48:27Z | 2026-02-06T03:05:23Z |
| mal-2026-690 | Malicious code in fileupload-util (npm) | 2026-02-03T07:56:03Z | 2026-02-06T03:05:23Z |
| mal-2026-689 | Malicious code in eslint-config-stitch (npm) | 2026-02-03T07:48:27Z | 2026-02-06T03:05:23Z |
| mal-2026-688 | Malicious code in eslint-config-nlx (npm) | 2026-02-03T07:48:27Z | 2026-02-06T03:05:23Z |
| mal-2026-679 | Malicious code in epic-admin-ui (npm) | 2026-02-03T07:27:10Z | 2026-02-06T03:05:23Z |
| mal-2026-678 | Malicious code in cookie-parsers-env (npm) | 2026-02-03T06:59:52Z | 2026-02-06T03:05:23Z |
| mal-2026-677 | Malicious code in chai-promise-tools (npm) | 2026-02-03T06:59:53Z | 2026-02-06T03:05:23Z |
| mal-2026-671 | Malicious code in cheerio-core (npm) | 2026-02-03T04:20:03Z | 2026-02-06T03:05:23Z |
| mal-2026-660 | Malicious code in dns-troubleshoot-toolkit-xyz123 (npm) | 2026-02-03T03:54:05Z | 2026-02-06T03:05:23Z |
| mal-2026-760 | Malicious code in @helloflex/widget-next-sdk (npm) | 2026-02-05T12:44:37Z | 2026-02-06T03:05:22Z |
| mal-2026-755 | Malicious code in @jes4l/react-pkg (npm) | 2026-02-05T01:57:08Z | 2026-02-06T03:05:22Z |
| mal-2026-749 | Malicious code in @purecore/rabbitmq (npm) | 2026-02-05T01:28:01Z | 2026-02-06T03:05:22Z |
| mal-2026-740 | Malicious code in @msecscc/gaia (npm) | 2026-02-04T17:18:05Z | 2026-02-06T03:05:22Z |
| mal-2026-718 | Malicious code in @fxinternal/netdiagnostics (npm) | 2026-02-04T05:00:18Z | 2026-02-06T03:05:22Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-mongodb-2025-14345 | Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server | 2025-12-12T17:42:48.437Z | 2025-12-12T18:06:16.411Z |
| bit-jenkins-2025-67639 | 2025-12-12T11:23:52.749Z | 2025-12-12T11:51:34.315Z | |
| bit-jenkins-2025-67638 | 2025-12-12T11:23:47.516Z | 2025-12-12T11:51:34.315Z | |
| bit-jenkins-2025-67637 | 2025-12-12T11:23:42.761Z | 2025-12-12T11:51:34.315Z | |
| bit-jenkins-2025-67636 | 2025-12-12T11:23:36.617Z | 2025-12-12T11:51:34.315Z | |
| bit-jenkins-2025-67635 | 2025-12-12T11:23:31.286Z | 2025-12-12T11:51:34.315Z | |
| bit-gitlab-2025-7449 | Allocation of Resources Without Limits or Throttling in GitLab | 2025-12-02T12:05:42.978Z | 2025-12-11T12:06:55.559Z |
| bit-gitlab-2025-6195 | Direct Request ('Forced Browsing') in GitLab | 2025-12-02T12:05:25.518Z | 2025-12-11T12:06:55.559Z |
| bit-gitlab-2025-13611 | Insertion of Sensitive Information into Log File in GitLab | 2025-12-02T12:03:48.649Z | 2025-12-11T12:06:55.559Z |
| bit-gitlab-2025-12653 | Authentication Bypass by Spoofing in GitLab | 2025-12-02T12:03:41.060Z | 2025-12-11T12:06:55.559Z |
| bit-gitlab-2025-12571 | Allocation of Resources Without Limits or Throttling in GitLab | 2025-12-02T12:03:39.208Z | 2025-12-11T12:06:55.559Z |
| bit-gitlab-2024-9183 | Time-of-check Time-of-use (TOCTOU) Race Condition in GitLab | 2025-12-09T12:02:49.276Z | 2025-12-11T12:06:55.559Z |
| bit-django-2025-64460 | Potential denial-of-service vulnerability in XML serializer text extraction | 2025-12-11T11:37:12.400Z | 2025-12-11T12:06:55.559Z |
| bit-golang-2025-61725 | Excessive CPU consumption in ParseAddress in net/mail | 2025-11-06T12:58:41.872Z | 2025-12-10T12:06:24.101Z |
| bit-pgbouncer-2025-2291 | PgBouncer default auth_query does not take Postgres password expiry into account | 2025-04-18T19:19:16.416Z | 2025-12-09T12:08:00.393Z |
| bit-envoy-2025-66220 | Envoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte | 2025-12-06T11:38:21.122Z | 2025-12-09T12:08:00.393Z |
| bit-envoy-2025-64763 | Envoy forwards early CONNECT data in TCP proxy mode | 2025-12-06T11:38:19.488Z | 2025-12-09T12:08:00.393Z |
| bit-envoy-2025-64527 | Envoy crashes when JWT authentication is configured with the remote JWKS fetching | 2025-12-06T11:38:17.923Z | 2025-12-09T12:08:00.393Z |
| bit-apache-2025-66200 | Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo | 2025-12-09T11:38:20.150Z | 2025-12-09T12:08:00.393Z |
| bit-apache-2025-65082 | Apache HTTP Server: CGI environment variable override | 2025-12-09T11:38:18.501Z | 2025-12-09T12:08:00.393Z |
| bit-apache-2025-59775 | Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF | 2025-12-09T11:38:16.754Z | 2025-12-09T12:08:00.393Z |
| bit-apache-2025-58098 | Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... | 2025-12-09T11:38:15.033Z | 2025-12-09T12:08:00.393Z |
| bit-apache-2025-55753 | Apache HTTP Server: mod_md (ACME), unintended retry intervals | 2025-12-09T11:38:13.178Z | 2025-12-09T12:08:00.393Z |
| bit-mongodb-2025-13507 | Time-series operations may cause internal BSON size limit to be exceed | 2025-12-06T11:42:49.537Z | 2025-12-06T12:06:23.267Z |
| bit-mongodb-2025-12893 | Improper Certificate Validation May Allow Successful TLS Handshaking Despite Invalid Extended Key Usage Fields in MongoDB Server | 2025-12-06T11:42:47.994Z | 2025-12-06T12:06:23.267Z |
| bit-mongodb-2025-11979 | Use-after-free in the MongoDB server query planner may lead to crash or undefined behavior | 2025-12-06T11:42:46.232Z | 2025-12-06T12:06:23.267Z |
| bit-golang-2025-61727 | Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509 | 2025-12-06T11:41:09.464Z | 2025-12-06T12:06:23.267Z |
| bit-cilium-2025-64715 | Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic | 2025-12-02T11:35:57.032Z | 2025-12-06T12:06:23.267Z |
| bit-python-2025-6075 | Quadratic complexity in os.path.expandvars() with user-controlled template | 2025-12-05T11:13:34.373Z | 2025-12-05T11:40:36.013Z |
| bit-libpython-2025-6075 | Quadratic complexity in os.path.expandvars() with user-controlled template | 2025-12-05T11:08:28.184Z | 2025-12-05T11:40:36.013Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2021-020 | 2021-06-30T16:39:06.000Z | 2023-08-11T17:11:13.000Z | |
| drupal-contrib-2021-019 | 2021-06-23T16:51:26.000Z | 2023-08-11T17:10:31.000Z | |
| drupal-contrib-2021-018 | 2021-06-23T16:47:59.000Z | 2023-08-11T17:09:57.000Z | |
| drupal-contrib-2021-017 | 2021-06-16T16:15:21.000Z | 2023-08-11T17:09:04.000Z | |
| drupal-contrib-2021-016 | 2021-06-16T16:05:14.000Z | 2023-08-11T17:08:37.000Z | |
| drupal-contrib-2021-015 | 2021-06-16T15:58:47.000Z | 2023-08-11T17:08:06.000Z | |
| drupal-contrib-2021-014 | 2021-06-02T16:59:12.000Z | 2023-08-11T17:07:36.000Z | |
| drupal-contrib-2021-013 | 2021-06-02T16:56:19.000Z | 2023-08-11T17:07:00.000Z | |
| drupal-contrib-2021-033 | 2021-09-22T16:55:24.000Z | 2023-08-11T17:05:59.000Z | |
| drupal-contrib-2021-032 | 2021-09-22T16:51:57.000Z | 2023-08-11T17:04:59.000Z | |
| drupal-contrib-2021-031 | 2021-09-22T16:49:24.000Z | 2023-08-11T17:04:21.000Z | |
| drupal-contrib-2021-030 | 2021-09-22T16:43:17.000Z | 2023-08-11T17:03:36.000Z | |
| drupal-contrib-2021-029 | 2021-09-15T15:30:15.000Z | 2023-08-11T17:03:09.000Z | |
| drupal-contrib-2021-028 | 2021-09-15T15:28:04.000Z | 2023-08-11T17:02:11.000Z | |
| drupal-contrib-2021-026 | 2021-08-25T15:27:54.000Z | 2023-08-11T17:01:51.000Z | |
| drupal-contrib-2021-025 | 2021-08-25T14:36:25.000Z | 2023-08-11T16:59:37.000Z | |
| drupal-contrib-2021-024 | 2021-07-28T16:39:17.000Z | 2023-08-11T16:58:13.000Z | |
| drupal-contrib-2021-023 | 2021-07-21T16:51:57.000Z | 2023-08-11T16:57:55.000Z | |
| drupal-contrib-2021-043 | 2021-10-13T16:32:09.000Z | 2023-08-11T16:57:04.000Z | |
| drupal-contrib-2021-042 | 2021-09-29T14:38:35.000Z | 2023-08-11T16:56:26.000Z | |
| drupal-contrib-2021-041 | 2021-09-22T17:26:20.000Z | 2023-08-11T16:55:59.000Z | |
| drupal-contrib-2021-040 | 2021-09-22T17:26:12.000Z | 2023-08-11T16:55:39.000Z | |
| drupal-contrib-2021-039 | 2021-09-22T17:26:04.000Z | 2023-08-11T16:55:33.000Z | |
| drupal-contrib-2021-038 | 2021-09-22T17:25:50.000Z | 2023-08-11T16:54:48.000Z | |
| drupal-contrib-2021-037 | 2021-09-22T17:17:05.000Z | 2023-08-11T16:54:22.000Z | |
| drupal-contrib-2021-036 | 2021-09-22T17:12:02.000Z | 2023-08-11T16:53:25.000Z | |
| drupal-contrib-2021-035 | 2021-09-22T17:09:11.000Z | 2023-08-11T16:51:09.000Z | |
| drupal-contrib-2021-047 | 2021-12-22T17:47:54.000Z | 2023-08-11T16:49:16.000Z | |
| drupal-contrib-2021-045 | 2021-12-08T18:02:44.000Z | 2023-08-11T16:48:31.000Z | |
| drupal-contrib-2021-044 | 2021-11-17T15:45:07.000Z | 2023-08-11T16:47:14.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-000105 | PowerCMS XMLRPC API vulnerable to OS command injection | 2021-11-24T15:47+09:00 | 2024-07-26T15:22+09:00 |
| jvndb-2024-000075 | ORC vulnerable to stack-based buffer overflow | 2024-07-26T13:55+09:00 | 2024-07-26T13:55+09:00 |
| jvndb-2022-000030 | Multiple vulnerabilities in Operation management interface of FUJITSU Network IPCOM | 2022-05-09T15:02+09:00 | 2024-07-18T16:30+09:00 |
| jvndb-2024-000073 | Assimp vulnerable to heap-based buffer overflow | 2024-07-18T13:44+09:00 | 2024-07-18T13:44+09:00 |
| jvndb-2024-000072 | Cybozu Garoon vulnerable to cross-site scripting | 2024-07-16T16:14+09:00 | 2024-07-16T16:14+09:00 |
| jvndb-2024-000071 | FUJITSU Network Edgiot GW1500 vulnerable to path traversal | 2024-07-16T14:41+09:00 | 2024-07-16T14:41+09:00 |
| jvndb-2023-007150 | Multiple vulnerabilities in First Corporation's DVRs | 2023-11-17T17:31+09:00 | 2024-07-11T17:05+09:00 |
| jvndb-2023-000094 | Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce" | 2023-09-22T13:51+09:00 | 2024-07-11T16:49+09:00 |
| jvndb-2024-000007 | Multiple Dahua Technology products vulnerable to authentication bypass | 2024-01-18T13:43+09:00 | 2024-07-11T16:10+09:00 |
| jvndb-2024-001882 | Sharp NEC Display Solutions' public displays vulnerable to local file inclusion | 2024-02-07T14:25+09:00 | 2024-07-11T14:27+09:00 |
| jvndb-2024-000070 | Out-of-bounds write vulnerability in Ricoh MFPs and printers | 2024-07-10T14:16+09:00 | 2024-07-10T14:16+09:00 |
| jvndb-2024-000059 | Multiple vulnerabilities in multiple Webmin products | 2024-07-09T14:27+09:00 | 2024-07-09T14:27+09:00 |
| jvndb-2024-000069 | Cleartext transmission issue in TONE store App to TONE store | 2024-07-08T13:43+09:00 | 2024-07-08T13:43+09:00 |
| jvndb-2024-000068 | JP1/Extensible SNMP Agent fails to restrict access permissions | 2024-07-03T14:57+09:00 | 2024-07-03T14:57+09:00 |
| jvndb-2017-000194 | WSR-300HP vulnerable to arbitrary code execution | 2017-08-08T18:07+09:00 | 2024-07-02T17:55+09:00 |
| jvndb-2024-003831 | Multiple TP-Link products vulnerable to OS command injection | 2024-06-28T17:38+09:00 | 2024-06-28T17:38+09:00 |
| jvndb-2024-000067 | "Piccoma" App uses a hard-coded API key for an external service | 2024-06-28T13:18+09:00 | 2024-06-28T13:18+09:00 |
| jvndb-2016-002299 | SaAT Netizen fails to properly verify downloaded installation and update files | 2016-12-05T13:52+09:00 | 2024-06-27T13:59+09:00 |
| jvndb-2022-000080 | Android App "IIJ SmartKey" vulnerable to information disclosure | 2022-10-14T13:57+09:00 | 2024-06-27T13:40+09:00 |
| jvndb-2023-001774 | Multiple vulnerabilities in SolarView Compact | 2023-05-09T16:09+09:00 | 2024-06-27T13:30+09:00 |
| jvndb-2024-000017 | Cybozu KUNAI for Android vulnerable to denial-of-service (DoS) | 2024-02-06T13:25+09:00 | 2024-06-27T13:28+09:00 |
| jvndb-2024-000066 | WordPress plugins "WP Tweet Walls" and "Sola Testimonials" vulnerable to cross-site request forgery | 2024-06-26T14:25+09:00 | 2024-06-26T14:25+09:00 |
| jvndb-2022-000026 | WordPress Plugin "MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership" vulnerable to cross-site request forgery | 2022-04-15T13:15+09:00 | 2024-06-25T18:04+09:00 |
| jvndb-2024-003699 | LINE client for iOS vulnerable to universal cross-site scripting | 2024-06-24T11:05+09:00 | 2024-06-24T11:05+09:00 |
| jvndb-2022-001372 | Trend Micro Antivirus for MAC vulnerable to privilege escalation | 2022-02-18T14:55+09:00 | 2024-06-21T18:04+09:00 |
| jvndb-2022-001381 | Multiple vulnerabilities in Trend Micro ServerProtect | 2022-03-03T14:42+09:00 | 2024-06-21T17:58+09:00 |
| jvndb-2022-000015 | EC-CUBE improperly handles HTTP Host header values | 2022-02-22T14:22+09:00 | 2024-06-21T17:39+09:00 |
| jvndb-2022-000013 | EC-CUBE plugin "Mail Magazine Management Plugin" vulnerable to cross-site request forgery | 2022-02-22T14:09+09:00 | 2024-06-21T14:05+09:00 |
| jvndb-2022-000023 | WordPress Plugin "Advanced Custom Fields" vulnerable to missing authorization | 2022-03-30T15:23+09:00 | 2024-06-21T12:25+09:00 |
| jvndb-2022-000020 | Multiple vulnerabilities in pfSense | 2022-03-15T14:58+09:00 | 2024-06-21T11:59+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-07120 | IBM Engineering Systems Design Rhapsody信息泄露漏洞 | 2025-07-24 | 2026-01-23 |
| cnvd-2026-07119 | IBM Engineering Systems Design Rhapsody堆栈缓冲区溢出漏洞(CNVD-2026-07119) | 2025-07-24 | 2026-01-23 |
| cnvd-2026-07118 | IBM Engineering Systems Design Rhapsody堆栈缓冲区溢出漏洞 | 2025-07-24 | 2026-01-23 |
| cnvd-2026-07117 | IBM Cognos Command Center重定向漏洞 | 2025-08-28 | 2026-01-23 |
| cnvd-2026-07116 | IBM Cognos Command Center代码执行漏洞 | 2025-08-28 | 2026-01-23 |
| cnvd-2026-07115 | IBM Cognos Command Center点击劫持漏洞 | 2025-08-28 | 2026-01-23 |
| cnvd-2026-07114 | IBM Concert信息泄露漏洞(CNVD-2026-07114) | 2025-11-24 | 2026-01-23 |
| cnvd-2026-07113 | IBM Concert堆内存清理不当漏洞 | 2025-12-29 | 2026-01-23 |
| cnvd-2026-07112 | IBM Concert信息泄露漏洞 | 2026-01-14 | 2026-01-23 |
| cnvd-2026-07111 | IBM Concert竞争条件漏洞 | 2026-01-14 | 2026-01-23 |
| cnvd-2026-07091 | D-Link DAP-2622堆栈缓冲区溢出远程代码执行漏洞(CNVD-2026-07091) | 2023-08-28 | 2026-01-23 |
| cnvd-2026-07090 | D-Link DAP-2622栈缓冲区溢出远程代码执行漏洞 | 2023-08-28 | 2026-01-23 |
| cnvd-2026-07089 | D-Link DAP-2622堆栈缓冲区溢出远程代码执行漏洞 | 2023-08-28 | 2026-01-23 |
| cnvd-2026-07088 | D-Link DIR-823G SOAPACTION参数缓冲区溢出漏洞 | 2024-03-04 | 2026-01-23 |
| cnvd-2026-07087 | D-Link DIR-823G Cookie参数缓冲区溢出漏洞 | 2024-03-04 | 2026-01-23 |
| cnvd-2026-07086 | D-Link DIR-823G缓冲区溢出漏洞 | 2024-03-04 | 2026-01-23 |
| cnvd-2026-07085 | D-Link DIR-823G sub_41C488函数空指针取消引用漏洞 | 2024-03-04 | 2026-01-23 |
| cnvd-2026-07084 | D-Link DIR-823G sub_4484A8函数空指针取消引用漏洞 | 2024-03-04 | 2026-01-23 |
| cnvd-2026-07083 | D-Link DIR-823G sub_4484A8函数空指针取消引用漏洞 | 2024-03-06 | 2026-01-23 |
| cnvd-2026-07082 | D-Link DIR-823G sub_42AF30函数空指针取消引用漏洞 | 2024-03-06 | 2026-01-23 |
| cnvd-2026-07081 | D-Link DIR-823G空指针取消引用漏洞 | 2024-03-06 | 2026-01-23 |
| cnvd-2026-07040 | WordPress WP-Members Membership plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07039 | WordPress WP-CRM System plugin未经授权访问漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07027 | WordPress Uploadify plugin代码问题漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07026 | WordPress Testimonials Creator plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07025 | WordPress Supreme Modules Lite plugin代码问题漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07012 | WordPress Stopwords for comments plugin跨站请求伪造漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07004 | WordPress SpiceForms Form Builder plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06988 | WordPress Sosh Share Buttons plugin跨站请求伪造漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06987 | WordPress SocialChamp with WordPress plugin跨站请求伪造漏洞 | 2026-01-19 | 2026-01-23 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2025-12371 | Уязвимость компонента nfsd ядра операционной системы Linux, позволяющая нарушителю вызват… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12370 | Уязвимость компонента drm/nouveau ядра операционной системы Linux, позволяющая нарушителю… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12368 | Уязвимость компонента amdgpu_dm_hdcp.c ядра операционной системы Linux, позволяющая наруш… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12367 | Уязвимость компонента bus.c ядра операционной системы Linux, позволяющая нарушителю вызва… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12365 | Уязвимость ядра операционной системы Linux, связанная с использованием неинициализированн… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12357 | Уязвимость компонента nf_conncount ядра операционной системы Linux, позволяющая нарушител… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12356 | Уязвимость модуля `user` систем управления конфигурациями Ansible Core и Ansible, позволя… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12353 | Уязвимость компонента page_pool.c ядра операционной системы Linux, позволяющая нарушителю… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12352 | Уязвимость компонента ftrace.c ядра операционной системы Linux, позволяющая нарушителю вы… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12351 | Уязвимость функции st_lsm6dsx_read_tagged_fifo() компонента st_lsm6dsx_buffer.c ядра опер… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12350 | Уязвимость функции st_lsm6dsx_read_fifo() компонента st_lsm6dsx_buffer.c ядра операционно… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12349 | Уязвимость компонента net/sched/sch_hfsc.c ядра операционной системы Linux, позволяющая н… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12347 | Уязвимость компонента syscall.c ядра операционной системы Linux, позволяющая нарушителю в… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12344 | Уязвимость компонента vlan ядра операционной системы Linux, позволяющая нарушителю вызват… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12343 | Уязвимость ядра операционной системы Linux, связанная с ошибками при блокировке потоков, … | 29.09.2025 | 16.02.2026 |
| bdu:2025-12338 | Уязвимость компонента bpf_trace.c ядра операционной системы Linux, позволяющая нарушителю… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12336 | Уязвимость компонентов drivers/usb/typec/ucsi/ ядра операционной системы Linux, позволяющ… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12335 | Уязвимость модуля USB ядра операционной системы Linux, позволяющая нарушителю вызвать отк… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12334 | Уязвимость ядра операционной системы Linux, связанная с доступом к неинициализированному … | 29.09.2025 | 16.02.2026 |
| bdu:2025-12333 | Уязвимость ядра операционной системы Linux, связанная с доступом к неинициализированному … | 29.09.2025 | 16.02.2026 |
| bdu:2025-12330 | Уязвимость компонента jfs ядра операционной системы Linux, позволяющая нарушителю получит… | 29.09.2025 | 16.02.2026 |
| bdu:2025-12329 | Уязвимость компонента brcmnand.c ядра операционной системы Linux, позволяющая нарушителю … | 29.09.2025 | 16.02.2026 |
| bdu:2025-12325 | Уязвимость модуля email интерпретатора языка программирования Python, позволяющая наруши… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12324 | Уязвимость ядра операционной системы Linux, связанная с неправильным контролем идентифика… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12322 | Уязвимость функции kvalloc() компонента eventlog/acpi.c The ядра операционной системы Lin… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12309 | Уязвимость функции __send_empty_flush() драйвера dm ядра операционной системы Linux, позв… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12307 | Уязвимость компонента venus ядра операционной системы Linux, позволяющая нарушителю вызва… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12306 | Уязвимость компонента venus ядра операционной системы Linux, позволяющая нарушителю вызва… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12304 | Уязвимость компонента gtp ядра операционной системы Linux, позволяющая нарушителю вызвать… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12302 | Уязвимость сетевого протокола аутентификации Kerberos, связанная с записью за границами б… | 28.09.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-1029 | Vulnérabilité dans les produits Kaspersky | 2025-11-20T00:00:00.000000 | 2025-11-20T00:00:00.000000 |
| certfr-2025-avi-1028 | Vulnérabilité dans GnuTLS | 2025-11-20T00:00:00.000000 | 2025-11-20T00:00:00.000000 |
| certfr-2025-avi-1027 | Multiples vulnérabilités dans les produits SonicWall | 2025-11-20T00:00:00.000000 | 2025-11-20T00:00:00.000000 |
| certfr-2025-avi-1026 | Multiples vulnérabilités dans Wireshark | 2025-11-20T00:00:00.000000 | 2025-11-20T00:00:00.000000 |
| certfr-2025-avi-1025 | Multiples vulnérabilités dans les produits Atlassian | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1024 | Multiples vulnérabilités dans les produits VMware | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1023 | Multiples vulnérabilités dans les produits Fortinet | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1022 | Multiples vulnérabilités dans Microsoft Edge | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1021 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1020 | Multiples vulnérabilités dans les produits SolarWinds | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1019 | Multiples vulnérabilités dans Mattermost Server | 2025-11-18T00:00:00.000000 | 2025-11-18T00:00:00.000000 |
| certfr-2025-avi-1018 | Multiples vulnérabilités dans Google Chrome | 2025-11-18T00:00:00.000000 | 2025-11-18T00:00:00.000000 |
| certfr-2025-avi-1017 | Multiples vulnérabilités dans Mattermost Server | 2025-11-17T00:00:00.000000 | 2025-11-17T00:00:00.000000 |
| certfr-2025-avi-1016 | Multiples vulnérabilités dans Mozilla Thunderbird | 2025-11-17T00:00:00.000000 | 2025-11-17T00:00:00.000000 |
| certfr-2025-avi-1015 | Multiples vulnérabilités dans les produits NetApp | 2025-11-17T00:00:00.000000 | 2025-11-17T00:00:00.000000 |
| certfr-2025-avi-1014 | Vulnérabilité dans Fortinet FortiWeb | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1013 | Multiples vulnérabilités dans les produits IBM | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1012 | Vulnérabilité dans Microsoft Edge | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1011 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1010 | Multiples vulnérabilités dans le noyau Linux de Debian | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1009 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1008 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1007 | Multiples vulnérabilités dans PostgreSQL | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1006 | Vulnérabilité dans Cisco Catalyst Center | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-0954 | Multiples vulnérabilités dans Liferay | 2025-11-03T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-0888 | Multiples vulnérabilités dans les produits Mattermost | 2025-10-16T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1005 | Multiples vulnérabilités dans les produits Siemens | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-1004 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-1003 | Multiples vulnérabilités dans Drupal | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-1002 | Multiples vulnérabilités dans GitLab | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2004-ale-011 | Diffusion de programmes exploitant la faille GDI+ | 2004-09-23T00:00:00.000000 | 2004-09-23T00:00:00.000000 |
| certa-2004-ale-010 | Vulnérabilité du service Telnet de Cisco IOS | 2004-08-30T00:00:00.000000 | 2004-08-30T00:00:00.000000 |
| certa-2004-ale-004 | Vulnérabilité du composant dtlogin de CDE | 2004-03-26T00:00:00.000000 | 2004-08-05T00:00:00.000000 |
| certa-2004-ale-009 | Vulnérabilités d'Internet Explorer | 2004-06-09T00:00:00.000000 | 2004-08-03T00:00:00.000000 |
| certa-2004-ale-008 | Vulnérabilité de Safari | 2004-05-19T00:00:00.000000 | 2004-05-24T00:00:00.000000 |
| certa-2004-ale-007 | Exploitation de la vulnérabilité LSASS sous Windows : appration du ver Sasser | 2004-05-02T00:00:00.000000 | 2004-05-02T00:00:00.000000 |
| certa-2004-ale-006 | Vulnérabilité SMB sous Windows | 2004-04-28T00:00:00.000000 | 2004-04-28T00:00:00.000000 |
| certa-2004-ale-005 | Vulnérabilité d'Internet Explorer | 2004-04-09T00:00:00.000000 | 2004-04-15T00:00:00.000000 |
| certa-2004-ale-003 | Propagation du ver Phatbot | 2004-03-19T00:00:00.000000 | 2004-03-19T00:00:00.000000 |
| certa-2004-ale-002 | Propagation du virux Bizex | 2004-02-26T00:00:00.000000 | 2004-02-26T00:00:00.000000 |
| certa-2003-ale-006 | Vulnérabilité dans l'affichage des adresses réticulaires | 2003-12-19T00:00:00.000000 | 2004-02-03T00:00:00.000000 |
| certa-2004-ale-001 | Obstacles à la résolution d'incidents | 2004-01-30T00:00:00.000000 | 2004-01-30T00:00:00.000000 |
| certa-2003-ale-004 | Vulnérabilité d'Internet Explorer | 2003-09-10T00:00:00.000000 | 2003-10-06T00:00:00.000000 |
| certa-2003-ale-005 | Vulnérabilité de sadmind sur Solaris | 2003-09-19T00:00:00.000000 | 2003-09-19T00:00:00.000000 |
| certa-2003-ale-003 | Exploitation massive de la vulnérabilité « include PHP » | 2003-09-09T00:00:00.000000 | 2003-09-09T00:00:00.000000 |
| certa-2003-ale-002 | Exploitation d'une faille de Windows RPC | 2003-08-01T00:00:00.000000 | 2003-08-19T00:00:00.000000 |
| certa-2003-ale-001 | Vulnérabilité dans l'implémentation des logiciels de lecture des documents PDF | 2003-06-23T00:00:00.000000 | 2003-07-04T00:00:00.000000 |
| certa-2002-ale-007 | Cédérom Pages Pro | 2002-09-04T00:00:00.000000 | 2002-09-04T00:00:00.000000 |
| certa-2002-ale-006 | Propagation du ver Spida (Microsoft SQL Server) | 2002-05-22T00:00:00.000000 | 2002-06-04T00:00:00.000000 |
| certa-2002-ale-005 | Risque de compromission des auto-commutateurs (PABX) ALCATEL 4400 | 2002-02-20T00:00:00.000000 | 2002-02-20T00:00:00.000000 |
| certa-2002-ale-004 | Multiples implémentations de SNMP V1 vulnérables | 2002-02-13T00:00:00.000000 | 2002-02-13T00:00:00.000000 |
| certa-2002-ale-003 | Propagation importante du virus « W32.Myparty@mm » | 2002-01-29T00:00:00.000000 | 2002-01-29T00:00:00.000000 |
| certa-2002-ale-002 | Exploitation d'une faille de wu-ftpd | 2002-01-28T00:00:00.000000 | 2002-01-28T00:00:00.000000 |
| certa-2002-ale-001 | Exploitation massive d'une faille de CDE | 2002-01-24T00:00:00.000000 | 2002-01-24T00:00:00.000000 |
| certa-2001-ale-012 | Rappels concernant les virus | 2001-09-13T00:00:00.000000 | 2002-01-09T00:00:00.000000 |
| certa-2001-ale-016 | Propagation du ver badtrans - variante B | 2001-11-27T00:00:00.000000 | 2001-11-27T00:00:00.000000 |
| certa-2001-ale-015 | Exploitation massive d'une ancienne vulnérabilité de SSH | 2001-11-19T00:00:00.000000 | 2001-11-19T00:00:00.000000 |
| certa-2001-ale-014 | Risque de divulgation de données personnelles/confidentielles par des produits Microsoft | 2001-10-19T00:00:00.000000 | 2001-10-19T00:00:00.000000 |
| certa-2001-ale-013 | Propagation du ver/virus NIMDA (Concept Virus) | 2001-09-19T00:00:00.000000 | 2001-09-19T00:00:00.000000 |
| certa-2001-ale-011 | <TT>antivirus2001</TT> est un cheval de Troie | 2001-09-10T00:00:00.000000 | 2001-09-13T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2025-528 | Heap-buffer-overflow in xmlnode_parser_structural_error_libxml | 2025-07-07T00:10:42.902465Z | 2025-07-07T00:10:42.902766Z |
| osv-2025-525 | UNKNOWN READ in std::__1::__function::__func<cv::PngDecoder::compose_frame | 2025-07-06T00:18:54.304371Z | 2025-07-06T00:18:54.304891Z |
| osv-2022-1276 | Stack-buffer-overflow in ntlm_phase_3 | 2023-06-15T14:01:52.594793Z | 2025-07-05T14:11:24.654963Z |
| osv-2025-524 | Heap-buffer-overflow in JS_CallInternal | 2025-07-05T00:19:21.758513Z | 2025-07-05T00:19:21.758880Z |
| osv-2025-515 | Use-of-uninitialized-value in JS_DefineProperty | 2025-07-03T00:16:17.481972Z | 2025-07-03T00:16:17.482410Z |
| osv-2025-512 | Invalid-free in pdf_decodestream | 2025-07-03T00:00:40.745577Z | 2025-07-03T00:00:40.746200Z |
| osv-2024-440 | UNKNOWN READ | 2024-05-07T00:06:11.033336Z | 2025-07-01T14:30:06.613574Z |
| osv-2024-396 | UNKNOWN READ in jvp_object_free | 2024-05-01T00:11:24.552935Z | 2025-07-01T14:29:52.935440Z |
| osv-2022-785 | Heap-buffer-overflow in resize_packet | 2022-08-27T00:00:14.614126Z | 2025-07-01T14:25:29.517657Z |
| osv-2022-572 | Heap-buffer-overflow in dhcp_reply | 2022-07-12T00:00:45.818288Z | 2025-07-01T14:24:05.029738Z |
| osv-2022-1101 | UNKNOWN READ in APFSBtreeNodeIterator<APFSJObjBtreeNode> APFSJObjBtreeNode::find<unsigned long, | 2022-10-28T00:00:27.714849Z | 2025-06-29T14:11:11.919343Z |
| osv-2025-500 | UNKNOWN READ in getUShort | 2025-06-29T00:08:49.553890Z | 2025-06-29T00:08:49.554520Z |
| osv-2023-225 | Heap-buffer-overflow in std::__1::enable_if<true, void>::type APFSBtreeNodeIterator<APFSBtreeNode<apfs_o | 2023-03-24T13:02:18.004510Z | 2025-06-28T14:26:09.281381Z |
| osv-2022-1106 | Heap-buffer-overflow in APFSJObject::add_entry | 2022-10-28T00:02:37.921684Z | 2025-06-28T14:21:48.859764Z |
| osv-2025-491 | Heap-buffer-overflow in libssl.soNUMBER | 2025-06-27T00:16:09.822144Z | 2025-06-27T00:16:09.822510Z |
| osv-2025-486 | Bad-cast to cv::PngDecoder from invalid vptr | 2025-06-24T00:16:24.786334Z | 2025-06-24T00:16:24.786690Z |
| osv-2025-485 | Use-of-uninitialized-value in pcpp::IDnsResource::decodeName | 2025-06-24T00:11:04.762139Z | 2025-06-24T00:11:04.762681Z |
| osv-2025-484 | Heap-buffer-overflow in load_protocols_file_fd | 2025-06-23T00:14:46.656195Z | 2025-06-23T00:14:46.656704Z |
| osv-2025-207 | Security exception in org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone | 2025-03-16T00:02:33.765869Z | 2025-06-20T17:14:14.229009Z |
| osv-2024-1191 | Security exception in org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII | 2024-10-09T00:04:49.628226Z | 2025-06-20T16:39:29.501730Z |
| osv-2025-481 | Stack-buffer-overflow in void glz::from<10000u, int>::op<glz::opts_csv{10000u, | 2025-06-20T00:15:46.185029Z | 2025-06-20T00:15:46.185445Z |
| osv-2025-480 | Stack-buffer-overflow in void glz::from<10000u, std::__1::__bit_reference<std::__1::vector<bool, std::__1 | 2025-06-20T00:14:17.007847Z | 2025-06-20T00:14:17.008310Z |
| osv-2024-714 | Segv on unknown address in lwan_request_get_cookie | 2024-08-04T00:01:49.853424Z | 2025-06-17T14:38:11.268036Z |
| osv-2025-469 | Use-of-uninitialized-value in ndpi_strdup | 2025-06-16T00:17:21.776120Z | 2025-06-16T00:17:21.776520Z |
| osv-2025-465 | Heap-buffer-overflow in xmlParsePubidLiteral | 2025-06-15T00:09:20.387117Z | 2025-06-15T00:09:20.387490Z |
| osv-2025-461 | Heap-buffer-overflow in xmlParsePubidLiteral | 2025-06-14T00:10:49.391511Z | 2025-06-14T00:10:49.391787Z |
| osv-2025-457 | Heap-buffer-overflow in xmlParsePubidLiteral | 2025-06-14T00:04:11.416575Z | 2025-06-14T00:04:11.417116Z |
| osv-2025-456 | Use-of-uninitialized-value in ppd_hash_option | 2025-06-12T00:10:52.355312Z | 2025-06-12T00:10:52.355684Z |
| osv-2025-454 | Use-of-uninitialized-value in _cups_strcasecmp | 2025-06-11T00:12:12.952969Z | 2025-06-11T00:12:12.953357Z |
| osv-2025-449 | Heap-buffer-overflow in check_content_type_and_change_protocol | 2025-06-10T00:16:50.624468Z | 2025-06-10T00:16:50.624907Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2024-0349 | Traversal outside working tree enables arbitrary code execution | 2024-05-22T12:00:00Z | 2024-07-08T15:12:43Z |
| rustsec-2024-0348 | Traversal outside working tree enables arbitrary code execution | 2024-05-22T12:00:00Z | 2024-07-08T15:12:43Z |
| rustsec-2024-0335 | gix-transport indirect code execution via malicious username | 2024-04-13T12:00:00Z | 2024-07-02T23:39:37Z |
| rustsec-2024-0343 | Reduced entropy due to inadequate character set usage | 2024-06-03T12:00:00Z | 2024-06-15T13:11:33Z |
| rustsec-2020-0071 | Potential segfault in the time crate | 2020-11-18T12:00:00Z | 2024-06-05T14:00:17Z |
| rustsec-2024-0341 | Slow loris vulnerability with default configuration | 2024-03-15T12:00:00Z | 2024-05-21T02:12:32Z |
| rustsec-2024-0339 | Tor path lengths too short when "Vanguards lite" configured | 2024-05-15T12:00:00Z | 2024-05-21T02:12:32Z |
| rustsec-2024-0342 | Degraded secret zeroization capabilities | 2024-05-02T12:00:00Z | 2024-05-20T15:25:56Z |
| rustsec-2024-0337 | The crate `zip_next` has been renamed to `zip`. | 2024-04-20T12:00:00Z | 2024-04-24T14:13:51Z |
| rustsec-2024-0336 | `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input | 2024-04-19T12:00:00Z | 2024-04-20T02:21:14Z |
| rustsec-2023-0079 | KyberSlash: division timings depending on secrets | 2023-12-01T12:00:00Z | 2024-04-12T21:07:31Z |
| rustsec-2024-0334 | `libp2p-tokio-socks5` is unmaintained | 2024-04-05T12:00:00Z | 2024-04-12T16:31:39Z |
| rustsec-2024-0333 | `rsa-export` is unmaintained | 2024-04-06T12:00:00Z | 2024-04-12T16:29:46Z |
| rustsec-2024-0332 | Degradation of service in h2 servers with CONTINUATION Flood | 2024-04-03T12:00:00Z | 2024-04-11T16:16:20Z |
| rustsec-2024-0021 | Parts of Report are dropped as the wrong type during downcast | 2024-03-05T12:00:00Z | 2024-04-11T16:16:20Z |
| rustsec-2024-0020 | Stack buffer overflow with whoami on several Unix platforms | 2024-02-28T12:00:00Z | 2024-04-11T16:16:20Z |
| rustsec-2024-0018 | ObjectPool creates uninitialized memory when freeing objects | 2024-02-27T12:00:00Z | 2024-04-11T16:16:20Z |
| rustsec-2024-0017 | Non-idiomatic use of iterators leads to use after free | 2024-02-28T12:00:00Z | 2024-04-11T16:16:20Z |
| rustsec-2024-0016 | dav1d AV1 decoder integer overflow | 2024-02-19T12:00:00Z | 2024-04-11T16:16:20Z |
| rustsec-2023-0085 | HPACK decoder panics on invalid input | 2023-09-15T12:00:00Z | 2024-04-11T16:16:20Z |
| rustsec-2024-0331 | Puccinier is unmainted. | 2024-03-31T12:00:00Z | 2024-03-31T14:44:37Z |
| rustsec-2023-0084 | `hpack` is unmaintained | 2023-09-15T12:00:00Z | 2024-03-06T14:01:14Z |
| rustsec-2023-0081 | safemem is unmaintained | 2023-02-14T12:00:00Z | 2024-03-04T18:47:07Z |
| rustsec-2024-0019 | Tokens for named pipes may be delivered after deregistration | 2024-03-04T12:00:00Z | 2024-03-04T17:51:31Z |
| rustsec-2023-0083 | blurhash: panic on parsing crafted blurhash inputs | 2023-09-19T12:00:00Z | 2024-03-02T17:22:42Z |
| rustsec-2023-0082 | phonenumber: panic on parsing crafted RF3966 phonenumber inputs | 2023-09-19T12:00:00Z | 2024-02-29T21:46:35Z |
| rustsec-2024-0015 | filesystem-rs may be implicitly unmaintained | 2024-01-25T12:00:00Z | 2024-02-18T04:23:45Z |
| rustsec-2024-0014 | `generational-arena` is unmaintained | 2024-02-11T12:00:00Z | 2024-02-18T04:06:15Z |
| rustsec-2024-0013 | Memory corruption, denial of service, and arbitrary code execution in libgit2 | 2024-02-06T12:00:00Z | 2024-02-15T01:22:49Z |
| rustsec-2024-0010 | Improper comparison of different-length signatures | 2024-02-06T12:00:00Z | 2024-02-15T01:22:49Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2025:21110 | Important: bind security update | 2025-11-12T00:00:00Z | 2025-11-19T09:39:10Z |
| alsa-2025:20963 | Moderate: qt5-qt3d security update | 2025-11-11T00:00:00Z | 2025-11-19T09:37:23Z |
| alsa-2025:20961 | Moderate: xorg-x11-server security update | 2025-11-11T00:00:00Z | 2025-11-19T09:36:21Z |
| alsa-2025:20960 | Moderate: xorg-x11-server-Xwayland security update | 2025-11-11T00:00:00Z | 2025-11-19T09:34:47Z |
| alsa-2025:20959 | Important: libsoup security update | 2025-11-11T00:00:00Z | 2025-11-19T09:32:27Z |
| alsa-2025:20957 | Important: runc security update | 2025-11-11T00:00:00Z | 2025-11-19T09:31:22Z |
| alsa-2025:20956 | Important: libtiff security update | 2025-11-11T00:00:00Z | 2025-11-19T09:30:24Z |
| alsa-2025:20943 | Moderate: libssh security update | 2025-11-11T00:00:00Z | 2025-11-19T09:28:35Z |
| alsa-2025:20945 | Moderate: vim security update | 2025-11-11T00:00:00Z | 2025-11-19T09:26:44Z |
| alsa-2025:20936 | Important: sqlite security update | 2025-11-11T00:00:00Z | 2025-11-19T09:25:24Z |
| alsa-2025:20935 | Important: squid security update | 2025-11-11T00:00:00Z | 2025-11-19T09:24:20Z |
| alsa-2025:20926 | Important: redis security update | 2025-11-11T00:00:00Z | 2025-11-19T09:23:20Z |
| alsa-2025:20922 | Important: webkit2gtk3 security update | 2025-11-11T00:00:00Z | 2025-11-19T09:22:06Z |
| alsa-2025:20838 | Moderate: zziplib security update | 2025-11-11T00:00:00Z | 2025-11-19T09:20:52Z |
| alsa-2025:20559 | Low: shadow-utils security update | 2025-11-11T00:00:00Z | 2025-11-19T09:19:16Z |
| alsa-2025:20532 | Moderate: grub2 security update | 2025-11-11T00:00:00Z | 2025-11-19T09:18:10Z |
| alsa-2025:20518 | Moderate: kernel security update | 2025-11-11T00:00:00Z | 2025-11-19T09:15:54Z |
| alsa-2025:19950 | Important: bind9.18 security update | 2025-11-10T00:00:00Z | 2025-11-19T09:11:13Z |
| alsa-2025:19930 | Moderate: kernel security update | 2025-11-10T00:00:00Z | 2025-11-12T09:59:32Z |
| alsa-2025:19931 | Moderate: kernel security update | 2025-11-10T00:00:00Z | 2025-11-11T14:31:40Z |
| alsa-2025:19932 | Moderate: kernel-rt security update | 2025-11-10T00:00:00Z | 2025-11-11T12:37:42Z |
| alsa-2025:20034 | Important: libtiff security update | 2025-11-10T00:00:00Z | 2025-11-11T12:31:49Z |
| alsa-2025:19912 | Important: bind security update | 2025-11-06T00:00:00Z | 2025-11-10T13:13:44Z |
| alsa-2025:19927 | Important: runc security update | 2025-11-07T00:00:00Z | 2025-11-10T12:59:59Z |
| alsa-2025:19469 | Moderate: kernel security update | 2025-11-03T00:00:00Z | 2025-11-07T13:52:08Z |
| alsa-2025:19906 | Important: mingw-libtiff security update | 2025-11-06T00:00:00Z | 2025-11-07T13:28:57Z |
| alsa-2025:19909 | Important: tigervnc security update | 2025-11-06T00:00:00Z | 2025-11-07T13:19:40Z |
| alsa-2025:19345 | Important: redis:7 security update | 2025-10-30T00:00:00Z | 2025-11-07T12:12:46Z |
| alsa-2025:19403 | Important: expat security update | 2025-11-03T00:00:00Z | 2025-11-07T12:04:59Z |
| alsa-2025:19409 | Moderate: kernel security update | 2025-11-03T00:00:00Z | 2025-11-07T11:55:27Z |