Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-33082 |
9.8 (3.1)
|
Buffer Copy Without Checking Size of Input (`Classic B… |
Qualcomm, Inc. |
Snapdragon |
2023-12-05T03:04:18.133Z | 2026-02-25T16:51:07.770Z |
| CVE-2026-2479 |
5 (3.1)
|
Responsive Lightbox & Gallery <= 2.7.1 - Authenticated… |
dfactory |
Responsive Lightbox & Gallery |
2026-02-25T08:25:30.385Z | 2026-02-25T16:51:05.012Z |
| CVE-2023-6333 |
7.5 (3.1)
|
Cross-site Scripting in ControlByWeb Relays |
ControlByWeb |
X-332-24I |
2023-12-07T18:08:04.324Z | 2026-02-25T16:50:54.327Z |
| CVE-2026-1916 |
7.5 (3.1)
|
WPGSI: Spreadsheet Integration <= 3.8.3 - Missing Auth… |
javmah |
WPGSI: Spreadsheet Integration |
2026-02-25T08:25:31.051Z | 2026-02-25T16:50:00.569Z |
| CVE-2020-14381 |
7.8 (3.1)
|
A flaw was found in the Linux kernel’s futex impl… |
n/a |
kernel |
2020-12-03T16:21:55.000Z | 2026-02-25T16:48:37.567Z |
| CVE-2024-50452 |
6.5 (3.1)
|
WordPress Nexter Blocks plugin <= 3.3.3 - Cross Site S… |
POSIMYTH |
Nexter Blocks |
2026-02-20T15:46:25.053Z | 2026-02-25T16:48:11.776Z |
| CVE-2026-27739 |
9.2 (4.0)
|
Angular SSR is vulnerable to SSRF and Header Injection… |
angular |
angular-cli |
2026-02-25T16:47:29.705Z | 2026-02-25T16:47:29.705Z |
| CVE-2026-1144 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
quickjs-ng quickjs Atomics Ops quickjs.c use after free |
quickjs-ng |
quickjs |
2026-01-19T07:32:10.363Z | 2026-02-25T16:46:28.328Z |
| CVE-2026-1145 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
quickjs-ng quickjs quickjs.c js_typed_array_constructo… |
quickjs-ng |
quickjs |
2026-01-19T08:02:08.519Z | 2026-02-25T16:45:03.206Z |
| CVE-2024-51915 |
6.5 (3.1)
|
WordPress LiteSpeed Cache plugin <= 6.5.2 - Cross Site… |
LiteSpeed Technologies |
LiteSpeed Cache |
2026-02-20T15:46:25.475Z | 2026-02-25T16:44:09.359Z |
| CVE-2026-21528 |
6.5 (3.1)
|
Azure IoT Explorer Information Disclosure Vulnerability |
Microsoft |
Azure IoT Explorer |
2026-02-10T17:51:30.773Z | 2026-02-25T16:43:35.894Z |
| CVE-2025-69873 |
2.9 (3.1)
|
ajv (Another JSON Schema Validator) before 8.18.0… |
ajv.js |
ajv |
2026-02-11T00:00:00.000Z | 2026-02-25T16:42:35.482Z |
| CVE-2026-23491 |
9.3 (4.0)
|
InvoicePlane has Unauthenticated Path Traversal in Gue… |
InvoicePlane |
InvoicePlane |
2026-02-18T19:52:26.304Z | 2026-02-25T16:41:34.879Z |
| CVE-2023-5427 |
7.8 (3.1)
|
Mali GPU Kernel Driver allows improper GPU processing … |
Arm Ltd |
Bifrost GPU Kernel Driver |
2023-12-01T10:13:49.299Z | 2026-02-25T16:41:07.193Z |
| CVE-2026-27738 |
6.9 (4.0)
|
Angular SSR has an Open Redirect via X-Forwarded-Prefix |
angular |
angular-cli |
2026-02-25T16:40:44.724Z | 2026-02-25T16:40:44.724Z |
| CVE-2024-54222 |
4.3 (3.1)
|
WordPress Seraphinite Accelerator plugin <= 2.22.15 - … |
Seraphinite Solutions |
Seraphinite Accelerator |
2026-02-20T15:46:25.825Z | 2026-02-25T16:39:20.709Z |
| CVE-2026-2416 |
7.5 (3.1)
|
Geo Mashup <= 1.13.17 - Unauthenticated SQL Injection … |
cyberhobo |
Geo Mashup |
2026-02-25T08:25:31.427Z | 2026-02-25T16:37:56.454Z |
| CVE-2026-1929 |
8.8 (3.1)
|
Advanced Woo Labels <= 2.37 - Authenticated (Contribut… |
mihail-barinov |
Advanced Woo Labels – Product Labels & Badges for WooCommerce |
2026-02-25T08:25:31.823Z | 2026-02-25T16:37:12.800Z |
| CVE-2026-3171 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
SourceCodester/Patrick Mvuma Patients Waiting Area Que… |
SourceCodester |
Patients Waiting Area Queue Management System |
2026-02-25T08:32:07.369Z | 2026-02-25T16:34:51.471Z |
| CVE-2023-49583 |
9.1 (3.1)
|
Escalation of Privileges in SAP BTP Security Services … |
SAP_SE |
@sap/xssec |
2023-12-12T01:22:58.910Z | 2026-02-25T16:34:36.422Z |
| CVE-2023-50422 |
9.1 (3.1)
|
Escalation of Privileges in SAP BTP Security Services … |
SAP_SE |
cloud-security-services-integration-library |
2023-12-12T01:31:17.991Z | 2026-02-25T16:34:36.244Z |
| CVE-2023-50423 |
9.1 (3.1)
|
Escalation of Privileges in SAP BTP Security Services … |
SAP_SE |
sap-xssec |
2023-12-12T01:52:44.999Z | 2026-02-25T16:34:36.085Z |
| CVE-2023-50424 |
9.1 (3.1)
|
Escalation of Privileges in SAP BTP Security Services … |
SAP_SE |
github.com/sap/cloud-security-client-go |
2023-12-12T01:59:36.703Z | 2026-02-25T16:34:35.943Z |
| CVE-2022-47374 |
7.5 (3.1)
|
A vulnerability has been identified in SIMATIC PC… |
Siemens |
SIMATIC PC-Station Plus |
2023-12-12T11:25:31.314Z | 2026-02-25T16:34:35.793Z |
| CVE-2023-46156 |
7.5 (3.1)
|
Affected devices improperly handle specially craf… |
Siemens |
SIMATIC Drive Controller CPU 1504D TF |
2023-12-12T11:27:10.086Z | 2026-02-25T16:34:35.639Z |
| CVE-2023-46284 |
7.5 (3.1)
|
A vulnerability has been identified in Opcenter E… |
Siemens |
Opcenter Execution Foundation |
2023-12-12T11:27:15.737Z | 2026-02-25T16:34:35.352Z |
| CVE-2023-48428 |
7.2 (3.1)
|
A vulnerability has been identified in SINEC INS … |
Siemens |
SINEC INS |
2023-12-12T11:27:19.590Z | 2026-02-25T16:34:35.052Z |
| CVE-2023-48429 |
2.7 (3.1)
|
A vulnerability has been identified in SINEC INS … |
Siemens |
SINEC INS |
2023-12-12T11:27:20.840Z | 2026-02-25T16:34:34.694Z |
| CVE-2023-48430 |
2.7 (3.1)
|
A vulnerability has been identified in SINEC INS … |
Siemens |
SINEC INS |
2023-12-12T11:27:22.091Z | 2026-02-25T16:34:34.289Z |
| CVE-2023-6791 |
4.9 (3.1)
|
PAN-OS: Plaintext Disclosure of External System Integr… |
Palo Alto Networks |
PAN-OS |
2023-12-13T18:30:17.115Z | 2026-02-25T16:34:34.137Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-27645 | changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.… | 2026-02-25T05:17:26.317 | 2026-02-25T16:51:33.417 |
| fkie_cve-2025-46320 | A cross-site scripting (XSS) vulnerability in a FileMaker WebDirect custom homepage could lead to u… | 2026-02-24T21:16:18.447 | 2026-02-25T16:47:08.160 |
| fkie_cve-2025-69252 | free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th gene… | 2026-02-24T00:16:18.707 | 2026-02-25T16:46:15.720 |
| fkie_cve-2026-25610 | An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid i… | 2026-02-10T19:16:04.037 | 2026-02-25T16:46:13.320 |
| fkie_cve-2025-69251 | free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th gene… | 2026-02-24T00:16:18.520 | 2026-02-25T16:46:00.580 |
| fkie_cve-2025-69250 | free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th gene… | 2026-02-24T00:16:18.330 | 2026-02-25T16:45:38.647 |
| fkie_cve-2026-25613 | An authorized user may disable the MongoDB server by issuing a query against a collection that cont… | 2026-02-10T19:16:04.267 | 2026-02-25T16:45:10.213 |
| fkie_cve-2026-2763 | Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T14:16:24.620 | 2026-02-25T16:45:05.537 |
| fkie_cve-2026-27642 | free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th gene… | 2026-02-24T01:16:15.390 | 2026-02-25T16:44:26.120 |
| fkie_cve-2026-2764 | JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affe… | 2026-02-24T14:16:24.737 | 2026-02-25T16:44:17.213 |
| fkie_cve-2026-2765 | Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T14:16:24.860 | 2026-02-25T16:43:25.553 |
| fkie_cve-2026-2766 | Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, F… | 2026-02-24T14:16:24.973 | 2026-02-25T16:43:01.463 |
| fkie_cve-2026-2767 | Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, … | 2026-02-24T14:16:25.080 | 2026-02-25T16:42:35.330 |
| fkie_cve-2026-2768 | Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T14:16:25.183 | 2026-02-25T16:42:04.193 |
| fkie_cve-2026-26218 | newbee-mall includes pre-seeded administrator accounts in its database initialization script. These… | 2026-02-12T19:15:52.120 | 2026-02-25T16:41:25.410 |
| fkie_cve-2026-2770 | Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, F… | 2026-02-24T14:16:25.397 | 2026-02-25T16:40:15.020 |
| fkie_cve-2026-26219 | newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The impleme… | 2026-02-12T19:15:52.300 | 2026-02-25T16:40:13.200 |
| fkie_cve-2025-69253 | free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and … | 2026-02-24T01:16:11.913 | 2026-02-25T16:39:41.997 |
| fkie_cve-2026-2771 | Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Fir… | 2026-02-24T14:16:25.497 | 2026-02-25T16:39:30.330 |
| fkie_cve-2026-2772 | Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Fi… | 2026-02-24T14:16:25.603 | 2026-02-25T16:38:40.753 |
| fkie_cve-2026-2773 | Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148,… | 2026-02-24T14:16:25.703 | 2026-02-25T16:37:52.530 |
| fkie_cve-2025-69248 | free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and … | 2026-02-23T22:16:21.220 | 2026-02-25T16:35:57.660 |
| fkie_cve-2026-26025 | free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th genera… | 2026-02-24T01:16:15.237 | 2026-02-25T16:28:24.257 |
| fkie_cve-2026-26024 | free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th genera… | 2026-02-24T01:16:15.087 | 2026-02-25T16:27:56.640 |
| fkie_cve-2026-2774 | Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ES… | 2026-02-24T14:16:25.810 | 2026-02-25T16:27:50.917 |
| fkie_cve-2026-2775 | Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Fire… | 2026-02-24T14:16:25.917 | 2026-02-25T16:27:02.663 |
| fkie_cve-2026-25501 | free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th genera… | 2026-02-24T01:16:12.927 | 2026-02-25T16:26:40.507 |
| fkie_cve-2026-2776 | Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software… | 2026-02-24T14:16:26.023 | 2026-02-25T16:25:27.640 |
| fkie_cve-2026-3188 | A security flaw has been discovered in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This affects a… | 2026-02-25T16:23:30.203 | 2026-02-25T16:23:30.203 |
| fkie_cve-2026-27848 | Due to missing neutralization of special elements, OS commands can be injected via the handshake of… | 2026-02-25T16:23:29.037 | 2026-02-25T16:23:29.037 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-6v48-fcq6-ff23 |
7.1 (4.0)
|
Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory | 2026-02-24T21:43:15Z | 2026-02-24T21:43:15Z |
| ghsa-mxhj-88fx-4pcv |
8.6 (4.0)
|
Fickling: OBJ opcode call invisibility bypasses all safety checks | 2026-02-24T21:41:31Z | 2026-02-24T21:41:31Z |
| ghsa-wxjg-wxm8-w2qc |
9.8 (3.1)
9.3 (4.0)
|
All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-wh6f-f7pf-3hqg |
9.8 (3.1)
9.3 (4.0)
|
InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious … | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-w6wm-hqx9-7cq8 |
8.7 (4.0)
|
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an au… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-hr94-5hp8-p3qr |
4.3 (3.1)
|
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an at… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-c8xr-66ch-xcpx |
8.7 (4.0)
|
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP str… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-8c83-cvgq-pp7w |
8.6 (4.0)
|
EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the a… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-682g-r279-6gq6 |
9.3 (4.0)
|
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with defau… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-xph9-72vf-6x2f |
5.8 (4.0)
|
Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows use… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-vcqv-v77g-qhch |
5.4 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input … | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-qv39-5mwf-4pj2 |
8.0 (3.1)
|
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-p5fg-p22w-8pfg |
7.3 (3.1)
|
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-mhh4-8fhx-47qg |
8.0 (3.1)
|
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-fpg9-3qpq-vpm5 |
5.8 (4.0)
|
Local admin could to leak information from the Genetec Update Service configuration web page. An au… | 2026-02-24T21:31:45Z | 2026-02-24T21:31:46Z |
| ghsa-f46g-p3mm-9g3p |
2.7 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-cp7r-fhjg-f2vc |
7.2 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with … | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-58vr-q64v-x475 |
8.8 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerabilit… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-mwf2-qr4v-94h2 |
7.1 (4.0)
|
An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated u… | 2026-02-24T15:30:30Z | 2026-02-24T21:31:45Z |
| ghsa-fvj5-5qvq-g8wf |
8.8 (3.1)
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T21:31:45Z |
| ghsa-6xhx-53c5-f9qr |
6.6 (3.1)
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Lin… | 2026-02-24T18:31:03Z | 2026-02-24T21:31:45Z |
| ghsa-48m2-v2r8-h23m |
5.3 (4.0)
|
Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execu… | 2026-02-24T15:30:30Z | 2026-02-24T21:31:45Z |
| ghsa-m6xw-mq4p-x7xv |
7.3 (3.1)
|
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffe… | 2026-02-23T21:31:26Z | 2026-02-24T21:31:41Z |
| ghsa-5jj2-qhxw-rpq6 |
5.0 (3.1)
|
libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. | 2026-02-23T21:31:26Z | 2026-02-24T21:31:41Z |
| ghsa-p884-v7p5-5858 |
5.5 (3.1)
|
libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff… | 2026-02-23T21:31:26Z | 2026-02-24T21:31:40Z |
| ghsa-xcv9-r62w-jh9r |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:38Z | 2026-02-24T21:31:39Z |
| ghsa-wm24-gwfw-426w |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:38Z | 2026-02-24T21:31:39Z |
| ghsa-rhvr-p49q-rhmm |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:38Z | 2026-02-24T21:31:39Z |
| ghsa-qv9f-wvw4-25rj |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:38Z | 2026-02-24T21:31:39Z |
| ghsa-j3pj-q5qg-g2r8 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:38Z | 2026-02-24T21:31:39Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2012-37 |
|
The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), … | nova | 2012-06-21T15:55:00Z | 2024-11-21T14:22:55.891133Z |
| pysec-2012-36 |
|
Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security… | nova | 2012-06-07T19:55:00Z | 2024-11-21T14:22:55.825436Z |
| pysec-2023-287 |
4.3 (3.1)
|
Nautobot is a Network Source of Truth and Network Automation Platform built as a web appl… | nautobot | 2023-12-22T17:15:00+00:00 | 2024-11-21T14:22:55.764934+00:00 |
| pysec-2023-286 |
5.3 (3.1)
|
Nautobot is a Network Source of Truth and Network Automation Platform built as a web appl… | nautobot | 2023-12-12T23:15:00+00:00 | 2024-11-21T14:22:55.664554+00:00 |
| pysec-2023-285 |
5.4 (3.1)
|
Nautobot is a Network Source of Truth and Network Automation Platform built as a web appl… | nautobot | 2023-11-22T16:15:00+00:00 | 2024-11-21T14:22:55.567982+00:00 |
| pysec-2023-288 |
6.5 (3.1)
|
The Nautobot Device Onboarding plugin uses the netmiko and NAPALM libraries to simplify t… | nautobot-device-onboarding | 2023-11-21T23:15:00+00:00 | 2024-11-21T14:22:55.475794+00:00 |
| pysec-2022-43141 |
7.5 (3.1)
|
MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET re… | motioneye | 2022-03-24T17:15:00+00:00 | 2024-11-21T14:22:55.422153+00:00 |
| pysec-2023-284 |
6.5 (3.1)
|
Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. | modoboa | 2023-01-23T14:15:00+00:00 | 2024-11-21T14:22:55.160710+00:00 |
| pysec-2023-283 |
4.3 (3.1)
|
Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. | modoboa | 2023-01-19T18:15:00+00:00 | 2024-11-21T14:22:55.105976+00:00 |
| pysec-2023-282 |
6.5 (3.1)
|
Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. | modoboa | 2023-01-19T09:15:00+00:00 | 2024-11-21T14:22:55.051300+00:00 |
| pysec-2023-281 |
8.8 (3.1)
|
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repositor… | mlflow | 2023-12-12T04:15:00+00:00 | 2024-11-21T14:22:54.938745+00:00 |
| pysec-2023-280 |
7.8 (3.1)
|
OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0. | mlflow | 2023-08-01T01:15:00+00:00 | 2024-11-21T14:22:54.880705+00:00 |
| pysec-2023-279 |
9.1 (3.1)
|
MindsDB is a SQL Server for artificial intelligence. Prior to version 23.11.4.1, the `put… | mindsdb | 2023-12-22T21:15:00+00:00 | 2024-11-21T14:22:54.549778+00:00 |
| pysec-2023-277 |
5.3 (3.1)
|
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T19:15:00+00:00 | 2024-11-21T14:22:54.391272+00:00 |
| pysec-2014-110 |
|
Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_fo… | mayan-edms | 2014-05-27T13:55:00Z | 2024-11-21T14:22:54.240407Z |
| pysec-2022-43137 |
5.5 (3.1)
|
LIEF commit 365a16a was discovered to contain a reachable assertion abort via the compone… | lief | 2022-09-13T21:15:00+00:00 | 2024-11-21T14:22:53.842904+00:00 |
| pysec-2024-128 |
6.1 (3.1)
|
Label Studio, an open source data labeling tool had a remote import feature allowed users… | label-studio | 2024-01-24T00:15:00+00:00 | 2024-11-21T14:22:53.406222+00:00 |
| pysec-2023-275 |
7.5 (3.1)
|
Label Studio is an open source data labeling tool. In all current versions of Label Studi… | label-studio | 2023-11-13T21:15:00+00:00 | 2024-11-21T14:22:53.350760+00:00 |
| pysec-2024-127 |
5.3 (3.1)
|
Label Studio is a popular open source data labeling tool. The vulnerability affects all v… | label-studio | 2024-01-31T17:15:00+00:00 | 2024-11-21T14:22:53.294472+00:00 |
| pysec-2024-126 |
5.4 (3.1)
|
Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have… | label-studio | 2024-01-23T23:15:00+00:00 | 2024-11-21T14:22:53.235341+00:00 |
| pysec-2023-274 |
8.8 (3.1)
|
Label Studio is a multi-type data labeling and annotation tool with standardized output f… | label-studio | 2023-11-09T15:15:00+00:00 | 2024-11-21T14:22:53.173192+00:00 |
| pysec-2017-144 |
7.5 (3.1)
|
Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around bla… | koji | 2017-10-06T17:29:00Z | 2024-11-21T14:22:53.117821Z |
| pysec-2023-273 |
8.8 (3.1)
|
Kiwi TCMS is an open source test management system. In kiwitcms/Kiwi v12.2 and prior and … | kiwitcms | 2023-04-24T22:15:00+00:00 | 2024-11-21T14:22:53.063160+00:00 |
| pysec-2013-40 |
|
OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs … | keystone | 2013-05-21T18:55:00Z | 2024-11-21T14:22:52.515884Z |
| pysec-2012-35 |
|
OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens… | keystone | 2012-12-18T01:55:00Z | 2024-11-21T14:22:52.404569Z |
| pysec-2012-34 |
|
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenS… | keystone | 2012-07-31T10:45:00Z | 2024-11-21T14:22:52.344123Z |
| pysec-2018-151 |
8.8 (3.1)
|
An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 a… | jupyterhub | 2018-02-18T03:29:00Z | 2024-11-21T14:22:52.286953Z |
| pysec-2023-272 |
4.3 (3.1)
|
The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints… | jupyter-server | 2023-12-04T21:15:00+00:00 | 2024-11-21T14:22:52.227754+00:00 |
| pysec-2018-150 |
7.5 (3.1)
|
Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and … | iroha | 2018-06-01T19:29:00Z | 2024-11-21T14:22:52.162008Z |
| pysec-2014-104 |
|
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote att… | ipa | 2014-11-19T18:59:00Z | 2024-11-21T14:22:52.00819Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33651 | Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This iss… | 2024-04-26T05:02:19.207978Z |
| gsd-2024-33646 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.206029Z |
| gsd-2024-33659 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.194728Z |
| gsd-2024-33636 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.188953Z |
| gsd-2024-33647 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.188223Z |
| gsd-2024-33649 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.185793Z |
| gsd-2024-33657 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.176271Z |
| gsd-2024-33663 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.175935Z |
| gsd-2024-33650 | Cross-Site Request Forgery (CSRF) vulnerability in Cryout Creations Serious Slider.This i… | 2024-04-26T05:02:19.172076Z |
| gsd-2024-33672 | An issue was discovered in Veritas NetBackup before 10.4. The Multi-Threaded Agent used i… | 2024-04-26T05:02:19.171109Z |
| gsd-2024-33642 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-26T05:02:19.166814Z |
| gsd-2024-33629 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.165154Z |
| gsd-2024-33635 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.164031Z |
| gsd-2024-33673 | An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access… | 2024-04-26T05:02:19.162010Z |
| gsd-2024-33627 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.157764Z |
| gsd-2024-33638 | Cross-Site Request Forgery (CSRF) vulnerability in Brijesh Kothari Smart Maintenance Mode… | 2024-04-26T05:02:19.155155Z |
| gsd-2024-33674 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.150702Z |
| gsd-2024-33628 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.149995Z |
| gsd-2024-33662 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.149532Z |
| gsd-2024-33648 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.149332Z |
| gsd-2024-33633 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.141967Z |
| gsd-2024-33634 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.138995Z |
| gsd-2024-33664 | python-jose through 3.3.0 allows attackers to cause a denial of service (resource consump… | 2024-04-26T05:02:19.131389Z |
| gsd-2024-33643 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:19.131060Z |
| gsd-2024-4192 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.442382Z |
| gsd-2024-4212 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.440122Z |
| gsd-2024-4165 | A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.17(9502)… | 2024-04-26T05:02:17.438286Z |
| gsd-2024-4179 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.438004Z |
| gsd-2024-4197 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.437306Z |
| gsd-2024-4188 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.437066Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-718 | Malicious code in @fxinternal/netdiagnostics (npm) | 2026-02-04T05:00:18Z | 2026-02-06T03:05:22Z |
| mal-2026-706 | Malicious code in @devgandhi/healthpulse (npm) | 2026-02-03T17:39:11Z | 2026-02-06T03:05:22Z |
| mal-2026-705 | Malicious code in @devgandhi/cpp (npm) | 2026-02-03T17:39:11Z | 2026-02-06T03:05:22Z |
| mal-2026-703 | Malicious code in @x-clients/features (npm) | 2026-02-03T15:41:03Z | 2026-02-06T03:05:22Z |
| mal-2026-687 | Malicious code in @uselagoon/ui-library (npm) | 2026-02-03T07:39:16Z | 2026-02-06T03:05:22Z |
| mal-2026-676 | Malicious code in @ikeacnalan/icons (npm) | 2026-02-03T06:58:19Z | 2026-02-06T03:05:22Z |
| mal-2026-673 | Malicious code in baileys-ud (npm) | 2026-02-03T05:01:34Z | 2026-02-06T03:05:22Z |
| mal-2026-672 | Malicious code in baileys-dtz (npm) | 2026-02-03T05:01:33Z | 2026-02-06T03:05:22Z |
| mal-2026-670 | Malicious code in aligned-array (npm) | 2026-02-03T04:12:07Z | 2026-02-06T03:05:22Z |
| mal-2026-659 | Malicious code in atg-atgse (npm) | 2026-02-03T03:27:31Z | 2026-02-06T03:05:22Z |
| mal-2026-658 | Malicious code in ansi-universal-ui (npm) | 2026-02-03T03:42:39Z | 2026-02-06T03:05:22Z |
| mal-2026-767 | Malicious code in 0xhash-utils (npm) | 2026-02-05T17:29:50Z | 2026-02-06T03:05:21Z |
| mal-2026-785 | Malicious code in ppe-test (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-784 | Malicious code in monkey-tags (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-783 | Malicious code in adobe_pipeline_test (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-782 | Malicious code in ac-polyfills (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-781 | Malicious code in ac-feature (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-780 | Malicious code in ac-element-engagement (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-779 | Malicious code in ac-dom-styles (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-778 | Malicious code in ac-dom-nodes (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-777 | Malicious code in ac-dom-events (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-776 | Malicious code in ac-checksum (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-775 | Malicious code in ac-array (npm) | 2026-02-06T02:07:02Z | 2026-02-06T02:07:02Z |
| mal-2026-774 | Malicious code in adminbypasser (PyPI) | 2026-02-06T01:15:08Z | 2026-02-06T01:15:08Z |
| mal-2026-766 | Malicious code in greeter-pro-test (PyPI) | 2026-02-05T16:40:51Z | 2026-02-05T16:40:56Z |
| mal-2026-762 | Malicious code in metadata-checker (PyPI) | 2026-02-05T14:30:34Z | 2026-02-05T15:20:28Z |
| mal-2026-763 | Malicious code in web3-meme-tool (PyPI) | 2026-02-05T14:33:05Z | 2026-02-05T14:33:05Z |
| mal-2026-759 | Malicious code in pipelinepoision-test (PyPI) | 2026-02-05T08:43:35Z | 2026-02-05T08:43:35Z |
| mal-2026-745 | Malicious code in statssol (PyPI) | 2026-02-04T19:47:20Z | 2026-02-04T19:47:20Z |
| mal-2026-738 | Malicious code in tablescene (PyPI) | 2026-02-04T10:24:43Z | 2026-02-04T18:51:22Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-python-2025-8291 | ZIP64 End of Central Directory (EOCD) Locator record offset not checked | 2025-10-14T09:30:19.669Z | 2025-12-04T12:07:39.656Z |
| bit-python-2025-1795 | Mishandling of comma during folding and unicode-encoding of email headers | 2025-04-14T11:35:31.045Z | 2025-12-04T12:07:39.656Z |
| bit-libpython-2025-8291 | ZIP64 End of Central Directory (EOCD) Locator record offset not checked | 2025-10-14T09:25:48.465Z | 2025-12-04T12:07:39.656Z |
| bit-libpython-2025-1795 | Mishandling of comma during folding and unicode-encoding of email headers | 2025-08-11T13:53:05.339Z | 2025-12-04T12:07:39.656Z |
| bit-golang-2025-61729 | Excessive resource consumption when printing error string for host certificate validation in crypto/x509 | 2025-12-04T11:41:52.637Z | 2025-12-04T12:07:39.656Z |
| bit-activemq-2025-27533 | Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation | 2025-12-03T14:35:40.173Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2023-46604 | Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack | 2025-12-03T14:35:38.733Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2022-41678 | Apache ActiveMQ: Insufficient API restrictions on Jolokia allow authenticated users to perform RCE | 2025-12-03T14:35:37.010Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-26117 | ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind | 2025-12-03T14:35:35.296Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21351 | XStream is vulnerable to an Arbitrary Code Execution attack | 2025-12-03T14:35:33.786Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21350 | XStream is vulnerable to an Arbitrary Code Execution attack | 2025-12-03T14:35:32.295Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21349 | A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host | 2025-12-03T14:35:30.789Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21348 | XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos) | 2025-12-03T14:35:29.299Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21347 | XStream is vulnerable to an Arbitrary Code Execution attack | 2025-12-03T14:35:27.664Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21346 | XStream is vulnerable to an Arbitrary Code Execution attack | 2025-12-03T14:35:26.027Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21345 | XStream is vulnerable to a Remote Command Execution attack | 2025-12-03T14:35:24.382Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21344 | XStream is vulnerable to an Arbitrary Code Execution attack | 2025-12-03T14:35:22.678Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21343 | XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights | 2025-12-03T14:35:21.073Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21342 | A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host | 2025-12-03T14:35:19.481Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2021-21341 | XStream can cause a Denial of Service | 2025-12-03T14:35:17.881Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2020-26217 | Remote Code Execution in XStream | 2025-12-03T14:35:16.352Z | 2025-12-03T15:08:24.036Z |
| bit-activemq-2020-1941 | 2025-12-03T14:35:14.779Z | 2025-12-03T15:08:24.036Z | |
| bit-activemq-2020-13947 | 2025-12-03T14:35:13.393Z | 2025-12-03T15:08:24.036Z | |
| bit-activemq-2020-13920 | 2025-12-03T14:35:12.171Z | 2025-12-03T15:08:24.036Z | |
| bit-activemq-2020-11998 | 2025-12-03T14:35:10.504Z | 2025-12-03T15:08:24.036Z | |
| bit-gitlab-2025-9825 | Missing Authorization in GitLab | 2025-11-25T18:25:02.547Z | 2025-12-03T12:08:06.927Z |
| bit-flux-2022-39272 | Flux2 vulnerable to Denial of Service due to Improper use of metav1.Duration | 2025-12-02T17:37:01.043Z | 2025-12-02T18:06:28.296Z |
| bit-flux-2022-36049 | Flux2 Helm Controller denial of service | 2025-12-02T17:36:59.799Z | 2025-12-02T18:06:28.296Z |
| bit-flux-2022-36035 | Flux CLI Workload Injection | 2025-12-02T17:36:58.339Z | 2025-12-02T18:06:28.296Z |
| bit-flux-2022-24878 | Improper path handling in Kustomization files allows for denial of service | 2025-12-02T17:36:56.954Z | 2025-12-02T18:06:28.296Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2021-040 | 2021-09-22T17:26:12.000Z | 2023-08-11T16:55:39.000Z | |
| drupal-contrib-2021-039 | 2021-09-22T17:26:04.000Z | 2023-08-11T16:55:33.000Z | |
| drupal-contrib-2021-038 | 2021-09-22T17:25:50.000Z | 2023-08-11T16:54:48.000Z | |
| drupal-contrib-2021-037 | 2021-09-22T17:17:05.000Z | 2023-08-11T16:54:22.000Z | |
| drupal-contrib-2021-036 | 2021-09-22T17:12:02.000Z | 2023-08-11T16:53:25.000Z | |
| drupal-contrib-2021-035 | 2021-09-22T17:09:11.000Z | 2023-08-11T16:51:09.000Z | |
| drupal-contrib-2021-047 | 2021-12-22T17:47:54.000Z | 2023-08-11T16:49:16.000Z | |
| drupal-contrib-2021-045 | 2021-12-08T18:02:44.000Z | 2023-08-11T16:48:31.000Z | |
| drupal-contrib-2021-044 | 2021-11-17T15:45:07.000Z | 2023-08-11T16:47:14.000Z | |
| drupal-contrib-2022-006 | 2022-01-25T18:35:55.000Z | 2023-08-11T14:56:17.000Z | |
| drupal-contrib-2022-001 | 2022-01-05T17:06:22.000Z | 2023-08-11T14:06:56.000Z | |
| drupal-contrib-2022-002 | 2022-01-05T17:12:29.000Z | 2023-08-11T14:06:15.000Z | |
| drupal-contrib-2022-004 | 2022-01-19T15:33:50.000Z | 2023-08-11T14:04:07.000Z | |
| drupal-contrib-2022-005 | 2022-01-25T18:35:09.000Z | 2023-08-11T14:03:48.000Z | |
| drupal-contrib-2022-009 | 2022-01-25T18:36:37.000Z | 2023-08-11T14:02:59.000Z | |
| drupal-contrib-2022-015 | 2022-01-25T18:39:13.000Z | 2023-08-11T14:02:31.000Z | |
| drupal-contrib-2022-008 | 2022-01-25T18:36:22.000Z | 2023-08-11T14:01:01.000Z | |
| drupal-contrib-2022-017 | 2022-01-25T18:39:38.000Z | 2023-08-11T13:56:08.000Z | |
| drupal-contrib-2022-012 | 2022-01-25T18:37:20.000Z | 2023-08-11T13:55:41.000Z | |
| drupal-contrib-2022-026 | 2022-02-23T17:10:52.000Z | 2023-08-11T13:50:17.000Z | |
| drupal-contrib-2022-025 | 2022-02-16T17:07:35.000Z | 2023-08-11T13:49:36.000Z | |
| drupal-contrib-2022-024 | 2022-02-09T15:20:08.000Z | 2023-08-11T13:49:13.000Z | |
| drupal-contrib-2022-023 | 2022-02-09T15:17:56.000Z | 2023-08-11T13:48:49.000Z | |
| drupal-contrib-2022-014 | 2022-01-26T17:18:11.000Z | 2023-08-11T13:48:18.000Z | |
| drupal-contrib-2022-021 | 2022-01-25T18:41:04.000Z | 2023-08-11T13:47:07.000Z | |
| drupal-contrib-2022-018 | 2022-01-25T18:39:50.000Z | 2023-08-11T13:46:46.000Z | |
| drupal-contrib-2022-036 | 2022-05-04T16:11:07.000Z | 2023-08-10T21:43:53.000Z | |
| drupal-contrib-2022-035 | 2022-05-04T16:06:53.000Z | 2023-08-10T21:43:30.000Z | |
| drupal-contrib-2022-032 | 2022-03-30T18:23:29.000Z | 2023-08-10T21:41:21.000Z | |
| drupal-contrib-2022-029 | 2022-03-09T18:57:52.000Z | 2023-08-10T21:39:44.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-000022 | AttacheCase may insecurely load Dynamic Link Libraries | 2022-03-30T14:00+09:00 | 2024-06-21T11:42+09:00 |
| jvndb-2022-001387 | Installer of WPS Office for Windows misconfigures the ACL for the installation directory | 2022-03-09T12:30+09:00 | 2024-06-21T11:37+09:00 |
| jvndb-2022-001384 | Multiple vulnerabilities in OMRON CX-Programmer | 2022-03-08T15:56+09:00 | 2024-06-21T11:32+09:00 |
| jvndb-2023-000008 | Pgpool-II vulnerable to information disclosure | 2023-01-23T16:35+09:00 | 2024-06-20T17:54+09:00 |
| jvndb-2022-000024 | Zero-channel BBS Plus vulnerable to cross-site scripting | 2022-03-30T15:36+09:00 | 2024-06-20T17:34+09:00 |
| jvndb-2022-000019 | pfSense-pkg-WireGuard vulnerable to directory traversal | 2022-03-03T15:08+09:00 | 2024-06-20T16:51+09:00 |
| jvndb-2022-000018 | MarkText vulnerable to cross-site scripting | 2022-03-03T14:40+09:00 | 2024-06-20T16:46+09:00 |
| jvndb-2022-000046 | Gitlab vulnerable to server-side request forgery | 2022-06-17T12:26+09:00 | 2024-06-20T15:39+09:00 |
| jvndb-2024-003645 | Multiple vulnerabilities in multiple Trend Micro products | 2024-06-20T14:59+09:00 | 2024-06-20T14:59+09:00 |
| jvndb-2022-000027 | Hammock AssetView missing authentication for critical functions | 2022-04-22T13:53+09:00 | 2024-06-20T12:15+09:00 |
| jvndb-2022-000037 | Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS) | 2022-05-20T17:04+09:00 | 2024-06-20T12:09+09:00 |
| jvndb-2022-001923 | Multiple vulnerabilities in CONTEC SolarView Compact | 2022-05-27T15:28+09:00 | 2024-06-20T11:34+09:00 |
| jvndb-2022-001795 | Command injection vulnerability in QNAP VioStar series NVR | 2022-05-12T18:07+09:00 | 2024-06-20T11:31+09:00 |
| jvndb-2024-000065 | "ZOZOTOWN" App for Android fails to restrict custom URL schemes properly | 2024-06-19T16:04+09:00 | 2024-06-19T16:04+09:00 |
| jvndb-2022-000029 | KOYO Electronics Screen Creator Advance2 vulnerable to authentication bypass | 2022-05-09T14:43+09:00 | 2024-06-19T16:03+09:00 |
| jvndb-2022-000028 | Multiple vulnerabilities in multiple MEIKYO ELECTRIC products | 2022-05-09T14:31+09:00 | 2024-06-19T15:55+09:00 |
| jvndb-2024-000064 | WordPress plugin "SiteGuard WP Plugin" may leak the customized path to the login page | 2024-06-19T14:25+09:00 | 2024-06-19T14:25+09:00 |
| jvndb-2022-001809 | Trend Micro Password Manager vulnerable to privilege escalation | 2022-05-24T15:27+09:00 | 2024-06-18T17:52+09:00 |
| jvndb-2022-000032 | Installer of Trend Micro Password Manager may insecurely load Dynamic Link Libraries | 2022-05-11T15:21+09:00 | 2024-06-18T17:46+09:00 |
| jvndb-2022-000039 | RevoWorks incomplete filtering of MS Office v4 macros | 2022-05-27T16:09+09:00 | 2024-06-18T16:31+09:00 |
| jvndb-2022-001948 | Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service | 2022-06-03T12:17+09:00 | 2024-06-18T16:30+09:00 |
| jvndb-2022-001931 | Multiple vulnerabilities in Fuji Electric V-SFT, V-Server and V-Server Lite | 2022-05-27T15:37+09:00 | 2024-06-18T16:28+09:00 |
| jvndb-2022-000038 | WordPress plugin "WP Statistics" vulnerable to cross-site scripting | 2022-05-24T15:00+09:00 | 2024-06-18T15:41+09:00 |
| jvndb-2022-000031 | GENEREX RCCMD vulnerable to directory traversal | 2022-05-10T15:47+09:00 | 2024-06-18T15:35+09:00 |
| jvndb-2024-000061 | Multiple vulnerabilities in Ricoh Streamline NX PC Client | 2024-06-18T14:56+09:00 | 2024-06-18T14:56+09:00 |
| jvndb-2022-001929 | Multiple vulnerabilities in Fuji Electric V-SFT | 2022-05-27T15:39+09:00 | 2024-06-18T13:44+09:00 |
| jvndb-2024-000063 | Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR | 2024-06-18T13:43+09:00 | 2024-06-18T13:43+09:00 |
| jvndb-2022-000034 | EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery | 2022-05-13T16:31+09:00 | 2024-06-18T12:13+09:00 |
| jvndb-2022-000036 | Multiple vulnerabilities in Rakuten Casa | 2022-05-19T15:13+09:00 | 2024-06-18T12:09+09:00 |
| jvndb-2022-000053 | Django Extract and Trunc functions vulnerable to SQL injection | 2022-07-12T13:47+09:00 | 2024-06-18T11:57+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-06986 | WordPress Short Link plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06985 | WordPress Shipping Rate By Cities plugin SQL注入漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06984 | WordPress SearchWiz plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06913 | WordPress Responsive Accordion Slider plugin未经授权的数据修改漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06912 | WordPress LinkedIn SC plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06911 | WordPress Kunze Law plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06910 | WordPress Internal Link Builder plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06909 | WordPress Gotham Block Extra Light plugin路径遍历漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06908 | WordPress Gotham Block Extra Light plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06907 | WordPress GetContentFromURL plugin服务端请求伪造漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06906 | WordPress Float Payment Gateway plugin未经授权的数据修改漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06905 | WordPress Flat Shipping Rate by City for WooCommerce plugin SQL注入漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06904 | WordPress Electric Studio Download Counter plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06903 | WordPress Aplazo Payment Gateway plugin缺少权限漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06902 | WordPress AJS Footnotes plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06831 | D-Link DIR-823G操作系统命令注入漏洞 | 2022-04-01 | 2026-01-23 |
| cnvd-2026-06830 | D-Link DIR-823G密码重置漏洞 | 2023-06-30 | 2026-01-23 |
| cnvd-2026-06829 | D-Link DIR-823G URL字段缓冲区溢出漏洞 | 2023-07-03 | 2026-01-23 |
| cnvd-2026-06828 | D-Link DIR-823G HostName字段缓冲区溢出漏洞 | 2023-07-03 | 2026-01-23 |
| cnvd-2026-06827 | D-Link DIR-823G堆栈缓冲区溢出漏洞 | 2023-09-25 | 2026-01-23 |
| cnvd-2026-06826 | D-Link DIR-823G SetWifiDownSettings函数栈缓冲区溢出漏洞 | 2023-09-25 | 2026-01-23 |
| cnvd-2026-06825 | D-Link DIR-823G空指针取消引用漏洞 | 2024-05-07 | 2026-01-23 |
| cnvd-2026-06824 | D-Link DIR-823G信息泄露漏洞 | 2024-09-11 | 2026-01-23 |
| cnvd-2026-06823 | D-Link DIR-823G命令注入漏洞 | 2025-11-18 | 2026-01-23 |
| cnvd-2026-06813 | D-Link DWR-M920 sub_41C7FC函数缓冲区溢出漏洞 | 2025-11-24 | 2026-01-23 |
| cnvd-2026-06812 | D-Link DWR-M920 sub_423848函数缓冲区溢出漏洞 | 2026-01-14 | 2026-01-23 |
| cnvd-2026-06811 | D-Link DWR-M920 sub_464794函数缓冲区溢出漏洞 | 2026-01-14 | 2026-01-23 |
| cnvd-2026-06810 | D-Link DWR-M920命令注入漏洞 | 2026-01-14 | 2026-01-23 |
| cnvd-2026-06809 | D-Link DWR-M920 sub_42261C函数堆栈缓冲区溢出漏洞 | 2026-01-14 | 2026-01-23 |
| cnvd-2026-06604 | 上海锐昉科技有限公司RB企业管理系统存在SQL注入漏洞 | 2025-11-25 | 2026-01-23 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2025-12301 | Уязвимость библиотеки Perl для поиска файлов File::Find::Rule, позволяющая нарушителю пол… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12300 | Уязвимость ядра операционной системы Linux, связанная с выделением неограниченной памяти,… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12298 | Уязвимость компонента iwlwifi ядра операционной системы Linux, позволяющая нарушителю выз… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12294 | Уязвимость компонента powerpc/code-patching ядра операционной системы Linux, позволяющая … | 28.09.2025 | 16.02.2026 |
| bdu:2025-12290 | Уязвимость компонента qibfs ядра операционной системы Linux, позволяющая нарушителю вызва… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12288 | Уязвимость компонента genirq/msi ядра операционной системы Linux, позволяющая нарушителю … | 28.09.2025 | 16.02.2026 |
| bdu:2025-12285 | Уязвимость компонента umem_odp.c ядра операционной системы Linux, позволяющая нарушителю … | 28.09.2025 | 16.02.2026 |
| bdu:2025-12283 | Уязвимость функции btrfs_dec_ref() ядра операционной системы Linux, позволяющая нарушител… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12282 | Уязвимость компонента net_sched ядра операционной системы Linux, позволяющая нарушителю в… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12281 | Уязвимость компонента x86/mm ядра операционной системы Linux, позволяющая нарушителю вызв… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12278 | Уязвимость ядра операционной системы Linux, связанная с некорректным вычислением, позволя… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12277 | Уязвимость функции __legitimize_mnt() компонента fs/namespace.c ядра операционной системы… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12276 | Уязвимость компонента acpi ядра операционной системы Linux, позволяющая нарушителю вызват… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12275 | Уязвимость компонента chip.c ядра операционной системы Linux, позволяющая нарушителю вызв… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12274 | Уязвимость функции demangle_const компонента libiberty/rust-demangle.c компилятора GCC, п… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12273 | Уязвимость компонента mtk_star_emac.c ядра операционной системы Linux, позволяющая наруши… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12272 | Уязвимость компонента filter.c ядра операционной системы Linux, позволяющая нарушителю вы… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12271 | Уязвимость компонента btrfs ядра операционной системы Linux, позволяющая нарушителю вызва… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12270 | Уязвимость компонента memcg ядра операционной системы Linux, позволяющая нарушителю вызва… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12261 | Уязвимость компонента f_midi ядра операционной системы Linux, позволяющая нарушителю вызв… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12260 | Уязвимость компонента mhi ядра операционной системы Linux, позволяющая нарушителю вызвать… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12257 | Уязвимость ядра операционной системы Linux, связанная с недостаточной блокировкой, позвол… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12256 | Уязвимость компонентов xenbus ядра операционной системы Linux, позволяющая нарушителю вы… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12255 | Уязвимость функции ReadRequestFromClient компонента os/io.c реализации протокола Wayland … | 28.09.2025 | 16.02.2026 |
| bdu:2025-12254 | Уязвимость ядра операционной системы Linux, связанная с ошибками инициализации памяти, по… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12253 | Уязвимость ядра операционной системы Linux, связанная с ошибками инициализации памяти, по… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12252 | Уязвимость компонента mlxreg ядра операционной системы Linux, позволяющая нарушителю оказ… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12248 | Уязвимость компонента KVM ядра операционной системы Linux, позволяющая нарушителю вызвать… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12246 | Уязвимость компонента dispc.c ядра операционной системы Linux, позволяющая нарушителю пол… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12245 | Уязвимость компонента nfs4state.c ядра операционной системы Linux, позволяющая нарушителю… | 28.09.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-1001 | Multiples vulnérabilités dans Elastic Kibana | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-1000 | Multiples vulnérabilités dans les produits Splunk | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-0999 | Vulnérabilité dans les produits Symfony | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-0998 | Multiples vulnérabilités dans les produits Microsoft | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0997 | Multiples vulnérabilités dans Microsoft Azure | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0996 | Multiples vulnérabilités dans Microsoft Windows | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0995 | Multiples vulnérabilités dans Microsoft Office | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0994 | Multiples vulnérabilités dans Microsoft Edge | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0993 | Multiples vulnérabilités dans les produits Intel | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0992 | Multiples vulnérabilités dans Apache OpenOffice | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0991 | Multiples vulnérabilités dans les produits Mozilla | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0990 | Vulnérabilité dans Google Chrome | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0989 | Vulnérabilité dans Nagios XI | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0988 | Vulnérabilité dans Ivanti Endpoint Manager (EPM) | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0987 | Vulnérabilité dans les produits Citrix | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0986 | Vulnérabilité dans Schneider Electric EcoStruxure | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0985 | Multiples vulnérabilités dans les produits Axis | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0984 | Vulnérabilité dans Bitdefender Endpoint Security Tools pour Mac | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0983 | Vulnérabilité dans Synology BeeStation | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0982 | Multiples vulnérabilités dans les produits SAP | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0981 | Multiples vulnérabilités dans les produits Qnap | 2025-11-10T00:00:00.000000 | 2025-11-10T00:00:00.000000 |
| certfr-2025-avi-0980 | Multiples vulnérabilités dans les produits IBM | 2025-11-07T00:00:00.000000 | 2025-11-07T00:00:00.000000 |
| certfr-2025-avi-0979 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-11-07T00:00:00.000000 | 2025-11-07T00:00:00.000000 |
| certfr-2025-avi-0978 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-11-07T00:00:00.000000 | 2025-11-07T00:00:00.000000 |
| certfr-2025-avi-0977 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-11-07T00:00:00.000000 | 2025-11-07T00:00:00.000000 |
| certfr-2025-avi-0976 | Multiples vulnérabilités dans Microsoft Edge | 2025-11-07T00:00:00.000000 | 2025-11-07T00:00:00.000000 |
| certfr-2025-avi-0975 | Vulnérabilité dans Elastic Defend | 2025-11-07T00:00:00.000000 | 2025-11-07T00:00:00.000000 |
| certfr-2025-avi-0974 | Multiples vulnérabilités dans Apple iOS et iPadOS | 2025-11-06T00:00:00.000000 | 2025-11-06T00:00:00.000000 |
| certfr-2025-avi-0973 | Multiples vulnérabilités dans Google Chrome | 2025-11-06T00:00:00.000000 | 2025-11-06T00:00:00.000000 |
| certfr-2025-avi-0972 | Multiples vulnérabilités dans Suricata | 2025-11-06T00:00:00.000000 | 2025-11-06T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2001-ale-010 | Propagation du ver "Code Blue" | 2001-09-07T00:00:00.000000 | 2001-09-07T00:00:00.000000 |
| certa-2001-ale-008 | Propagation du ver « Code Red » | 2001-07-18T00:00:00.000000 | 2001-08-13T00:00:00.000000 |
| certa-2001-ale-009 | Propagation importante du virus SirCam | 2001-07-24T00:00:00.000000 | 2001-07-26T00:00:00.000000 |
| certa-2001-ale-007 | Propagation d'un ver affectant sadmind et IIS | 2001-05-09T00:00:00.000000 | 2001-05-09T00:00:00.000000 |
| certa-2001-ale-006 | Prolifération en Europe du virus HOMEPAGE | 2001-05-09T00:00:00.000000 | 2001-05-09T00:00:00.000000 |
| certa-2001-ale-005 | Vulnérabilités dans les modems ADSL d'Alcatel | 2001-04-11T00:00:00.000000 | 2001-04-11T00:00:00.000000 |
| certa-2001-ale-004 | Vulnérabilité dans le démon snmpXdmid sous Sun Solaris | 2001-03-30T00:00:00.000000 | 2001-03-30T00:00:00.000000 |
| certa-2001-ale-003 | Prolifération du ver Li0n | 2001-03-26T00:00:00.000000 | 2001-03-26T00:00:00.000000 |
| certa-2001-ale-002 | Risque d'exploitation des ressources partagées sous Windows | 2001-03-26T00:00:00.000000 | 2001-03-26T00:00:00.000000 |
| certa-2001-ale-001 | Propagation du ver Ramen sous Linux. | 2001-01-19T00:00:00.000000 | 2001-01-19T00:00:00.000000 |
| certa-2000-ale-016 | Connexion à Wanadoo | 2000-11-30T00:00:00.000000 | 2000-11-30T00:00:00.000000 |
| certa-2000-ale-015 | Risque d'usurpation de l'identité de Sun Microsystems | 2000-10-25T00:00:00.000000 | 2000-10-25T00:00:00.000000 |
| certa-2000-ale-013 | Virus VBS Quatro-A | 2000-09-18T00:00:00.000000 | 2000-09-18T00:00:00.000000 |
| certa-2000-ale-014 | Vulnérabilité dans la bibliothèque glibc sous Unix | 2000-09-14T00:00:00.000000 | 2000-09-14T00:00:00.000000 |
| certa-2000-ale-012 | Mauvaise compatibilité des scanners de virus avec NTFS | 2000-09-08T00:00:00.000000 | 2000-09-08T00:00:00.000000 |
| certa-2000-ale-001 | Alerte de virus LOVE-LETTER-FOR-YOU | 2000-05-05T00:00:00.000000 | 2000-07-05T00:00:00.000000 |
| certa-2000-ale-011 | Trojan Simpsons | 2000-06-29T00:00:00.000000 | 2000-06-29T00:00:00.000000 |
| certa-2000-ale-010 | Vulnérabilités dans le serveur de fichier wu-ftpd | 2000-06-26T00:00:00.000000 | 2000-06-26T00:00:00.000000 |
| certa-2000-ale-009 | Ver VBS/Stages-A, Mirc/stages-a, pIRC/Stages-A | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| certa-2000-ale-008 | The Serbian Badman Trojan (TSB) | 2000-06-13T00:00:00.000000 | 2000-06-13T00:00:00.000000 |
| certa-2000-ale-007 | Virus VBS/LoveLet-AS | 2000-06-09T00:00:00.000000 | 2000-06-09T00:00:00.000000 |
| certa-2000-ale-006 | Deni de service sous Firewall-1 | 2000-06-08T00:00:00.000000 | 2000-06-08T00:00:00.000000 |
| certa-2000-ale-005 | Virus macro V97M/Resume.A | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| certa-2000-ale-004 | Virus Macro OF97/Cybernet-A | 2000-05-26T00:00:00.000000 | 2000-05-26T00:00:00.000000 |
| certa-2000-ale-003 | « Mesures de performances » de l'Internet | 2000-05-26T00:00:00.000000 | 2000-05-26T00:00:00.000000 |
| certa-2000-ale-002 | Alerte de virus NEWLOVE | 2000-05-19T00:00:00.000000 | 2000-05-19T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2024-1446 | Segv on unknown address in glslang::TIntermediate::addSymbol | 2025-06-06T00:12:59.981959Z | 2025-06-06T00:12:59.982286Z |
| osv-2025-442 | Security exception in org.jsoup.parser.HtmlTreeBuilder.process | 2025-06-06T00:12:40.427852Z | 2025-06-06T00:12:40.428189Z |
| osv-2022-494 | Heap-buffer-overflow in ucl_hash_search | 2022-06-22T00:01:16.539035Z | 2025-06-05T14:39:06.351080Z |
| osv-2025-437 | Heap-buffer-overflow in mmcall | 2025-06-05T00:18:59.402795Z | 2025-06-05T00:18:59.403189Z |
| osv-2025-436 | Security exception in graphql.parser.GraphqlAntlrToLanguage.createNonNullType | 2025-06-05T00:11:24.382209Z | 2025-06-05T00:11:24.382444Z |
| osv-2025-433 | Null-dereference READ in _libssh2_packet_add | 2025-06-05T00:02:57.199903Z | 2025-06-05T00:02:57.200566Z |
| osv-2024-1274 | Segv on unknown address in yara_yyparse | 2024-11-05T00:04:03.220856Z | 2025-06-03T14:42:15.782999Z |
| osv-2024-1205 | Memcpy-param-overlap in repeat | 2024-10-11T00:12:59.211479Z | 2025-06-02T14:22:48.890155Z |
| osv-2025-412 | UNKNOWN WRITE in luaL_newstate | 2025-05-28T00:06:09.320289Z | 2025-05-28T00:06:09.320970Z |
| osv-2025-408 | Heap-buffer-overflow in sav_parse_long_variable_names_record | 2025-05-27T00:12:59.401698Z | 2025-05-27T00:12:59.402180Z |
| osv-2025-406 | Security exception in com.puppycrawl.tools.checkstyle.JavaAstVisitor.getInnerBopAst | 2025-05-27T00:01:44.628210Z | 2025-05-27T00:01:44.628747Z |
| osv-2024-655 | Stack-buffer-overflow in UnrollChunkyBytes | 2024-07-17T00:06:15.877340Z | 2025-05-23T07:44:18.608203Z |
| osv-2025-404 | Use-of-uninitialized-value in JS_FreeRuntime | 2025-05-23T00:14:00.218149Z | 2025-05-23T00:14:00.218494Z |
| osv-2025-401 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2025-05-23T00:07:37.622395Z | 2025-05-23T00:07:37.622817Z |
| osv-2025-396 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2025-05-22T00:16:08.210127Z | 2025-05-22T00:16:08.210510Z |
| osv-2025-384 | Segv on unknown address in rtpp_refcnt_decref | 2025-05-20T00:04:47.616424Z | 2025-05-20T00:04:47.617104Z |
| osv-2024-371 | UNKNOWN READ in jv_array_set | 2024-04-30T00:08:27.982063Z | 2025-05-18T14:24:27.459047Z |
| osv-2025-31 | Heap-buffer-overflow in Assimp::FBXExporter::WriteObjects | 2025-01-15T00:14:05.357161Z | 2025-05-17T14:21:13.704657Z |
| osv-2025-374 | Use-of-uninitialized-value in pcpp::SomeIpSdEntry::SomeIpSdEntry | 2025-05-17T00:16:26.661924Z | 2025-05-17T00:16:26.662355Z |
| osv-2025-371 | Index-out-of-bounds in tcp_analyze_sequence_number | 2025-05-16T00:16:16.300219Z | 2025-05-16T00:16:16.300689Z |
| osv-2022-360 | Invalid-free in igl::MshLoader::~MshLoader | 2022-04-20T00:01:28.065887Z | 2025-05-15T14:37:25.846667Z |
| osv-2020-1807 | UNKNOWN READ in __libcpp_memchr | 2020-09-18T00:00:38.027965Z | 2025-05-15T14:34:05.077689Z |
| osv-2025-369 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2025-05-15T00:19:04.752117Z | 2025-05-15T00:19:04.752522Z |
| osv-2025-368 | Heap-buffer-overflow in __parse_options | 2025-05-15T00:03:04.543640Z | 2025-05-15T00:03:04.544159Z |
| osv-2024-341 | UNKNOWN READ in PointerVector.h | 2024-04-30T00:02:07.034555Z | 2025-05-14T14:20:00.536472Z |
| osv-2024-382 | UNKNOWN READ in pcpp::Packet::destructPacketData | 2024-04-30T00:12:20.588223Z | 2025-05-14T14:16:53.222952Z |
| osv-2023-1259 | Use-of-uninitialized-value in std::__1::__stdoutbuf<char>::xsputn | 2023-12-06T04:45:58.561174Z | 2025-05-14T14:15:48.653022Z |
| osv-2023-1147 | Heap-buffer-overflow in parse_by_block_type | 2023-11-13T13:00:50.800524Z | 2025-05-14T14:15:31.789989Z |
| osv-2020-2285 | Bad-cast to pcpp::Layer from invalid vptr | 2020-12-25T00:01:03.941509Z | 2025-05-14T14:08:11.306127Z |
| osv-2025-363 | Heap-buffer-overflow in jv_string_vfmt | 2025-05-14T00:03:23.388719Z | 2025-05-14T00:03:23.389224Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2024-0007 | Use-after-free when setting the locale | 2024-01-19T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2024-0005 | Unsound sending of non-Send types across threads | 2024-01-07T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2024-0003 | Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS) | 2024-01-17T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2024-0001 | Unsound use of str::from_utf8_unchecked on bytes which are not UTF-8 | 2024-01-13T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0078 | Potential stack use-after-free in `Instrumented::into_inner` | 2023-10-19T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0075 | Unaligned write of u64 on 32-bit and 16-bit platforms | 2023-12-20T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0074 | Some Ref methods are unsound with some type parameters | 2023-12-14T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0072 | `openssl` `X509StoreRef::objects` is unsound | 2023-11-23T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0070 | Insufficient covariance check makes self_cell unsound | 2023-11-10T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0066 | Vulnerable to privilege escalation using ioctls TIOCSTI and TIOCLINUX | 2023-04-29T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0063 | Denial of service in Quinn servers | 2023-09-21T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0062 | BER/CER/DER decoder panics on invalid input | 2023-09-13T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0061 | libwebp: OOB write in BuildHuffmanTable | 2023-09-12T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0060 | libwebp: OOB write in BuildHuffmanTable | 2023-09-12T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0059 | Unaligned read of `*const *const c_char` pointer | 2023-09-10T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0058 | Exposes reference to non-Sync data to an arbitrary thread | 2023-09-10T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2023-0057 | Fails to prohibit standard library access prior to initialization of Rust standard library runtime | 2023-09-10T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2020-0079 | `socket2` invalidly assumes the memory layout of std::net::SocketAddr | 2020-11-06T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2020-0036 | failure is officially deprecated/unmaintained | 2020-05-02T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2018-0020 | Possible use-after-free with `proplist::Iterator` | 2018-12-22T12:00:00Z | 2024-02-10T15:57:43Z |
| rustsec-2024-0009 | Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') | 2024-01-23T12:00:00Z | 2024-01-24T17:00:49Z |
| rustsec-2024-0008 | Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') | 2024-01-23T12:00:00Z | 2024-01-24T17:00:49Z |
| rustsec-2024-0004 | `cosmwasm` is unmaintained | 2024-01-20T12:00:00Z | 2024-01-21T14:51:38Z |
| rustsec-2024-0002 | `serde` deserialization for `FamStructWrapper` lacks bound checks that could potentially lead to out-of-bounds memory access | 2024-01-02T12:00:00Z | 2024-01-14T03:39:46Z |
| rustsec-2023-0076 | `cpython` is unmaintained | 2023-11-14T12:00:00Z | 2023-12-20T22:34:55Z |
| rustsec-2023-0071 | Marvin Attack: potential key recovery through timing sidechannels | 2023-11-22T12:00:00Z | 2023-12-15T14:57:06Z |
| rustsec-2023-0073 | Infinite decoding loop through specially crafted payload | 2023-12-08T12:00:00Z | 2023-12-09T10:05:32Z |
| rustsec-2023-0029 | TLS certificate common name validation bypass | 2023-03-24T12:00:00Z | 2023-11-08T09:57:41Z |
| rustsec-2023-0069 | sudo-rs: Path Traversal vulnerability | 2023-11-01T12:00:00Z | 2023-11-06T12:48:19Z |
| rustsec-2019-0030 | Incorrect implementation of the Streebog hash functions | 2019-10-06T12:00:00Z | 2023-11-02T13:03:48Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2025:19432 | Moderate: xorg-x11-server-Xwayland security update | 2025-11-03T00:00:00Z | 2025-11-07T11:17:51Z |
| alsa-2025:19435 | Moderate: xorg-x11-server-Xwayland security update | 2025-11-03T00:00:00Z | 2025-11-07T11:12:17Z |
| alsa-2025:19440 | Moderate: kernel-rt security update | 2025-11-03T00:00:00Z | 2025-11-07T11:04:50Z |
| alsa-2025:19447 | Moderate: kernel security update | 2025-11-03T00:00:00Z | 2025-11-07T10:53:58Z |
| alsa-2025:19489 | Important: tigervnc security update | 2025-11-03T00:00:00Z | 2025-11-07T10:26:16Z |
| alsa-2025:19566 | Moderate: osbuild-composer security update | 2025-11-04T00:00:00Z | 2025-11-07T10:05:01Z |
| alsa-2025:19572 | Moderate: mariadb:10.5 security update | 2025-11-04T00:00:00Z | 2025-11-07T09:54:08Z |
| alsa-2025:19584 | Moderate: galera and mariadb security update | 2025-11-04T00:00:00Z | 2025-11-07T09:36:35Z |
| alsa-2025:19610 | Important: sssd security update | 2025-11-04T00:00:00Z | 2025-11-07T09:17:41Z |
| alsa-2025:19675 | Important: valkey security update | 2025-11-04T00:00:00Z | 2025-11-07T08:40:54Z |
| alsa-2025:19714 | Important: libsoup security update | 2025-11-04T00:00:00Z | 2025-11-07T08:29:27Z |
| alsa-2025:19772 | Important: qt6-qtsvg security update | 2025-11-05T00:00:00Z | 2025-11-07T08:19:22Z |
| alsa-2025:19793 | Important: bind9.16 security update | 2025-11-05T00:00:00Z | 2025-11-07T08:08:22Z |
| alsa-2025:19835 | Important: bind security update | 2025-11-05T00:00:00Z | 2025-11-07T07:49:33Z |
| alsa-2025:18150 | Important: .NET 9.0 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:55:12Z |
| alsa-2025:18070 | Important: webkit2gtk3 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:51:57Z |
| alsa-2025:18151 | Important: .NET 9.0 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:48:44Z |
| alsa-2025:18152 | Important: .NET 8.0 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:46:41Z |
| alsa-2025:18153 | Important: .NET 9.0 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:44:34Z |
| alsa-2025:19276 | Important: libtiff security update | 2025-10-29T00:00:00Z | 2025-10-31T08:23:09Z |
| alsa-2025:18815 | Moderate: java-1.8.0-openjdk security update | 2025-10-22T00:00:00Z | 2025-10-30T11:04:43Z |
| alsa-2025:19156 | Important: libtiff security update | 2025-10-28T00:00:00Z | 2025-10-30T10:20:53Z |
| alsa-2025:18821 | Moderate: java-17-openjdk security update | 2025-10-22T00:00:00Z | 2025-10-30T07:28:25Z |
| alsa-2025:18824 | Moderate: java-21-openjdk security update | 2025-10-22T00:00:00Z | 2025-10-30T07:10:16Z |
| alsa-2025:19237 | Important: redis security update | 2025-10-29T00:00:00Z | 2025-10-30T07:03:54Z |
| alsa-2025:19238 | Important: redis:6 security update | 2025-10-29T00:00:00Z | 2025-10-30T07:01:24Z |
| alsa-2025:19107 | Important: squid:4 security update | 2025-10-27T00:00:00Z | 2025-10-28T09:25:35Z |
| alsa-2025:19113 | Important: libtiff security update | 2025-10-27T00:00:00Z | 2025-10-28T07:58:42Z |
| alsa-2025:19102 | Moderate: kernel security update | 2025-10-27T00:00:00Z | 2025-10-28T07:55:37Z |
| alsa-2025:19103 | Moderate: kernel-rt security update | 2025-10-27T00:00:00Z | 2025-10-28T07:51:20Z |