Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-27696 |
8.6 (3.1)
|
changedetection.io Vulnerable to Server-Side Request F… |
dgtlmoon |
changedetection.io |
2026-02-25T04:16:22.764Z | 2026-02-25T14:51:16.695Z |
| CVE-2026-27645 |
6.1 (3.1)
|
changedetection.io Vulnerable to Reflected XSS in RSS … |
dgtlmoon |
changedetection.io |
2026-02-25T04:06:58.183Z | 2026-02-25T14:55:58.413Z |
| CVE-2026-27624 |
7.2 (3.1)
|
Coturn: IPv4-mapped IPv6 (::ffff:0:0/96) bypasses deni… |
coturn |
coturn |
2026-02-25T04:04:17.009Z | 2026-02-25T15:09:21.716Z |
| CVE-2026-3149 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
itsourcecode College Management System asign-single-st… |
itsourcecode |
College Management System |
2026-02-25T04:02:18.965Z | 2026-02-25T15:10:12.905Z |
| CVE-2026-3148 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
SourceCodester Simple and Nice Shopping Cart Script si… |
SourceCodester |
Simple and Nice Shopping Cart Script |
2026-02-25T04:02:12.325Z | 2026-02-25T21:14:25.878Z |
| CVE-2026-27597 |
10 (3.1)
|
@enclave-vm/core is vulnerable to Sandbox Escape |
agentfront |
enclave |
2026-02-25T03:56:25.927Z | 2026-02-25T21:13:32.747Z |
| CVE-2026-27641 |
9.8 (3.1)
|
Flask-Reuploaded vulnerable to Remote Code Execution v… |
jugmac00 |
flask-reuploaded |
2026-02-25T03:54:54.391Z | 2026-02-25T21:12:45.608Z |
| CVE-2026-27640 |
8.5 (4.0)
|
tfplan2md has Sensitive Value Exposure in Generated Reports |
oocx |
tfplan2md |
2026-02-25T03:52:26.615Z | 2026-02-25T21:21:08.940Z |
| CVE-2026-27627 |
8.2 (3.1)
|
Karakeep's Reddit plugin content bypasses DOMPurify sa… |
karakeep-app |
karakeep |
2026-02-25T03:48:07.431Z | 2026-02-25T21:20:03.257Z |
| CVE-2026-27639 |
8.5 (4.0)
|
Mercator vulnerable to stored XSS via unescaped Blade … |
dbarzin |
mercator |
2026-02-25T03:44:26.241Z | 2026-02-25T15:20:41.753Z |
| CVE-2026-27636 |
8.8 (3.1)
|
FreeScout: Missing .htaccess in Restricted File Extens… |
freescout-help-desk |
freescout |
2026-02-25T03:41:33.166Z | 2026-02-25T15:25:24.822Z |
| CVE-2026-27637 |
9.8 (3.1)
|
FreeScout's Predictable Authentication Token Enables A… |
freescout-help-desk |
freescout |
2026-02-25T03:41:23.478Z | 2026-02-25T15:21:52.817Z |
| CVE-2026-3147 |
4.8 (4.0)
5.3 (3.1)
5.3 (3.0)
|
libvips csvload.c vips_foreign_load_csv_build heap-bas… |
n/a |
libvips |
2026-02-25T03:32:09.025Z | 2026-02-25T15:32:34.675Z |
| CVE-2026-27743 |
9.3 (4.0)
9.8 (3.1)
|
SPIP referer_spam <= 1.2.1 Unauthenticated SQL Injection |
SPIP |
referer_spam |
2026-02-25T03:08:39.325Z | 2026-02-26T19:55:07.890Z |
| CVE-2026-27744 |
9.3 (4.0)
9.8 (3.1)
|
SPIP tickets < 4.3.3 Unauthenticated RCE |
SPIP |
tickets |
2026-02-25T03:08:24.714Z | 2026-02-26T19:55:34.974Z |
| CVE-2026-27745 |
8.7 (4.0)
8.8 (3.1)
|
SPIP interface_traduction_objets < 2.2.2 Authenticated RCE |
SPIP |
interface_traduction_objets |
2026-02-25T03:08:11.502Z | 2026-02-26T19:56:06.952Z |
| CVE-2026-27746 |
5.1 (4.0)
6.1 (3.1)
|
SPIP jeux < 4.1.1 Reflected XSS via index Parameters |
SPIP |
jeux |
2026-02-25T03:07:57.179Z | 2026-02-26T19:56:32.551Z |
| CVE-2026-27747 |
7.1 (4.0)
6.5 (3.1)
|
SPIP interface_traduction_objets < 2.2.2 Authenticated… |
SPIP |
interface_traduction_objets |
2026-02-25T03:07:44.532Z | 2026-02-26T19:56:56.048Z |
| CVE-2026-3146 |
4.8 (4.0)
3.3 (3.1)
3.3 (3.0)
|
libvips matrixload.c vips_foreign_load_matrix_header n… |
n/a |
libvips |
2026-02-25T03:02:09.172Z | 2026-02-25T15:52:33.882Z |
| CVE-2025-5781 |
5.2 (3.1)
|
Information Exposure Vulnerability in Hitachi Configur… |
Hitachi |
Hitachi Ops Center API Configuration Manager |
2026-02-25T03:01:21.623Z | 2026-02-26T17:00:34.754Z |
| CVE-2026-27632 |
2.6 (3.1)
|
Talishar Vulnerable to Cross-Site Request Forgery (CSRF) |
Talishar |
Talishar |
2026-02-25T02:52:10.061Z | 2026-02-26T21:33:41.129Z |
| CVE-2026-27629 |
5.9 (3.1)
|
InvenTree Vulnerable to Server Side Template Injection… |
inventree |
InvenTree |
2026-02-25T02:48:41.934Z | 2026-02-26T21:33:40.971Z |
| CVE-2026-27628 |
1.2 (4.0)
|
pypdf has a possible infinite loop when loading circul… |
py-pdf |
pypdf |
2026-02-25T02:45:37.543Z | 2026-02-25T15:58:33.339Z |
| CVE-2026-27626 |
10 (3.1)
|
OliveTin vulnerable to OS Command Injection via `passw… |
OliveTin |
OliveTin |
2026-02-25T02:43:08.189Z | 2026-02-25T02:43:08.189Z |
| CVE-2026-27612 |
6.1 (3.1)
|
Repostat Vulnerable to Reflected Cross-Site Scripting … |
denpiligrim |
repostat |
2026-02-25T02:38:05.548Z | 2026-02-26T21:33:40.838Z |
| CVE-2026-27621 |
6.8 (4.0)
|
TypiCMS Core has Stored Cross-Site Scripting (XSS) via… |
TypiCMS |
Core |
2026-02-25T02:36:12.353Z | 2026-02-26T20:59:12.644Z |
| CVE-2026-27615 |
8.8 (4.0)
|
ADB-Explorer: UNC Path Support in ManualAdbPath Leads … |
Alex4SSB |
ADB-Explorer |
2026-02-25T02:33:53.553Z | 2026-02-25T02:33:53.553Z |
| CVE-2026-27614 |
9.3 (3.1)
|
Bugsink is vulnerable to Stored XSS via Pygments fallb… |
bugsink |
bugsink |
2026-02-25T02:31:17.880Z | 2026-02-25T20:01:45.861Z |
| CVE-2026-27611 |
7.1 (4.0)
|
FileBrowser Quantum: Password Protection Not Enforced … |
gtsteffaniak |
filebrowser |
2026-02-25T02:24:48.357Z | 2026-02-25T02:24:48.357Z |
| CVE-2026-27595 |
9.9 (4.0)
|
Parse Dashboard has incomplete authentication on AI Ag… |
parse-community |
parse-dashboard |
2026-02-25T02:21:33.428Z | 2026-02-25T02:21:33.428Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-gxcx-qjqp-8vjw |
5.3 (3.1)
|
ImageMagick has memory leak in msl encoder | 2026-02-24T15:30:54Z | 2026-02-24T15:30:54Z |
| ghsa-xx53-6qqj-gr7w |
9.8 (3.1)
|
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence o… | 2026-02-24T15:30:33Z | 2026-02-25T15:31:37Z |
| ghsa-xqx8-2c6c-9g3g |
4.9 (3.1)
|
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-v5qr-j3c6-xxx2 |
7.5 (3.1)
|
TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cste… | 2026-02-24T15:30:33Z | 2026-02-25T18:31:35Z |
| ghsa-pr9m-7cjw-258w |
4.9 (3.1)
|
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-pq5g-x5q3-3g25 |
4.9 (3.1)
|
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management … | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-mr6q-w873-6jfr |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function Se… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-6pf6-w4c2-rx3f |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code o… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-58j5-qr69-3544 |
6.8 (3.1)
|
The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user aut… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-3q93-28v9-5x6v |
4.9 (3.1)
|
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fi… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-xchm-7954-5wvg |
9.8 (3.1)
|
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-25T15:31:37Z |
| ghsa-wcpx-2xqg-ff43 |
9.8 (3.1)
|
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ghsa-vxjv-c6cq-74m6 |
9.8 (3.1)
|
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148 and … | 2026-02-24T15:30:32Z | 2026-02-25T15:31:37Z |
| ghsa-q6rm-rhj9-jpg5 |
9.8 (3.1)
|
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ghsa-p9gc-q2gc-jc6r |
4.2 (3.1)
|
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-p4fg-vw73-vr29 |
9.8 (3.1)
|
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ghsa-m8jj-q5xq-4qhp |
7.5 (3.1)
|
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This v… | 2026-02-24T15:30:32Z | 2026-02-25T21:31:18Z |
| ghsa-jvc5-7j9r-q4m6 |
9.8 (3.1)
|
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 14… | 2026-02-24T15:30:32Z | 2026-02-25T15:31:37Z |
| ghsa-hwjj-g6g7-p8cf |
9.1 (3.1)
|
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-25T21:31:18Z |
| ghsa-hjq8-wc3q-9xf3 |
9.8 (3.1)
|
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, F… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ghsa-h79p-mfpr-8qm4 |
9.8 (3.1)
|
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T15:30:32Z | 2026-02-25T15:31:37Z |
| ghsa-h4vm-j32v-95qm |
9.8 (3.1)
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-25T21:31:18Z |
| ghsa-gvhp-5j8m-528x |
9.8 (3.1)
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-25T21:31:18Z |
| ghsa-gjwv-rvwj-p62j |
9.8 (3.1)
|
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:34Z |
| ghsa-g9cv-cvhp-755f |
9.8 (3.1)
|
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ghsa-fvj5-5qvq-g8wf |
8.8 (3.1)
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T21:31:45Z |
| ghsa-cgrc-pwqf-64v8 |
9.8 (3.1)
|
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-25T15:31:37Z |
| ghsa-c5fj-xq9f-fjxm |
9.8 (3.1)
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fir… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ghsa-c3q8-4689-m4p6 |
9.8 (3.1)
|
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-25T21:31:18Z |
| ghsa-94rx-4fcc-c849 |
9.8 (3.1)
|
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox … | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2023-234 |
7.5 (3.1)
|
An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via w… | esptool | 2023-11-09T16:15:00Z | 2024-01-02T13:04:16.284694Z |
| pysec-2023-274 |
8.8 (3.1)
|
Label Studio is a multi-type data labeling and annotation tool with standardized output f… | label-studio | 2023-11-09T15:15:00+00:00 | 2024-11-21T14:22:53.173192+00:00 |
| pysec-2023-235 |
7.5 (3.1)
|
An issue was discovered in Couchbase Server 7.2.0. There is a private key leak in debug.l… | couchbase | 2023-11-08T21:15:00Z | 2024-01-03T21:03:33.010228Z |
| pysec-2023-233 |
8.8 (3.1)
|
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif,… | exiv2 | 2023-11-06T18:15:00Z | 2024-01-02T15:20:59.435740Z |
| pysec-2023-227 |
|
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrol… | pillow | 2023-11-03T05:15:00+00:00 | 2023-11-03T10:29:41.505456+00:00 |
| pysec-2023-226 |
|
In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.te… | django | 2023-11-03T05:15:00+00:00 | 2023-11-03T10:29:40.328470+00:00 |
| pysec-2023-225 |
|
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encodi… | django | 2023-11-03T05:15:00+00:00 | 2023-11-03T10:29:40.160394+00:00 |
| pysec-2023-223 |
|
Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attacke… | transmute-core | 2023-11-02T06:15:00+00:00 | 2023-11-02T10:30:07.951105+00:00 |
| pysec-2023-222 |
|
An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.… | django | 2023-11-02T06:15:00+00:00 | 2023-11-02T10:30:06.341485+00:00 |
| pysec-2023-230 |
5.3 (3.1)
|
Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cache… | matrix-synapse | 2023-10-31T17:15:00+00:00 | 2023-11-08T20:24:49.199333+00:00 |
| pysec-2023-224 |
5.3 (3.1)
|
Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc… | twisted | 2023-10-25T21:15:00+00:00 | 2023-11-02T16:33:16.395026+00:00 |
| pysec-2023-228 |
3.3 (3.1)
|
When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip p… | pip | 2023-10-25T18:17:00+00:00 | 2023-11-03T16:28:41.538340+00:00 |
| pysec-2023-221 |
7.5 (3.1)
|
Werkzeug is a comprehensive WSGI web application library. If an upload of a file that sta… | werkzeug | 2023-10-25T18:17:00Z | 2023-11-08T18:38:34.170214Z |
| pysec-2023-220 |
6.5 (3.1)
|
Nautobot is a Network Automation Platform built as a web application atop the Django Pyth… | nautobot | 2023-10-25T18:17:00+00:00 | 2023-11-01T18:30:02.084237+00:00 |
| pysec-2023-218 |
4.3 (3.1)
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Airflo… | apache-airflow | 2023-10-23T19:15:00+00:00 | 2023-10-28T05:24:46.485079+00:00 |
| pysec-2023-211 |
|
views/switch.py in django-grappelli (aka Django Grappelli) before 2.15.2 attempts to prev… | django-grappelli | 2023-10-22T19:15:00+00:00 | 2023-10-22T20:22:30.994719+00:00 |
| pysec-2023-210 |
|
views.py in Wagtail CRX CodeRed Extensions (formerly CodeRed CMS or coderedcms) before 0.… | coderedcms | 2023-10-22T19:15:00+00:00 | 2023-10-22T20:22:30.887585+00:00 |
| pysec-2023-217 |
8.8 (3.1)
|
Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.2.2. | modoboa | 2023-10-20T17:15:00+00:00 | 2023-10-27T20:23:07.873996+00:00 |
| pysec-2023-216 |
5.4 (3.1)
|
Cross-site Scripting (XSS) - DOM in GitHub repository modoboa/modoboa prior to 2.2.2. | modoboa | 2023-10-20T17:15:00+00:00 | 2023-10-27T20:23:07.820957+00:00 |
| pysec-2023-215 |
5.4 (3.1)
|
Cross-site Scripting (XSS) - DOM in GitHub repository modoboa/modoboa prior to 2.2.2. | modoboa | 2023-10-20T17:15:00+00:00 | 2023-10-27T20:23:07.768462+00:00 |
| pysec-2023-214 |
5.4 (3.1)
|
Home assistant is an open source home automation. The audit team’s analyses confirmed tha… | homeassistant | 2023-10-20T00:15:00+00:00 | 2023-10-26T20:24:24.928732+00:00 |
| pysec-2023-229 |
5.4 (3.1)
|
ArchiveBox is an open source self-hosted web archiving system. Any users who are using th… | archivebox | 2023-10-19T22:15:00+00:00 | 2023-11-04T04:27:37.550377+00:00 |
| pysec-2023-213 |
7.5 (3.1)
|
Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive informa… | mycli | 2023-10-19T22:15:00+00:00 | 2023-10-25T22:26:24.480718+00:00 |
| pysec-2023-219 |
2.7 (3.1)
|
Wagtail is an open source content management system built on Django. A user with a limite… | wagtail | 2023-10-19T19:15:00+00:00 | 2023-10-31T20:23:51.857051+00:00 |
| pysec-2023-205 |
|
LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because… | langchain | 2023-10-19T05:15:00+00:00 | 2023-10-19T10:33:05.150766+00:00 |
| pysec-2023-212 |
4.2 (3.1)
|
urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't re… | urllib3 | 2023-10-17T20:15:00+00:00 | 2023-10-25T18:28:34.811764+00:00 |
| pysec-2023-206 |
7.5 (3.1)
|
NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0. | selenium | 2023-10-15T23:15:00+00:00 | 2023-10-19T12:51:06.907613+00:00 |
| pysec-2023-207 |
6.1 (3.1)
|
urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cros… | urllib3 | 2023-10-15T19:15:00+00:00 | 2023-10-19T16:33:01.297810+00:00 |
| pysec-2023-204 |
4.3 (3.1)
|
Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an … | apache-airflow | 2023-10-14T10:15:00+00:00 | 2023-10-18T20:24:08.594791+00:00 |
| pysec-2023-203 |
6.5 (3.1)
|
Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows… | apache-airflow | 2023-10-14T10:15:00+00:00 | 2023-10-18T20:24:08.541134+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-667 | Malicious code in typed-document-node (npm) | 2026-02-03T03:57:51Z | 2026-02-06T03:05:27Z |
| mal-2026-666 | Malicious code in transform-react-display-name (npm) | 2026-02-03T03:57:51Z | 2026-02-06T03:05:27Z |
| mal-2026-665 | Malicious code in transform-exponentiation-operator (npm) | 2026-02-03T03:57:51Z | 2026-02-06T03:05:27Z |
| mal-2026-664 | Malicious code in transform-es2015-modules-amd (npm) | 2026-02-03T03:57:51Z | 2026-02-06T03:05:27Z |
| mal-2026-663 | Malicious code in transform-async-generator-functions (npm) | 2026-02-03T03:57:51Z | 2026-02-06T03:05:27Z |
| mal-2026-661 | Malicious code in netlify-project-helper (npm) | 2026-02-03T03:54:05Z | 2026-02-06T03:05:25Z |
| mal-2026-660 | Malicious code in dns-troubleshoot-toolkit-xyz123 (npm) | 2026-02-03T03:54:05Z | 2026-02-06T03:05:23Z |
| mal-2026-669 | Malicious code in vite-ui-components (npm) | 2026-02-03T03:42:39Z | 2026-02-06T03:05:27Z |
| mal-2026-658 | Malicious code in ansi-universal-ui (npm) | 2026-02-03T03:42:39Z | 2026-02-06T03:05:22Z |
| mal-2026-659 | Malicious code in atg-atgse (npm) | 2026-02-03T03:27:31Z | 2026-02-06T03:05:22Z |
| mal-2026-662 | Malicious code in researchpoc (npm) | 2026-02-03T03:25:19Z | 2026-02-06T03:05:26Z |
| mal-2026-657 | Malicious code in react-dnd-legacy-html5-backend (npm) | 2026-02-03T02:23:48Z | 2026-02-06T03:05:26Z |
| mal-2026-656 | Malicious code in jshint-groups (npm) | 2026-02-03T01:59:02Z | 2026-02-06T03:05:24Z |
| mal-2026-655 | Malicious code in pipeline-poision-test (PyPI) | 2026-02-02T21:53:29Z | 2026-02-02T21:53:29Z |
| mal-2026-651 | Malicious code in cat-admin-tool (PyPI) | 2026-02-02T14:44:25Z | 2026-02-02T14:44:25Z |
| mal-2026-652 | Malicious code in chia-pool-reference (PyPI) | 2026-02-02T14:43:22Z | 2026-02-02T14:43:22Z |
| mal-2026-653 | Malicious code in credit-decision-metrics (PyPI) | 2026-02-02T14:42:50Z | 2026-02-02T14:42:50Z |
| mal-2026-654 | Malicious code in zabitog (PyPI) | 2026-02-02T14:41:04Z | 2026-02-02T14:41:04Z |
| mal-2026-650 | Malicious code in tableapy (PyPI) | 2026-02-02T12:56:55Z | 2026-02-02T12:56:55Z |
| mal-2026-649 | Malicious code in callapirequests (PyPI) | 2026-02-02T09:08:10Z | 2026-02-02T09:08:10Z |
| mal-2026-646 | Malicious code in picking-miniapp (npm) | 2026-02-02T08:30:53Z | 2026-02-02T18:50:26Z |
| mal-2026-647 | Malicious code in react-native-expofp (npm) | 2026-02-02T08:30:15Z | 2026-02-02T18:50:26Z |
| mal-2026-644 | Malicious code in dise-pkt (npm) | 2026-02-02T08:29:38Z | 2026-02-02T18:50:24Z |
| mal-2026-643 | Malicious code in @hemanshu_patil/xcode-windows-x64 (npm) | 2026-02-02T08:28:43Z | 2026-02-02T18:50:22Z |
| mal-2026-642 | Malicious code in @hemanshu_patil/xcode (npm) | 2026-02-02T08:28:43Z | 2026-02-02T18:50:22Z |
| mal-2026-648 | Malicious code in yazxzpedia (npm) | 2026-02-02T08:27:24Z | 2026-02-02T18:50:28Z |
| mal-2026-645 | Malicious code in libsignal-yazxzpedia (npm) | 2026-02-02T08:27:24Z | 2026-02-02T18:50:25Z |
| mal-2026-641 | Malicious code in connections-api-requests (PyPI) | 2026-02-02T06:54:40Z | 2026-02-02T06:54:40Z |
| mal-2026-640 | Malicious code in connections-api-request (PyPI) | 2026-02-02T06:52:24Z | 2026-02-02T06:52:24Z |
| mal-2026-639 | Malicious code in connection-api-requests (PyPI) | 2026-02-02T06:49:31Z | 2026-02-02T06:49:31Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-redis-2025-48367 | Redis DoS Vulnerability due to bad connection error handling | 2025-10-16T12:07:00.720Z | 2025-10-16T12:31:38.153Z |
| bit-redis-2025-32023 | Redis allows out of bounds writes in hyperloglog commands leading to RCE | 2025-10-16T12:06:41.782Z | 2026-02-05T09:10:30.960Z |
| bit-keydb-2025-48367 | Redis DoS Vulnerability due to bad connection error handling | 2025-10-16T12:00:55.638Z | 2025-10-16T12:31:38.153Z |
| bit-keydb-2025-32023 | Redis allows out of bounds writes in hyperloglog commands leading to RCE | 2025-10-16T12:00:41.031Z | 2026-02-05T09:10:30.960Z |
| bit-valkey-2025-49844 | Redis Lua Use-After-Free may lead to remote code execution | 2025-10-16T09:19:55.260Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2025-49112 | 2025-10-16T09:19:52.847Z | 2026-02-11T09:09:18.507Z | |
| bit-redis-2025-49844 | Redis Lua Use-After-Free may lead to remote code execution | 2025-10-16T09:18:53.323Z | 2025-11-06T13:25:46.476Z |
| bit-keydb-2025-49844 | Redis Lua Use-After-Free may lead to remote code execution | 2025-10-16T09:12:52.562Z | 2025-11-06T13:25:46.476Z |
| bit-wildfly-2025-23367 | Org.wildfly.core:wildfly-server: wildfly improper rbac permission | 2025-10-15T08:51:55.776Z | 2026-02-11T09:09:18.507Z |
| bit-pytorch-2025-55560 | 2025-10-15T08:50:02.845Z | 2025-10-15T09:08:35.035Z | |
| bit-mastodon-2025-62176 | Mastadon streaming server allows OAuth clients without the `read` scope to subscribe to public channels | 2025-10-15T08:44:06.235Z | 2026-01-08T18:07:34.629Z |
| bit-mastodon-2025-62175 | Mastodon streaming API fails to disconnect disabled and suspended users | 2025-10-15T08:44:04.530Z | 2026-01-08T18:07:34.629Z |
| bit-mastodon-2025-62174 | Mastodon allows continued access after password reset via CLI | 2025-10-15T08:44:02.890Z | 2026-01-08T18:07:34.629Z |
| bit-python-2025-8291 | ZIP64 End of Central Directory (EOCD) Locator record offset not checked | 2025-10-14T09:30:19.669Z | 2025-12-04T12:07:39.656Z |
| bit-python-2024-5642 | Buffer overread when using an empty list with SSLContext.set_npn_protocols() | 2025-10-14T09:29:29.557Z | 2025-10-14T09:53:39.450Z |
| bit-libpython-2025-8291 | ZIP64 End of Central Directory (EOCD) Locator record offset not checked | 2025-10-14T09:25:48.465Z | 2025-12-04T12:07:39.656Z |
| bit-libpython-2024-5642 | Buffer overread when using an empty list with SSLContext.set_npn_protocols() | 2025-10-14T09:24:35.254Z | 2025-10-14T09:53:39.450Z |
| bit-kibana-2025-25018 | Kibana Stored Cross-Site Scripting (XSS) | 2025-10-14T08:43:02.190Z | 2025-11-06T13:25:46.476Z |
| bit-kibana-2025-25017 | Kibana Stored Cross-Site Scripting (XSS) | 2025-10-14T08:43:00.623Z | 2025-11-06T13:25:46.476Z |
| bit-elk-2025-25018 | Kibana Stored Cross-Site Scripting (XSS) | 2025-10-14T08:39:59.187Z | 2025-11-06T13:25:46.476Z |
| bit-elk-2025-25017 | Kibana Stored Cross-Site Scripting (XSS) | 2025-10-14T08:39:57.577Z | 2025-11-06T13:25:46.476Z |
| bit-elasticsearch-2025-37727 | Elasticsearch Insertion of sensitive information in log file | 2025-10-14T08:39:50.514Z | 2025-10-14T09:09:11.030Z |
| bit-gitlab-2025-2934 | Allocation of Resources Without Limits or Throttling in GitLab | 2025-10-11T09:05:29.864Z | 2025-10-21T09:07:40.239Z |
| bit-gitlab-2025-11340 | Incorrect Authorization in GitLab | 2025-10-11T09:04:34.616Z | 2025-10-11T09:07:57.990Z |
| bit-gitlab-2025-10004 | Allocation of Resources Without Limits or Throttling in GitLab | 2025-10-11T09:04:16.301Z | 2025-10-11T09:07:57.990Z |
| bit-ejbca-2025-3027 | Open Redirect vulnerability in EJBCA | 2025-10-10T08:38:43.953Z | 2025-10-10T09:07:15.482Z |
| bit-ejbca-2025-3026 | Improper Neutralization of Special Elements vulnerability in EJBCA | 2025-10-10T08:38:42.126Z | 2025-10-10T09:07:15.482Z |
| bit-kibana-2025-37728 | Kibana Insufficiently Protected Credentials in the CrowdStrike Connector | 2025-10-09T08:43:25.053Z | 2025-10-09T09:08:03.236Z |
| bit-kibana-2025-25009 | Kibana Cross-Site Scripting (XSS) | 2025-10-09T08:43:15.178Z | 2025-11-06T13:25:46.476Z |
| bit-elk-2025-37728 | Kibana Insufficiently Protected Credentials in the CrowdStrike Connector | 2025-10-09T08:40:04.041Z | 2025-10-09T09:08:03.236Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2019-066 | 2019-09-18T15:07:56.000Z | 2023-08-11T18:34:46.000Z | |
| drupal-contrib-2019-065 | 2019-08-21T14:52:51.000Z | 2023-08-11T18:34:31.000Z | |
| drupal-contrib-2019-064 | 2019-08-14T17:33:20.000Z | 2023-08-11T18:34:14.000Z | |
| drupal-contrib-2019-063 | 2019-08-14T17:26:13.000Z | 2023-08-11T18:33:56.000Z | |
| drupal-contrib-2019-062 | 2019-08-14T17:14:00.000Z | 2023-08-11T18:33:31.000Z | |
| drupal-contrib-2019-060 | 2019-07-24T17:36:23.000Z | 2023-08-11T18:32:38.000Z | |
| drupal-contrib-2019-058 | 2019-07-24T16:31:19.000Z | 2023-08-11T18:32:08.000Z | |
| drupal-contrib-2019-055 | 2019-07-10T16:30:00.000Z | 2023-08-11T18:39:41.000Z | |
| drupal-contrib-2019-050 | 2019-05-22T16:29:17.000Z | 2023-08-11T18:37:20.000Z | |
| drupal-contrib-2019-048 | 2019-05-15T17:13:59.000Z | 2023-08-11T18:36:19.000Z | |
| drupal-contrib-2019-047 | 2019-05-15T17:09:57.000Z | 2023-08-11T18:35:51.000Z | |
| drupal-contrib-2019-046 | 2019-05-15T17:07:58.000Z | 2023-08-11T18:46:39.000Z | |
| drupal-contrib-2019-039 | 2019-03-20T13:26:14.000Z | 2023-08-11T18:43:25.000Z | |
| drupal-contrib-2019-033 | 2019-03-06T18:16:22.000Z | 2023-08-11T18:50:05.000Z | |
| drupal-contrib-2019-030 | 2019-02-27T17:28:36.000Z | 2023-08-11T18:48:35.000Z | |
| drupal-contrib-2019-025 | 2019-02-20T17:56:44.000Z | 2023-08-11T18:57:13.000Z | |
| drupal-contrib-2019-024 | 2019-02-20T17:49:58.000Z | 2023-08-11T18:56:41.000Z | |
| drupal-contrib-2019-023 | 2019-02-20T17:47:47.000Z | 2023-08-11T18:56:27.000Z | |
| drupal-contrib-2019-022 | 2019-02-20T17:44:08.000Z | 2023-08-11T18:55:29.000Z | |
| drupal-contrib-2019-021 | 2019-02-20T17:39:43.000Z | 2023-08-11T18:55:05.000Z | |
| drupal-contrib-2019-019 | 2019-02-20T17:37:45.000Z | 2023-08-11T18:53:47.000Z | |
| drupal-contrib-2019-014 | 2019-02-06T18:13:19.000Z | 2023-08-11T19:23:01.000Z | |
| drupal-contrib-2019-013 | 2019-02-06T17:36:06.000Z | 2023-08-11T19:22:41.000Z | |
| drupal-contrib-2019-010 | 2019-01-23T18:22:41.000Z | 2023-08-11T19:00:18.000Z | |
| drupal-contrib-2019-004 | 2019-01-23T17:01:58.000Z | 2023-08-11T19:25:48.000Z | |
| drupal-contrib-2018-081 | 2018-12-19T17:53:49.000Z | 2023-08-11T21:10:49.000Z | |
| drupal-contrib-2018-078 | 2018-12-05T19:24:02.000Z | 2023-08-11T21:09:51.000Z | |
| drupal-contrib-2018-074 | 2018-11-28T17:32:56.000Z | 2023-08-11T21:15:17.000Z | |
| drupal-contrib-2018-073 | 2018-10-31T17:53:57.000Z | 2023-08-11T21:14:25.000Z | |
| drupal-contrib-2018-071 | 2018-10-31T14:59:17.000Z | 2023-08-11T21:13:17.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2024-000905 | Mini Thread vulnerable to cross-site scripting | 2024-03-26T17:43+09:00 | 2024-03-26T17:43+09:00 |
| jvndb-2024-000906 | ffBull vulnerable to OS command injection | 2024-03-26T16:07+09:00 | 2024-03-26T16:07+09:00 |
| jvndb-2024-000900 | "EasyRange" may insecurely load executable files | 2024-03-26T15:50+09:00 | 2024-03-26T15:50+09:00 |
| jvndb-2024-000907 | 0ch BBS Script (0ch) vulnerable to cross-site scripting | 2024-03-26T15:35+09:00 | 2024-03-26T15:35+09:00 |
| jvndb-2024-000902 | TvRock vulnerable to cross-site scripting | 2024-03-26T14:27+09:00 | 2024-03-26T14:27+09:00 |
| jvndb-2024-000904 | WebProxy vulnerable to OS command injection | 2024-03-26T14:19+09:00 | 2024-03-26T14:19+09:00 |
| jvndb-2023-025113 | BUFFALO LinkStation 200 series vulnerable to arbitrary code execution | 2024-03-25T18:16+09:00 | 2024-03-25T18:16+09:00 |
| jvndb-2024-003016 | Multiple vulnerabilities in home gateway HGW BL1500HM | 2024-03-25T17:28+09:00 | 2025-03-28T12:01+09:00 |
| jvndb-2024-000033 | WordPress Plugin "easy-popup-show" vulnerable to cross-site request forgery | 2024-03-25T13:31+09:00 | 2024-03-25T13:31+09:00 |
| jvndb-2024-003008 | Sangoma Technologies CG/MG family driver cg6kwin2k.sys vulnerable to insufficient access control on its IOCTL | 2024-03-22T13:50+09:00 | 2024-04-24T11:45+09:00 |
| jvndb-2024-000032 | Multiple vulnerabilities in FitNesse | 2024-03-18T14:08+09:00 | 2024-03-19T11:02+09:00 |
| jvndb-2024-000031 | "ABEMA" App for Android fails to restrict access permissions | 2024-03-15T16:37+09:00 | 2024-03-15T16:37+09:00 |
| jvndb-2024-002961 | Information Exposure Vulnerability in Cosminexus Component Container | 2024-03-13T12:10+09:00 | 2024-03-13T12:10+09:00 |
| jvndb-2024-000030 | a-blog cms vulnerable to directory traversal | 2024-03-08T15:27+09:00 | 2024-03-08T15:27+09:00 |
| jvndb-2024-002942 | OMRON NJ/NX series vulnerable to path traversal | 2024-03-08T14:16+09:00 | 2024-03-08T14:16+09:00 |
| jvndb-2024-000028 | Multiple vulnerabilities in SKYSEA Client View | 2024-03-07T16:09+09:00 | 2024-07-29T18:13+09:00 |
| jvndb-2024-000027 | FUJIFILM Business Innovation Corp. printers vulnerable to cross-site request forgery | 2024-03-06T18:24+09:00 | 2024-03-06T18:24+09:00 |
| jvndb-2024-000026 | Multiple vulnerabilities in printers and scanners which implement BROTHER Web Based Management | 2024-03-06T18:12+09:00 | 2024-03-06T18:12+09:00 |
| jvndb-2024-000029 | Toyoko Inn official App vulnerable to improper server certificate verification | 2024-03-06T13:53+09:00 | 2024-03-06T13:53+09:00 |
| jvndb-2024-000025 | Protection mechanism failure in RevoWorks | 2024-02-29T15:40+09:00 | 2024-02-29T15:40+09:00 |
| jvndb-2024-000024 | OET-213H-BTS1 missing authorization check in the initial configuration | 2024-02-29T14:59+09:00 | 2024-02-29T14:59+09:00 |
| jvndb-2024-000023 | OpenPNE plugin "opTimelinePlugin" vulnerable to cross-site scripting | 2024-02-29T13:12+09:00 | 2024-02-29T13:12+09:00 |
| jvndb-2024-000022 | Multiple vulnerabilities in baserCMS | 2024-02-27T14:25+09:00 | 2024-02-27T14:25+09:00 |
| jvndb-2024-002831 | ELECOM wireless LAN routers vulnerable to OS command injection | 2024-02-22T08:15+09:00 | 2026-02-04T12:02+09:00 |
| jvndb-2024-002832 | EL Injection Vulnerability in Hitachi Global Link Manager | 2024-02-21T15:53+09:00 | 2024-02-21T15:53+09:00 |
| jvndb-2024-000020 | Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater | 2024-02-20T14:14+09:00 | 2024-11-26T15:26+09:00 |
| jvndb-2024-002560 | Android App "Mopria Print Service" vulnerable to improper intent handling | 2024-02-15T15:26+09:00 | 2024-02-15T15:26+09:00 |
| jvndb-2024-000019 | a-blog cms vulnerable to URL spoofing | 2024-02-15T14:12+09:00 | 2024-02-15T14:12+09:00 |
| jvndb-2024-002050 | Multiple out-of-bounds write vulnerabilities in Canon Office/Small Office Multifunction Printers and Laser Printers | 2024-02-07T15:39+09:00 | 2024-03-08T18:05+09:00 |
| jvndb-2024-001882 | Sharp NEC Display Solutions' public displays vulnerable to local file inclusion | 2024-02-07T14:25+09:00 | 2024-07-11T14:27+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-04232 | Apple macOS Tahoe存在未明漏洞(CNVD-2026-04232) | 2025-12-25 | 2026-01-16 |
| cnvd-2026-04231 | Apple macOS Tahoe拒绝服务漏洞 | 2025-12-25 | 2026-01-16 |
| cnvd-2026-04230 | Apple macOS Tahoe信息泄露漏洞 | 2025-12-25 | 2026-01-16 |
| cnvd-2026-04229 | Apple macOS Tahoe安全绕过漏洞 | 2025-12-25 | 2026-01-16 |
| cnvd-2026-04187 | WordPress插件Download Manager信息泄露漏洞 | 2025-12-25 | 2026-01-16 |
| cnvd-2026-04186 | WordPress插件All In One SEO Pack信息泄露漏洞 | 2025-12-25 | 2026-01-16 |
| cnvd-2026-03178 | Growatt ShineLan-X跨站脚本漏洞(CNVD-2026-0317861) | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03177 | Growatt ShineLan-X跨站脚本漏洞 | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03176 | Growatt ShineLan-X身份验证绕过漏洞(CNVD-2026-0317664) | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03175 | Growatt ShineLan-X身份验证绕过漏洞 | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03174 | Growatt ShineLan-X硬编码漏洞(CNVD-2026-0317468) | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03173 | Growatt ShineLan-X硬编码漏洞 | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03172 | Foxit PDF Editor Cloud跨站脚本漏洞(CNVD-2026-0317271) | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03171 | Foxit PDF Editor Cloud跨站脚本漏洞(CNVD-2026-0317172) | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03170 | Foxit PDF Editor Cloud跨站脚本漏洞(CNVD-2026-0317073) | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03169 | Foxit PDF Editor Cloud跨站脚本漏洞(CNVD-2026-0316975) | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03168 | Foxit PDF Editor Cloud跨站脚本漏洞(CNVD-2026-0316876) | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03167 | Foxit PDF Editor Cloud跨站脚本漏洞(CNVD-2026-0316777) | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03166 | Foxit PDF Editor Cloud跨站脚本漏洞 | 2025-12-25 | 2026-01-09 |
| cnvd-2026-03011 | Mozilla Firefox代码执行漏洞(CNVD-2026-03011) | 2025-12-25 | 2026-01-13 |
| cnvd-2026-02992 | Mozilla Firefox for iOS欺骗漏洞(CNVD-2026-02992) | 2025-12-25 | 2026-01-13 |
| cnvd-2026-02991 | Mozilla Firefox内存错误引用漏洞(CNVD-2026-02991) | 2025-12-25 | 2026-01-13 |
| cnvd-2026-00837 | Online Appointment Booking System clinic参数SQL注入漏洞 | 2025-12-25 | 2026-01-06 |
| cnvd-2026-00836 | ChurchCRM特权提升漏洞 | 2025-12-25 | 2026-01-06 |
| cnvd-2026-00835 | Student File Management System跨站脚本漏洞 | 2025-12-25 | 2026-01-05 |
| cnvd-2026-00834 | Student File Management System user_id参数SQL注入漏洞 | 2025-12-25 | 2026-01-05 |
| cnvd-2026-00833 | Student File Management System update_student.php文件SQL注入漏洞 | 2025-12-25 | 2026-01-05 |
| cnvd-2026-00832 | Student File Management System save_user.php文件SQL注入漏洞 | 2025-12-25 | 2026-01-05 |
| cnvd-2026-00831 | Student File Management System /save_student.php文件SQL注入漏洞 | 2025-12-25 | 2026-01-05 |
| cnvd-2026-00830 | Student File Management System stud_no参数SQL注入漏洞 | 2025-12-25 | 2026-01-05 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01304 | Уязвимость функции bus_error030 () ядра операционной системы Linux, позволяющая нарушител… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01303 | Уязвимость функции ov5675_init_controls() ядра операционной системы Linux, позволяющая на… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01302 | Уязвимость функции adreno_gpu_init() модуля drivers/gpu/drm/msm/adreno/adreno_gpu.c драйв… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01301 | Уязвимость функции ntfs_new_inode() модуля fs/ntfs3/fsntfs.c файловой системы NTFS 3 ядра… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01300 | Уязвимость функции gdlm_put_lock() модуля fs/gfs2/lock_dlm.c файловой системы GFS2 ядра о… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01299 | Уязвимость функции __replace_atomic_write_block() модуля fs/f2fs/segment.c файловой систе… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01298 | Уязвимость функции nonstatic_release_resource_db() модуля drivers/pcmcia/rsrc_nonstatic.c… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01297 | Уязвимость функции isert_wait_conn() модуля drivers/infiniband/ulp/isert/ib_isert.c драйв… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01296 | Уязвимость функции xfrm_state_delete_tunnel() модуля net/xfrm/xfrm_state.c ядра операцион… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01295 | Уязвимость функции kcm_sendmsg() в модуле net/kcm/kcmsock.c реализации сетевых функций яд… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01294 | Уязвимость функции vmw_cmd_dma() модуля drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c драйвера … | 06.02.2026 | 06.02.2026 |
| bdu:2026-01293 | Уязвимость функции ipcomp_free_scratches() модуля net/xfrm/xfrm_ipcomp.c реализации сетев… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01291 | Уязвимость функции dbMount() модуля fs/jfs/jfs_dmap.c файловой системы JFS ядра операцион… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01290 | Уязвимость функции brcmf_fw_alloc_request() модуля drivers/net/wireless/broadcom/brcm8021… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01289 | Уязвимость функции si470x_usb_driver_probe() модуля drivers/media/radio/si470x/radio-si47… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01288 | Уязвимость функций smb_inherit_dacl() и smb_check_perm_dacl() модуля fs/smb/server/smbacl… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01287 | Уязвимость контроллера входящего трафика в кластере Kubernetes ingress-nginx, связанная с… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01286 | Уязвимость функции управления сертификатами веб-интерфейса платформы планирования и прове… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01285 | Уязвимость функции kernfs_remove_by_name_ns() модуля fs/kernfs/dir.c файловой системы ядр… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01284 | Уязвимость платформы для автоматизации рабочих процессов n8n, связанная с недостаточным к… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01283 | Уязвимость функции btrfs_quota_enable() модуля fs/btrfs/qgroup.c файловой системы btrfs я… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01282 | Уязвимость функции dml21_map_dc_state_into_dml_display_cfg() модуля drivers/gpu/drm/amd/d… | 06.02.2026 | 06.02.2026 |
| bdu:2026-01281 | Уязвимость пакетов npm React Router и Remix, связанная с непринятием мер по защите структ… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01280 | Уязвимость функции pinmux_func_name_to_selector() модуля drivers/pinctrl/pinmux.c драйвер… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01279 | Уязвимость расширения vscode-go редактора исходного кода Visual Studio Code, позволяющая … | 05.02.2026 | 05.02.2026 |
| bdu:2026-01278 | Уязвимость функции target_lu_gp_members_show() модуля drivers/target/target_core_configfs… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01277 | Уязвимость функции essiv_aead_crypt() компонента essiv ядра операционной системы Linux, п… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01276 | Уязвимость функции smb_break_all_levII_oplock() модуля fs/smb/server/oplock.c сервера SMB… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01275 | Уязвимость функции rcu_read_unlock_special() модуля kernel/rcu/tree_plugin.h ядра операци… | 05.02.2026 | 05.02.2026 |
| bdu:2026-01274 | Уязвимость PHP-фреймворка Laravel, связанная с непринятием мер по нейтрализации подстанов… | 05.02.2026 | 05.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0970 | Multiples vulnérabilités dans Synacor Zimbra Collaboration | 2025-11-06T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2025-avi-0969 | Multiples vulnérabilités dans les produits VMware | 2025-11-06T00:00:00.000000 | 2025-11-06T00:00:00.000000 |
| certfr-2025-avi-0968 | Multiples vulnérabilités dans les produits Cisco | 2025-11-06T00:00:00.000000 | 2025-11-06T00:00:00.000000 |
| certfr-2025-avi-0967 | Multiples vulnérabilités dans les produits VMware | 2025-11-05T00:00:00.000000 | 2025-11-05T00:00:00.000000 |
| certfr-2025-avi-0966 | Multiples vulnérabilités dans les produits Microsoft | 2025-11-05T00:00:00.000000 | 2025-11-05T00:00:00.000000 |
| certfr-2025-avi-0965 | Multiples vulnérabilités dans MISP | 2025-11-05T00:00:00.000000 | 2025-11-05T00:00:00.000000 |
| certfr-2025-avi-0964 | Vulnérabilité dans Curl | 2025-11-05T00:00:00.000000 | 2025-11-05T00:00:00.000000 |
| certfr-2025-avi-0963 | Multiples vulnérabilités dans Google Android | 2025-11-04T00:00:00.000000 | 2025-11-04T00:00:00.000000 |
| certfr-2025-avi-0962 | Vulnérabilité dans Dovecot | 2025-11-04T00:00:00.000000 | 2025-11-04T00:00:00.000000 |
| certfr-2025-avi-0961 | Multiples vulnérabilités dans les produits Apple | 2025-11-04T00:00:00.000000 | 2025-11-04T00:00:00.000000 |
| certfr-2025-avi-0960 | Multiples vulnérabilités dans VMware Tanzu | 2025-11-04T00:00:00.000000 | 2025-11-04T00:00:00.000000 |
| certfr-2025-avi-0959 | Vulnérabilité dans Python | 2025-11-04T00:00:00.000000 | 2025-11-04T00:00:00.000000 |
| certfr-2025-avi-0958 | Multiples vulnérabilités dans Tenable Identity Exposure | 2025-11-04T00:00:00.000000 | 2025-11-04T00:00:00.000000 |
| certfr-2025-avi-0957 | Multiples vulnérabilités dans Moodle | 2025-11-03T00:00:00.000000 | 2025-11-04T00:00:00.000000 |
| certfr-2025-avi-0956 | Multiples vulnérabilités dans MariaDB | 2025-11-03T00:00:00.000000 | 2025-11-03T00:00:00.000000 |
| certfr-2025-avi-0955 | Multiples vulnérabilités dans Microsoft Edge | 2025-11-03T00:00:00.000000 | 2025-11-03T00:00:00.000000 |
| certfr-2025-avi-0954 | Multiples vulnérabilités dans Liferay | 2025-11-03T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-0953 | Vulnérabilité dans Elastic Cloud Enterprise | 2025-11-03T00:00:00.000000 | 2025-11-03T00:00:00.000000 |
| certfr-2025-avi-0952 | Vulnérabilité dans Mattermost Server | 2025-11-03T00:00:00.000000 | 2025-11-03T00:00:00.000000 |
| certfr-2025-avi-0951 | Multiples vulnérabilités dans Axis OS | 2025-11-03T00:00:00.000000 | 2025-11-03T00:00:00.000000 |
| certfr-2025-avi-0950 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-10-31T00:00:00.000000 | 2025-10-31T00:00:00.000000 |
| certfr-2025-avi-0949 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-10-31T00:00:00.000000 | 2025-10-31T00:00:00.000000 |
| certfr-2025-avi-0948 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-10-31T00:00:00.000000 | 2025-10-31T00:00:00.000000 |
| certfr-2025-avi-0947 | Multiples vulnérabilités dans les produits IBM | 2025-10-31T00:00:00.000000 | 2025-10-31T00:00:00.000000 |
| certfr-2025-avi-0946 | Vulnérabilité dans Sonicwall Secure Mobile Access | 2025-10-31T00:00:00.000000 | 2025-10-31T00:00:00.000000 |
| certfr-2025-avi-0945 | Vulnérabilité dans Qnap NetBak PC Agent | 2025-10-31T00:00:00.000000 | 2025-10-31T00:00:00.000000 |
| certfr-2025-avi-0944 | Vulnérabilité dans Liferay | 2025-10-31T00:00:00.000000 | 2025-10-31T00:00:00.000000 |
| certfr-2025-avi-0943 | Multiples vulnérabilités dans les produits Centreon | 2025-10-31T00:00:00.000000 | 2025-10-31T00:00:00.000000 |
| certfr-2025-avi-0942 | Vulnérabilité dans Dovecot | 2025-10-31T00:00:00.000000 | 2025-10-31T00:00:00.000000 |
| certfr-2025-avi-0941 | Multiples vulnérabilités dans les produits Microsoft | 2025-10-30T00:00:00.000000 | 2025-10-30T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2024-859 | Heap-double-free in libssh2_default_free | 2024-08-16T00:05:16.221580Z | 2024-08-16T00:05:16.221993Z |
| osv-2024-856 | Use-of-uninitialized-value in cups_fill | 2024-08-16T00:05:10.919440Z | 2024-08-16T00:05:10.919721Z |
| osv-2024-853 | UNKNOWN READ in chunk_free_object | 2024-08-16T00:04:58.897243Z | 2025-01-10T05:30:16.360095Z |
| osv-2024-852 | UNKNOWN READ in jvp_object_free | 2024-08-16T00:04:43.641868Z | 2024-08-16T00:04:43.642269Z |
| osv-2024-847 | Null-dereference READ in _libssh2_packet_add | 2024-08-16T00:04:07.189033Z | 2025-02-01T14:27:03.602163Z |
| osv-2024-838 | Bad-cast to RDKit::AtomRDKit::ROMol::initFromOther | 2024-08-16T00:03:32.029853Z | 2026-01-30T14:28:51.040311Z |
| osv-2024-833 | UNKNOWN READ in chunk_free_object | 2024-08-16T00:03:18.896326Z | 2024-08-16T00:03:18.896644Z |
| osv-2024-832 | UNKNOWN READ in Pistache::Http::Header::Expect::parseRaw | 2024-08-16T00:03:13.834235Z | 2025-01-10T05:18:27.558670Z |
| osv-2024-831 | Heap-buffer-overflow in jv_parse | 2024-08-16T00:03:12.871175Z | 2025-03-07T14:24:40.166702Z |
| osv-2024-830 | UNKNOWN READ in ShadingImage::generateAxialBitmap | 2024-08-16T00:03:09.951294Z | 2024-08-16T00:03:09.951596Z |
| osv-2024-828 | Use-of-uninitialized-value in packet_parse | 2024-08-16T00:03:08.665359Z | 2024-08-16T00:03:08.665719Z |
| osv-2024-817 | Use-of-uninitialized-value in pcapint_filter_with_aux_data | 2024-08-16T00:02:39.185747Z | 2025-01-08T14:19:40.985698Z |
| osv-2024-816 | Use-of-uninitialized-value in pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toString | 2024-08-16T00:02:36.618439Z | 2025-12-22T14:21:20.173609Z |
| osv-2024-812 | Use-of-uninitialized-value in pcpp::PcapFileWriterDevice::writePacket | 2024-08-16T00:02:26.387902Z | 2025-12-22T14:21:19.473015Z |
| osv-2024-805 | Use-of-uninitialized-value in pcpp::NflogLayer::parseNextLayer | 2024-08-16T00:02:19.436836Z | 2024-08-16T00:02:19.437200Z |
| osv-2024-801 | UNKNOWN READ in PointerVector.h | 2024-08-16T00:02:10.140304Z | 2025-04-16T14:27:34.855775Z |
| osv-2024-793 | Heap-buffer-overflow in H5HL__fl_deserialize | 2024-08-16T00:01:45.237305Z | 2025-12-31T14:19:11.515108Z |
| osv-2024-792 | Index-out-of-bounds in AAHD::make_ahd_rb_hv | 2024-08-16T00:01:41.357755Z | 2024-08-16T00:01:41.358066Z |
| osv-2024-777 | Global-buffer-overflow in vte_write_debug | 2024-08-16T00:00:55.259153Z | 2024-08-16T00:00:55.259408Z |
| osv-2024-772 | UNKNOWN READ in H5SL_search | 2024-08-16T00:00:44.075617Z | 2025-08-14T14:39:54.764895Z |
| osv-2024-764 | Use-of-uninitialized-value in _cupsStrAlloc | 2024-08-16T00:00:28.318434Z | 2024-08-16T00:00:28.318983Z |
| osv-2024-748 | Security exception in com.github.javaparser.CommentsInserter.insertComments | 2024-08-13T00:04:40.789098Z | 2024-08-13T00:04:40.789448Z |
| osv-2024-747 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-08-13T00:03:34.008550Z | 2024-08-13T00:03:34.008929Z |
| osv-2024-728 | Negative-size-param in pdf_resize_resource_arrays | 2024-08-08T00:09:33.935595Z | 2025-09-09T14:38:01.224913Z |
| osv-2024-719 | Heap-buffer-overflow in hevc_ref_pic_lists_modification | 2024-08-07T00:05:22.699506Z | 2026-02-05T14:31:23.006298Z |
| osv-2024-714 | Segv on unknown address in lwan_request_get_cookie | 2024-08-04T00:01:49.853424Z | 2025-06-17T14:38:11.268036Z |
| osv-2024-698 | Heap-use-after-free in xmlCharEncCloseFunc | 2024-07-31T00:12:19.254629Z | 2025-10-17T14:25:28.517688Z |
| osv-2024-696 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-07-31T00:03:10.056663Z | 2026-02-06T14:17:33.480381Z |
| osv-2024-695 | Stack-buffer-overflow in gf_vvc_parse_nalu_bs | 2024-07-31T00:02:35.217594Z | 2026-02-05T14:30:54.825082Z |
| osv-2024-680 | Security exception in com.github.javaparser.GeneratedJavaParser.Expression | 2024-07-26T00:06:29.761307Z | 2026-01-13T04:46:21.094915Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2023-0026 | Gitoxide has renamed its crates. | 2023-03-14T12:00:00Z | 2023-03-24T15:33:49Z |
| rustsec-2023-0025 | Gitoxide has renamed its crates. | 2023-03-14T12:00:00Z | 2023-03-24T15:33:49Z |
| rustsec-2023-0020 | const-cstr is Unmaintained | 2023-03-12T12:00:00Z | 2023-03-12T18:38:56Z |
| rustsec-2023-0017 | `maligned::align_first` causes incorrect deallocation | 2023-03-04T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0093 | Miscompilation of `i8x16.select` with the same inputs on x86\_64 | 2023-03-03T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2023-0090 | Guest-controlled out-of-bounds read/write on x86\_64 | 2023-03-02T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2023-0015 | Ascii allows out-of-bounds array indexing in safe code | 2023-02-25T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0018 | Race Condition Enabling Link Following and Time-of-check Time-of-use (TOCTOU) | 2023-02-24T12:00:00Z | 2023-03-04T21:50:30Z |
| rustsec-2023-0043 | ftp is unmaintained, use suppaftp instead | 2023-02-20T12:00:00Z | 2023-06-14T13:23:36Z |
| rustsec-2023-0016 | Possible out-of-bounds read in release mode | 2023-02-20T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0081 | safemem is unmaintained | 2023-02-14T12:00:00Z | 2024-03-04T18:47:07Z |
| rustsec-2023-0014 | Miscompilation in cortex-m-rt 0.7.1 and 0.7.2 | 2023-02-13T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0013 | `NULL` dereference during PKCS7 data verification | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0012 | `NULL` dereference validating DSA public key | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0011 | Invalid pointer dereference in `d2i_PKCS7` functions | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0010 | Double free after calling `PEM_read_bio_ex` | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0009 | Use-after-free following `BIO_new_NDEF` | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0008 | X.509 Name Constraints Read Buffer Overflow | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0007 | Timing Oracle in RSA Decryption | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0006 | X.400 address type confusion in X.509 `GeneralName` | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0028 | buf_redux is Unmaintained | 2023-01-24T12:00:00Z | 2023-03-24T15:42:41Z |
| rustsec-2023-0019 | `kuchiki` is unmaintained | 2023-01-21T12:00:00Z | 2023-05-23T20:17:25Z |
| rustsec-2023-0003 | git2 does not verify SSH keys by default | 2023-01-20T12:00:00Z | 2023-01-20T23:06:55Z |
| rustsec-2023-0002 | git2 Rust package suppresses ssh host key checking | 2023-01-12T12:00:00Z | 2023-02-09T03:11:29Z |
| rustsec-2023-0005 | `tokio::io::ReadHalf<T>::unsplit` is Unsound | 2023-01-11T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0004 | bzip2 Denial of Service (DoS) | 2023-01-09T12:00:00Z | 2023-02-04T13:29:07Z |
| rustsec-2023-0001 | reject_remote_clients Configuration corruption | 2023-01-04T12:00:00Z | 2023-02-09T03:11:29Z |
| rustsec-2022-0072 | Location header incorporates user input, allowing open redirect | 2022-12-23T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0073 | crate has been renamed to `embedded-alloc` | 2022-12-21T12:00:00Z | 2022-12-23T16:46:57Z |
| rustsec-2022-0077 | `claim` is Unmaintained | 2022-12-04T12:00:00Z | 2023-02-04T10:58:43Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2025:18286 | Moderate: libssh security update | 2025-10-20T00:00:00Z | 2025-10-20T11:55:49Z |
| alsa-2025:18285 | Important: firefox security update | 2025-10-20T00:00:00Z | 2025-10-20T11:50:28Z |
| alsa-2025:18281 | Moderate: kernel security update | 2025-10-20T00:00:00Z | 2025-10-22T10:16:53Z |
| alsa-2025:18275 | Moderate: libssh security update | 2025-10-16T00:00:00Z | 2025-10-17T08:04:25Z |
| alsa-2025:18231 | Moderate: libssh security update | 2025-10-16T00:00:00Z | 2025-10-16T14:22:59Z |
| alsa-2025:18183 | Important: libsoup3 security update | 2025-10-15T00:00:00Z | 2025-10-16T08:01:45Z |
| alsa-2025:18155 | Important: firefox security update | 2025-10-15T00:00:00Z | 2025-10-20T12:31:42Z |
| alsa-2025:18154 | Important: firefox security update | 2025-10-15T00:00:00Z | 2025-10-20T12:30:08Z |
| alsa-2025:18153 | Important: .NET 9.0 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:44:34Z |
| alsa-2025:18152 | Important: .NET 8.0 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:46:41Z |
| alsa-2025:18151 | Important: .NET 9.0 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:48:44Z |
| alsa-2025:18150 | Important: .NET 9.0 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:55:12Z |
| alsa-2025:18149 | Important: .NET 8.0 security update | 2025-10-15T00:00:00Z | 2025-10-20T12:28:15Z |
| alsa-2025:18148 | Important: .NET 8.0 security update | 2025-10-15T00:00:00Z | 2025-10-20T12:11:02Z |
| alsa-2025:18097 | Important: webkit2gtk3 security update | 2025-10-15T00:00:00Z | 2025-10-23T12:50:53Z |
| alsa-2025:18070 | Important: webkit2gtk3 security update | 2025-10-15T00:00:00Z | 2025-11-03T08:51:57Z |
| alsa-2025:17913 | Moderate: vim security update | 2025-10-14T00:00:00Z | 2025-10-14T13:33:05Z |
| alsa-2025:17812 | Moderate: kernel-rt security update | 2025-10-13T00:00:00Z | 2025-10-14T07:28:37Z |
| alsa-2025:17802 | Important: webkit2gtk3 security update | 2025-10-13T00:00:00Z | 2025-10-14T10:09:21Z |
| alsa-2025:17797 | Moderate: kernel security update | 2025-10-13T00:00:00Z | 2025-10-14T10:15:00Z |
| alsa-2025:17776 | Moderate: kernel security update | 2025-10-13T00:00:00Z | 2025-10-17T09:45:53Z |
| alsa-2025:17760 | Moderate: kernel security update | 2025-10-13T00:00:00Z | 2025-10-16T07:33:20Z |
| alsa-2025:17742 | Moderate: vim security update | 2025-10-13T00:00:00Z | 2025-10-14T13:35:06Z |
| alsa-2025:17715 | Moderate: vim security update | 2025-10-09T00:00:00Z | 2025-10-13T08:30:41Z |
| alsa-2025:17675 | Important: compat-libtiff3 security update | 2025-10-09T00:00:00Z | 2025-10-13T10:06:16Z |
| alsa-2025:17558 | Moderate: iputils security update | 2025-10-08T00:00:00Z | 2025-10-13T08:54:54Z |
| alsa-2025:17509 | Important: open-vm-tools security update | 2025-10-07T00:00:00Z | 2025-10-08T10:29:36Z |
| alsa-2025:17429 | Important: open-vm-tools security update | 2025-10-07T00:00:00Z | 2025-10-08T11:21:49Z |
| alsa-2025:17428 | Important: open-vm-tools security update | 2025-10-07T00:00:00Z | 2025-10-13T08:28:00Z |
| alsa-2025:17415 | Moderate: gnutls security, bug fix, and enhancement update | 2025-10-07T00:00:00Z | 2025-10-08T10:07:51Z |