Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-1144 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
quickjs-ng quickjs Atomics Ops quickjs.c use after free |
quickjs-ng |
quickjs |
2026-01-19T07:32:10.363Z | 2026-02-25T16:46:28.328Z |
| CVE-2026-1145 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
quickjs-ng quickjs quickjs.c js_typed_array_constructo… |
quickjs-ng |
quickjs |
2026-01-19T08:02:08.519Z | 2026-02-25T16:45:03.206Z |
| CVE-2024-51915 |
6.5 (3.1)
|
WordPress LiteSpeed Cache plugin <= 6.5.2 - Cross Site… |
LiteSpeed Technologies |
LiteSpeed Cache |
2026-02-20T15:46:25.475Z | 2026-02-25T16:44:09.359Z |
| CVE-2026-21528 |
6.5 (3.1)
|
Azure IoT Explorer Information Disclosure Vulnerability |
Microsoft |
Azure IoT Explorer |
2026-02-10T17:51:30.773Z | 2026-02-25T16:43:35.894Z |
| CVE-2025-69873 |
2.9 (3.1)
|
ajv (Another JSON Schema Validator) before 8.18.0… |
ajv.js |
ajv |
2026-02-11T00:00:00.000Z | 2026-02-25T16:42:35.482Z |
| CVE-2026-23491 |
9.3 (4.0)
|
InvoicePlane has Unauthenticated Path Traversal in Gue… |
InvoicePlane |
InvoicePlane |
2026-02-18T19:52:26.304Z | 2026-02-25T16:41:34.879Z |
| CVE-2023-5427 |
7.8 (3.1)
|
Mali GPU Kernel Driver allows improper GPU processing … |
Arm Ltd |
Bifrost GPU Kernel Driver |
2023-12-01T10:13:49.299Z | 2026-02-25T16:41:07.193Z |
| CVE-2026-27738 |
6.9 (4.0)
|
Angular SSR has an Open Redirect via X-Forwarded-Prefix |
angular |
angular-cli |
2026-02-25T16:40:44.724Z | 2026-02-25T16:40:44.724Z |
| CVE-2024-54222 |
4.3 (3.1)
|
WordPress Seraphinite Accelerator plugin <= 2.22.15 - … |
Seraphinite Solutions |
Seraphinite Accelerator |
2026-02-20T15:46:25.825Z | 2026-02-25T16:39:20.709Z |
| CVE-2026-2416 |
7.5 (3.1)
|
Geo Mashup <= 1.13.17 - Unauthenticated SQL Injection … |
cyberhobo |
Geo Mashup |
2026-02-25T08:25:31.427Z | 2026-02-25T16:37:56.454Z |
| CVE-2026-1929 |
8.8 (3.1)
|
Advanced Woo Labels <= 2.37 - Authenticated (Contribut… |
mihail-barinov |
Advanced Woo Labels – Product Labels & Badges for WooCommerce |
2026-02-25T08:25:31.823Z | 2026-02-25T16:37:12.800Z |
| CVE-2026-3171 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
SourceCodester/Patrick Mvuma Patients Waiting Area Que… |
SourceCodester |
Patients Waiting Area Queue Management System |
2026-02-25T08:32:07.369Z | 2026-02-25T16:34:51.471Z |
| CVE-2023-49583 |
9.1 (3.1)
|
Escalation of Privileges in SAP BTP Security Services … |
SAP_SE |
@sap/xssec |
2023-12-12T01:22:58.910Z | 2026-02-25T16:34:36.422Z |
| CVE-2023-50422 |
9.1 (3.1)
|
Escalation of Privileges in SAP BTP Security Services … |
SAP_SE |
cloud-security-services-integration-library |
2023-12-12T01:31:17.991Z | 2026-02-25T16:34:36.244Z |
| CVE-2023-50423 |
9.1 (3.1)
|
Escalation of Privileges in SAP BTP Security Services … |
SAP_SE |
sap-xssec |
2023-12-12T01:52:44.999Z | 2026-02-25T16:34:36.085Z |
| CVE-2023-50424 |
9.1 (3.1)
|
Escalation of Privileges in SAP BTP Security Services … |
SAP_SE |
github.com/sap/cloud-security-client-go |
2023-12-12T01:59:36.703Z | 2026-02-25T16:34:35.943Z |
| CVE-2022-47374 |
7.5 (3.1)
|
A vulnerability has been identified in SIMATIC PC… |
Siemens |
SIMATIC PC-Station Plus |
2023-12-12T11:25:31.314Z | 2026-02-25T16:34:35.793Z |
| CVE-2023-46156 |
7.5 (3.1)
|
Affected devices improperly handle specially craf… |
Siemens |
SIMATIC Drive Controller CPU 1504D TF |
2023-12-12T11:27:10.086Z | 2026-02-25T16:34:35.639Z |
| CVE-2023-46284 |
7.5 (3.1)
|
A vulnerability has been identified in Opcenter E… |
Siemens |
Opcenter Execution Foundation |
2023-12-12T11:27:15.737Z | 2026-02-25T16:34:35.352Z |
| CVE-2023-48428 |
7.2 (3.1)
|
A vulnerability has been identified in SINEC INS … |
Siemens |
SINEC INS |
2023-12-12T11:27:19.590Z | 2026-02-25T16:34:35.052Z |
| CVE-2023-48429 |
2.7 (3.1)
|
A vulnerability has been identified in SINEC INS … |
Siemens |
SINEC INS |
2023-12-12T11:27:20.840Z | 2026-02-25T16:34:34.694Z |
| CVE-2023-48430 |
2.7 (3.1)
|
A vulnerability has been identified in SINEC INS … |
Siemens |
SINEC INS |
2023-12-12T11:27:22.091Z | 2026-02-25T16:34:34.289Z |
| CVE-2023-6791 |
4.9 (3.1)
|
PAN-OS: Plaintext Disclosure of External System Integr… |
Palo Alto Networks |
PAN-OS |
2023-12-13T18:30:17.115Z | 2026-02-25T16:34:34.137Z |
| CVE-2023-43586 |
7.3 (3.1)
|
Path traversal in Zoom Desktop Client for Windows… |
Zoom Video Communications, Inc. |
Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows |
2023-12-13T22:17:48.264Z | 2026-02-25T16:34:33.938Z |
| CVE-2023-6407 |
5.3 (3.1)
|
A CWE-22: Improper Limitation of a Pathname to a… |
Schneider Electric |
Easy UPS Online Monitoring Software |
2023-12-14T05:02:30.242Z | 2026-02-25T16:34:33.707Z |
| CVE-2023-6932 |
7.8 (3.1)
|
Use-after-free in Linux kernel's ipv4: igmp component |
Linux |
Kernel |
2023-12-19T14:09:15.662Z | 2026-02-25T16:34:33.461Z |
| CVE-2023-6689 |
8.2 (3.1)
|
Cross-Site Request Forgery in EFACEC BCU 500 |
EFACEC |
BCU 500 |
2023-12-19T23:20:22.195Z | 2026-02-25T16:34:33.296Z |
| CVE-2023-50703 |
6.3 (3.1)
|
Cleartext Transmission of Sensitive Information in EF… |
EFACEC |
UC 500E |
2023-12-19T23:40:49.215Z | 2026-02-25T16:34:33.086Z |
| CVE-2023-50706 |
4.1 (3.1)
|
Improper Access Control in EFACEC UC 500E |
EFACEC |
UC 500E |
2023-12-19T23:47:49.654Z | 2026-02-25T16:34:32.912Z |
| CVE-2023-49084 |
8.1 (3.1)
|
Local File Inclusion (RCE) in Cacti |
Cacti |
cacti |
2023-12-21T23:04:44.219Z | 2026-02-25T16:34:32.758Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-27847 | Due to improper neutralization of special elements, SQL statements can be injected via the handshak… | 2026-02-25T16:23:28.833 | 2026-02-25T16:23:28.833 |
| fkie_cve-2026-27747 | The SPIP interface_traduction_objets plugin versions prior to 2.2.2 contain an authenticated SQL in… | 2026-02-25T04:16:05.493 | 2026-02-25T16:23:28.467 |
| fkie_cve-2026-27746 | The SPIP jeux plugin versions prior to 4.1.1 contain a reflected cross-site scripting (XSS) vulnera… | 2026-02-25T04:16:05.320 | 2026-02-25T16:23:28.243 |
| fkie_cve-2026-27745 | The SPIP interface_traduction_objets plugin versions prior to 2.2.2 contain an authenticated remote… | 2026-02-25T04:16:05.140 | 2026-02-25T16:23:27.983 |
| fkie_cve-2026-27744 | The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vu… | 2026-02-25T04:16:04.973 | 2026-02-25T16:23:27.733 |
| fkie_cve-2026-27743 | The SPIP referer_spam plugin versions prior to 1.3.0 contain an unauthenticated SQL injection vulne… | 2026-02-25T04:16:04.783 | 2026-02-25T16:23:27.480 |
| fkie_cve-2026-27730 | esm.sh is a no-build content delivery network (CDN) for web development. Versions up to and includi… | 2026-02-25T16:23:27.123 | 2026-02-25T16:23:27.123 |
| fkie_cve-2026-27704 | The Dart and Flutter SDKs provide software development kits for the Dart programming language. In v… | 2026-02-25T16:23:26.960 | 2026-02-25T16:23:26.960 |
| fkie_cve-2026-27702 | Budibase is a low code platform for creating internal tools, workflows, and admin panels. Prior to … | 2026-02-25T16:23:26.777 | 2026-02-25T16:23:26.777 |
| fkie_cve-2026-27701 | LiveCode is an open-source, client-side code playground. Prior to commit e151c64c2bd80d2d53ac1333f1… | 2026-02-25T16:23:26.613 | 2026-02-25T16:23:26.613 |
| fkie_cve-2026-27700 | Hono is a Web application framework that provides support for any JavaScript runtime. In versions 4… | 2026-02-25T16:23:26.440 | 2026-02-25T16:23:26.440 |
| fkie_cve-2026-27637 | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version… | 2026-02-25T04:16:04.110 | 2026-02-25T16:23:26.220 |
| fkie_cve-2026-27636 | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version… | 2026-02-25T04:16:03.933 | 2026-02-25T16:23:26.047 |
| fkie_cve-2026-27624 | Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured … | 2026-02-25T05:17:25.380 | 2026-02-25T16:23:25.910 |
| fkie_cve-2026-22866 | Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ether… | 2026-02-25T16:23:25.277 | 2026-02-25T16:23:25.277 |
| fkie_cve-2025-69771 | An arbitrary file upload vulnerability in the subtitle loading function of asbplayer v1.13.0 allows… | 2026-02-25T16:23:22.273 | 2026-02-25T16:23:22.273 |
| fkie_cve-2025-69381 | Missing Authorization vulnerability in vanquish WooCommerce Bulk Product Editor woocommerce-quick-p… | 2026-02-20T16:22:22.707 | 2026-02-25T16:23:22.087 |
| fkie_cve-2025-69379 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in van… | 2026-02-20T16:22:22.443 | 2026-02-25T16:23:21.903 |
| fkie_cve-2025-69377 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in van… | 2026-02-20T16:22:22.147 | 2026-02-25T16:23:21.717 |
| fkie_cve-2025-50180 | esm.sh is a no-build content delivery network (CDN) for web development. In version 136, esm.sh is … | 2026-02-25T16:23:21.173 | 2026-02-25T16:23:21.173 |
| fkie_cve-2025-1242 | The administrative credentials can be extracted through application API responses, mobile applicati… | 2026-02-25T16:23:20.930 | 2026-02-25T16:23:20.930 |
| fkie_cve-2022-4554 | B2B Customer Ordering System developed by ID Software Project and Consultancy Services before versi… | 2023-01-24T09:15:09.640 | 2026-02-25T16:23:13.550 |
| fkie_cve-2022-45854 | An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6.50(ABTG.0)C… | 2023-02-07T02:15:08.040 | 2026-02-25T16:22:47.433 |
| fkie_cve-2022-43392 | A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1… | 2023-01-11T02:15:11.327 | 2026-02-25T16:22:31.927 |
| fkie_cve-2022-43391 | A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior … | 2023-01-11T02:15:11.250 | 2026-02-25T16:22:31.707 |
| fkie_cve-2022-41296 | IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacke… | 2022-12-12T09:15:12.760 | 2026-02-25T16:22:14.580 |
| fkie_cve-2022-41200 | Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic … | 2022-10-11T21:15:26.097 | 2026-02-25T16:22:13.900 |
| fkie_cve-2022-41198 | Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp… | 2022-10-11T21:15:25.433 | 2026-02-25T16:22:13.587 |
| fkie_cve-2022-41196 | Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.… | 2022-10-11T21:15:24.520 | 2026-02-25T16:22:13.343 |
| fkie_cve-2022-41195 | Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File… | 2022-10-11T21:15:24.100 | 2026-02-25T16:22:13.207 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-46ph-2qpx-729g |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:37Z | 2026-02-24T21:31:38Z |
| ghsa-3rcg-gg9q-9688 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:38Z | 2026-02-24T21:31:38Z |
| ghsa-3pw3-vpq3-qmc9 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:37Z | 2026-02-24T21:31:38Z |
| ghsa-rrpc-76pm-5w54 |
7.5 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-rmj8-x3h3-24rh |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-q577-6r28-hw22 |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-p69v-gqh4-hg9p |
9.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in Jthemes Prestige prestige allows Object Injectio… | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-mhqr-8rx2-jw82 |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-4wc7-crf4-r645 |
8.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager bookin… | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-48pc-4fq3-jhwg |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-2wf2-988r-jv99 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-2rf2-f6mm-2232 |
5.3 (3.1)
|
Path Traversal: '.../...//' vulnerability in primersoftware Primer MyData for Woocommerce primer-my… | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-2cv8-fr2g-g66g |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:36Z |
| ghsa-vhgp-3x24-vh98 |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:35Z | 2026-02-24T21:31:35Z |
| ghsa-r5c8-59gv-v4x8 |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:35Z |
| ghsa-pxxq-rvgm-p9rp |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:35Z |
| ghsa-p95v-rww3-j83p |
7.2 (3.1)
|
Server-Side Request Forgery (SSRF) vulnerability in Laborator Oxygen oxygen allows Server Side Requ… | 2026-02-20T18:31:36Z | 2026-02-24T21:31:35Z |
| ghsa-gxg3-7vjc-h392 |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:35Z |
| ghsa-536p-mw62-6cm4 |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:35Z |
| ghsa-37wf-f6wc-vqj8 |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:35Z |
| ghsa-256m-r39j-gmcw |
9.3 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:36Z | 2026-02-24T21:31:35Z |
| ghsa-wv4q-94jw-h996 |
8.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in A WP Life Modal Popup Box modal-popup-box allows… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-wfqx-gw86-rc8h |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-rr5c-93pp-mqfv |
9.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-q6xg-x4rx-4p97 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-jjpv-2mhh-mcmm |
9.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in LoftOcean PatioTime patiotime allows Object Inje… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-f3xp-j3c9-999x |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-97hf-p3f7-pjq2 |
8.5 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-7gx4-4vpm-w576 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-4ff7-6hm2-x86r |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2018-146 |
6.5 (3.1)
|
In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.c… | exiv2 | 2018-03-25T03:29:00Z | 2024-11-21T14:22:49.282911Z |
| pysec-2018-145 |
5.5 (3.1)
|
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv… | exiv2 | 2018-01-18T07:29:00Z | 2024-11-21T14:22:49.222538Z |
| pysec-2018-144 |
5.5 (3.1)
|
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote at… | exiv2 | 2018-01-03T09:29:00Z | 2024-11-21T14:22:49.165596Z |
| pysec-2018-143 |
6.5 (3.1)
|
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a d… | exiv2 | 2018-11-27T07:29:00Z | 2024-11-21T14:22:49.094932Z |
| pysec-2018-142 |
6.5 (3.1)
|
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may … | exiv2 | 2018-11-08T08:29:00Z | 2024-11-21T14:22:49.03444Z |
| pysec-2018-141 |
6.5 (3.1)
|
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD… | exiv2 | 2018-11-08T08:29:00Z | 2024-11-21T14:22:48.973676Z |
| pysec-2018-140 |
6.5 (3.1)
|
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in… | exiv2 | 2018-11-03T04:29:00Z | 2024-11-21T14:22:48.914006Z |
| pysec-2018-139 |
6.5 (3.1)
|
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack cons… | exiv2 | 2018-09-28T09:29:00Z | 2024-11-21T14:22:48.850406Z |
| pysec-2018-138 |
6.5 (3.1)
|
An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp … | exiv2 | 2018-09-20T20:29:00Z | 2024-11-21T14:22:48.791028Z |
| pysec-2018-137 |
6.5 (3.1)
|
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of s… | exiv2 | 2018-09-19T22:29:00Z | 2024-11-21T14:22:48.732242Z |
| pysec-2018-136 |
6.5 (3.1)
|
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of se… | exiv2 | 2018-09-19T22:29:00Z | 2024-11-21T14:22:48.67141Z |
| pysec-2018-135 |
6.5 (3.1)
|
Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause … | exiv2 | 2018-09-02T03:29:00Z | 2024-11-21T14:22:48.611777Z |
| pysec-2018-134 |
8.1 (3.1)
|
samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POS… | exiv2 | 2018-07-17T12:29:00Z | 2024-11-21T14:22:48.55081Z |
| pysec-2018-133 |
8.8 (3.1)
|
Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp. | exiv2 | 2018-07-13T15:29:00Z | 2024-11-21T14:22:48.493339Z |
| pysec-2018-132 |
8.8 (3.1)
|
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to… | exiv2 | 2018-06-13T11:29:00Z | 2024-11-21T14:22:48.43262Z |
| pysec-2018-131 |
8.8 (3.1)
|
Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an o… | exiv2 | 2018-06-13T11:29:00Z | 2024-11-21T14:22:48.369854Z |
| pysec-2018-130 |
9.8 (3.1)
|
Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. | exiv2 | 2018-05-29T07:29:00Z | 2024-11-21T14:22:48.306556Z |
| pysec-2018-129 |
6.5 (3.1)
|
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote… | exiv2 | 2018-05-14T03:29:00Z | 2024-11-21T14:22:48.247062Z |
| pysec-2018-128 |
6.5 (3.1)
|
An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk funct… | exiv2 | 2018-05-12T04:29:00Z | 2024-11-21T14:22:48.18647Z |
| pysec-2018-127 |
6.5 (3.1)
|
An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attacke… | exiv2 | 2018-05-12T04:29:00Z | 2024-11-21T14:22:48.062891Z |
| pysec-2018-126 |
6.5 (3.1)
|
In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at… | exiv2 | 2018-05-10T02:29:00Z | 2024-11-21T14:22:47.998655Z |
| pysec-2018-125 |
6.5 (3.1)
|
Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read. | exiv2 | 2018-05-07T07:29:00Z | 2024-11-21T14:22:47.938221Z |
| pysec-2017-142 |
7.5 (3.1)
|
There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault i… | exiv2 | 2017-06-26T23:29:00Z | 2024-11-21T14:22:47.877232Z |
| pysec-2017-141 |
5.5 (3.1)
|
Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in val… | exiv2 | 2017-12-31T19:29:00Z | 2024-11-21T14:22:47.817537Z |
| pysec-2018-124 |
6.5 (3.1)
|
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in t… | exiv2 | 2018-02-12T22:29:00Z | 2024-11-21T14:22:47.758262Z |
| pysec-2018-123 |
6.5 (3.1)
|
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStruct… | exiv2 | 2018-02-12T22:29:00Z | 2024-11-21T14:22:47.697229Z |
| pysec-2018-122 |
8.1 (3.1)
|
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 func… | exiv2 | 2018-02-12T22:29:00Z | 2024-11-21T14:22:47.638668Z |
| pysec-2018-121 |
6.5 (3.1)
|
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.… | exiv2 | 2018-02-12T22:29:00Z | 2024-11-21T14:22:47.579327Z |
| pysec-2017-140 |
5.5 (3.1)
|
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk func… | exiv2 | 2017-12-13T22:29:00Z | 2024-11-21T14:22:47.521911Z |
| pysec-2017-139 |
5.5 (3.1)
|
There is a heap-based buffer overflow in the Exiv2::s2Data function of types.cpp in Exiv2… | exiv2 | 2017-09-29T01:34:00Z | 2024-11-21T14:22:47.458235Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-4203 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.393641Z |
| gsd-2024-4195 | Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully vali… | 2024-04-26T05:02:17.392645Z |
| gsd-2024-4176 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.392184Z |
| gsd-2024-4214 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.390841Z |
| gsd-2024-4174 | Cross-Site Scripting (XSS) vulnerability in Hyperion Web Server affecting version 2.0.15.… | 2024-04-26T05:02:17.389353Z |
| gsd-2024-4185 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.387322Z |
| gsd-2024-4208 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.386660Z |
| gsd-2024-4196 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.385450Z |
| gsd-2024-4220 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.384898Z |
| gsd-2024-4213 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.379947Z |
| gsd-2024-4215 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.378015Z |
| gsd-2024-4189 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.377780Z |
| gsd-2024-4178 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.377539Z |
| gsd-2024-4207 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.376954Z |
| gsd-2024-4187 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.376404Z |
| gsd-2024-4172 | A vulnerability classified as problematic was found in idcCMS 1.35. Affected by this vuln… | 2024-04-26T05:02:17.373866Z |
| gsd-2024-4166 | A vulnerability has been found in Tenda 4G300 1.01.42 and classified as critical. Affecte… | 2024-04-26T05:02:17.372976Z |
| gsd-2024-4183 | Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, 9.4.x be… | 2024-04-26T05:02:17.372323Z |
| gsd-2024-4184 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.371241Z |
| gsd-2024-4218 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.369587Z |
| gsd-2024-4222 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.363699Z |
| gsd-2024-4170 | A vulnerability was found in Tenda 4G300 1.01.42. It has been rated as critical. This iss… | 2024-04-26T05:02:17.362844Z |
| gsd-2024-4205 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.362130Z |
| gsd-2024-4219 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.359066Z |
| gsd-2024-4226 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.358460Z |
| gsd-2024-4186 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.352617Z |
| gsd-2024-4191 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:02:17.350081Z |
| gsd-2022-48683 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-26T05:00:39.331180Z |
| gsd-2022-48682 | In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file dele… | 2024-04-26T05:00:39.114509Z |
| gsd-2024-29078 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-25T05:02:15.597934Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-49435 | Malicious code in something-not-in-cache (npm) | 2025-11-09T00:17:09Z | 2026-02-03T03:16:53Z |
| mal-2026-637 | Malicious code in launchdarkly-cpp-networking (npm) | 2026-02-02T05:19:43Z | 2026-02-03T03:16:52Z |
| mal-2024-2834 | Malicious code in pap-client (npm) | 2024-06-25T12:55:07Z | 2026-02-03T03:16:52Z |
| mal-2026-655 | Malicious code in pipeline-poision-test (PyPI) | 2026-02-02T21:53:29Z | 2026-02-02T21:53:29Z |
| mal-2026-648 | Malicious code in yazxzpedia (npm) | 2026-02-02T08:27:24Z | 2026-02-02T18:50:28Z |
| mal-2026-647 | Malicious code in react-native-expofp (npm) | 2026-02-02T08:30:15Z | 2026-02-02T18:50:26Z |
| mal-2026-646 | Malicious code in picking-miniapp (npm) | 2026-02-02T08:30:53Z | 2026-02-02T18:50:26Z |
| mal-2026-645 | Malicious code in libsignal-yazxzpedia (npm) | 2026-02-02T08:27:24Z | 2026-02-02T18:50:25Z |
| mal-2026-644 | Malicious code in dise-pkt (npm) | 2026-02-02T08:29:38Z | 2026-02-02T18:50:24Z |
| mal-2026-643 | Malicious code in @hemanshu_patil/xcode-windows-x64 (npm) | 2026-02-02T08:28:43Z | 2026-02-02T18:50:22Z |
| mal-2026-642 | Malicious code in @hemanshu_patil/xcode (npm) | 2026-02-02T08:28:43Z | 2026-02-02T18:50:22Z |
| mal-2026-651 | Malicious code in cat-admin-tool (PyPI) | 2026-02-02T14:44:25Z | 2026-02-02T14:44:25Z |
| mal-2026-652 | Malicious code in chia-pool-reference (PyPI) | 2026-02-02T14:43:22Z | 2026-02-02T14:43:22Z |
| mal-2026-653 | Malicious code in credit-decision-metrics (PyPI) | 2026-02-02T14:42:50Z | 2026-02-02T14:42:50Z |
| mal-2026-654 | Malicious code in zabitog (PyPI) | 2026-02-02T14:41:04Z | 2026-02-02T14:41:04Z |
| mal-2026-650 | Malicious code in tableapy (PyPI) | 2026-02-02T12:56:55Z | 2026-02-02T12:56:55Z |
| mal-2026-649 | Malicious code in callapirequests (PyPI) | 2026-02-02T09:08:10Z | 2026-02-02T09:08:10Z |
| mal-2026-641 | Malicious code in connections-api-requests (PyPI) | 2026-02-02T06:54:40Z | 2026-02-02T06:54:40Z |
| mal-2026-640 | Malicious code in connections-api-request (PyPI) | 2026-02-02T06:52:24Z | 2026-02-02T06:52:24Z |
| mal-2026-639 | Malicious code in connection-api-requests (PyPI) | 2026-02-02T06:49:31Z | 2026-02-02T06:49:31Z |
| mal-2026-616 | Malicious code in c11dff444 (npm) | 2026-01-31T16:58:54Z | 2026-02-02T06:41:02Z |
| mal-2026-598 | Malicious code in wallet-icon-font (npm) | 2026-01-29T03:47:06Z | 2026-02-02T05:56:31Z |
| mal-2026-596 | Malicious code in turbotax (npm) | 2026-01-29T00:03:56Z | 2026-02-02T05:56:31Z |
| mal-2026-583 | Malicious code in vuejavascript (npm) | 2026-01-28T13:59:24Z | 2026-02-02T05:56:31Z |
| mal-2026-577 | Malicious code in transform-vue-jsx (npm) | 2026-01-28T07:43:54Z | 2026-02-02T05:56:31Z |
| mal-2026-561 | Malicious code in transform-regenerator (npm) | 2026-01-28T06:44:48Z | 2026-02-02T05:56:31Z |
| mal-2026-560 | Malicious code in transform-async-to-generator (npm) | 2026-01-28T06:44:48Z | 2026-02-02T05:56:31Z |
| mal-2026-546 | Malicious code in xhjxhjhiagent (npm) | 2026-01-27T08:09:00Z | 2026-02-02T05:56:31Z |
| mal-2026-507 | Malicious code in tripica-library (npm) | 2026-01-26T15:31:06Z | 2026-02-02T05:56:31Z |
| mal-2026-500 | Malicious code in zabittest11 (npm) | 2026-01-25T06:56:37Z | 2026-02-02T05:56:31Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-valkey-2025-46817 | Lua library commands may lead to integer overflow and potential RCE | 2025-10-08T08:52:36.400Z | 2025-11-13T11:23:28.166Z |
| bit-redis-2025-46817 | Lua library commands may lead to integer overflow and potential RCE | 2025-10-08T08:51:25.578Z | 2025-11-13T11:23:28.166Z |
| bit-keydb-2025-46817 | Lua library commands may lead to integer overflow and potential RCE | 2025-10-08T08:43:20.393Z | 2025-11-13T11:23:28.166Z |
| bit-discourse-2025-48954 | Discourse vulnerable to XSS via user-provided query parameter in oauth failure flow | 2025-07-01T17:44:46.702Z | 2025-11-13T11:23:28.166Z |
| bit-parse-2025-64430 | Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format | 2025-11-12T11:45:02.117Z | 2025-11-12T12:05:53.614Z |
| bit-tomcat-2025-55752 | Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled | 2025-11-06T13:00:31.694Z | 2025-11-11T12:05:08.739Z |
| bit-django-2025-64459 | Potential SQL injection via _connector keyword argument in QuerySet and Q objects | 2025-11-11T11:36:39.904Z | 2025-11-11T12:05:08.739Z |
| bit-django-2025-64458 | Potential denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows | 2025-11-11T11:36:38.456Z | 2025-11-11T12:05:08.739Z |
| bit-wildfly-2022-0866 | 2025-11-07T11:01:40.946Z | 2025-11-07T11:28:28.483Z | |
| bit-mlflow-2025-11201 | MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability | 2025-11-07T10:57:31.684Z | 2025-11-07T11:28:28.483Z |
| bit-redis-2025-62507 | Redis: Bug in XACKDEL may lead to stack overflow and potential RCE | 2025-11-07T08:49:33.083Z | 2025-11-07T09:06:54.375Z |
| bit-keydb-2025-62507 | Redis: Bug in XACKDEL may lead to stack overflow and potential RCE | 2025-11-07T08:40:53.783Z | 2025-11-07T09:06:54.375Z |
| bit-gitlab-2025-9958 | Insertion of Sensitive Information Into Sent Data in GitLab | 2025-10-01T15:13:13.235Z | 2025-11-07T09:06:54.375Z |
| bit-mastodon-2022-2166 | Improper Restriction of Excessive Authentication Attempts in mastodon/mastodon | 2025-11-06T15:08:22.357Z | 2025-11-06T15:44:17.098Z |
| bit-zookeeper-2025-58457 | Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands | 2025-09-26T08:51:26.070Z | 2025-11-06T13:25:46.476Z |
| bit-wildfly-2021-3644 | 2024-03-06T11:08:38.390Z | 2025-11-06T13:25:46.476Z | |
| bit-vault-2024-6468 | Vault Vulnerable to Denial of Service When Setting a Proxy Protocol Behavior | 2024-07-17T07:39:35.824Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2025-49844 | Redis Lua Use-After-Free may lead to remote code execution | 2025-10-16T09:19:55.260Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2025-48367 | Redis DoS Vulnerability due to bad connection error handling | 2025-10-16T12:08:13.783Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2025-46819 | Redis is vulnerable to DoS via specially crafted LUA scripts | 2025-10-08T08:52:39.220Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2025-46818 | Redis: Authenticated users can execute LUA scripts as a different user | 2025-10-08T08:52:37.720Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2025-27151 | redis-check-aof may lead to stack overflow and potential RCE | 2025-05-31T06:02:22.962Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2024-31449 | Lua library commands may lead to stack overflow and RCE in Redis | 2024-10-09T16:44:28.833Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2024-31228 | Denial-of-service due to unbounded pattern matching in Redis | 2024-10-09T16:44:40.936Z | 2025-11-06T13:25:46.476Z |
| bit-valkey-2024-31227 | Denial-of-service due to malformed ACL selectors in Redis | 2024-10-09T16:44:53.016Z | 2025-11-06T13:25:46.476Z |
| bit-tomcat-2025-61795 | Apache Tomcat: Delayed cleaning of multi-part upload temporary files may lead to DoS | 2025-11-06T13:00:35.478Z | 2025-11-06T13:25:46.476Z |
| bit-tomcat-2025-55754 | Apache Tomcat: console manipulation via escape sequences in log messages | 2025-11-06T13:00:33.572Z | 2025-11-06T13:25:46.476Z |
| bit-tomcat-2025-55668 | Apache Tomcat: session fixation via rewrite valve | 2025-08-18T08:14:21.163Z | 2025-11-06T13:25:46.476Z |
| bit-tomcat-2025-53506 | Apache Tomcat: DoS via excessive h2 streams at connection start | 2025-07-16T08:19:04.361Z | 2025-11-06T13:25:46.476Z |
| bit-tomcat-2025-52520 | Apache Tomcat: DoS via integer overflow in multipart file upload | 2025-07-16T08:19:00.271Z | 2025-11-06T13:25:46.476Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2023-007 | 2023-03-01T17:11:03.000Z | 2023-08-10T14:22:08.000Z | |
| drupal-contrib-2023-008 | 2023-03-01T17:38:09.000Z | 2023-08-10T14:21:21.000Z | |
| drupal-contrib-2023-009 | 2023-03-08T17:46:44.000Z | 2023-08-10T14:20:59.000Z | |
| drupal-contrib-2023-010 | 2023-03-15T17:22:57.000Z | 2023-08-10T14:20:35.000Z | |
| drupal-contrib-2023-012 | 2023-03-29T17:44:58.000Z | 2023-08-10T14:19:50.000Z | |
| drupal-contrib-2023-013 | 2023-04-12T16:09:25.000Z | 2023-08-10T14:19:21.000Z | |
| drupal-contrib-2023-014 | 2023-05-03T15:44:12.000Z | 2023-08-10T13:58:54.000Z | |
| drupal-contrib-2023-016 | 2023-05-31T13:14:25.000Z | 2023-08-10T13:58:03.000Z | |
| drupal-contrib-2023-017 | 2023-05-31T13:18:52.000Z | 2023-08-10T13:57:22.000Z | |
| drupal-contrib-2023-019 | 2023-05-31T13:22:44.000Z | 2023-08-10T13:56:55.000Z | |
| drupal-contrib-2023-018 | 2023-05-31T13:20:43.000Z | 2023-08-10T13:56:48.000Z | |
| drupal-contrib-2023-020 | 2023-06-14T14:52:36.000Z | 2023-08-10T13:54:32.000Z | |
| drupal-contrib-2023-021 | 2023-06-21T17:03:14.000Z | 2023-08-10T13:53:57.000Z | |
| drupal-contrib-2023-023 | 2023-06-28T17:02:13.000Z | 2023-08-10T13:53:00.000Z | |
| drupal-contrib-2023-026 | 2023-06-28T17:11:07.000Z | 2023-08-10T13:49:56.000Z | |
| drupal-contrib-2023-024 | 2023-06-28T17:03:36.000Z | 2023-08-10T13:40:55.000Z | |
| drupal-contrib-2023-033 | 2023-08-02T18:59:27.000Z | 2023-08-02T19:52:35.000Z | |
| drupal-contrib-2023-029 | 2023-06-28T17:34:47.000Z | 2023-07-31T21:18:37.000Z | |
| drupal-contrib-2023-027 | 2023-06-28T17:15:03.000Z | 2023-07-31T21:17:46.000Z | |
| drupal-contrib-2023-028 | 2023-06-28T17:21:37.000Z | 2023-07-31T21:17:11.000Z | |
| drupal-contrib-2023-031 | 2023-07-26T19:15:46.000Z | 2023-07-27T16:05:03.000Z | |
| drupal-contrib-2023-032 | 2023-07-26T19:19:38.000Z | 2023-07-26T20:00:09.000Z | |
| drupal-contrib-2023-030 | 2023-07-12T18:19:42.000Z | 2023-07-12T18:39:39.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-000065 | Multiple vulnerabilities in Exment | 2022-08-24T14:23+09:00 | 2024-06-14T11:09+09:00 |
| jvndb-2022-002337 | UNIMO Technology digital video recorders vulnerable to missing authentication for critical functions | 2022-08-23T14:31+09:00 | 2024-06-14T10:24+09:00 |
| jvndb-2022-000064 | Movable Type XMLRPC API vulnerable to command injection | 2022-08-24T15:58+09:00 | 2024-06-13T18:11+09:00 |
| jvndb-2023-001291 | Multiple vulnerabilities in Trend Micro Maximum Security | 2023-03-03T11:10+09:00 | 2024-06-13T17:06+09:00 |
| jvndb-2022-000045 | FreeBSD vulnerable to denial-of-service (DoS) | 2022-06-15T12:28+09:00 | 2024-06-13T16:31+09:00 |
| jvndb-2022-000066 | Multiple vulnerabilities in CentreCOM AR260S V2 | 2022-08-29T17:37+09:00 | 2024-06-13T16:21+09:00 |
| jvndb-2023-000044 | JINS MEME CORE uses a hard-coded cryptographic key | 2023-05-08T15:13+09:00 | 2024-06-13T16:19+09:00 |
| jvndb-2023-000042 | WordPress Plugin "Newsletter" vulnerable to cross-site scripting | 2023-05-09T14:42+09:00 | 2024-06-13T16:14+09:00 |
| jvndb-2022-000068 | SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure | 2022-09-05T15:22+09:00 | 2024-06-13T16:00+09:00 |
| jvndb-2022-002448 | Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security agents for Windows | 2022-10-11T17:02+09:00 | 2024-06-13T14:30+09:00 |
| jvndb-2022-002544 | Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service | 2022-10-20T16:18+09:00 | 2024-06-13T13:58+09:00 |
| jvndb-2022-000067 | Installer of Ricoh Device Software Manager may insecurely load Dynamic Link Libraries | 2022-08-29T15:57+09:00 | 2024-06-13T13:53+09:00 |
| jvndb-2022-000070 | Movable Type plugin A-Form vulnerable to cross-site scripting | 2022-09-09T15:01+09:00 | 2024-06-13T13:49+09:00 |
| jvndb-2022-000069 | PowerCMS XMLRPC API vulnerable to command injection | 2022-09-02T15:49+09:00 | 2024-06-13T11:44+09:00 |
| jvndb-2022-002367 | OpenAM (OpenAM Consortium Edition) vulnerable to open redirect | 2022-09-16T15:30+09:00 | 2024-06-13T11:39+09:00 |
| jvndb-2022-000071 | Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service | 2022-09-14T18:15+09:00 | 2024-06-13T11:34+09:00 |
| jvndb-2022-000073 | Multiple vulnerabilities in EC-CUBE | 2022-09-15T16:30+09:00 | 2024-06-13T11:09+09:00 |
| jvndb-2022-000072 | EC-CUBE plugin "Product Image Bulk Upload Plugin" vulnerable to insufficient verification in uploading files | 2022-09-15T16:13+09:00 | 2024-06-13T11:03+09:00 |
| jvndb-2023-000015 | Multiple vulnerabilities in PLANEX COMMUNICATIONS Network Camera CS-WMV02G | 2023-02-13T14:48+09:00 | 2024-06-12T17:03+09:00 |
| jvndb-2022-002537 | Stack-based buffer overflow vulnerability in Yokogawa Test & Measurement WTViewerE | 2022-10-19T16:23+09:00 | 2024-06-12T16:54+09:00 |
| jvndb-2022-000081 | Lemon8 App fails to restrict access permissions | 2022-10-19T14:08+09:00 | 2024-06-12T16:39+09:00 |
| jvndb-2024-000062 | Denial-of-service (DoS) vulnerability in IPCOM WAF function | 2024-06-12T15:03+09:00 | 2024-06-12T15:03+09:00 |
| jvndb-2022-000075 | IPFire WebUI vulnerable to cross-site scripting | 2022-10-06T13:05+09:00 | 2024-06-12T14:28+09:00 |
| jvndb-2023-000013 | Ichiran App vulnerable to improper server certificate verification | 2023-02-06T14:31+09:00 | 2024-06-12T14:25+09:00 |
| jvndb-2022-000074 | BookStack vulnerable to cross-site scripting | 2022-09-30T14:48+09:00 | 2024-06-12T14:07+09:00 |
| jvndb-2022-000077 | The installer of Sony Content Transfer may insecurely load Dynamic Link Libraries | 2022-10-11T15:08+09:00 | 2024-06-12T12:12+09:00 |
| jvndb-2022-000076 | Growi vulnerable to improper access control | 2022-10-07T14:30+09:00 | 2024-06-12T12:04+09:00 |
| jvndb-2023-000017 | Improper restriction of XML external entity reference (XXE) vulnerability in tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools | 2023-02-14T17:00+09:00 | 2024-06-12T11:15+09:00 |
| jvndb-2023-000012 | Vulnerability in Driver Distributor where passwords are stored in a recoverable format | 2023-01-31T14:14+09:00 | 2024-06-12T11:07+09:00 |
| jvndb-2023-000011 | SUSHIRO App for Android outputs sensitive information to the log file | 2023-01-31T14:10+09:00 | 2024-06-11T17:35+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-06137 | JeecgBoot queryPageList函数授权问题漏洞 | 2026-01-09 | 2026-01-22 |
| cnvd-2026-06136 | JeecgBoot getDeptRoleList函数授权问题漏洞 | 2026-01-09 | 2026-01-22 |
| cnvd-2026-06135 | JeecgBoot getParameterMap函数授权问题漏洞 | 2026-01-09 | 2026-01-22 |
| cnvd-2026-06134 | JeecgBoot /datarule文件授权问题漏洞 | 2026-01-09 | 2026-01-22 |
| cnvd-2026-06133 | JeecgBoot getPositionUserList函数授权问题漏洞 | 2026-01-09 | 2026-01-22 |
| cnvd-2026-06132 | JeecgBoot queryDepartPermission函数授权问题漏洞 | 2026-01-09 | 2026-01-22 |
| cnvd-2026-05940 | GNU InetUtils Telnetd远程认证绕过漏洞 | 2026-01-22 | 2026-01-22 |
| cnvd-2026-05176 | Huawei HarmonyOS和EMUI存在未明漏洞(CNVD-2026-05176) | 2023-12-07 | 2026-01-22 |
| cnvd-2026-05175 | Huawei HarmonyOS和EMUI PMS模块权限管理漏洞 | 2023-12-07 | 2026-01-22 |
| cnvd-2026-04837 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在文件上传漏洞(CNVD-C-2025-823176) | 2025-11-07 | 2026-01-22 |
| cnvd-2026-04834 | 西安瑞友信息技术资讯有限公司瑞友天翼应用虚拟化系统存在未授权访问漏洞 | 2025-11-14 | 2026-01-22 |
| cnvd-2026-04800 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在逻辑缺陷漏洞(CNVD-C-2025-852060) | 2025-11-14 | 2026-01-22 |
| cnvd-2026-04746 | 用友网络科技股份有限公司U8 Cloud存在SQL注入漏洞(CNVD-C-2025-796292) | 2025-11-06 | 2026-01-22 |
| cnvd-2026-04576 | 畅捷通信息技术股份有限公司畅捷通T+存在SQL注入漏洞(CNVD-C-2025-797319) | 2025-11-06 | 2026-01-22 |
| cnvd-2026-04575 | 畅捷通信息技术股份有限公司畅捷通T+存在SQL注入漏洞(CNVD-C-2025-778387) | 2025-11-03 | 2026-01-22 |
| cnvd-2026-04574 | 畅捷通信息技术股份有限公司畅捷通T+存在SQL注入漏洞(CNVD-C-2025-448742) | 2025-12-02 | 2026-01-22 |
| cnvd-2026-04467 | 北京神州视翰科技有限公司远程医疗综合服务平台存在SQL注入漏洞(CNVD-C-2025-948730) | 2025-12-01 | 2026-01-22 |
| cnvd-2026-04466 | 北京神州视翰科技有限公司远程医疗综合服务平台存在SQL注入漏洞(CNVD-C-2025-928742) | 2025-11-26 | 2026-01-22 |
| cnvd-2026-04465 | 北京神州视翰科技有限公司远程医疗综合服务平台存在SQL注入漏洞(CNVD-C-2025-879182) | 2025-11-18 | 2026-01-22 |
| cnvd-2026-04464 | 北京神州视翰科技有限公司远程医疗综合服务平台存在SQL注入漏洞(CNVD-C-2025-851224) | 2025-11-14 | 2026-01-22 |
| cnvd-2026-04463 | 北京神州视翰科技有限公司远程医疗综合服务平台存在SQL注入漏洞(CNVD-C-2025-848882) | 2025-11-13 | 2026-01-22 |
| cnvd-2026-04462 | 北京神州视翰科技有限公司远程医疗综合服务平台存在SQL注入漏洞(CNVD-C-2025-822965) | 2025-11-07 | 2026-01-22 |
| cnvd-2026-04441 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在SQL注入漏洞(CNVD-C-2025-926218) | 2025-11-25 | 2026-01-22 |
| cnvd-2026-04439 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在SQL注入漏洞(CNVD-C-2025-925400) | 2025-11-25 | 2026-01-22 |
| cnvd-2026-04438 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在SQL注入漏洞(CNVD-C-2025-925300) | 2025-11-25 | 2026-01-22 |
| cnvd-2026-04437 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在SQL注入漏洞(CNVD-C-2025-925298) | 2025-11-25 | 2026-01-22 |
| cnvd-2026-04436 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在SQL注入漏洞(CNVD-C-2025-925280) | 2025-11-25 | 2026-01-22 |
| cnvd-2026-04435 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在SQL注入漏洞(CNVD-C-2025-925115) | 2025-11-25 | 2026-01-22 |
| cnvd-2026-04434 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在SQL注入漏洞(CNVD-C-2025-924847) | 2025-11-25 | 2026-01-22 |
| cnvd-2026-04433 | 北京神州视翰科技有限公司多媒体综合业务显示系统存在SQL注入漏洞(CNVD-C-2025-924158) | 2025-11-25 | 2026-01-22 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2025-12162 | Уязвимость компонента iommu/mediatek ядра операционной системы Linux, позволяющая нарушит… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12160 | Уязвимость функции pxa_ata_probe() ядра операционной системы Linux, позволяющая нарушител… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12158 | Уязвимость компонента RDMA/cma ядра операционной системы Linux, позволяющая нарушителю вы… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12156 | Уязвимость модуля i2c-cros-ec-tunnel ядра операционной системы Linux, позволяющая нарушит… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12154 | Уязвимость ядра операционной системы Linux, связанная с ошибками разыменования нулевого у… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12153 | Уязвимость компонента btrtl.c ядра операционной системы Linux, позволяющая нарушителю выз… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12151 | Уязвимость компонента mac80211 ядра операционной системы Linux, позволяющая нарушителю вы… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12150 | Уязвимость компонента xen-netfront.c ядра операционной системы Linux, позволяющая нарушит… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12149 | Уязвимость компонента monitor.c ядра операционной системы Linux, позволяющая нарушителю в… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12145 | Уязвимость компонента scpi-cpufreq.c ядра операционной системы Linux, позволяющая нарушит… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12144 | Уязвимость функций scmi_cpufreq_get_rate() и cpufreq_cpu_get_raw() ядра операционной сист… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12142 | Уязвимость компонента parse.c ядра операционной системы Linux, позволяющая нарушителю выз… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12141 | Уязвимость компонента smb2misc.c ядра операционной системы Linux, позволяющая нарушителю … | 28.09.2025 | 16.02.2026 |
| bdu:2025-12140 | Уязвимость компонента amd_powerplay.c ядра операционной системы Linux, позволяющая наруши… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12139 | Уязвимость компонента hid-pidff.c ядра операционной системы Linux, позволяющая нарушителю… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12138 | Уязвимость компонентов igc ядра операционной системы Linux, позволяющая нарушителю вызват… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12137 | Уязвимость функции p9_client_write() компонента 9p/net ядра операционной системы Linux, п… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12136 | Уязвимость компонента dev.c ядра операционной системы Linux, позволяющая нарушителю вызва… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12134 | Уязвимость функции ice_vc_add_fdir_fltr() ядра операционной системы Linux, позволяющая на… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12130 | Уязвимость компонента core.c ядра операционной системы Linux, позволяющая нарушителю вызв… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12129 | Уязвимость ядра операционной системы Linux, связанная с неправильным разыменованем нулеов… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12128 | Уязвимость компонента sch_htb.c ядра операционной системы Linux, позволяющая нарушителю в… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12126 | Уязвимость функции mtk_pmic_keys_lp_reset_setup() компонента mtk-pmic-keys.c ядра операци… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12124 | Уязвимость компонентов net/sched/ ядра операционной системы Linux, позволяющая нарушителю… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12123 | Уязвимость компонента ucsi/displayport.c ядра операционной системы Linux, позволяющая нар… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12119 | Уязвимость компонента iscsi ядра операционной системы Linux, позволяющая нарушителю вызва… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12114 | Уязвимость компонента com20020-pci.c ядра операционной системы Linux, позволяющая нарушит… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12113 | Уязвимость компонента remoteproc ядра операционной системы Linux, позволяющая нарушителю … | 28.09.2025 | 16.02.2026 |
| bdu:2025-12111 | Уязвимость компонента net/sched/sch_hfsc.c ядра операционной системы Linux, позволяющая н… | 28.09.2025 | 16.02.2026 |
| bdu:2025-12110 | Уязвимость ядра операционной системы Linux, связанная с использованием памяти после её ос… | 28.09.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0939 | Multiples vulnérabilités dans les produits Splunk | 2025-10-30T00:00:00.000000 | 2025-10-30T00:00:00.000000 |
| certfr-2025-avi-0938 | Multiples vulnérabilités dans les produits VMware | 2025-10-30T00:00:00.000000 | 2025-10-30T00:00:00.000000 |
| certfr-2025-avi-0937 | Multiples vulnérabilités dans Google Chrome | 2025-10-30T00:00:00.000000 | 2025-10-30T00:00:00.000000 |
| certfr-2025-avi-0935 | Multiples vulnérabilités dans les produits VMware | 2025-10-29T00:00:00.000000 | 2025-10-29T00:00:00.000000 |
| certfr-2025-avi-0934 | Vulnérabilité dans les produits Mozilla | 2025-10-29T00:00:00.000000 | 2025-10-29T00:00:00.000000 |
| certfr-2025-avi-0933 | Multiples vulnérabilités dans Apache Tomcat | 2025-10-28T00:00:00.000000 | 2025-10-28T00:00:00.000000 |
| certfr-2025-avi-0932 | Multiples vulnérabilités dans Liferay | 2025-10-28T00:00:00.000000 | 2025-10-28T00:00:00.000000 |
| certfr-2025-avi-0931 | Vulnérabilité dans StrongSwan | 2025-10-28T00:00:00.000000 | 2025-10-28T00:00:00.000000 |
| certfr-2025-avi-0930 | Vulnérabilité dans Microsoft Windows Server Update Service | 2025-10-27T00:00:00.000000 | 2025-10-27T00:00:00.000000 |
| certfr-2025-avi-0929 | Vulnérabilité dans le client VPN de TheGreenBow | 2025-10-27T00:00:00.000000 | 2025-10-27T00:00:00.000000 |
| certfr-2025-avi-0928 | Vulnérabilité dans Microsoft Configuration Manager | 2025-10-27T00:00:00.000000 | 2025-10-27T00:00:00.000000 |
| certfr-2025-avi-0927 | Vulnérabilité dans Xen | 2025-10-27T00:00:00.000000 | 2025-10-27T00:00:00.000000 |
| certfr-2025-avi-0926 | Vulnérabilité dans le pilote ODBC de MongoDB | 2025-10-27T00:00:00.000000 | 2025-10-27T00:00:00.000000 |
| certfr-2025-avi-0925 | Vulnérabilité dans les produits Belden | 2025-10-27T00:00:00.000000 | 2025-10-27T00:00:00.000000 |
| certfr-2025-avi-0924 | Multiples vulnérabilités dans les produits IBM | 2025-10-24T00:00:00.000000 | 2025-10-24T00:00:00.000000 |
| certfr-2025-avi-0923 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-10-24T00:00:00.000000 | 2025-10-24T00:00:00.000000 |
| certfr-2025-avi-0922 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-10-24T00:00:00.000000 | 2025-10-24T00:00:00.000000 |
| certfr-2025-avi-0921 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-10-24T00:00:00.000000 | 2025-10-24T00:00:00.000000 |
| certfr-2025-avi-0920 | Multiples vulnérabilités dans les produits Microsoft | 2025-10-24T00:00:00.000000 | 2025-10-24T00:00:00.000000 |
| certfr-2025-avi-0919 | Multiples vulnérabilités dans Microsoft Azure | 2025-10-24T00:00:00.000000 | 2025-10-24T00:00:00.000000 |
| certfr-2025-avi-0918 | Multiples vulnérabilités dans Liferay | 2025-10-24T00:00:00.000000 | 2025-10-24T00:00:00.000000 |
| certfr-2025-avi-0917 | Multiples vulnérabilités dans les produits Moxa | 2025-10-24T00:00:00.000000 | 2025-10-24T00:00:00.000000 |
| certfr-2025-avi-0916 | Vulnérabilité dans le pilote MongoDB Pilote Atlas SQL ODBC | 2025-10-24T00:00:00.000000 | 2025-10-24T00:00:00.000000 |
| certfr-2025-avi-0915 | Multiples vulnérabilités dans les produits Microsoft | 2025-10-23T00:00:00.000000 | 2025-10-23T00:00:00.000000 |
| certfr-2025-avi-0914 | Multiples vulnérabilités dans les produits Centreon | 2025-10-23T00:00:00.000000 | 2025-10-23T00:00:00.000000 |
| certfr-2025-avi-0913 | Multiples vulnérabilités dans ISC BIND | 2025-10-23T00:00:00.000000 | 2025-10-23T00:00:00.000000 |
| certfr-2025-avi-0912 | Vulnérabilité dans SolarWinds Observability | 2025-10-22T00:00:00.000000 | 2025-10-22T00:00:00.000000 |
| certfr-2025-avi-0911 | Multiples vulnérabilités dans Oracle Weblogic | 2025-10-22T00:00:00.000000 | 2025-10-22T00:00:00.000000 |
| certfr-2025-avi-0910 | Multiples vulnérabilités dans Oracle Virtualization | 2025-10-22T00:00:00.000000 | 2025-10-22T00:00:00.000000 |
| certfr-2025-avi-0909 | Multiples vulnérabilités dans Oracle Systems | 2025-10-22T00:00:00.000000 | 2025-10-22T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2025-248 | Heap-buffer-overflow in cli_bm_addpatt | 2025-04-02T00:00:13.427589Z | 2025-04-02T00:00:13.428120Z |
| osv-2025-240 | Security exception in com.powsybl.commons.xml.XmlUtil.lambda$skipSubElements$0 | 2025-03-28T00:05:50.145107Z | 2025-03-30T14:32:19.516483Z |
| osv-2023-1168 | Heap-buffer-overflow in pcpp::PPP_PPTPLayer::computeCalculateFields | 2023-11-16T13:00:57.037733Z | 2025-03-28T14:23:56.681348Z |
| osv-2025-230 | Heap-buffer-overflow in wasm_loader_prepare_bytecode | 2025-03-22T00:05:22.916187Z | 2025-03-22T00:05:22.916485Z |
| osv-2022-597 | Heap-use-after-free in .tmpgt0oOx | 2022-07-19T00:01:55.792573Z | 2025-03-21T14:13:26.227734Z |
| osv-2025-226 | UNKNOWN READ in extract_sess_version | 2025-03-21T00:19:10.852617Z | 2025-03-21T00:19:10.852969Z |
| osv-2024-867 | Use-of-uninitialized-value in std::__1::ostreambuf_iterator<char, std::__1::char_traits<char>> std::__1::__pad | 2024-08-16T00:05:38.614485Z | 2025-03-19T14:29:11.494602Z |
| osv-2024-352 | Heap-buffer-overflow in __parse_options | 2024-04-30T00:04:28.080620Z | 2025-03-19T14:25:45.717598Z |
| osv-2023-806 | Heap-buffer-overflow in H5F__accum_free | 2023-09-08T14:00:12.468140Z | 2025-03-18T00:47:11.270073Z |
| osv-2023-1223 | Heap-buffer-overflow in H5O__shared_decode | 2023-11-27T13:01:18.977198Z | 2025-03-18T00:47:06.884278Z |
| osv-2023-1091 | Heap-buffer-overflow in H5F_addr_decode | 2023-10-31T13:01:22.289748Z | 2025-03-18T00:45:36.194874Z |
| osv-2024-390 | Heap-buffer-overflow in H5O__cache_chk_serialize | 2024-04-30T00:14:19.116132Z | 2025-03-18T00:44:44.672358Z |
| osv-2023-754 | Heap-buffer-overflow in H5O__chunk_protect | 2023-08-28T14:00:10.026707Z | 2025-03-18T00:43:25.726885Z |
| osv-2023-471 | Heap-buffer-overflow in H5FS__sinfo_serialize_node_cb | 2023-06-09T14:00:54.620201Z | 2025-03-18T00:43:10.716259Z |
| osv-2023-722 | Heap-buffer-overflow in H5MM_memcpy | 2023-08-22T14:03:04.118428Z | 2025-03-18T00:42:21.984142Z |
| osv-2024-1427 | Heap-buffer-overflow in extract_mediaip | 2025-01-28T00:14:30.487391Z | 2025-03-18T00:41:33.426387Z |
| osv-2024-1249 | Heap-buffer-overflow in extract_ice_option | 2024-10-30T00:15:55.709182Z | 2025-03-18T00:40:00.171776Z |
| osv-2025-119 | Heap-buffer-overflow in snmp_config_when | 2025-02-14T00:15:08.375253Z | 2025-03-18T00:37:43.437021Z |
| osv-2025-161 | Heap-buffer-overflow in se_add_pair | 2025-02-24T00:15:33.662895Z | 2025-03-18T00:37:12.676515Z |
| osv-2025-113 | Heap-buffer-overflow in snmp_log_options | 2025-02-14T00:01:45.812592Z | 2025-03-18T00:35:43.690001Z |
| osv-2023-1161 | Heap-buffer-overflow in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<ch | 2023-11-14T13:03:13.962614Z | 2025-03-18T00:34:06.623648Z |
| osv-2025-132 | Heap-use-after-free in netsnmp_hex_to_binary | 2025-02-17T00:01:01.920904Z | 2025-03-18T00:33:26.648884Z |
| osv-2024-1216 | Use-of-uninitialized-value in Poco::Net::NTLMCredentials::parseChallengeMessage | 2024-10-13T00:11:43.323181Z | 2025-03-18T00:32:42.736858Z |
| osv-2025-131 | Heap-buffer-overflow in vips_foreign_save_heif_write_block | 2025-02-16T00:13:44.282887Z | 2025-03-18T00:32:21.245932Z |
| osv-2025-162 | Heap-buffer-overflow in snmp_in_options | 2025-02-24T00:15:40.967551Z | 2025-03-18T00:30:24.116747Z |
| osv-2024-1209 | Heap-use-after-free in xmlValidateOneElement | 2024-10-11T00:15:43.610812Z | 2025-03-18T00:30:11.577855Z |
| osv-2025-54 | UNKNOWN READ in Assimp::SceneCombiner::CopyScene | 2025-01-22T00:15:23.827419Z | 2025-03-18T00:29:47.108675Z |
| osv-2025-133 | Stack-buffer-overflow in se_read_conf | 2025-02-17T00:02:18.986364Z | 2025-03-18T00:27:33.917908Z |
| osv-2024-1071 | Use-of-uninitialized-value in Poco::Dynamic::Var::~Var | 2024-09-15T00:06:58.342742Z | 2025-03-18T00:25:32.915201Z |
| osv-2024-1322 | Security exception in com.alibaba.fastjson2.JSONReader.readObject | 2024-11-18T00:00:16.618504Z | 2025-03-18T00:24:17.881614Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2023-0022 | `openssl` `X509NameBuilder::build` returned object is not thread safe | 2023-03-24T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0017 | `maligned::align_first` causes incorrect deallocation | 2023-03-04T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0016 | Possible out-of-bounds read in release mode | 2023-02-20T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0015 | Ascii allows out-of-bounds array indexing in safe code | 2023-02-25T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0014 | Miscompilation in cortex-m-rt 0.7.1 and 0.7.2 | 2023-02-13T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0013 | `NULL` dereference during PKCS7 data verification | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0012 | `NULL` dereference validating DSA public key | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0011 | Invalid pointer dereference in `d2i_PKCS7` functions | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0010 | Double free after calling `PEM_read_bio_ex` | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0009 | Use-after-free following `BIO_new_NDEF` | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0008 | X.509 Name Constraints Read Buffer Overflow | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0007 | Timing Oracle in RSA Decryption | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0006 | X.400 address type confusion in X.509 `GeneralName` | 2023-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2023-0005 | `tokio::io::ReadHalf<T>::unsplit` is Unsound | 2023-01-11T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0092 | `rmp-serde` `Raw` and `RawRef` unsound | 2022-04-13T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0090 | `libsqlite3-sys` via C SQLite CVE-2022-35737 | 2022-08-03T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0082 | Improper validation of Windows paths could lead to directory traversal attack | 2022-01-14T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0079 | ELF header parsing library doesn't check for valid offset | 2022-10-31T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0078 | Use-after-free due to a lifetime error in `Vec::into_iter()` | 2022-01-14T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0074 | Force cast a &Vec<T> to &[T] | 2022-12-02T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0072 | Location header incorporates user input, allowing open redirect | 2022-12-23T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0070 | Unsound API in `secp256k1` allows use-after-free and invalid deallocation from safe code | 2022-11-30T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0069 | Improper validation of Windows paths could lead to directory traversal attack | 2022-11-30T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0067 | Invalid use of `mem::uninitialized` causes `use-of-uninitialized-value` | 2022-10-22T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0065 | X.509 Email Address Variable Length Buffer Overflow | 2022-11-01T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0064 | X.509 Email Address 4-byte Buffer Overflow | 2022-11-01T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0063 | Multiple vulnerabilities resulting in out-of-bounds writes | 2022-09-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0062 | matrix-sdk 0.6.0 logs access tokens | 2022-10-24T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0059 | Using a Custom Cipher with `NID_undef` may lead to NULL encryption | 2022-10-11T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0055 | No default limit put on request bodies | 2022-08-31T12:00:00Z | 2023-06-13T13:10:24Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2025:17428 | Important: open-vm-tools security update | 2025-10-07T00:00:00Z | 2025-10-13T08:28:00Z |
| alsa-2025:17396 | Moderate: kernel security update | 2025-10-06T00:00:00Z | 2025-10-09T07:54:11Z |
| alsa-2025:17377 | Moderate: kernel security update | 2025-10-06T00:00:00Z | 2025-10-09T07:42:18Z |
| alsa-2025:17429 | Important: open-vm-tools security update | 2025-10-07T00:00:00Z | 2025-10-08T11:21:49Z |
| alsa-2025:17509 | Important: open-vm-tools security update | 2025-10-07T00:00:00Z | 2025-10-08T10:29:36Z |
| alsa-2025:17397 | Moderate: kernel security update | 2025-10-06T00:00:00Z | 2025-10-08T10:24:28Z |
| alsa-2025:17415 | Moderate: gnutls security, bug fix, and enhancement update | 2025-10-07T00:00:00Z | 2025-10-08T10:07:51Z |
| alsa-2025:17398 | Moderate: kernel-rt security update | 2025-10-06T00:00:00Z | 2025-10-08T10:05:33Z |
| alsa-2025:16904 | Moderate: kernel security update | 2025-09-29T00:00:00Z | 2025-10-03T09:19:26Z |
| alsa-2025:17129 | Important: idm:DL1 security update | 2025-10-01T00:00:00Z | 2025-10-03T08:44:05Z |
| alsa-2025:17119 | Moderate: perl-JSON-XS security update | 2025-09-30T00:00:00Z | 2025-10-01T12:21:59Z |
| alsa-2025:16919 | Moderate: kernel security update | 2025-09-29T00:00:00Z | 2025-10-01T09:28:42Z |
| alsa-2025:16880 | Moderate: kernel security update | 2025-09-29T00:00:00Z | 2025-10-01T09:18:26Z |
| alsa-2025:16861 | Moderate: mysql:8.0 security update | 2025-09-29T00:00:00Z | 2025-10-01T08:52:50Z |
| alsa-2025:16920 | Moderate: kernel-rt security update | 2025-09-29T00:00:00Z | 2025-10-01T08:47:05Z |
| alsa-2025:16823 | Moderate: openssh security update | 2025-09-25T00:00:00Z | 2025-10-01T08:38:24Z |
| alsa-2025:16432 | Moderate: opentelemetry-collector security update | 2025-09-23T00:00:00Z | 2025-09-29T09:41:45Z |
| alsa-2025:13941 | Important: golang security update | 2025-08-18T00:00:00Z | 2025-09-29T09:40:10Z |
| alsa-2025:14560 | Moderate: python3 security update | 2025-08-26T00:00:00Z | 2025-09-29T09:37:04Z |
| alsa-2025:15005 | Moderate: kernel security update | 2025-09-02T00:00:00Z | 2025-09-29T09:34:42Z |
| alsa-2025:14984 | Moderate: python3.12 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:30:31Z |
| alsa-2025:16354 | Moderate: kernel security update | 2025-09-22T00:00:00Z | 2025-09-29T09:27:52Z |
| alsa-2025:15007 | Moderate: python3.12 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:23:49Z |
| alsa-2025:15010 | Moderate: python3.11 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:21:37Z |
| alsa-2025:15011 | Important: kernel security update | 2025-09-02T00:00:00Z | 2025-09-29T09:19:38Z |
| alsa-2025:15017 | Important: udisks2 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:15:52Z |
| alsa-2025:15018 | Important: udisks2 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:14:00Z |
| alsa-2025:15020 | Important: udisks2 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:12:40Z |
| alsa-2025:15019 | Moderate: python3.9 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:10:40Z |
| alsa-2025:15022 | Important: postgresql:15 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:08:26Z |