Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-5781 |
5.2 (3.1)
|
Information Exposure Vulnerability in Hitachi Configur… |
Hitachi |
Hitachi Ops Center API Configuration Manager |
2026-02-25T03:01:21.623Z | 2026-02-26T17:00:34.754Z |
| CVE-2026-27632 |
2.6 (3.1)
|
Talishar Vulnerable to Cross-Site Request Forgery (CSRF) |
Talishar |
Talishar |
2026-02-25T02:52:10.061Z | 2026-02-26T21:33:41.129Z |
| CVE-2026-27629 |
5.9 (3.1)
|
InvenTree Vulnerable to Server Side Template Injection… |
inventree |
InvenTree |
2026-02-25T02:48:41.934Z | 2026-02-26T21:33:40.971Z |
| CVE-2026-27628 |
1.2 (4.0)
|
pypdf has a possible infinite loop when loading circul… |
py-pdf |
pypdf |
2026-02-25T02:45:37.543Z | 2026-02-25T15:58:33.339Z |
| CVE-2026-27626 |
10 (3.1)
|
OliveTin vulnerable to OS Command Injection via `passw… |
OliveTin |
OliveTin |
2026-02-25T02:43:08.189Z | 2026-02-25T02:43:08.189Z |
| CVE-2026-27612 |
6.1 (3.1)
|
Repostat Vulnerable to Reflected Cross-Site Scripting … |
denpiligrim |
repostat |
2026-02-25T02:38:05.548Z | 2026-02-26T21:33:40.838Z |
| CVE-2026-27621 |
6.8 (4.0)
|
TypiCMS Core has Stored Cross-Site Scripting (XSS) via… |
TypiCMS |
Core |
2026-02-25T02:36:12.353Z | 2026-02-26T20:59:12.644Z |
| CVE-2026-27615 |
8.8 (4.0)
|
ADB-Explorer: UNC Path Support in ManualAdbPath Leads … |
Alex4SSB |
ADB-Explorer |
2026-02-25T02:33:53.553Z | 2026-02-25T02:33:53.553Z |
| CVE-2026-27614 |
9.3 (3.1)
|
Bugsink is vulnerable to Stored XSS via Pygments fallb… |
bugsink |
bugsink |
2026-02-25T02:31:17.880Z | 2026-02-25T20:01:45.861Z |
| CVE-2026-27611 |
7.1 (4.0)
|
FileBrowser Quantum: Password Protection Not Enforced … |
gtsteffaniak |
filebrowser |
2026-02-25T02:24:48.357Z | 2026-02-25T02:24:48.357Z |
| CVE-2026-27595 |
9.9 (4.0)
|
Parse Dashboard has incomplete authentication on AI Ag… |
parse-community |
parse-dashboard |
2026-02-25T02:21:33.428Z | 2026-02-25T02:21:33.428Z |
| CVE-2026-27610 |
7 (4.0)
|
Parse Dashboard Has a Cache Key Collision that Leaks M… |
parse-community |
parse-dashboard |
2026-02-25T02:19:56.022Z | 2026-02-25T02:21:23.731Z |
| CVE-2026-27609 |
8.3 (4.0)
|
Parse Dashboard Missing CSRF Protection on Agent Endpoint |
parse-community |
parse-dashboard |
2026-02-25T02:18:28.909Z | 2026-02-25T02:18:28.909Z |
| CVE-2026-27608 |
9.3 (4.0)
|
Parse Dashboard Missing Authorization on Agent Endpoint |
parse-community |
parse-dashboard |
2026-02-25T02:16:30.622Z | 2026-02-25T18:58:39.218Z |
| CVE-2026-27822 |
9.1 (3.1)
|
Rust has Critical Stored XSS in Preview Modal, leading… |
rustfs |
rustfs |
2026-02-25T02:11:57.535Z | 2026-02-25T19:23:50.704Z |
| CVE-2026-27607 |
8.1 (3.1)
|
RustFS's Missing Post Policy Validation leads to Arbit… |
rustfs |
rustfs |
2026-02-25T02:10:28.086Z | 2026-02-25T20:06:03.487Z |
| CVE-2026-27606 |
8.8 (4.0)
|
Rollup 4 has Arbitrary File Write via Path Traversal |
rollup |
rollup |
2026-02-25T02:08:06.682Z | 2026-02-25T20:10:29.816Z |
| CVE-2026-25135 |
4.5 (3.1)
|
OpenEMR's location resource for Group.$export operatio… |
openemr |
openemr |
2026-02-25T02:02:14.203Z | 2026-02-25T20:17:35.710Z |
| CVE-2026-3145 |
4.8 (4.0)
5.3 (3.1)
5.3 (3.0)
|
libvips matrixload.c vips_foreign_load_matrix_header m… |
n/a |
libvips |
2026-02-25T02:02:10.604Z | 2026-02-25T20:28:56.023Z |
| CVE-2026-25131 |
8.8 (3.1)
|
OpenEMR has Broken Access Control in Procedures Config… |
openemr |
openemr |
2026-02-25T01:55:43.778Z | 2026-02-25T20:34:41.500Z |
| CVE-2026-25127 |
7 (4.0)
|
OpenEMR has Broken Access Control on Care Coordination… |
openemr |
openemr |
2026-02-25T01:53:15.570Z | 2026-02-25T20:44:14.545Z |
| CVE-2026-25124 |
6.5 (3.1)
|
OpenEMR has Broken Access Control in Report/Clients/Me… |
openemr |
openemr |
2026-02-25T01:50:22.146Z | 2026-02-25T20:50:25.100Z |
| CVE-2026-24896 |
6.5 (3.1)
|
OpenEMR has Broken Access Control that allows unauthor… |
openemr |
openemr |
2026-02-25T01:47:59.765Z | 2026-02-25T20:58:20.711Z |
| CVE-2026-24849 |
10 (3.1)
|
OpenEMR Arbitrary File Read Vulnerability |
openemr |
openemr |
2026-02-25T01:44:30.584Z | 2026-02-25T21:05:01.567Z |
| CVE-2026-24847 |
6.1 (3.1)
|
OpenEMR has Open Redirect in Eye Exam Form |
openemr |
openemr |
2026-02-25T01:34:35.364Z | 2026-02-25T21:08:26.424Z |
| CVE-2026-2914 |
8.5 (4.0)
|
CyberArk Endpoint Privilege Manager Agent version… |
CyberArk Software, a Palo Alto Networks Company |
Endpoint Privilege Manager Agent |
2026-02-25T01:33:05.657Z | 2026-02-26T21:42:22.714Z |
| CVE-2026-21443 |
1.2 (4.0)
|
OpenEMR allows inconsistent escaping of translation fu… |
openemr |
openemr |
2026-02-25T01:23:22.052Z | 2026-02-25T21:15:31.995Z |
| CVE-2025-69231 |
8.7 (3.1)
|
OpenEMR has a Stored XSS in GAD-7 Form that Enables Se… |
openemr |
openemr |
2026-02-25T01:18:14.722Z | 2026-02-25T01:24:15.938Z |
| CVE-2025-68277 |
7.2 (4.0)
|
OpenEMR allows links sent via Secure Messaging to be o… |
openemr |
openemr |
2026-02-25T01:13:28.531Z | 2026-02-25T01:25:11.772Z |
| CVE-2025-67752 |
8.1 (3.1)
|
OpenEMR Has Disabled SSL Certificate Verification in H… |
openemr |
openemr |
2026-02-25T01:09:20.946Z | 2026-02-25T01:26:01.604Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-72hf-fj62-w6j4 |
7.4 (3.1)
|
ImageMagick: Stack buffer overflow in FTXT reader via oversized integer field | 2026-02-24T15:43:02Z | 2026-02-24T15:43:02Z |
| ghsa-xwc6-v6g8-pw2h |
5.9 (3.1)
|
ImageMagick's Security Policy Bypass through config/policy-secure.xml via "fd handler" leads to std… | 2026-02-24T15:42:37Z | 2026-02-24T15:42:38Z |
| ghsa-8jvj-p28h-9gm7 |
8.6 (3.1)
|
ImageMagick: Policy bypass through path traversal allows reading restricted content despite secured… | 2026-02-24T15:40:06Z | 2026-02-24T15:40:06Z |
| ghsa-vpxv-r9pg-7gpr |
6.5 (3.1)
|
ImageMagick has Global Buffer Overflow (OOB Read) via Negative Pixel Index in UIL and XPM Writer | 2026-02-24T15:39:11Z | 2026-02-24T15:39:11Z |
| ghsa-6j5f-24fw-pqp4 |
6.5 (3.1)
|
ImageMagick: Heap overflow in sun decoder on 32-bit systems may result in out of bounds write | 2026-02-24T15:38:35Z | 2026-02-24T15:38:35Z |
| ghsa-543g-8grm-9cw6 |
5.3 (3.1)
|
ImageMagick has Division-by-Zero in YUV sampling factor validation, which leads to crash | 2026-02-24T15:37:53Z | 2026-02-24T15:37:53Z |
| ghsa-p863-5fgm-rgq4 |
5.3 (3.1)
|
ImageMagick has NULL Pointer Dereference in ClonePixelCacheRepository via crafted image | 2026-02-24T15:36:08Z | 2026-02-24T15:36:08Z |
| ghsa-rw6c-xp26-225v |
5.7 (3.1)
|
ImageMagick: Code Injection via PostScript header in ps coders | 2026-02-24T15:34:26Z | 2026-02-24T15:34:26Z |
| ghsa-g2pr-qxjg-7r2w |
5.3 (3.1)
|
ImageMagick has memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-r… | 2026-02-24T15:33:56Z | 2026-02-24T15:33:57Z |
| ghsa-p33r-fqw2-rqmm |
5.3 (3.1)
|
ImageMagick has NULL pointer dereference in ReadSFWImage after DestroyImageInfo (sfw.c) | 2026-02-24T15:32:34Z | 2026-02-24T15:32:34Z |
| ghsa-vhqj-f5cj-9x8h |
8.2 (3.1)
|
ImageMagick has heap-buffer-overflow via signed integer overflow in WriteUHDRImage when writing UHD… | 2026-02-24T15:31:57Z | 2026-02-24T15:31:57Z |
| ghsa-gxcx-qjqp-8vjw |
5.3 (3.1)
|
ImageMagick has memory leak in msl encoder | 2026-02-24T15:30:54Z | 2026-02-24T15:30:54Z |
| ghsa-xx53-6qqj-gr7w |
9.8 (3.1)
|
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence o… | 2026-02-24T15:30:33Z | 2026-02-25T15:31:37Z |
| ghsa-xqx8-2c6c-9g3g |
4.9 (3.1)
|
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-v5qr-j3c6-xxx2 |
7.5 (3.1)
|
TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cste… | 2026-02-24T15:30:33Z | 2026-02-25T18:31:35Z |
| ghsa-pr9m-7cjw-258w |
4.9 (3.1)
|
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-pq5g-x5q3-3g25 |
4.9 (3.1)
|
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management … | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-mr6q-w873-6jfr |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function Se… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-6pf6-w4c2-rx3f |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code o… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-58j5-qr69-3544 |
6.8 (3.1)
|
The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user aut… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-3q93-28v9-5x6v |
4.9 (3.1)
|
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fi… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-xchm-7954-5wvg |
9.8 (3.1)
|
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-25T15:31:37Z |
| ghsa-wcpx-2xqg-ff43 |
9.8 (3.1)
|
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ghsa-vxjv-c6cq-74m6 |
9.8 (3.1)
|
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148 and … | 2026-02-24T15:30:32Z | 2026-02-25T15:31:37Z |
| ghsa-q6rm-rhj9-jpg5 |
9.8 (3.1)
|
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ghsa-p9gc-q2gc-jc6r |
4.2 (3.1)
|
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-p4fg-vw73-vr29 |
9.8 (3.1)
|
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-25T18:31:35Z |
| ghsa-m8jj-q5xq-4qhp |
7.5 (3.1)
|
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This v… | 2026-02-24T15:30:32Z | 2026-02-25T21:31:18Z |
| ghsa-jvc5-7j9r-q4m6 |
9.8 (3.1)
|
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 14… | 2026-02-24T15:30:32Z | 2026-02-25T15:31:37Z |
| ghsa-hwjj-g6g7-p8cf |
9.1 (3.1)
|
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-25T21:31:18Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2023-147 |
9.8 (3.1)
|
An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execu… | langchain | 2023-08-15T17:15:00+00:00 | 2023-08-22T18:27:28.580705+00:00 |
| pysec-2023-146 |
9.8 (3.1)
|
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to exe… | langchain | 2023-08-15T17:15:00+00:00 | 2023-08-22T14:25:42.963301+00:00 |
| pysec-2023-145 |
9.8 (3.1)
|
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via th… | langchain | 2023-08-15T17:15:00Z | 2023-08-29T18:47:00.000000Z |
| pysec-2023-136 |
|
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Dril… | apache-airflow | 2023-08-11T08:15:00+00:00 | 2023-08-17T03:22:30.530556+00:00 |
| pysec-2023-137 |
|
GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from… | gitpython | 2023-08-11T07:15:00+00:00 | 2023-08-17T03:22:31.332731+00:00 |
| pysec-2023-141 |
5.4 (3.1)
|
A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to ex… | pynetbox | 2023-08-10T20:15:00Z | 2023-09-07T15:50:00.665697Z |
| pysec-2023-144 |
8.8 (3.1)
|
Cross Site Request Forgery (CSRF) vulnerability in wger Project wger Workout Manager 2.2.… | wger | 2023-08-08T16:15:00+00:00 | 2023-08-17T03:22:34.520767+00:00 |
| pysec-2023-143 |
5.4 (3.1)
|
Cross Site Scripting vulnerability in wger Project wger Workout Manager v.2.2.0a3 allows … | wger | 2023-08-08T16:15:00+00:00 | 2023-08-17T03:22:34.437974+00:00 |
| pysec-2023-142 |
5.9 (3.1)
|
Vyer is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). In ver… | vyper | 2023-08-07T19:15:00+00:00 | 2023-08-17T03:22:33.953997+00:00 |
| pysec-2023-134 |
|
Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthor… | apache-airflow | 2023-08-05T07:15:00+00:00 | 2023-08-05T10:26:00.927631+00:00 |
| pysec-2023-138 |
9.8 (3.1)
|
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary co… | langchain | 2023-08-05T03:15:00Z | 2023-08-22T15:51:39.650271Z |
| pysec-2023-140 |
6.5 (3.1)
|
MindsDB's AI Virtual Database allows developers to connect any AI/ML model to any datasou… | mindsdb | 2023-08-04T18:15:00+00:00 | 2023-08-17T03:22:32.744229+00:00 |
| pysec-2023-139 |
5.3 (3.1)
|
Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5… | matrix-sydent | 2023-08-04T16:15:00+00:00 | 2023-08-17T03:22:32.583512+00:00 |
| pysec-2023-135 |
|
Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. These ar… | certifi | 2023-08-03T19:36:12+00:00 | 2023-08-07T05:41:30.977938+00:00 |
| pysec-2023-280 |
7.8 (3.1)
|
OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0. | mlflow | 2023-08-01T01:15:00+00:00 | 2024-11-21T14:22:54.880705+00:00 |
| pysec-2023-126 |
|
PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability … | paddlepaddle | 2023-07-26T12:15:00+00:00 | 2023-07-26T14:25:58.775032+00:00 |
| pysec-2023-125 |
|
FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and… | paddlepaddle | 2023-07-26T12:15:00+00:00 | 2023-07-26T14:25:58.693754+00:00 |
| pysec-2023-124 |
|
Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to … | paddlepaddle | 2023-07-26T11:15:00+00:00 | 2023-07-26T12:51:10.139446+00:00 |
| pysec-2023-123 |
|
Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a … | paddlepaddle | 2023-07-26T11:15:00+00:00 | 2023-07-26T12:51:10.092120+00:00 |
| pysec-2023-122 |
|
Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potent… | paddlepaddle | 2023-07-26T10:15:00+00:00 | 2023-07-26T12:51:10.047714+00:00 |
| pysec-2023-132 |
6.1 (3.1)
|
copyparty is file server software. Prior to version 1.8.7, the application contains a ref… | copyparty | 2023-07-25T22:15:00+00:00 | 2023-08-02T20:24:02.446410+00:00 |
| pysec-2023-133 |
5.3 (3.1)
|
Vyper is a Pythonic programming language that targets the Ethereum Virtual Machine (EVM).… | vyper | 2023-07-25T21:15:00+00:00 | 2023-08-03T18:27:50.332832+00:00 |
| pysec-2023-130 |
6.5 (3.1)
|
Sentry is an error tracking and performance monitoring platform. Starting in version 8.21… | sentry | 2023-07-25T19:15:00+00:00 | 2023-08-02T16:31:39.850029+00:00 |
| pysec-2023-129 |
5.4 (3.1)
|
Indico is an open source a general-purpose, web based event management tool. There is a C… | indico | 2023-07-21T19:15:00+00:00 | 2023-07-31T20:36:08.003610+00:00 |
| pysec-2023-120 |
|
### Impact aiohttp v3.8.4 and earlier are [bundled with llhttp v6.0.6](https://github.co… | aiohttp | 2023-07-20T14:52:00+00:00 | 2023-07-24T14:58:05.562874+00:00 |
| pysec-2023-128 |
2.8 (3.1)
|
A flaw was found in the keylime attestation verifier, which fails to flag a device's subm… | keylime | 2023-07-19T19:15:00+00:00 | 2023-07-28T16:31:09.279625+00:00 |
| pysec-2023-117 |
|
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via … | pygments | 2023-07-19T15:15:00+00:00 | 2023-07-19T17:26:16.938508+00:00 |
| pysec-2023-308 |
10.0 (3.1)
|
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. | mlflow | 2023-07-19T01:15:10+00:00 | 2025-04-09T17:27:26.223213+00:00 |
| pysec-2023-312 |
5.9 (3.1)
|
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server b… | redis | 2023-07-15T23:15:09Z | 2025-06-02T11:48:06.372423Z |
| pysec-2023-127 |
|
Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traver… | copyparty | 2023-07-14T20:15:00+00:00 | 2023-07-27T20:23:01.674307+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-590 | Malicious code in pytorch-mutex (PyPI) | 2026-01-28T16:28:32Z | 2026-01-28T17:47:09Z |
| mal-2026-584 | Malicious code in chai-as-extended (npm) | 2026-01-28T15:06:22Z | 2026-02-02T05:56:26Z |
| mal-2026-589 | Malicious code in dotenv-embed (npm) | 2026-01-28T14:56:54Z | 2026-02-02T05:56:27Z |
| mal-2026-585 | Malicious code in chai-async-tests (npm) | 2026-01-28T14:56:54Z | 2026-02-02T05:56:26Z |
| mal-2026-588 | Malicious code in chai-sub (npm) | 2026-01-28T14:53:28Z | 2026-02-02T05:56:26Z |
| mal-2026-587 | Malicious code in chai-px (npm) | 2026-01-28T14:48:04Z | 2026-02-02T05:56:26Z |
| mal-2026-586 | Malicious code in chai-chains-async (npm) | 2026-01-28T14:46:57Z | 2026-02-02T05:56:26Z |
| mal-2026-583 | Malicious code in vuejavascript (npm) | 2026-01-28T13:59:24Z | 2026-02-02T05:56:31Z |
| mal-2026-582 | Malicious code in somsodamsd (npm) | 2026-01-28T13:59:24Z | 2026-02-02T05:56:30Z |
| mal-2026-581 | Malicious code in somesomesomesome (npm) | 2026-01-28T13:59:24Z | 2026-02-02T05:56:30Z |
| mal-2026-580 | Malicious code in somesomesome (npm) | 2026-01-28T13:59:24Z | 2026-02-02T05:56:30Z |
| mal-2026-579 | Malicious code in skndkjasndkjan (npm) | 2026-01-28T13:59:24Z | 2026-02-02T05:56:30Z |
| mal-2026-578 | Malicious code in @pukpuk1/somsodamsd (npm) | 2026-01-28T13:59:24Z | 2026-02-02T05:56:25Z |
| mal-2026-626 | Malicious code in react-toast-cold (npm) | 2026-01-28T08:21:01Z | 2026-02-04T05:37:06Z |
| mal-2026-570 | Malicious code in lyatly-utils (npm) | 2026-01-28T07:58:35Z | 2026-02-02T05:56:28Z |
| mal-2026-571 | Malicious code in okijuh (npm) | 2026-01-28T07:56:55Z | 2026-02-02T05:56:29Z |
| mal-2026-564 | Malicious code in chai-as-hashed (npm) | 2026-01-28T07:53:44Z | 2026-02-02T05:56:26Z |
| mal-2026-565 | Malicious code in converse-rn-lib (npm) | 2026-01-28T07:50:39Z | 2026-02-02T05:56:26Z |
| mal-2026-576 | Malicious code in teslaone (npm) | 2026-01-28T07:49:34Z | 2026-02-02T05:56:30Z |
| mal-2026-569 | Malicious code in ern-picking2-api (npm) | 2026-01-28T07:48:24Z | 2026-02-02T05:56:27Z |
| mal-2026-577 | Malicious code in transform-vue-jsx (npm) | 2026-01-28T07:43:54Z | 2026-02-02T05:56:31Z |
| mal-2026-575 | Malicious code in syntax-jsx (npm) | 2026-01-28T07:43:54Z | 2026-02-02T05:56:30Z |
| mal-2026-574 | Malicious code in syntax-flow (npm) | 2026-01-28T07:43:54Z | 2026-02-02T05:56:30Z |
| mal-2026-568 | Malicious code in equimper (npm) | 2026-01-28T07:43:53Z | 2026-02-02T05:56:27Z |
| mal-2026-562 | Malicious code in tabullates (PyPI) | 2026-01-28T07:42:32Z | 2026-01-28T19:13:29Z |
| mal-2026-572 | Malicious code in pino-debugger (npm) | 2026-01-28T07:37:08Z | 2026-02-02T05:56:29Z |
| mal-2026-567 | Malicious code in debug-glitz (npm) | 2026-01-28T07:37:08Z | 2026-02-02T05:56:27Z |
| mal-2026-566 | Malicious code in debug-fmt (npm) | 2026-01-28T07:37:08Z | 2026-02-02T05:56:27Z |
| mal-2026-573 | Malicious code in primebeem-db (npm) | 2026-01-28T07:27:26Z | 2026-02-02T05:56:29Z |
| mal-2026-563 | Malicious code in @nayzak51/primebeem-db (npm) | 2026-01-28T07:27:26Z | 2026-02-02T05:56:25Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-django-2025-48432 | 2025-09-25T08:40:36.630Z | 2025-10-16T18:08:44.835Z | |
| bit-django-2025-27556 | 2025-09-25T08:40:31.995Z | 2025-10-06T00:06:00.502Z | |
| bit-golang-2025-47910 | CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http | 2025-09-24T08:48:08.127Z | 2025-09-25T09:09:38.625Z |
| bit-mongodb-2025-3083 | Malformed MongoDB wire protocol messages may cause mongos to crash | 2025-09-23T08:46:32.630Z | 2025-09-23T09:10:44.834Z |
| bit-mongodb-2025-3082 | User may override a view's collation and gain unauthorized access to underlying data | 2025-09-23T08:46:30.283Z | 2025-09-23T09:10:44.834Z |
| bit-mongodb-2025-10059 | MongoDB Server router will crash when incorrect lsid is set on a sharded query | 2025-09-23T08:46:23.470Z | 2025-09-23T09:10:44.834Z |
| bit-mongodb-2025-0755 | MongoDB C Driver bson library may be susceptible to buffer overflow | 2025-09-23T08:46:21.341Z | 2025-11-06T13:25:46.476Z |
| bit-mongodb-2024-8654 | MongoDB Server may access non-initialized region of memory leading to unexpected behaviour | 2025-09-23T08:46:18.972Z | 2025-09-23T09:10:44.834Z |
| bit-mongodb-2024-3372 | MongoDB Server may have unexpected application behaviour due to invalid BSON | 2025-09-23T08:46:07.044Z | 2025-09-23T09:10:44.834Z |
| bit-golang-2025-47906 | Unexpected paths returned from LookPath in os/exec | 2025-09-20T08:43:22.590Z | 2025-11-06T13:25:46.476Z |
| bit-mongodb-2025-10061 | Malformed $group Query May Cause MongoDB Server to Crash | 2025-09-19T09:58:18.588Z | 2025-11-14T15:09:14.122Z |
| bit-mongodb-2025-10060 | MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation | 2025-09-19T09:58:16.816Z | 2025-09-19T10:21:21.758Z |
| bit-jenkins-2025-59476 | 2025-09-19T09:57:11.182Z | 2025-11-06T13:25:46.476Z | |
| bit-jenkins-2025-59475 | 2025-09-19T09:57:09.400Z | 2025-11-06T13:25:46.476Z | |
| bit-jenkins-2025-59474 | 2025-09-19T09:57:07.574Z | 2025-11-06T13:25:46.476Z | |
| bit-temporal-2023-3485 | Insecure Default Authorization in Temporal Server | 2025-09-16T11:52:55.067Z | 2025-09-16T12:10:06.830Z |
| bit-gitlab-2025-7337 | Allocation of Resources Without Limits or Throttling in GitLab | 2025-09-16T09:08:52.685Z | 2025-09-16T09:10:21.105Z |
| bit-gitlab-2025-6769 | Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab | 2025-09-16T09:08:47.176Z | 2025-09-16T09:10:21.105Z |
| bit-gitlab-2025-6454 | Server-Side Request Forgery (SSRF) in GitLab | 2025-09-16T09:08:45.357Z | 2026-01-26T15:09:56.435Z |
| bit-gitlab-2025-2256 | Improper Validation of Specified Quantity in Input in GitLab | 2025-09-16T09:07:42.625Z | 2025-09-16T09:10:21.105Z |
| bit-gitlab-2025-1250 | Allocation of Resources Without Limits or Throttling in GitLab | 2025-09-16T09:07:13.477Z | 2025-09-16T09:10:21.105Z |
| bit-gitlab-2025-10094 | Improper Validation of Specified Quantity in Input in GitLab | 2025-09-16T09:07:02.268Z | 2025-09-16T09:10:21.105Z |
| bit-prestashop-2024-36626 | 2025-09-16T08:51:49.628Z | 2025-09-16T09:10:21.105Z | |
| bit-mongodb-2025-6710 | Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB | 2025-09-16T08:47:35.944Z | 2025-09-16T09:10:21.105Z |
| bit-mongodb-2025-6709 | Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication | 2025-09-16T08:47:34.334Z | 2025-09-16T09:10:21.105Z |
| bit-mongodb-2025-6707 | Race condition in privilege cache invalidation cycle | 2025-09-16T08:47:32.697Z | 2025-09-27T09:09:19.773Z |
| bit-mongodb-2025-6706 | Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server | 2025-09-16T08:47:30.842Z | 2025-09-16T09:10:21.105Z |
| bit-prestashop-2025-51586 | 2025-09-15T05:49:14.417Z | 2025-09-15T06:06:53.428Z | |
| bit-nifi-2024-56512 | Apache NiFi: Missing Complete Authorization for Parameter and Service References | 2025-09-12T11:47:06.460Z | 2025-09-12T12:08:23.743Z |
| bit-nifi-2024-45477 | Apache NiFi: Improper Neutralization of Input in Parameter Description | 2025-09-12T11:47:04.858Z | 2025-11-06T13:25:46.476Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2023-004294 | Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL | 2023-10-27T16:10+09:00 | 2024-05-20T17:49+09:00 |
| jvndb-2023-000106 | Multiple vulnerabilities in baserCMS | 2023-10-27T14:46+09:00 | 2024-05-07T15:59+09:00 |
| jvndb-2023-000105 | Movable Type vulnerable to cross-site scripting | 2023-10-25T15:18+09:00 | 2024-05-10T17:47+09:00 |
| jvndb-2023-003956 | Improper restriction of XML external entity reference (XXE) vulnerability in OMRON CX-Designer | 2023-10-24T16:11+09:00 | 2024-05-10T17:47+09:00 |
| jvndb-2023-000103 | HP ThinUpdate vulnerable to improper server certificate verification | 2023-10-23T14:26+09:00 | 2023-10-23T14:26+09:00 |
| jvndb-2023-000102 | Multiple vulnerabilities in JustSystems products | 2023-10-19T15:16+09:00 | 2024-05-16T16:44+09:00 |
| jvndb-2023-000104 | Improper restriction of XML external entity references (XXE) in Proself | 2023-10-18T18:00+09:00 | 2024-05-15T17:08+09:00 |
| jvndb-2023-003913 | Multiple vulnerabilities in JTEKT ELECTRONICS OnSinView2 | 2023-10-18T14:13+09:00 | 2024-05-16T17:28+09:00 |
| jvndb-2023-000101 | web2py vulnerable to OS command injection | 2023-10-16T16:11+09:00 | 2024-05-22T17:58+09:00 |
| jvndb-2023-000100 | Scanning evasion issue in Cisco Secure Email Gateway | 2023-10-16T16:11+09:00 | 2023-10-27T15:52+09:00 |
| jvndb-2023-003788 | Out-of-bounds read vulnerability in Keyence KV STUDIO and KV REPLAY VIEWER | 2023-10-11T15:23+09:00 | 2024-05-16T17:09+09:00 |
| jvndb-2023-000098 | e-Gov Client Application fails to restrict custom URL schemes properly | 2023-10-06T14:57+09:00 | 2024-05-17T17:55+09:00 |
| jvndb-2023-003771 | File and Directory Permissions Vulnerability in JP1/Performance Management | 2023-10-04T15:23+09:00 | 2023-10-04T15:23+09:00 |
| jvndb-2023-003770 | DoS Vulnerability in Hitachi Ops Center Common Services | 2023-10-04T15:23+09:00 | 2024-05-22T15:31+09:00 |
| jvndb-2023-003769 | Information Exposure Vulnerability in Hitachi Ops Center Administrator | 2023-10-04T15:23+09:00 | 2024-05-22T15:20+09:00 |
| jvndb-2023-000097 | Citadel WebCit vulnerable to cross-site scripting on Instant Messaging facility | 2023-10-04T14:07+09:00 | 2024-05-21T17:08+09:00 |
| jvndb-2023-003767 | Multiple vulnerabilities in multiple FURUNO SYSTEMS wireless LAN access point devices in ST(Standalone) mode | 2023-10-03T14:26+09:00 | 2024-05-22T18:01+09:00 |
| jvndb-2023-000096 | Improper restriction of XML external entity references (XXE) in FD Application | 2023-10-02T12:36+09:00 | 2024-05-22T15:37+09:00 |
| jvndb-2023-003764 | Multiple vulnerabilities in Panasonic KW Watcher | 2023-09-27T14:44+09:00 | 2023-09-27T14:44+09:00 |
| jvndb-2023-000095 | Shihonkanri Plus vulnerable to relative path traversal | 2023-09-27T13:49+09:00 | 2024-05-21T17:16+09:00 |
| jvndb-2023-003757 | Trend Micro Mobile Security vulnerable to cross-site scripting | 2023-09-26T11:30+09:00 | 2024-03-13T18:07+09:00 |
| jvndb-2023-000094 | Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce" | 2023-09-22T13:51+09:00 | 2024-07-11T16:49+09:00 |
| jvndb-2023-003721 | Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution | 2023-09-20T13:58+09:00 | 2024-05-09T18:22+09:00 |
| jvndb-2023-003592 | Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software | 2023-09-13T15:02+09:00 | 2023-09-13T15:02+09:00 |
| jvndb-2023-000093 | Pyramid vulnerable to directory traversal | 2023-09-11T13:53+09:00 | 2024-05-16T16:52+09:00 |
| jvndb-2023-003335 | Vulnerability in JP1/VERITAS | 2023-09-06T15:35+09:00 | 2023-09-06T15:35+09:00 |
| jvndb-2023-000092 | "direct" Desktop App for macOS fails to restrict access permissions | 2023-09-06T14:33+09:00 | 2023-09-06T14:33+09:00 |
| jvndb-2023-000091 | Multiple vulnerabilities in F-RevoCRM | 2023-09-05T15:51+09:00 | 2024-05-14T18:06+09:00 |
| jvndb-2023-000090 | Multiple vulnerabilities in CGIs of PMailServer and PMailServer2 | 2023-09-05T14:55+09:00 | 2023-09-05T14:55+09:00 |
| jvndb-2023-000088 | Multiple vulnerabilities in SHIRASAGI | 2023-09-04T13:41+09:00 | 2024-05-14T17:58+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-10327 | Google Pixel aoc_ipc_core.c文件输入验证错误漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10326 | Google Pixel授权问题漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10325 | Google Pixel protocolpsadapter.cpp文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10324 | Google Pixel cn_NrmmDecoder.cpp文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10323 | Google Pixel gxp_buffer.h文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10322 | Google Pixel ss_LcsManagement.c文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10321 | Google Pixel代码执行漏洞(CNVD-2026-1032114) | 2025-12-18 | 2026-02-06 |
| cnvd-2026-05878 | 麒麟软件有限公司银河麒麟操作系统存在二进制漏洞 | 2025-12-18 | 2026-02-01 |
| cnvd-2026-03712 | TOTOLINK X5000R代码执行漏洞 | 2025-12-18 | 2026-01-15 |
| cnvd-2026-02696 | Google Pixel权限提升漏洞(CNVD-2026-0269620) | 2025-12-18 | 2026-01-09 |
| cnvd-2026-02695 | Google Pixel权限提升漏洞(CNVD-2026-0269521) | 2025-12-18 | 2026-01-09 |
| cnvd-2026-02694 | Google Pixel权限提升漏洞(CNVD-2026-0269422) | 2025-12-18 | 2026-01-09 |
| cnvd-2026-02693 | Google Pixel权限提升漏洞(CNVD-2026-0269323) | 2025-12-18 | 2026-01-09 |
| cnvd-2026-00840 | Student File Management System update_user.php文件跨站脚本漏洞 | 2025-12-18 | 2026-01-05 |
| cnvd-2026-00839 | Student File Management System user_id参数SQL注入漏洞 | 2025-12-18 | 2026-01-05 |
| cnvd-2026-00796 | UTT 进取 512W缓冲区溢出漏洞(CNVD-2026-0079609) | 2025-12-18 | 2026-01-08 |
| cnvd-2026-00795 | UTT 进取 512W缓冲区溢出漏洞(CNVD-2026-0079510) | 2025-12-18 | 2026-01-08 |
| cnvd-2026-00696 | Simple Attendance Record System check.php文件SQL注入漏洞 | 2025-12-18 | 2026-01-07 |
| cnvd-2026-00695 | Computer Laboratory System admin_pic.php文件文件上传漏洞 | 2025-12-18 | 2026-01-07 |
| cnvd-2026-00656 | D-Link DIR-803信息泄露漏洞 | 2025-12-18 | 2026-01-07 |
| cnvd-2026-00446 | Class and Exam Timetable Management /index.php文件SQL注入漏洞 | 2025-12-18 | 2026-01-05 |
| cnvd-2026-00445 | Class and Exam Timetable Management /preview7.php文件SQL注入漏洞 | 2025-12-18 | 2026-01-05 |
| cnvd-2025-31547 | IBM Aspera Orchestrator拒绝服务漏洞 | 2025-12-18 | 2025-12-30 |
| cnvd-2025-31546 | IBM Aspera Orchestrator未验证的密码更改漏洞 | 2025-12-18 | 2025-12-30 |
| cnvd-2025-31116 | WordPress Addon Elements for Elementor跨站脚本漏洞 | 2025-12-18 | 2025-12-26 |
| cnvd-2025-31121 | WordPress Video Merchant跨站请求伪造漏洞 | 2025-12-16 | 2025-12-26 |
| cnvd-2025-31120 | WordPress Wp Job Portal任意文件读取漏洞 | 2025-12-16 | 2025-12-26 |
| cnvd-2025-31119 | WordPress RSS Aggregator by Feedzy代码问题漏洞 | 2025-12-16 | 2025-12-26 |
| cnvd-2025-31118 | WordPress WP CarDealer权限提升漏洞 | 2025-12-16 | 2025-12-26 |
| cnvd-2025-31117 | WordPress List category posts SQL注入漏洞 | 2025-12-16 | 2025-12-26 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01213 | Уязвимость функции dbUnmount() модуля fs/jfs/jfs_dmap.c файловой системы JFS ядра операци… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01212 | Уязвимость параметра max_cert_list сжатия сертификатов в TLS 1.3 библиотеки OpenSSL, позв… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01211 | Уязвимость функции do_mount_setattr() модуля fs/namespace.c файловой системы ядра операци… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01210 | Уязвимость функции autofs_catatonic_mode() модуля fs/autofs/waitq.c файловой системы ядра… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01209 | Уязвимость функции vfio_iommu_iova_build_caps() модуля drivers/vfio/vfio_iommu_type1.c др… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01208 | Уязвимость функции kfd_build_sysfs_node_entry() модуля drivers/gpu/drm/amd/amdkfd/kfd_top… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01207 | Уязвимость функции crash_load_segments() модуля arch/x86/kernel/crash.c поддержки платфор… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01206 | Уязвимость функции tcf_block_bind() модуля net/sched/cls_api.c подсистемы управления траф… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01205 | Уязвимость функции get_gpio_i2c_info() модуля drivers/gpu/drm/amd/display/dc/bios/bios_pa… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01204 | Уязвимость функции __ext4_fill_super() модуля fs/ext4/super.c файловой системы Ext4 ядра … | 04.02.2026 | 04.02.2026 |
| bdu:2026-01203 | Уязвимость функции target_free_cmd_counter() модуля drivers/target/target_core_transport.… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01202 | Уязвимость функции mt7996_mcu_exit() модуля drivers/net/wireless/mediatek/mt76/mt7996/mcu… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01201 | Уязвимость функции spmmc_drv_probe() модуля drivers/mmc/host/sunplus-mmc.c драйвера карт … | 04.02.2026 | 04.02.2026 |
| bdu:2026-01200 | Уязвимость функции __ip6_make_skb() модуля net/ipv6/ip6_output.c реализации протокола IPv… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01199 | Уязвимость функции smsusb_stop_streaming() модуля drivers/media/usb/siano/smsusb.c драйве… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01198 | Уязвимость функции blkcg_activate_policy() модуля block/blk-cgroup.c поддержки блочного у… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01197 | Уязвимость функции xfrm_dev_policy_add() модуля net/xfrm/xfrm_device.c реализации сетевых… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01196 | Уязвимость функции btrfs_search_path_in_tree_user() модуля fs/btrfs/ioctl.c файловой сист… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01195 | Уязвимость функции qt1010_init() модуля drivers/media/tuners/qt1010.c драйвера мультимеди… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01194 | Уязвимость функции iomap_write_delalloc_scan() модуля fs/iomap/buffered-io.c файловой сис… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01193 | Уязвимость функции __write_overflow_field() модуля include/linux/fortify-string.h ядра оп… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01192 | Уязвимость функции imx_uart_probe() модуля drivers/tty/serial/imx.c драйвера консоли TTY … | 04.02.2026 | 04.02.2026 |
| bdu:2026-01191 | Уязвимость функции ieee80211_tx_dequeue() модуля net/mac80211/tx.c реализации стека mac80… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01190 | Уязвимость функции qedf_alloc_global_queues() модуля drivers/scsi/qedf/qedf_main.c драйве… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01189 | Уязвимость компонента Session Handler платформы для создания и развертывания рабочих проц… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01188 | Уязвимость функции vduse_vdpa_set_vq_affinity() модуля drivers/vdpa/vdpa_user/vduse_dev.c… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01187 | Уязвимость функции raid10_run() модуля drivers/md/raid10.c драйвера нескольких устройств … | 04.02.2026 | 04.02.2026 |
| bdu:2026-01186 | Уязвимость функции rdma_restrack_del() модуля drivers/infiniband/core/restrack.c драйвера… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01185 | Уязвимость функции sev_migrate_from() модуля arch/x86/kvm/svm/sev.c подсистемы виртуализа… | 04.02.2026 | 04.02.2026 |
| bdu:2026-01184 | Уязвимость функции intel_quark_thermal_init() модуля drivers/thermal/intel/intel_quark_dt… | 04.02.2026 | 04.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0889 | Vulnérabilité dans Squid | 2025-10-17T00:00:00.000000 | 2025-10-17T00:00:00.000000 |
| certfr-2025-avi-0888 | Multiples vulnérabilités dans les produits Mattermost | 2025-10-16T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-0887 | Vulnérabilité dans Synacor Zimbra Collaboration | 2025-10-16T00:00:00.000000 | 2025-10-16T00:00:00.000000 |
| certfr-2025-avi-0886 | Multiples vulnérabilités dans les produits F5 | 2025-10-16T00:00:00.000000 | 2025-10-16T00:00:00.000000 |
| certfr-2025-avi-0885 | Multiples vulnérabilités dans Samba | 2025-10-16T00:00:00.000000 | 2025-10-16T00:00:00.000000 |
| certfr-2025-avi-0884 | Multiples vulnérabilités dans les produits Cisco | 2025-10-16T00:00:00.000000 | 2025-10-16T00:00:00.000000 |
| certfr-2025-avi-0883 | Multiples vulnérabilités dans les produits Spring | 2025-10-16T00:00:00.000000 | 2025-10-16T00:00:00.000000 |
| certfr-2025-avi-0882 | Multiples vulnérabilités dans les produits Microsoft | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0881 | Multiples vulnérabilités dans Microsoft Azure | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0880 | Multiples vulnérabilités dans Microsoft .Net | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0879 | Multiples vulnérabilités dans Microsoft Windows | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0878 | Multiples vulnérabilités dans Microsoft Office | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0877 | Multiples vulnérabilités dans les produits Ivanti | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0876 | Multiples vulnérabilités dans les produits Adobe | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0875 | Vulnérabilité dans Google Chrome | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0874 | Vulnérabilité dans Schneider Electric EcoStruxure | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0873 | Multiples vulnérabilités dans les produits Mozilla | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0872 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0871 | Multiples vulnérabilités dans les produits Fortinet | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0870 | Vulnérabilité dans Microsoft Azure | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0869 | Multiples vulnérabilités dans les produits Veeam | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0868 | Vulnérabilité dans Siemens SIMATIC | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0867 | Multiples vulnérabilités dans les produits SAP | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0866 | Vulnérabilité dans Elastic Cloud Enterprise | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0865 | Vulnérabilité dans Oracle E-Business Suite | 2025-10-13T00:00:00.000000 | 2025-10-13T00:00:00.000000 |
| certfr-2025-avi-0864 | Multiples vulnérabilités dans VMware Tanzu | 2025-10-13T00:00:00.000000 | 2025-10-13T00:00:00.000000 |
| certfr-2025-avi-0863 | Vulnérabilité dans Belden HiOS Switch Platform | 2025-10-13T00:00:00.000000 | 2025-10-13T00:00:00.000000 |
| certfr-2025-avi-0862 | Multiples vulnérabilités dans Microsoft Edge | 2025-10-10T00:00:00.000000 | 2025-10-10T00:00:00.000000 |
| certfr-2025-avi-0861 | Multiples vulnérabilités dans les produits IBM | 2025-10-10T00:00:00.000000 | 2025-10-10T00:00:00.000000 |
| certfr-2025-avi-0860 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-10-10T00:00:00.000000 | 2025-10-10T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2024-417 | Use-of-uninitialized-value in bssl::ssl_cipher_process_rulestr | 2024-05-05T00:05:37.413119Z | 2024-05-08T03:26:30Z |
| osv-2024-409 | Use-of-uninitialized-value in Lexer::ReadToken | 2024-05-05T00:02:40.009382Z | 2024-05-05T00:02:40.009837Z |
| osv-2024-404 | Use-of-uninitialized-value in avifSequenceHeaderParse | 2024-05-04T00:03:34.449449Z | 2024-05-04T00:03:34.449922Z |
| osv-2024-403 | UNKNOWN READ in mem_planar_put_image_slow | 2024-05-04T00:02:34.636950Z | 2024-05-04T00:02:34.637538Z |
| osv-2024-402 | Stack-buffer-overflow in SwiftProtobuf.TextFormatScanner. | 2024-05-03T00:00:37.545228Z | 2024-05-10T00:00:37.545806Z |
| osv-2024-400 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-05-02T00:03:16.309384Z | 2026-02-06T14:17:18.890998Z |
| osv-2024-398 | Use-of-uninitialized-value in wabt::BinaryReaderObjdump::PrintInitExpr | 2024-05-01T00:11:38.602555Z | 2025-11-05T14:29:05.781980Z |
| osv-2024-396 | UNKNOWN READ in jvp_object_free | 2024-05-01T00:11:24.552935Z | 2025-07-01T14:29:52.935440Z |
| osv-2024-395 | Use-of-uninitialized-value in pcapint_filter_with_aux_data | 2024-05-01T00:04:54.392345Z | 2025-12-31T14:19:24.719836Z |
| osv-2024-393 | Heap-buffer-overflow in pcpp::BgpLayer::getHeaderLen | 2024-04-30T00:15:10.223298Z | 2025-10-22T18:24:01.160234Z |
| osv-2024-390 | Heap-buffer-overflow in H5O__cache_chk_serialize | 2024-04-30T00:14:19.116132Z | 2025-03-18T00:44:44.672358Z |
| osv-2024-389 | Heap-buffer-overflow in JS_CallInternal | 2024-04-30T00:14:11.245997Z | 2024-04-30T00:14:11.246314Z |
| osv-2024-387 | Heap-buffer-overflow in H5F_addr_encode | 2024-04-30T00:13:39.184262Z | 2026-02-21T16:08:55.576515Z |
| osv-2024-384 | Heap-use-after-free in json_fixed_string | 2024-04-30T00:12:26.560732Z | 2024-12-25T14:21:22.172697Z |
| osv-2024-382 | UNKNOWN READ in pcpp::Packet::destructPacketData | 2024-04-30T00:12:20.588223Z | 2025-05-14T14:16:53.222952Z |
| osv-2024-381 | Heap-buffer-overflow in H5F__accum_free | 2024-04-30T00:12:14.936195Z | 2025-10-10T16:22:08.455396Z |
| osv-2024-380 | Heap-use-after-free in H5FL__blk_gc_list | 2024-04-30T00:12:11.366893Z | 2025-08-06T15:10:14.893372Z |
| osv-2024-379 | UNKNOWN READ in H5SL_first | 2024-04-30T00:12:09.539697Z | 2025-01-10T05:30:29.297578Z |
| osv-2024-372 | Security exception in java.base/java.util.Arrays.copyOf | 2024-04-30T00:09:04.989259Z | 2025-12-01T14:21:29.544925Z |
| osv-2024-371 | UNKNOWN READ in jv_array_set | 2024-04-30T00:08:27.982063Z | 2025-05-18T14:24:27.459047Z |
| osv-2024-370 | Heap-buffer-overflow in H5O__chunk_protect | 2024-04-30T00:08:00.120801Z | 2025-09-27T15:27:53.336806Z |
| osv-2024-369 | Segv on unknown address in pcpp::IPv6Layer::~IPv6Layer | 2024-04-30T00:07:01.572543Z | 2025-12-22T14:20:46.950585Z |
| osv-2024-360 | Heap-buffer-overflow in pcpp::TelnetLayer::getFieldLen | 2024-04-30T00:05:53.016170Z | 2025-12-22T14:20:47.423159Z |
| osv-2024-359 | Security exception in graphql.schema.GraphQLTypeUtil.simplePrint | 2024-04-30T00:05:50.949087Z | 2024-04-30T00:05:50.949438Z |
| osv-2024-352 | Heap-buffer-overflow in __parse_options | 2024-04-30T00:04:28.080620Z | 2025-03-19T14:25:45.717598Z |
| osv-2024-351 | UNKNOWN READ in H5SL__release_common | 2024-04-30T00:03:47.754456Z | 2025-10-11T15:15:24.788105Z |
| osv-2024-349 | Security exception in java.base/java.lang.AbstractStringBuilder.<init> | 2024-04-30T00:03:33.576785Z | 2024-08-27T14:19:50.205074Z |
| osv-2024-345 | Use-of-uninitialized-value in aesEncryptBlock | 2024-04-30T00:03:14.686810Z | 2024-05-27T14:03:03.110153Z |
| osv-2024-343 | Heap-buffer-overflow in pcpp::BgpUpdateMessageLayer::setPathAttributes | 2024-04-30T00:02:38.268026Z | 2025-01-13T14:51:10.266632Z |
| osv-2024-341 | UNKNOWN READ in PointerVector.h | 2024-04-30T00:02:07.034555Z | 2025-05-14T14:20:00.536472Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2022-0022 | Parser creates invalid uninitialized value | 2022-05-10T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0021 | `SegQueue` creates zero value of any type | 2022-05-10T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0020 | `SegQueue` creates zero value of any type | 2022-05-10T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0019 | Channel creates zero value of any type | 2022-05-10T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0018 | Timing attack | 2022-05-09T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0027 | `OCSP_basic_verify` may incorrectly verify the response signing certificate | 2022-05-03T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0026 | Incorrect MAC key used in the RC4-MD5 ciphersuite | 2022-05-03T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0025 | Resource leakage when decoding certificates and keys | 2022-05-03T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0017 | `array!` macro is unsound when its length is impure constant | 2022-04-27T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0071 | Rusoto is unmaintained | 2022-04-24T12:00:00Z | 2022-12-18T12:08:00Z |
| rustsec-2022-0092 | `rmp-serde` `Raw` and `RawRef` unsound | 2022-04-13T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0016 | Use after free with `externref`s and epoch interruption in Wasmtime | 2022-03-31T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0099 | Use after free with `externref`s and epoch interruption in Wasmtime | 2022-03-28T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2022-0015 | pty is unmaintained | 2022-03-22T12:00:00Z | 2022-03-22T14:52:42Z |
| rustsec-2022-0014 | Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates | 2022-03-15T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0013 | Regexes with large repetitions on empty sub-expressions take a very long time to parse | 2022-03-08T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0103 | Incorrect signature verification on gzip-compressed install images | 2022-03-04T12:00:00Z | 2025-12-21T13:45:28Z |
| rustsec-2022-0012 | Arrow2 allows double free in `safe` code | 2022-03-04T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0011 | Miscomputation when performing AES encryption in rust-crypto | 2022-02-28T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0047 | Post-Quantum Signature scheme Rainbow level I parametersets broken | 2022-02-25T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0096 | Invalid drop of VMExternRef from partially-initialized instances in the pooling instance allocator | 2022-02-17T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2022-0010 | enum_map macro can cause UB when `Enum` trait is incorrectly implemented | 2022-02-17T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0009 | Failure to verify the public key of a `SignedEnvelope` against the `PeerId` in a `PeerRecord` | 2022-02-07T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0041 | Unsoundness of AtomicCell<*64> arithmetics on 32-bit targets that support Atomic*64 | 2022-02-05T12:00:00Z | 2022-08-04T13:56:30Z |
| rustsec-2022-0081 | json is unmaintained | 2022-02-01T12:00:00Z | 2023-08-25T17:52:15Z |
| rustsec-2022-0048 | xml-rs is Unmaintained | 2022-01-26T12:00:00Z | 2023-05-05T07:39:54Z |
| rustsec-2022-0040 | Multiple soundness issues in `owning_ref` | 2022-01-26T12:00:00Z | 2023-10-14T21:21:18Z |
| rustsec-2022-0007 | A malicious coder can get unsound access to TCell or TLCell memory | 2022-01-24T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0006 | Data race in `Iter` and `IterMut` | 2022-01-23T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2022-0005 | crate has been renamed to `ftdi-embedded-hal` | 2022-01-22T12:00:00Z | 2022-01-22T18:27:42Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2025:15021 | Important: postgresql:13 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:05:39Z |
| alsa-2025:15020 | Important: udisks2 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:12:40Z |
| alsa-2025:15019 | Moderate: python3.9 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:10:40Z |
| alsa-2025:15018 | Important: udisks2 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:14:00Z |
| alsa-2025:15017 | Important: udisks2 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:15:52Z |
| alsa-2025:15011 | Important: kernel security update | 2025-09-02T00:00:00Z | 2025-09-29T09:19:38Z |
| alsa-2025:15010 | Moderate: python3.11 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:21:37Z |
| alsa-2025:15009 | Moderate: kernel-rt security update | 2025-09-02T00:00:00Z | 2025-09-02T12:21:56Z |
| alsa-2025:15008 | Moderate: kernel security update | 2025-09-02T00:00:00Z | 2025-09-09T09:28:32Z |
| alsa-2025:15007 | Moderate: python3.12 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:23:49Z |
| alsa-2025:15005 | Moderate: kernel security update | 2025-09-02T00:00:00Z | 2025-09-29T09:34:42Z |
| alsa-2025:14999 | Moderate: resource-agents security update | 2025-09-02T00:00:00Z | 2026-01-05T21:07:54Z |
| alsa-2025:14984 | Moderate: python3.12 security update | 2025-09-02T00:00:00Z | 2025-09-29T09:30:31Z |
| alsa-2025:14983 | Moderate: mod_http2 security update | 2025-09-02T00:00:00Z | 2025-09-02T10:38:04Z |
| alsa-2025:14900 | Moderate: python39:3.9 security update | 2025-08-28T00:00:00Z | 2025-09-01T12:34:36Z |
| alsa-2025:14899 | Important: postgresql:16 security update | 2025-08-28T00:00:00Z | 2025-08-29T10:40:22Z |
| alsa-2025:14878 | Important: postgresql security update | 2025-08-28T00:00:00Z | 2025-08-29T06:49:12Z |
| alsa-2025:14862 | Important: postgresql:15 security update | 2025-08-28T00:00:00Z | 2025-09-02T10:40:42Z |
| alsa-2025:14844 | Important: thunderbird security update | 2025-08-28T00:00:00Z | 2025-08-29T13:15:41Z |
| alsa-2025:14841 | Moderate: python3.11 security update | 2025-08-28T00:00:00Z | 2025-08-29T06:51:33Z |
| alsa-2025:14827 | Important: postgresql:16 security update | 2025-08-28T00:00:00Z | 2025-08-29T10:43:07Z |
| alsa-2025:14826 | Important: postgresql16 security update | 2025-08-28T00:00:00Z | 2025-08-29T10:46:22Z |
| alsa-2025:14750 | Moderate: fence-agents security update | 2025-08-27T00:00:00Z | 2025-08-28T07:14:58Z |
| alsa-2025:14743 | Important: thunderbird security update | 2025-08-27T00:00:00Z | 2025-08-28T07:17:59Z |
| alsa-2025:14640 | Important: thunderbird security update | 2025-08-26T00:00:00Z | 2025-08-29T13:02:26Z |
| alsa-2025:14625 | Moderate: mod_http2 security update | 2025-08-26T00:00:00Z | 2025-08-27T11:49:37Z |
| alsa-2025:14592 | Important: aide security update | 2025-08-26T00:00:00Z | 2025-08-27T13:34:06Z |
| alsa-2025:14573 | Important: aide security update | 2025-08-26T00:00:00Z | 2025-08-27T11:47:08Z |
| alsa-2025:14560 | Moderate: python3 security update | 2025-08-26T00:00:00Z | 2025-09-29T09:37:04Z |
| alsa-2025:14557 | Important: pam security update | 2025-08-26T00:00:00Z | 2025-09-04T09:35:13Z |