Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-0011 |
5.4 (3.1)
|
Denial of Service vulnerabilities in BIND 4.9 and… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-04-09T18:29:26.012Z |
| CVE-1999-0012 |
7 (3.1)
|
Some web servers under Microsoft Windows allow re… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-04-09T18:30:54.684Z |
| CVE-1999-0016 |
N/A
|
Land IP denial of service. |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-03-17T15:03:08.590Z |
| CVE-1999-0035 |
5.4 (3.1)
|
Race condition in signal handling routine in ftpd… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-10-20T17:45:44.427Z |
| CVE-1999-0103 |
N/A
|
Echo and chargen, or other combinations of UDP se… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-03-17T15:03:10.094Z |
| CVE-1999-0159 |
3.5 (3.1)
|
Attackers can crash a Cisco IOS router or device,… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-08-27T18:38:54.613Z |
| CVE-1999-0211 |
N/A
|
Extra long export lists over 256 characters in so… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2024-08-01T16:34:50.910Z |
| CVE-1999-0468 |
8.2 (3.1)
|
Internet Explorer 5.0 allows a remote server to r… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-08-25T18:51:48.046Z |
| CVE-1999-0472 |
N/A
|
The SNMP default community name "public" is not p… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-03-17T15:03:17.703Z |
| CVE-1999-0002 |
N/A
|
Buffer overflow in NFS mountd gives root access t… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:07:57.748Z |
| CVE-1999-0003 |
N/A
|
Execute commands as root via buffer overflow in T… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:11:38.579Z |
| CVE-1999-0005 |
N/A
|
Arbitrary command execution via IMAP buffer overf… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.689Z |
| CVE-1999-0006 |
9.8 (3.1)
|
Buffer overflow in POP servers based on BSD/Qualc… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-10-29T14:08:55.394Z |
| CVE-1999-0007 |
N/A
|
Information from SSL-encrypted sessions via PKCS #1. |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.484Z |
| CVE-1999-0008 |
N/A
|
Buffer overflow in NIS+, in Sun's rpc.nisd program. |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.477Z |
| CVE-1999-0009 |
N/A
|
Inverse query buffer overflow in BIND 4.9 and BIN… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.971Z |
| CVE-1999-0010 |
N/A
|
Denial of Service vulnerability in BIND 8 Release… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.711Z |
| CVE-1999-0013 |
8.4 (3.1)
|
Stolen credentials from SSH clients via ssh-agent… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T19:02:44.132Z |
| CVE-1999-0014 |
N/A
|
Unauthorized privileged access or denial of servi… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.465Z |
| CVE-1999-0017 |
N/A
|
FTP servers can allow an attacker to connect to a… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.465Z |
| CVE-1999-0018 |
N/A
|
Buffer overflow in statd allows root privileges. |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.714Z |
| CVE-1999-0019 |
N/A
|
Delete or create a file via rpc.statd, due to inv… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:57.469Z |
| CVE-1999-0021 |
N/A
|
Arbitrary command execution via buffer overflow i… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.743Z |
| CVE-1999-0022 |
7.8 (3.1)
|
Local user gains root privileges via buffer overf… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-10-29T14:08:24.263Z |
| CVE-1999-0023 |
N/A
|
Local user gains root privileges via buffer overf… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.726Z |
| CVE-1999-0024 |
N/A
|
DNS cache poisoning via BIND, by predictable query IDs. |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.713Z |
| CVE-1999-0025 |
N/A
|
root privileges via buffer overflow in df command… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.742Z |
| CVE-1999-0026 |
N/A
|
root privileges via buffer overflow in pset comma… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.714Z |
| CVE-1999-0027 |
N/A
|
root privileges via buffer overflow in eject comm… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.695Z |
| CVE-1999-0028 |
N/A
|
root privileges via buffer overflow in login/sche… |
n/a |
n/a |
1999-09-29T08:00:00.000Z | 2024-08-01T16:27:56.731Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-2fqv-h3r5-m4vf |
6.1 (3.1)
|
Cross Site Scripting (XSS) in plotly.js | 2017-10-24T18:33:35Z | 2021-08-30T21:12:50Z |
| ghsa-3m6r-39p3-jq25 |
9.1 (3.1)
|
Doorkeeper is vulnerable to replay attacks | 2017-10-24T18:33:35Z | 2022-04-25T16:34:57Z |
| ghsa-4jm3-pfpf-h54p |
9.8 (3.1)
|
espeak-ruby allows arbitrary command execution | 2017-10-24T18:33:35Z | 2023-01-25T22:57:24Z |
| ghsa-543v-gj2c-r3ch |
5.3 (3.1)
|
activemodel contains Improper Input Validation | 2017-10-24T18:33:35Z | 2023-06-30T21:32:03Z |
| ghsa-5vx5-9q73-wgp4 |
9.8 (3.1)
|
Safemode Gem Has Incomplete List of Disallowed Inputs | 2017-10-24T18:33:35Z | 2023-09-05T21:30:18Z |
| ghsa-6h88-qjpv-p32m |
7.5 (3.1)
|
OpenSSL gem for Ruby using inadequate encryption strength | 2017-10-24T18:33:35Z | 2022-04-25T16:33:57Z |
| ghsa-78rc-8c29-p45g |
7.3 (3.1)
|
actionpack allows remote code execution via application's unrestricted use of render method | 2017-10-24T18:33:35Z | 2023-07-03T18:58:43Z |
| ghsa-87vv-r9j6-g5qv |
6.5 (3.1)
|
Regular Expression Denial of Service in moment | 2017-10-24T18:33:35Z | 2022-06-07T14:31:25Z |
| ghsa-c92m-rrrc-q5wf |
8.1 (3.1)
|
safemode gem allows context-dependent attackers to obtain sensitive information via the inspect method | 2017-10-24T18:33:35Z | 2023-09-05T21:11:43Z |
| ghsa-f522-ffg8-j8r6 |
7.5 (3.1)
|
Regular Expression Denial of Service in is-my-json-valid | 2017-10-24T18:33:35Z | 2025-10-17T17:50:27Z |
| ghsa-f7f4-5w9j-23p2 |
9.8 (3.1)
|
festivaltts4r allows arbitrary command execution | 2017-10-24T18:33:35Z | 2023-01-25T23:16:58Z |
| ghsa-ffpv-c4hm-3x6v |
7.5 (3.1)
|
actionpack is vulnerable to denial of service via a crafted HTTP Accept header | 2017-10-24T18:33:35Z | 2023-07-31T21:08:45Z |
| ghsa-gcqq-w6gr-h9j9 |
9.8 (3.1)
|
Directory traversal vulnerability in RubyZip | 2017-10-24T18:33:35Z | 2023-01-26T20:55:34Z |
| ghsa-gvcj-pfq2-wxj7 |
7.8 (3.1)
|
High severity vulnerability that affects electron | 2017-10-24T18:33:35Z | 2021-09-13T12:46:47Z |
| ghsa-h5g2-38x9-4gv3 |
7.5 (3.1)
|
archive-tar-minitar and minitar vulnerable to Path Traversal | 2017-10-24T18:33:35Z | 2023-09-05T21:02:41Z |
| ghsa-hpcf-8vf9-q4gj |
6.1 (3.1)
|
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText | 2017-10-24T18:33:35Z | 2023-01-26T23:02:07Z |
| ghsa-j5hj-fhc9-g24m |
5.3 (3.1)
|
rack-mini-profiler allows remote attackers to obtain sensitive information about allocated strings … | 2017-10-24T18:33:35Z | 2023-01-23T21:18:15Z |
| ghsa-pc3m-v286-2jwj |
6.1 (3.1)
|
actionview Cross-site Scripting vulnerability | 2017-10-24T18:33:35Z | 2023-01-23T17:59:42Z |
| ghsa-pr3r-4wrp-r2pv |
7.5 (3.1)
|
ActiveRecord in Ruby on Rails allows database-query bypass | 2017-10-24T18:33:35Z | 2023-07-04T00:01:26Z |
| ghsa-vx9j-46rh-fqr8 |
5.3 (3.1)
|
actionview contains Path Traversal vulnerability | 2017-10-24T18:33:35Z | 2023-07-05T20:44:17Z |
| ghsa-xrr4-p6fq-hjg7 |
7.5 (3.1)
|
Directory traversal vulnerability in Action View in Ruby on Rails | 2017-10-24T18:33:35Z | 2025-10-22T17:35:03Z |
| ghsa-229r-pqp6-8w6g |
|
sprout Arbitrary Code Execution vulnerability | 2017-10-24T18:33:36Z | 2023-08-29T15:58:19Z |
| ghsa-29gr-w57f-rpfw |
|
actionpack vulnerable to Path Traversal | 2017-10-24T18:33:36Z | 2023-08-25T19:41:02Z |
| ghsa-333x-9vgq-v2j4 |
|
Directory Traversal in geddy | 2017-10-24T18:33:36Z | 2021-08-31T20:33:50Z |
| ghsa-33pp-3763-mrfp |
|
sprockets vulnerable to Path Traversal | 2017-10-24T18:33:36Z | 2023-03-01T18:54:54Z |
| ghsa-34r7-q49f-h37c |
9.8 (3.1)
|
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js | 2017-10-24T18:33:36Z | 2021-10-29T14:15:03Z |
| ghsa-3fx5-fwvr-xrjg |
7.5 (3.1)
|
Regular Expression Denial of Service in ms | 2017-10-24T18:33:36Z | 2024-08-01T16:44:35Z |
| ghsa-4c4w-3q45-hp9j |
7.5 (3.1)
|
Aescrypt does not sufficiently use random values | 2017-10-24T18:33:36Z | 2023-01-25T22:56:46Z |
| ghsa-4whc-pp4x-9pf3 |
|
jquery-rails and jquery-ujs subject to Exposure of Sensitive Information | 2017-10-24T18:33:36Z | 2026-01-14T21:44:14Z |
| ghsa-552w-rqg8-gxxm |
6.1 (3.1)
|
Moderate severity vulnerability that affects validator | 2017-10-24T18:33:36Z | 2021-09-01T19:26:29Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-55 |
|
Malicious package. Exfiltrated secrets to a target server. | cipherbcrypt | 0001-01-01T00:00:00+00:00 | |
| pysec-2005-1 |
|
Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2… | trac | 2005-12-31T05:00:00Z | 2021-07-16T01:31:33.917972Z |
| pysec-2006-1 |
|
Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 … | cherrypy | 2006-02-22T02:02:00Z | 2021-07-05T00:01:17.388273Z |
| pysec-2006-4 |
|
Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote atta… | extractor | 2006-05-18T23:02:00Z | 2024-11-25T22:09:33.909779Z |
| pysec-2006-7 |
|
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw… | zope2 | 2006-07-07T23:05:00Z | 2024-11-21T14:23:03.576588Z |
| pysec-2006-2 |
|
Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrust… | trac | 2006-07-21T14:03:00Z | 2021-07-16T01:31:33.987147Z |
| pysec-2006-8 |
|
The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not … | zope2 | 2006-09-19T18:07:00Z | 2024-11-21T14:23:03.63347Z |
| pysec-2006-5 |
|
Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 … | Plone | 2006-09-29T19:07:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2006-3 |
|
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows … | trac | 2006-11-14T19:07:00Z | 2021-07-16T01:31:34.062903Z |
| pysec-2006-6 |
|
Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member regis… | Plone | 2006-12-07T23:28:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2007-2 |
|
Cross-site scripting (XSS) vulnerability in the "download wiki page as text" feature in T… | trac | 2007-03-10T22:19:00Z | 2021-07-16T01:31:34.136788Z |
| pysec-2007-3 |
|
Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attach… | trac | 2007-03-10T22:19:00Z | 2021-07-16T01:31:34.212521Z |
| pysec-2007-1 |
|
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as … | django | 2007-10-30T19:46:00Z | 2021-07-15T02:22:07.728618Z |
| pysec-2007-4 |
|
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrar… | plone | 2007-11-07T21:46:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-3 |
|
Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py i… | cherrypy | 2008-01-12T02:46:00Z | 2021-07-16T01:31:05.763719Z |
| pysec-2008-8 |
|
common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not… | paramiko | 2008-01-16T23:00:00Z | 2021-08-27T03:22:10.050129Z |
| pysec-2008-14 |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CMS 3.0.5 and 3.0.6 a… | Plone | 2008-03-20T00:44:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-10 |
|
The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows att… | roundup | 2008-03-24T22:44:00Z | 2021-08-27T03:22:19.634629Z |
| pysec-2008-9 |
|
Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and atta… | roundup | 2008-03-24T22:44:00Z | 2021-08-27T03:22:19.598501Z |
| pysec-2008-12 |
|
The user form processing (userform.py) in MoinMoin before 1.6.3, when using ACLs or a non… | moin | 2008-04-25T06:05:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-1 |
|
Cross-site scripting (XSS) vulnerability in the login form in the administration applicat… | django | 2008-05-23T15:32:00Z | 2021-07-15T02:22:07.778598Z |
| pysec-2008-11 |
|
Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-… | exiv2 | 2008-06-13T19:41:00Z | 2024-11-21T14:22:45.866207Z |
| pysec-2008-4 |
|
Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote atta… | trac | 2008-07-27T22:41:00Z | 2021-07-16T01:31:34.307332Z |
| pysec-2008-5 |
|
Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows … | trac | 2008-07-27T22:41:00Z | 2021-07-16T01:31:34.385513Z |
| pysec-2008-13 |
|
Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (a… | moin | 2008-07-30T18:41:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-2 |
|
The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP… | django | 2008-09-04T17:41:00Z | 2021-07-15T02:22:07.826825Z |
| pysec-2008-6 |
|
Unspecified vulnerability in Trac before 0.11.2 allows attackers to cause a denial of ser… | trac | 2008-12-17T18:30:00Z | 2021-07-16T01:31:34.451441Z |
| pysec-2008-7 |
|
Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attac… | trac | 2008-12-17T18:30:00Z | 2021-07-16T01:31:34.677272Z |
| pysec-2009-11 |
|
The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an includ… | moin | 2009-03-30T01:30:00+00:00 | 2024-02-02T07:18:32.552079+00:00 |
| pysec-2009-12 |
|
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the crackli… | moin | 2009-03-30T01:30:00Z | 2024-11-25T18:35:18.357593Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2021-5 | Malicious code in portal-shell (npm) | 2021-11-15T00:00:00Z | 2023-09-01T20:12:58Z |
| mal-2021-2 | Malicious code in dbp-polyfills (npm) | 2021-12-24T00:00:00Z | 2023-09-01T20:12:58Z |
| mal-2021-3 | Malicious code in digital-marketing-client (npm) | 2021-12-24T00:00:00Z | 2023-09-01T20:12:58Z |
| mal-2021-1 | Malicious code in cxp-jquery (npm) | 2021-12-27T00:00:00Z | 2023-09-01T20:12:58Z |
| mal-2021-4 | Malicious code in lib-bb-html-sanitizer (npm) | 2021-12-27T00:00:00Z | 2023-09-01T20:12:58Z |
| mal-2022-7431 | Malicious code in bootstrap-feature (npm) | 2022-01-03T00:00:00Z | 2023-09-01T20:12:58Z |
| mal-2022-5108 | Malicious code in opsie (npm) | 2022-05-09T21:16:00Z | 2022-05-09T21:16:01Z |
| mal-2022-4049 | Malicious code in jquerry (npm) | 2022-05-11T16:45:06Z | 2022-05-11T16:45:07Z |
| mal-2022-5303 | Malicious code in personal-colorss (npm) | 2022-05-13T17:03:32Z | 2022-05-13T17:03:32Z |
| mal-2022-2819 | Malicious code in eslint-plugin-kavak (npm) | 2022-05-16T06:20:33Z | 2022-05-16T06:20:34Z |
| mal-2022-4341 | Malicious code in loadassh (npm) | 2022-05-16T06:22:48Z | 2022-05-16T06:22:56Z |
| mal-2022-4342 | Malicious code in loaddash (npm) | 2022-05-16T06:22:48Z | 2022-05-16T06:22:56Z |
| mal-2022-5239 | Malicious code in payoneer-scripts (npm) | 2022-05-16T06:25:04Z | 2022-05-16T06:25:34Z |
| mal-2022-3359 | Malicious code in gfg-security-utilities (npm) | 2022-05-16T06:27:19Z | 2022-05-16T06:27:20Z |
| mal-2022-6234 | Malicious code in speedy-ts-compiler (npm) | 2022-05-16T06:37:16Z | 2022-05-16T06:37:16Z |
| mal-2022-2100 | Malicious code in com.unity.probuilder (npm) | 2022-05-16T06:45:14Z | 2022-05-16T06:45:15Z |
| mal-2022-2103 | Malicious code in com.unity.searcher (npm) | 2022-05-16T06:45:14Z | 2022-05-16T06:45:15Z |
| mal-2022-2101 | Malicious code in com.unity.render-pipelines.high-definition-config (npm) | 2022-05-16T06:45:15Z | 2022-05-16T06:45:15Z |
| mal-2022-4945 | Malicious code in npm_test_nothing (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:03Z |
| mal-2022-6722 | Malicious code in ual-content-page (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:03Z |
| mal-2022-7288 | Malicious code in xo-locale (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:03Z |
| mal-2022-870 | Malicious code in adroit-websdk-client (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:04Z |
| mal-2022-2707 | Malicious code in elysium-ui (npm) | 2022-05-16T06:46:05Z | 2022-05-16T06:46:06Z |
| mal-2022-2953 | Malicious code in f0-utils (npm) | 2022-05-16T06:46:05Z | 2022-05-16T06:46:05Z |
| mal-2022-869 | Malicious code in adroit-f0-components (npm) | 2022-05-16T06:46:05Z | 2022-05-16T06:46:06Z |
| mal-2022-1577 | Malicious code in binance-connector-node (npm) | 2022-05-16T06:46:18Z | 2022-05-16T06:46:19Z |
| mal-2022-6524 | Malicious code in testingx (npm) | 2022-05-16T06:46:35Z | 2022-05-16T06:46:35Z |
| mal-2022-998 | Malicious code in angieslist-gulp-build-tasks (npm) | 2022-05-16T06:46:35Z | 2022-05-16T06:46:36Z |
| mal-2022-2609 | Malicious code in dummy-preprocessor (npm) | 2022-05-16T06:47:07Z | 2022-05-16T06:47:08Z |
| mal-2022-3279 | Malicious code in gatsby-plugin-added-by-parent-theme (npm) | 2022-05-16T06:47:08Z | 2022-05-16T06:47:09Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-airflow-2023-51702 | Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service | 2024-03-06T10:50:28.804Z | 2025-05-20T10:02:07.006Z |
| bit-apache-2023-45802 | Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST | 2024-03-06T10:50:33.560Z | 2025-05-20T10:02:07.006Z |
| bit-apr-2022-28331 | Apache Portable Runtime (APR): Windows out-of-bounds write in apr_socket_sendv function | 2024-03-06T10:50:33.685Z | 2025-05-20T10:02:07.006Z |
| bit-appsmith-2022-4096 | Server-Side Request Forgery (SSRF) in appsmithorg/appsmith | 2024-03-06T10:50:34.576Z | 2025-05-20T10:02:07.006Z |
| bit-apisix-2023-44487 | 2024-03-06T10:50:34.863Z | 2026-02-11T09:09:18.507Z | |
| bit-airflow-2023-50944 | Apache Airflow: Bypass permission verification to read code of other dags | 2024-03-06T10:50:38.379Z | 2025-05-20T10:02:07.006Z |
| bit-apache-2023-43622 | Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 | 2024-03-06T10:50:43.363Z | 2025-05-20T10:02:07.006Z |
| bit-apisix-2022-29266 | apisix/jwt-auth may leak secrets in error response | 2024-03-06T10:50:44.063Z | 2025-05-20T10:02:07.006Z |
| bit-brotli-2020-8927 | Buffer overflow in Brotli library | 2024-03-06T10:50:45.386Z | 2025-05-20T10:02:07.006Z |
| bit-cassandra-2023-30601 | Apache Cassandra: Privilege escalation when enabling FQL/Audit logs | 2024-03-06T10:50:45.472Z | 2025-05-20T10:02:07.006Z |
| bit-apr-2022-24963 | Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions | 2024-03-06T10:50:46.060Z | 2025-05-20T10:02:07.006Z |
| bit-appsmith-2022-39824 | 2024-03-06T10:50:47.399Z | 2025-04-03T14:40:37.652Z | |
| bit-airflow-2023-50943 | Apache Airflow: Potential pickle deserialization vulnerability in XComs | 2024-03-06T10:50:50.999Z | 2025-05-20T10:02:07.006Z |
| bit-composer-2024-24821 | Code execution and possible privilege escalation via compromised InstalledVersions.php or installed.php in Composer | 2024-03-06T10:50:51.366Z | 2025-05-20T10:02:07.006Z |
| bit-clickhouse-2020-26759 | 2024-03-06T10:50:51.666Z | 2025-04-03T14:40:37.652Z | |
| bit-concourse-2022-31683 | 2024-03-06T10:50:52.308Z | 2025-04-03T14:40:37.652Z | |
| bit-apache-2023-31122 | Apache HTTP Server: mod_macro buffer over-read | 2024-03-06T10:50:54.601Z | 2025-05-20T10:02:07.006Z |
| bit-apisix-2022-25757 | Apache APISIX: the body_schema check in request-validation plugin can be bypassed | 2024-03-06T10:50:56.297Z | 2025-05-20T10:02:07.006Z |
| bit-apr-2021-35940 | Regression of CVE-2017-12613 | 2024-03-06T10:50:57.087Z | 2025-05-20T10:02:07.006Z |
| bit-consul-2023-5332 | Dependency on Vulnerable Third-Party Component in GitLab | 2024-03-06T10:50:58.088Z | 2025-05-20T10:02:07.006Z |
| bit-cassandra-2021-44521 | Remote code execution for scripted UDFs | 2024-03-06T10:50:58.097Z | 2025-05-20T10:02:07.006Z |
| bit-contour-2023-44487 | 2024-03-06T10:50:58.800Z | 2026-02-11T09:09:18.507Z | |
| bit-cosign-2023-46737 | Possible endless data attack from attacker-controlled registry in cosign | 2024-03-06T10:50:59.503Z | 2025-05-20T10:02:07.006Z |
| bit-appsmith-2022-38299 | 2024-03-06T10:51:02.508Z | 2025-04-03T14:40:37.652Z | |
| bit-couchdb-2023-45725 | Apache CouchDB, IBM Cloudant: Privilege Escalation Using _design Documents | 2024-03-06T10:51:03.389Z | 2025-05-20T10:02:07.006Z |
| bit-concourse-2020-5415 | Concourse's GitLab auth allows impersonation | 2024-03-06T10:51:03.790Z | 2025-05-20T10:02:07.006Z |
| bit-airflow-2023-50783 | Apache Airflow: Improper access control vulnerability on the "varimport" endpoint | 2024-03-06T10:51:04.280Z | 2025-05-20T10:02:07.006Z |
| bit-composer-2023-43655 | Remote Code Execution via web-accessible composer.phar | 2024-03-06T10:51:05.800Z | 2025-05-20T10:02:07.006Z |
| bit-apache-2023-27522 | Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting | 2024-03-06T10:51:05.888Z | 2026-02-11T09:09:18.507Z |
| bit-apisix-2022-24112 | apisix/batch-requests plugin allows overwriting the X-REAL-IP header | 2024-03-06T10:51:05.969Z | 2025-10-22T09:08:25.162Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2025-us16386 | Security fixes for GHSA-qxp5-gwg8-xv66, GHSA-vvgc-356p-c3xw applied in versions: 1.7.2-r0 | 2026-01-16T11:58:18.007779Z | 2025-12-23T06:02:25Z |
| cleanstart-2025-cn65903 | Security fixes for GHSA-6v2p-p543-phr9, GHSA-qxp5-gwg8-xv66, GHSA-vvgc-356p-c3xw applied in versions: 1.5.0-r0, 1.7.0-r0 | 2026-01-16T12:00:42.667592Z | 2025-09-29T13:20:40Z |
| cleanstart-2025-jl63399 | Security fixes for CVE-2025-61729 applied in versions: 0.20.2-r1 | 2026-01-16T12:00:43.312220Z | 2025-12-06T13:34:11Z |
| cleanstart-2026-sg80587 | It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session | 2026-01-30T14:00:21.027172Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yk82785 | Within HostnameError | 2026-01-30T14:01:20.108833Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kg18353 | Within HostnameError | 2026-01-30T14:02:50.542288Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xz45798 | Within HostnameError | 2026-01-30T14:05:20.961893Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ym28538 | Prometheus Blackbox Exporter through 0 | 2026-01-30T14:06:20.601766Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-py85990 | tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing | 2026-01-30T14:07:50.722290Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yl27116 | tar | 2026-01-30T14:08:51.064236Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-gs30434 | Within HostnameError | 2026-01-30T14:35:22.588418Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pk92575 | ParseAddress function constructs domain-literal address components through repeated string concatenation | 2026-01-30T14:35:52.456913Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fr00621 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T14:36:52.496829Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-jm36781 | Within HostnameError | 2026-01-30T14:37:22.513933Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-mz27698 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T14:39:52.940858Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-la33013 | Within HostnameError | 2026-01-30T14:40:22.526589Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fz95989 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:40:52.734894Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kz63902 | tar | 2026-01-30T14:41:22.559595Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bx37171 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T14:43:22.549529Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rb28539 | Within HostnameError | 2026-01-30T14:43:52.571458Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ol25917 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:44:22.881508Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hy43775 | Within HostnameError | 2026-01-30T14:46:52.607713Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oo14630 | tar | 2026-01-30T14:47:23.043882Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ph90623 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:49:52.682724Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ia26094 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:51:22.634752Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ol60454 | Within HostnameError | 2026-01-30T14:52:23.086717Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nz19387 | Within HostnameError | 2026-01-30T14:52:23.218213Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fr57243 | Cancelling a query (e | 2026-01-30T14:52:52.746706Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ld23143 | Cancelling a query (e | 2026-01-30T14:52:52.766441Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-dd39330 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:53:22.793144Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2017-082 | 2017-11-08T17:16:30.000Z | 2023-08-21T13:31:01.000Z | |
| drupal-contrib-2017-083 | 2017-11-08T17:22:08.000Z | 2023-08-21T13:31:18.000Z | |
| drupal-contrib-2017-091 | 2017-12-06T18:44:03.000Z | 2023-08-21T13:26:56.000Z | |
| drupal-contrib-2017-094 | 2017-12-20T14:12:47.000Z | 2023-08-21T13:28:00.000Z | |
| drupal-contrib-2018-001 | 2018-01-10T17:57:53.000Z | 2023-08-11T21:45:33.000Z | |
| drupal-contrib-2018-002 | 2018-01-10T18:02:19.000Z | 2023-08-11T21:46:04.000Z | |
| drupal-contrib-2018-008 | 2018-02-07T18:45:12.000Z | 2023-08-11T21:41:56.000Z | |
| drupal-contrib-2018-014 | 2018-02-21T19:04:59.000Z | 2023-08-11T21:43:18.000Z | |
| drupal-contrib-2018-015 | 2018-02-21T20:12:22.000Z | 2023-08-11T21:43:40.000Z | |
| drupal-contrib-2018-016 | 2018-03-21T16:59:32.000Z | 2023-08-11T21:44:04.000Z | |
| drupal-contrib-2018-017 | 2018-03-21T17:05:41.000Z | 2023-08-11T21:44:22.000Z | |
| drupal-contrib-2018-018 | 2018-04-18T15:45:18.000Z | 2023-08-11T21:35:30.000Z | |
| drupal-contrib-2018-022 | 2018-04-25T17:37:20.000Z | 2023-08-11T21:38:26.000Z | |
| drupal-contrib-2018-021 | 2018-04-25T17:43:28.000Z | 2023-08-11T21:38:48.000Z | |
| drupal-contrib-2018-025 | 2018-05-09T14:16:32.000Z | 2023-08-11T21:39:24.000Z | |
| drupal-contrib-2018-027 | 2018-05-09T20:28:16.000Z | 2023-08-11T21:40:01.000Z | |
| drupal-contrib-2018-038 | 2018-06-06T12:58:31.000Z | 2023-08-11T21:28:55.000Z | |
| drupal-contrib-2018-039 | 2018-06-06T13:01:46.000Z | 2023-08-11T21:29:11.000Z | |
| drupal-contrib-2018-040 | 2018-06-06T13:05:27.000Z | 2023-08-11T21:31:17.000Z | |
| drupal-contrib-2018-055 | 2018-08-08T17:14:32.000Z | 2023-08-11T21:24:54.000Z | |
| drupal-contrib-2018-057 | 2018-08-29T16:26:33.000Z | 2023-08-11T21:25:35.000Z | |
| drupal-contrib-2018-059 | 2018-09-05T17:22:50.000Z | 2023-08-11T21:18:37.000Z | |
| drupal-contrib-2018-067 | 2018-10-17T16:29:08.000Z | 2023-08-11T21:21:48.000Z | |
| drupal-contrib-2018-071 | 2018-10-31T14:59:17.000Z | 2023-08-11T21:13:17.000Z | |
| drupal-contrib-2018-073 | 2018-10-31T17:53:57.000Z | 2023-08-11T21:14:25.000Z | |
| drupal-contrib-2018-074 | 2018-11-28T17:32:56.000Z | 2023-08-11T21:15:17.000Z | |
| drupal-contrib-2018-078 | 2018-12-05T19:24:02.000Z | 2023-08-11T21:09:51.000Z | |
| drupal-contrib-2018-081 | 2018-12-19T17:53:49.000Z | 2023-08-11T21:10:49.000Z | |
| drupal-contrib-2019-004 | 2019-01-23T17:01:58.000Z | 2023-08-11T19:25:48.000Z | |
| drupal-contrib-2019-010 | 2019-01-23T18:22:41.000Z | 2023-08-11T19:00:18.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2002-000291 | Canna irw_through Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000029 | w3m Cross-Site Scripting Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000030 | w3m Vulnerability of Unauthorized Access to Files or Cookies | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000144 | IP Messenger for Win Filename Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000149 | lv Arbitrary Command Execution Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000163 | KON2 Buffer Overflow Vulnerability in Command Argument Validation | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000242 | skk Arbitrary Code Execution Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000169 | LHa Vuffer Overflow Vulnerability in Testing and Extracting Process | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000170 | Lha Directory Traversal Vulnerability in Testing and Extracting Process | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000179 | DeleGate SSLway Filter Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000195 | LHA Arbitrary Command Execution Vulnerability with Shell Metacharacter in Directory Name | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000196 | LHA Buffer Overflow Vulnerability with lack of Path Length Validation | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000197 | LHA extrace_one Vuffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000231 | KAME Racoon eay_check_x509cert Improper Certificate Verification Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000323 | Ruby CGI Session Management Insecure File Permission Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000473 | Ruby cgi.rb Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000511 | DeleGate Multiple Buffer Overflow Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000554 | Namazu cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000586 | Virus Buster Corporate Edition vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000587 | desknet's buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000588 | SSL-VPN products vulnerable to cookie theft | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000589 | Toshiba HDD & DVD video recorders can be accessed without authentication | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000590 | Becky! Internet Mail vulnerability in S/MIME signature verification | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000591 | Shuriken Pro3 S/MIME signature verification does not verify the From address | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000592 | Shuriken Pro3 S/MIME signature verification does not verify the certificate authenticity | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000593 | LDAP server update function vulnerable to buffer overflow | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000594 | DNS cache servers resource consumption by TCP SYN_SENT states | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000163 | Sylpheed Email Header Buffer Overflow Vulnerability with non-ASCII Characters | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000183 | Apache Tomcat denial of service vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000199 | Sylpheed Filename Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2010-2096 | Linux Kernel 'do_io_submit()'整数溢出漏洞 | 2010-09-24 | 2020-03-25 |
| cnvd-2011-3766 | Google Chrome v8脚本对象wrapper漏洞 | 2011-09-22 | 2020-03-25 |
| cnvd-2016-05888 | 郑州威科姆科技股份有限公司党员干部现代远程教育信息管理系统存在权限绕过漏洞 | 2014-05-06 | 2016-08-03 |
| cnvd-2014-04645 | Barracuda Firewall 'cert_error'参数跨站脚本漏洞 | 2014-07-25 | 2024-07-28 |
| cnvd-2015-07920 | 泛微协同应用管理平台任意文件上传漏洞 | 2014-09-19 | 2015-12-04 |
| cnvd-2016-06723 | 南京杰诺瀚软件科技有限公司投稿系统Mail参数SQL注入漏洞 | 2014-11-13 | 2016-08-25 |
| cnvd-2014-08580 | phpwind任意代码执行漏洞 | 2014-11-26 | 2015-01-10 |
| cnvd-2016-06598 | 奇虎360科技有限公司安全浏览器存在任意用户注册漏洞 | 2014-12-01 | 2015-03-30 |
| cnvd-2014-08792 | phpcms后台任意代码执行漏洞 | 2014-12-02 | 2015-01-18 |
| cnvd-2014-08793 | ZenTaoPMS(禅道)任意代码执行漏洞 | 2014-12-03 | 2015-01-19 |
| cnvd-2014-08794 | ZenTaoPMS(禅道)任意文件上传漏洞 | 2014-12-03 | 2015-01-19 |
| cnvd-2015-00081 | YYMusicCMS文件上传漏洞 | 2014-12-04 | 2015-01-26 |
| cnvd-2014-08795 | shopnc软件后台任意代码执行漏洞 | 2014-12-08 | 2015-01-27 |
| cnvd-2015-00297 | 齐博CMS整站系统SQL注入漏洞 | 2014-12-15 | 2015-02-02 |
| cnvd-2015-00296 | Metinfo文件包含漏洞 | 2014-12-18 | 2015-03-10 |
| cnvd-2015-00304 | PHPCMS任意代码执行漏洞 | 2014-12-23 | 2015-02-13 |
| cnvd-2015-00433 | 时光协同政务公开门户系统页面源码泄露漏洞 | 2014-12-23 | 2016-01-05 |
| cnvd-2014-09151 | Puppet Enterprise信息泄露漏洞(CNVD-2014-09151) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09154 | ARRIS Touchstone TG862G/CT Telephony Gateway安全机制绕过漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09180 | Drupal Open Atrium Module存在多个漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09181 | IBM WebSphere Application Server信息泄露漏洞(CNVD-2014-09181) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09182 | IBM WebSphere Application Server目录遍历漏洞(CNVD-2014-09182) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09183 | IBM WebSphere Application Server跨站脚本漏洞(CNVD-2014-09183) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09184 | IBM WebSphere Application Server点击劫持漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09185 | IBM WebSphere Application Server Liberty Profile权限提升漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09186 | Puppet Server争用条件漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09187 | Cisco IronPort Email Security Appliance拒绝服务漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09188 | OpenSSL 's23_srvr.c'拒绝服务漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09189 | Cisco Meraki MS MRMX信息泄露漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09190 | Cisco Meraki MS MRMX任意命令执行漏洞 | 2014-12-26 | 2014-12-29 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2015-02391 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02392 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02393 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02394 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02395 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02396 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02397 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02398 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 05.07.2024 |
| bdu:2015-02399 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 05.07.2024 |
| bdu:2015-02400 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02401 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02402 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02403 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02404 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 05.07.2024 |
| bdu:2015-02405 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 05.07.2024 |
| bdu:2015-02406 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02407 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02408 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 05.07.2024 |
| bdu:2015-02409 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02410 | Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02411 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 05.07.2024 |
| bdu:2015-02412 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 05.07.2024 |
| bdu:2015-02413 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02414 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02415 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02416 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02417 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02418 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02419 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| bdu:2015-02420 | Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику н… | 28.04.2015 | 28.11.2016 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2000-avi-001 | Débordements de variables dans les services authentifiés par Kerberos | 2000-05-18T00:00:00.000000 | 2000-05-18T00:00:00.000000 |
| certa-2000-avi-002 | Vulnérabilités dans Office 2000 | 2000-05-25T00:00:00.000000 | 2000-05-25T00:00:00.000000 |
| certa-2000-avi-003 | Vulnérabilité sous HP Web JetAdmin Version 5.6 et antérieures | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| certa-2000-avi-004 | Vulnérabilité dans le protocole du service explorateur d'ordinateurs sous Windows NT et Windows 2000 | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| certa-2000-avi-005 | Deux nouveaux vers VBS | 2000-05-31T00:00:00.000000 | 2000-05-31T00:00:00.000000 |
| certa-2000-avi-006 | Vulnérabilités lors de sessions SSL | 2000-06-07T00:00:00.000000 | 2000-06-07T00:00:00.000000 |
| certa-2000-avi-007 | Vulnérabilités sur le serveur FTP utilisant Kerberos 5 | 2000-06-15T00:00:00.000000 | 2000-06-15T00:00:00.000000 |
| certa-2000-avi-008 | Vulnérabilité sous Windows 2000 | 2000-06-19T00:00:00.000000 | 2000-06-19T00:00:00.000000 |
| certa-2000-avi-009 | Exécution de fichiers locaux grâce aux fichiers d'aides de Microsoft Windows | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| certa-2000-avi-010 | Débordement de pile dans le programme <TT>splitVT</TT> | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| certa-2000-avi-011 | Problèmes de privilèges dans les extensions de FrontPage | 2000-06-27T00:00:00.000000 | 2000-06-27T00:00:00.000000 |
| certa-2000-avi-012 | Vulnérabilité dans « Workshop » cvconnect sous IRIX | 2000-06-29T00:00:00.000000 | 2000-06-29T00:00:00.000000 |
| certa-2000-avi-013 | Vulnérabilité dans Microsoft SQL Serveur | 2000-07-11T00:00:00.000000 | 2000-07-11T00:00:00.000000 |
| certa-2000-avi-014 | Vulnérabilité dans l'utilitaire makewhatis sous Unix | 2000-07-13T00:00:00.000000 | 2000-07-13T00:00:00.000000 |
| certa-2000-avi-015 | Vulnérabilité dans l'en-tête des mèls sous Outlook | 2000-07-19T00:00:00.000000 | 2000-07-19T00:00:00.000000 |
| certa-2000-avi-016 | Vulnérabilités dans Internet Explorer 4.01, Office 2000 et PowerPoint 97 | 2000-07-19T00:00:00.000000 | 2000-07-19T00:00:00.000000 |
| certa-2000-avi-017 | Vulnérabilité du service Telnet sous Windows 2000 | 2000-07-25T00:00:00.000000 | 2000-07-25T00:00:00.000000 |
| certa-2000-avi-018 | Vulnérabilité sous Netscape 4.73 et antérieures | 2000-07-27T00:00:00.000000 | 2000-07-27T00:00:00.000000 |
| certa-2000-avi-019 | Virus sous Autocad2000 | 2000-07-27T00:00:00.000000 | 2000-07-27T00:00:00.000000 |
| certa-2000-avi-020 | Vulnérabilité sous Adobe Acrobat | 2000-07-27T00:00:00.000000 | 2000-07-27T00:00:00.000000 |
| certa-2000-avi-021 | Vulnérabilité dans le protocole NBNS sous Windows NT et 2000 | 2000-07-28T00:00:00.000000 | 2000-07-28T00:00:00.000000 |
| certa-2000-avi-022 | Vulnérabilités sous Firewall-1 | 2000-08-03T00:00:00.000000 | 2000-08-03T00:00:00.000000 |
| certa-2000-avi-023 | Vulnérabilité dans le « Service Control Manager » de Windows 2000 | 2000-08-07T00:00:00.000000 | 2000-08-07T00:00:00.000000 |
| certa-2000-avi-024 | Vulnérabilités dans les programmes et librairies d'impression sous Solaris | 2000-08-08T00:00:00.000000 | 2000-08-08T00:00:00.000000 |
| certa-2000-avi-025 | Vulnérabilité de Windows 9x avec le protocole IPX | 2000-08-08T00:00:00.000000 | 2000-08-08T00:00:00.000000 |
| certa-2000-avi-026 | Vulnérabilité de Netscape avec Java | 2000-08-09T00:00:00.000000 | 2000-08-09T00:00:00.000000 |
| certa-2000-avi-027 | Débordement de mémoire dans les documents HTML d'Office 2000 | 2000-08-16T00:00:00.000000 | 2000-08-16T00:00:00.000000 |
| certa-2000-avi-028 | Vulnérabilité dans les permissions de fichiers sous IIS version 4.0 et 5.0 | 2000-08-16T00:00:00.000000 | 2000-08-16T00:00:00.000000 |
| certa-2000-avi-029 | Faille dans le démon telnetd sous IRIX de SGI | 2000-08-17T00:00:00.000000 | 2000-08-17T00:00:00.000000 |
| certa-2000-avi-030 | Vulnérabilité sous Internet Information Server 5.0 | 2000-08-17T00:00:00.000000 | 2000-08-17T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2000-ale-001 | Alerte de virus LOVE-LETTER-FOR-YOU | 2000-05-05T00:00:00.000000 | 2000-07-05T00:00:00.000000 |
| certa-2000-ale-002 | Alerte de virus NEWLOVE | 2000-05-19T00:00:00.000000 | 2000-05-19T00:00:00.000000 |
| certa-2000-ale-003 | « Mesures de performances » de l'Internet | 2000-05-26T00:00:00.000000 | 2000-05-26T00:00:00.000000 |
| certa-2000-ale-004 | Virus Macro OF97/Cybernet-A | 2000-05-26T00:00:00.000000 | 2000-05-26T00:00:00.000000 |
| certa-2000-ale-005 | Virus macro V97M/Resume.A | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| certa-2000-ale-006 | Deni de service sous Firewall-1 | 2000-06-08T00:00:00.000000 | 2000-06-08T00:00:00.000000 |
| certa-2000-ale-007 | Virus VBS/LoveLet-AS | 2000-06-09T00:00:00.000000 | 2000-06-09T00:00:00.000000 |
| certa-2000-ale-008 | The Serbian Badman Trojan (TSB) | 2000-06-13T00:00:00.000000 | 2000-06-13T00:00:00.000000 |
| certa-2000-ale-009 | Ver VBS/Stages-A, Mirc/stages-a, pIRC/Stages-A | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| certa-2000-ale-010 | Vulnérabilités dans le serveur de fichier wu-ftpd | 2000-06-26T00:00:00.000000 | 2000-06-26T00:00:00.000000 |
| certa-2000-ale-011 | Trojan Simpsons | 2000-06-29T00:00:00.000000 | 2000-06-29T00:00:00.000000 |
| certa-2000-ale-012 | Mauvaise compatibilité des scanners de virus avec NTFS | 2000-09-08T00:00:00.000000 | 2000-09-08T00:00:00.000000 |
| certa-2000-ale-014 | Vulnérabilité dans la bibliothèque glibc sous Unix | 2000-09-14T00:00:00.000000 | 2000-09-14T00:00:00.000000 |
| certa-2000-ale-013 | Virus VBS Quatro-A | 2000-09-18T00:00:00.000000 | 2000-09-18T00:00:00.000000 |
| certa-2000-ale-015 | Risque d'usurpation de l'identité de Sun Microsystems | 2000-10-25T00:00:00.000000 | 2000-10-25T00:00:00.000000 |
| certa-2000-ale-016 | Connexion à Wanadoo | 2000-11-30T00:00:00.000000 | 2000-11-30T00:00:00.000000 |
| certa-2001-ale-001 | Propagation du ver Ramen sous Linux. | 2001-01-19T00:00:00.000000 | 2001-01-19T00:00:00.000000 |
| certa-2001-ale-002 | Risque d'exploitation des ressources partagées sous Windows | 2001-03-26T00:00:00.000000 | 2001-03-26T00:00:00.000000 |
| certa-2001-ale-003 | Prolifération du ver Li0n | 2001-03-26T00:00:00.000000 | 2001-03-26T00:00:00.000000 |
| certa-2001-ale-004 | Vulnérabilité dans le démon snmpXdmid sous Sun Solaris | 2001-03-30T00:00:00.000000 | 2001-03-30T00:00:00.000000 |
| certa-2001-ale-005 | Vulnérabilités dans les modems ADSL d'Alcatel | 2001-04-11T00:00:00.000000 | 2001-04-11T00:00:00.000000 |
| certa-2001-ale-006 | Prolifération en Europe du virus HOMEPAGE | 2001-05-09T00:00:00.000000 | 2001-05-09T00:00:00.000000 |
| certa-2001-ale-007 | Propagation d'un ver affectant sadmind et IIS | 2001-05-09T00:00:00.000000 | 2001-05-09T00:00:00.000000 |
| certa-2001-ale-008 | Propagation du ver « Code Red » | 2001-07-18T00:00:00.000000 | 2001-08-13T00:00:00.000000 |
| certa-2001-ale-009 | Propagation importante du virus SirCam | 2001-07-24T00:00:00.000000 | 2001-07-26T00:00:00.000000 |
| certa-2001-ale-010 | Propagation du ver "Code Blue" | 2001-09-07T00:00:00.000000 | 2001-09-07T00:00:00.000000 |
| certa-2001-ale-011 | <TT>antivirus2001</TT> est un cheval de Troie | 2001-09-10T00:00:00.000000 | 2001-09-13T00:00:00.000000 |
| certa-2001-ale-012 | Rappels concernant les virus | 2001-09-13T00:00:00.000000 | 2002-01-09T00:00:00.000000 |
| certa-2001-ale-013 | Propagation du ver/virus NIMDA (Concept Virus) | 2001-09-19T00:00:00.000000 | 2001-09-19T00:00:00.000000 |
| certa-2001-ale-014 | Risque de divulgation de données personnelles/confidentielles par des produits Microsoft | 2001-10-19T00:00:00.000000 | 2001-10-19T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2020-1 | Use-of-uninitialized-value in numaCrossingsByThreshold | 2020-06-24T01:51:08.502422Z | 2022-04-13T03:04:32.676718Z |
| osv-2020-3 | UNKNOWN WRITE in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<ch | 2020-06-24T01:51:08.837392Z | 2022-04-13T03:04:38.537536Z |
| osv-2020-4 | Use-of-uninitialized-value in ndpi_check_dga_name | 2020-06-24T01:51:09.009491Z | 2022-04-13T03:04:36.325465Z |
| osv-2020-5 | Heap-buffer-overflow in virtual thunk to parquet::ByteStreamSplitDecoder<parquet::PhysicalType< | 2020-06-24T01:51:09.174614Z | 2022-04-13T03:04:31.866912Z |
| osv-2020-7 | Segv on unknown address in pvector_free_elem | 2020-06-24T01:51:09.499211Z | 2022-04-13T03:04:36.625957Z |
| osv-2020-8 | Heap-buffer-overflow in findNextBorderPixel | 2020-06-24T01:51:09.673990Z | 2022-04-13T03:04:32.639074Z |
| osv-2020-10 | Heap-use-after-free in ndpi_workflow_process_packet | 2020-06-24T01:51:09.990023Z | 2022-04-13T03:04:36.199525Z |
| osv-2020-11 | Heap-buffer-overflow in jbig2_image_get_pixel_fast | 2020-06-24T01:51:10.030258Z | 2022-04-13T03:04:40.591217Z |
| osv-2020-12 | Use-of-uninitialized-value in ndpi_parse_packet_line_info | 2020-06-24T01:51:10.071847Z | 2022-04-13T03:04:35.934793Z |
| osv-2020-14 | Stack-buffer-overflow in fmt_setup | 2020-06-24T01:51:10.171293Z | 2022-04-13T03:04:39.744094Z |
| osv-2020-15 | UNKNOWN READ in _01inverse | 2020-06-24T01:51:10.221987Z | 2022-04-13T03:04:37.710615Z |
| osv-2020-16 | Heap-use-after-free in BEInt<unsigned short, 2>::operator unsigned short | 2020-06-24T01:51:10.290066Z | 2022-04-13T03:04:33.001228Z |
| osv-2020-18 | Heap-buffer-overflow in ndpi_search_openvpn | 2020-06-24T01:51:10.400007Z | 2022-04-13T03:04:35.993017Z |
| osv-2020-19 | Heap-use-after-free in htp_connp_is_line_terminator | 2020-06-24T01:51:10.440277Z | 2022-04-13T03:04:32.731752Z |
| osv-2020-21 | UNKNOWN WRITE in arrow::internal::unpack32 | 2020-06-24T01:51:10.547779Z | 2022-04-13T03:04:31.970546Z |
| osv-2020-22 | Container-overflow in parquet::schema::Unflatten | 2020-06-24T01:51:10.604817Z | 2022-04-13T03:04:31.828829Z |
| osv-2020-24 | Heap-buffer-overflow in pcpp::SSLCertificateRequestMessage::SSLCertificateRequestMessage | 2020-06-24T01:51:10.683077Z | 2022-04-13T03:04:38.543369Z |
| osv-2020-26 | UNKNOWN READ in parquet::DictDecoderImpl<parquet::PhysicalType< | 2020-06-24T01:51:10.780616Z | 2022-04-13T03:04:32.056995Z |
| osv-2020-27 | Heap-buffer-overflow in parquet::LevelDecoder::SetData | 2020-06-24T01:51:10.819423Z | 2022-04-13T03:04:31.823547Z |
| osv-2020-28 | Heap-buffer-overflow in get16 | 2020-06-24T01:51:10.866720Z | 2022-04-13T03:04:35.955967Z |
| osv-2020-29 | Heap-use-after-free in CRYPTO_DOWN_REF | 2020-06-24T01:51:10.908381Z | 2022-04-13T03:04:38.773716Z |
| osv-2020-31 | Heap-use-after-free in AES_wrap_key | 2020-06-24T01:51:10.989967Z | 2022-04-13T03:04:35.055339Z |
| osv-2020-32 | Heap-buffer-overflow in read_bits_16 | 2020-06-24T01:51:11.044419Z | 2022-04-13T03:04:41.173391Z |
| osv-2020-34 | UNKNOWN READ in parquet::LevelDecoder::SetData | 2020-06-24T01:51:11.146400Z | 2022-04-13T03:04:32.024330Z |
| osv-2020-38 | Heap-buffer-overflow in OGRFeatureFormatDateTimeBuffer | 2020-06-24T01:51:11.337556Z | 2022-04-13T03:04:42.149408Z |
| osv-2020-39 | Heap-use-after-free in ndpi_http_check_content | 2020-06-24T01:51:11.374665Z | 2022-04-13T03:04:36.101229Z |
| osv-2020-40 | Heap-buffer-overflow in ndpi_workflow_process_packet | 2020-06-24T01:51:11.416349Z | 2022-04-13T03:04:36.358067Z |
| osv-2020-42 | Heap-buffer-overflow in bool arrow::util::RleDecoder::NextCounts<int> | 2020-06-24T01:51:11.505209Z | 2022-04-13T03:04:32.051647Z |
| osv-2020-45 | Use-of-uninitialized-value in pcpp::tbp_my_own_strnlen | 2020-06-24T01:51:11.617477Z | 2022-04-13T03:04:38.596300Z |
| osv-2020-48 | UNKNOWN READ in decode_fast | 2020-06-24T01:51:11.743367Z | 2022-04-13T03:04:42.371093Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2016-0002 | HTTPS MitM vulnerability due to lack of hostname verification | 2016-05-09T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2016-0003 | HTTP download and execution allows MitM RCE | 2016-08-01T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2016-0005 | rust-crypto is unmaintained; switch to a modern alternative | 2016-09-06T12:00:00Z | 2022-01-09T20:07:15Z |
| rustsec-2016-0004 | libusb is unmaintained; use rusb instead | 2016-09-10T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2016-0001 | SSL/TLS MitM vulnerability due to insecure defaults | 2016-11-05T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2016-0006 | `cassandra` crate is unmaintained; use `cassandra-cpp` instead | 2016-12-15T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2017-0002 | headers containing newline characters can split messages | 2017-01-23T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2017-0001 | scalarmult() vulnerable to degenerate public keys | 2017-01-26T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2017-0003 | Hostname verification skipped when custom root certs used | 2017-03-15T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2017-0007 | lz4-compress is unmaintained | 2017-04-17T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2017-0004 | Integer overflow leads to heap-based buffer overflow in encode_config_buf | 2017-05-03T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2017-0005 | Large cookie Max-Age values can cause a denial of service | 2017-05-06T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2017-0008 | `serial` crate is unmaintained | 2017-07-02T12:00:00Z | 2024-12-04T13:14:28Z |
| rustsec-2017-0006 | Unchecked vector pre-allocation | 2017-11-21T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0017 | `tempdir` crate has been deprecated; use `tempfile` instead | 2018-02-13T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2018-0010 | Use after free in CMS Signing | 2018-06-01T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0019 | Multiple memory safety issues | 2018-06-08T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0021 | Use-after-free with objects returned by `Stream`'s `get_format_info` and `get_context` methods | 2018-06-15T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0001 | An integer underflow could lead to panic | 2018-06-21T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0002 | Links in archives can overwrite any existing file | 2018-06-29T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0016 | quickersort is deprecated and unmaintained | 2018-06-30T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2018-0003 | Possible double free during unwinding in SmallVec::insert_many | 2018-07-19T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0014 | chan is end-of-life; use crossbeam-channel instead | 2018-07-31T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2018-0022 | Use of uninitialized memory in temporary | 2018-08-22T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0004 | Malicious input could cause uninitialized memory to be exposed | 2018-08-25T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0005 | Uncontrolled recursion leads to abort in deserialization | 2018-09-17T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0006 | Uncontrolled recursion leads to abort in deserialization | 2018-09-17T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0018 | smallvec creates uninitialized value of any type | 2018-09-25T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0007 | Stack overflow when parsing malicious DNS packet | 2018-10-09T12:00:00Z | 2023-06-13T13:10:24Z |
| rustsec-2018-0015 | term is looking for a new maintainer | 2018-11-19T12:00:00Z | 2020-10-02T01:29:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2019:0975 | Important: container-tools:rhel8 security and bug fix update | 2019-05-07T03:39:11Z | 2019-05-07T03:39:02Z |
| alsa-2019:0981 | Important: python27:2.7 security update | 2019-05-07T03:40:00Z | 2019-05-07T03:39:54Z |
| alsa-2019:0984 | Moderate: python36:3.6 security update | 2019-05-07T03:40:33Z | 2019-05-07T03:40:21Z |
| alsa-2019:1529 | Important: pki-deps:10.6 security update | 2019-06-18T16:36:21Z | 2019-06-18T16:36:09Z |
| alsa-2019:1972 | Important: ruby:2.5 security update | 2019-07-30T11:16:25Z | 2019-07-30T15:56:05Z |
| alsa-2019:2511 | Important: mysql:8.0 security update | 2019-08-15T17:31:05Z | 2019-08-15T17:31:05Z |
| alsa-2019:2512 | Important: subversion:1.10 security update | 2019-08-15T17:34:10Z | 2019-08-15T17:34:10Z |
| alsa-2019:2593 | Important: squid:4 security update | 2019-09-02T10:22:04Z | 2019-09-02T10:22:04Z |
| alsa-2019:2720 | Important: pki-deps:10.6 security update | 2019-09-10T15:32:49Z | 2019-09-10T15:32:43Z |
| alsa-2019:2722 | Low: libwmf security update | 2019-09-10T15:32:59Z | 2021-11-12T10:20:55Z |
| alsa-2019:2799 | Important: nginx:1.14 security update | 2019-09-17T08:45:10Z | 2019-09-17T08:45:10Z |
| alsa-2019:2925 | Important: nodejs:10 security update | 2019-09-30T07:07:29Z | 2019-09-30T07:07:29Z |
| alsa-2019:3708 | Moderate: mariadb:10.3 security and bug fix update | 2019-11-05T00:00:00Z | 2023-03-13T16:34:46Z |
| alsa-2019:3335 | Moderate: python27:2.7 security and bug fix update | 2019-11-05T17:32:12Z | 2019-11-05T17:31:55Z |
| alsa-2019:3345 | Low: virt:rhel security, bug fix, and enhancement update | 2019-11-05T17:33:34Z | 2021-12-23T15:15:25Z |
| alsa-2019:3403 | Important: container-tools:rhel8 security, bug fix, and enhancement update | 2019-11-05T17:41:57Z | 2019-11-05T17:41:43Z |
| alsa-2019:3476 | Moderate: squid:4 security and bug fix update | 2019-11-05T17:50:00Z | 2019-11-05T17:49:48Z |
| alsa-2019:3494 | Important: container-tools:1.0 security and bug fix update | 2019-11-05T17:52:13Z | 2019-11-05T17:52:00Z |
| alsa-2019:3553 | Low: GNOME security, bug fix, and enhancement update | 2019-11-05T17:59:21Z | 2021-11-12T10:20:55Z |
| alsa-2019:3643 | Low: gettext security update | 2019-11-05T18:10:22Z | 2023-03-13T16:34:44Z |
| alsa-2019:3703 | Low: libvorbis security update | 2019-11-05T20:52:55Z | 2021-11-12T10:20:55Z |
| alsa-2019:3705 | Moderate: libjpeg-turbo security update | 2019-11-05T20:53:12Z | 2021-08-11T08:54:00Z |
| alsa-2019:3706 | Moderate: lua security and bug fix update | 2019-11-05T20:53:20Z | 2021-08-11T08:54:00Z |
| alsa-2019:3735 | Critical: php:7.2 security update | 2019-11-06T13:15:34Z | 2019-11-06T13:15:21Z |
| alsa-2019:3736 | Critical: php:7.3 security update | 2019-11-06T13:15:46Z | 2019-11-06T13:15:34Z |
| alsa-2019:4269 | Important: container-tools:rhel8 security and bug fix update | 2019-12-17T09:19:28Z | 2019-12-17T09:19:15Z |
| alsa-2019:4273 | Important: container-tools:1.0 security update | 2019-12-17T09:20:02Z | 2019-12-17T09:19:52Z |
| alsa-2020:0279 | Moderate: virt:rhel security update | 2020-01-29T13:42:54Z | 2021-12-23T15:15:25Z |
| alsa-2020:0348 | Important: container-tools:rhel8 security, bug fix, and enhancement update | 2020-02-04T11:39:46Z | 2020-02-04T11:39:39Z |
| alsa-2020:0579 | Important: nodejs:10 security update | 2020-02-25T07:57:02Z | 2020-02-25T07:57:02Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osec-2016-01 | Buffer overflow and information leak in OCaml < 4.03.0 | 2016-04-29T00:18:22Z | 2026-01-01T12:00:00Z |
| osec-2016-02 | Memory disclosure in mirage-net-xen | 2016-05-03T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2017-01 | Local privilege escalation issue with ocaml binaries | 2017-06-23T15:19:47Z | 2025-12-16T12:00:00Z |
| osec-2018-01 | An integer overflow in the `bigarray` serialization module leads to arbitrary code execution | 2018-04-06T18:29:00Z | 2025-12-16T12:00:00Z |
| osec-2019-01 | Memory disclosure in mirage-net-xen | 2019-03-21T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2019-02 | Grant unshare vulnerability in mirage-xen | 2019-04-26T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2022-01 | Infinite loop in console output on xen | 2022-12-07T00:00:00Z | 2026-02-18T09:30:00Z |
| osec-2023-01 | Time of check time of use issue in opam's cache | 2023-05-25T12:00:00Z | 2026-01-09T12:00:00Z |
| osec-2025-01 | Albatross console out of memory | 2025-08-15T00:18:22Z | 2026-01-13T12:00:00Z |
| osec-2026-01 | Buffer Over-Read in OCaml Marshal Deserialization | 2026-02-17T13:30:00Z | 2026-02-17T15:00:00Z |
| osec-2026-02 | ARP unbounded memory usage | 2026-02-18T10:30:00Z | 2026-02-18T10:30:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| hsec-2023-0001 | Hash flooding vulnerability in aeson | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0002 | Improper Verification of Cryptographic Signature | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0003 | code injection in xmonad-contrib | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0004 | xml-conduit unbounded entity expansion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0005 | tls-extra: certificate validation does not check Basic Constraints | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0006 | x509-validation does not enforce pathLenConstraint | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0007 | readFloat: memory exhaustion with large exponent | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0008 | Stored XSS in hledger-web | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0009 | git-annex command injection via malicious SSH hostname | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0010 | git-annex private data exfiltration to compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0011 | git-annex GPG decryption attack via compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0012 | git-annex checksum exposure to encrypted special remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0013 | git-annex plaintext storage of embedded credentials on encrypted remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0014 | Arbitrary file write is possible when using PDF output or --extract-media with untrusted input | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0015 | cabal-install uses expired key policies | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0001 | Reflected XSS vulnerability in keter | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0002 | out-of-bounds write when there are many bzip2 selectors | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0003 | process: command injection via argument list on Windows | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0006 | fromIntegral: conversion error | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0007 | Sign extension error in the AArch64 NCG | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0008 | Sign extension error in the PPC64le FFI | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0009 | Public key confusion in third-party blocks | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0001 | Subword division operations may produce incorrect results | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0002 | Double Public Key Signing Function Oracle Attack on Ed25519 | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0003 | Use after free in multithreaded lzma (.xz) decoder | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0004 | Broken Path Sanitization in spacecookie Library | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0005 | cabal-install dependency confusion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0006 | Private key leak via inherited file descriptor | 2025-11-17T02:22:38Z | 2025-11-17T02:22:38Z |
| hsec-2025-0007 | cmark-gfm: resource exhaustion due to quadratic complexity in parser | 2025-12-27T08:58:56Z | 2025-12-27T08:58:56Z |
| hsec-2024-0004 | Hackage package and doc upload stored XSS vulnerability | 2026-01-16T11:18:20Z | 2026-01-16T11:18:20Z |