Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-69295 |
9.3 (3.1)
|
WordPress Coven Core plugin <= 1.3 - SQL Injection vul… |
TeconceTheme |
Coven Core |
2026-02-20T15:46:45.751Z | 2026-02-24T19:22:56.561Z |
| CVE-2025-67987 |
8.5 (3.1)
|
WordPress Quiz And Survey Master plugin <= 10.3.1 - SQ… |
ExpressTech Systems |
Quiz And Survey Master |
2026-02-20T15:46:31.764Z | 2026-02-24T19:21:20.336Z |
| CVE-2026-23805 |
7.6 (3.1)
|
WordPress Media Search Enhanced plugin <= 0.9.1 - SQL … |
Yoren Chang |
Media Search Enhanced |
2026-02-19T08:26:50.551Z | 2026-02-24T19:21:03.214Z |
| CVE-2026-1459 |
7.2 (3.1)
|
A post-authentication command injection vulnerabi… |
Zyxel |
VMG3625-T50B firmware |
2026-02-24T02:48:35.439Z | 2026-02-24T19:20:03.711Z |
| CVE-2026-27205 |
2.3 (4.0)
|
Flask session does not add `Vary: Cookie` header when … |
pallets |
flask |
2026-02-21T05:21:17.214Z | 2026-02-24T19:03:11.374Z |
| CVE-2026-27199 |
6.3 (4.0)
|
Werkzeug safe_join() allows Windows special device names |
pallets |
werkzeug |
2026-02-21T05:15:53.335Z | 2026-02-24T19:02:19.689Z |
| CVE-2026-3131 |
N/A
|
Improper access control in multiple DVLS REST AP… |
Devolutions |
Server |
2026-02-24T19:01:29.096Z | 2026-02-24T19:01:29.096Z |
| CVE-2026-27198 |
8.8 (3.1)
|
Formwork Improperly Manages Privileges During User Creation |
getformwork |
formwork |
2026-02-21T05:11:42.535Z | 2026-02-24T19:01:22.284Z |
| CVE-2026-1768 |
N/A
|
A permission cache poisoning vulnerability in Dev… |
Devolutions |
Devolutions Server |
2026-02-24T19:01:07.640Z | 2026-02-24T19:01:07.640Z |
| CVE-2026-27477 |
4.6 (4.0)
|
Mastodon has SSRF via unvalidated FASP Provider base_url |
mastodon |
mastodon |
2026-02-24T19:00:20.590Z | 2026-02-24T19:00:20.590Z |
| CVE-2026-27197 |
9.1 (3.1)
|
Sentry: Improper Authentication on SAML SSO process al… |
getsentry |
sentry |
2026-02-21T04:35:14.635Z | 2026-02-24T19:00:07.663Z |
| CVE-2026-27196 |
8.1 (3.1)
|
Statamic affected by privilege escalation via stored C… |
statamic |
cms |
2026-02-21T04:30:05.184Z | 2026-02-24T18:59:19.390Z |
| CVE-2026-27194 |
8.1 (4.0)
|
D-Tale affected by Remote Code Execution through the /… |
man-group |
dtale |
2026-02-21T04:25:38.628Z | 2026-02-24T18:58:24.887Z |
| CVE-2026-27461 |
6.9 (4.0)
|
Pimcore vulnerable to SQL injection via unsanitized fi… |
pimcore |
pimcore |
2026-02-24T02:50:48.287Z | 2026-02-24T18:58:07.625Z |
| CVE-2026-27206 |
8.1 (3.1)
|
Zumba Json Serializer has a potential PHP Object Injec… |
zumba |
json-serializer |
2026-02-21T07:01:00.843Z | 2026-02-24T18:57:10.054Z |
| CVE-2026-27458 |
8.7 (4.0)
|
LinkAce: Stored XSS in Atom Feed via CDATA Escape in L… |
Kovah |
LinkAce |
2026-02-21T06:54:41.308Z | 2026-02-24T18:55:40.498Z |
| CVE-2026-3066 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
HummerRisk Cloud Compliance Scanning PlatformUtils.jav… |
n/a |
HummerRisk |
2026-02-24T03:02:07.364Z | 2026-02-24T18:55:12.566Z |
| CVE-2026-27452 |
9.2 (4.0)
|
ASN.1 TypeScript Library: Decoding an INTEGER could le… |
JonathanWilbur |
asn1-ts |
2026-02-21T06:50:35.877Z | 2026-02-24T18:54:48.702Z |
| CVE-2026-27471 |
9.3 (4.0)
|
ERP: Document access through endpoints due to missing … |
frappe |
erpnext |
2026-02-21T06:38:11.220Z | 2026-02-24T18:53:57.291Z |
| CVE-2026-27212 |
9.4 (4.0)
|
Swiper has a Prototype Pollution Vulnerability |
nolimits4web |
swiper |
2026-02-21T05:43:07.072Z | 2026-02-24T18:53:04.131Z |
| CVE-2025-69308 |
9.3 (3.1)
|
WordPress Nestbyte Core plugin <= 1.2 - SQL Injection … |
TeconceTheme |
Nestbyte Core |
2026-02-20T15:46:48.088Z | 2026-02-24T18:52:10.320Z |
| CVE-2026-27482 |
5.9 (3.1)
|
Ray: Dashboard DELETE endpoints allow unauthenticated … |
ray-project |
ray |
2026-02-21T09:18:26.027Z | 2026-02-24T18:52:03.874Z |
| CVE-2025-69309 |
9.3 (3.1)
|
WordPress Saasplate Core plugin <= 1.2.8 - SQL Injecti… |
TeconceTheme |
Saasplate Core |
2026-02-20T15:46:48.321Z | 2026-02-24T18:51:23.216Z |
| CVE-2026-27464 |
7.7 (3.1)
|
Metabase: Server-Side Template Injection via Notificat… |
metabase |
metabase |
2026-02-21T07:57:50.957Z | 2026-02-24T18:51:05.408Z |
| CVE-2025-69310 |
9.3 (3.1)
|
WordPress Woodly Core plugin <= 1.4 - SQL Injection vu… |
TeconceTheme |
Woodly Core |
2026-02-20T15:46:48.517Z | 2026-02-24T18:50:38.167Z |
| CVE-2026-27469 |
6.1 (3.1)
|
Isso: Stored XSS via comment website field |
isso-comments |
isso |
2026-02-21T07:24:38.971Z | 2026-02-24T18:50:07.650Z |
| CVE-2026-27467 |
2 (3.1)
|
BigBlueButton: Audio from participants to the server i… |
bigbluebutton |
bigbluebutton |
2026-02-21T07:18:26.156Z | 2026-02-24T18:49:12.218Z |
| CVE-2025-69325 |
5.3 (3.1)
|
WordPress Primer MyData for Woocommerce plugin <= 4.2.… |
primersoftware |
Primer MyData for Woocommerce |
2026-02-20T15:46:49.332Z | 2026-02-24T18:49:05.122Z |
| CVE-2026-27466 |
7.2 (3.1)
|
BigBlueButton: Exposed ClamAV port enables Denial of Service |
bigbluebutton |
bigbluebutton |
2026-02-21T07:14:49.851Z | 2026-02-24T18:48:15.788Z |
| CVE-2025-1789 |
5.8 (4.0)
|
Local privilege escalation in Genetec Update Serv… |
Genetec Inc. |
Genetec Update Service |
2026-02-24T18:47:24.913Z | 2026-02-24T18:47:24.913Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-2795 | Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunde… | 2026-02-24T14:16:28.000 | 2026-02-24T18:29:37.680 |
| fkie_cve-2026-2793 | Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox… | 2026-02-24T14:16:27.787 | 2026-02-24T18:29:37.570 |
| fkie_cve-2026-2792 | Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird… | 2026-02-24T14:16:27.680 | 2026-02-24T18:29:37.463 |
| fkie_cve-2026-2791 | Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Fir… | 2026-02-24T14:16:27.580 | 2026-02-24T18:29:37.367 |
| fkie_cve-2026-2790 | Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 14… | 2026-02-24T14:16:27.473 | 2026-02-24T18:29:37.270 |
| fkie_cve-2026-2789 | Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T14:16:27.370 | 2026-02-24T18:29:37.170 |
| fkie_cve-2026-2788 | Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox… | 2026-02-24T14:16:27.260 | 2026-02-24T18:29:37.067 |
| fkie_cve-2026-2787 | Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148,… | 2026-02-24T14:16:27.157 | 2026-02-24T18:29:36.963 |
| fkie_cve-2026-2786 | Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T14:16:27.053 | 2026-02-24T18:29:36.860 |
| fkie_cve-2026-2785 | Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T14:16:26.950 | 2026-02-24T18:29:36.760 |
| fkie_cve-2026-2784 | Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox… | 2026-02-24T14:16:26.847 | 2026-02-24T18:29:36.667 |
| fkie_cve-2026-2783 | Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vuln… | 2026-02-24T14:16:26.747 | 2026-02-24T18:29:36.573 |
| fkie_cve-2026-2782 | Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox… | 2026-02-24T14:16:26.640 | 2026-02-24T18:29:36.480 |
| fkie_cve-2026-2781 | Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T14:16:26.533 | 2026-02-24T18:29:36.383 |
| fkie_cve-2026-2780 | Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox… | 2026-02-24T14:16:26.437 | 2026-02-24T18:29:36.290 |
| fkie_cve-2026-2779 | Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox … | 2026-02-24T14:16:26.330 | 2026-02-24T18:29:36.200 |
| fkie_cve-2026-2778 | Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnera… | 2026-02-24T14:16:26.230 | 2026-02-24T18:29:36.093 |
| fkie_cve-2026-2777 | Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, F… | 2026-02-24T14:16:26.123 | 2026-02-24T18:29:35.997 |
| fkie_cve-2026-2776 | Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software… | 2026-02-24T14:16:26.023 | 2026-02-24T18:29:35.893 |
| fkie_cve-2026-2775 | Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Fire… | 2026-02-24T14:16:25.917 | 2026-02-24T18:29:35.793 |
| fkie_cve-2026-2774 | Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ES… | 2026-02-24T14:16:25.810 | 2026-02-24T18:29:35.697 |
| fkie_cve-2026-2773 | Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148,… | 2026-02-24T14:16:25.703 | 2026-02-24T18:29:35.593 |
| fkie_cve-2026-2772 | Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Fi… | 2026-02-24T14:16:25.603 | 2026-02-24T18:29:35.493 |
| fkie_cve-2026-2771 | Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Fir… | 2026-02-24T14:16:25.497 | 2026-02-24T18:29:35.397 |
| fkie_cve-2026-2770 | Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, F… | 2026-02-24T14:16:25.397 | 2026-02-24T18:29:35.297 |
| fkie_cve-2026-2769 | Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T14:16:25.287 | 2026-02-24T18:29:35.130 |
| fkie_cve-2026-2768 | Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T14:16:25.183 | 2026-02-24T18:29:35.033 |
| fkie_cve-2026-2767 | Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, … | 2026-02-24T14:16:25.080 | 2026-02-24T18:29:34.940 |
| fkie_cve-2026-2766 | Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, F… | 2026-02-24T14:16:24.973 | 2026-02-24T18:29:34.827 |
| fkie_cve-2026-2765 | Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T14:16:24.860 | 2026-02-24T18:29:34.660 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-h4vm-j32v-95qm |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-gvwq-qfp3-3pvf |
8.8 (3.1)
8.7 (4.0)
|
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command i… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-gvhp-5j8m-528x |
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-gmfh-mhfh-2g3q |
4.3 (3.1)
5.1 (4.0)
|
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior lack CSRF protectio… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-fvj5-5qvq-g8wf |
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-cgrc-pwqf-64v8 |
|
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-c5fj-xq9f-fjxm |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fir… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-c3q8-4689-m4p6 |
|
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-9wv6-vw4x-jjg6 |
5.7 (4.0)
|
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malic… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-8g7m-g6r7-rqcp |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-7cfj-7vv8-r64h |
|
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-7c8p-f6jq-w42v |
9.8 (3.1)
9.3 (4.0)
|
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded … | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-6rcf-f85p-pmgj |
|
Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-69fx-mvcm-v5g3 |
9.1 (3.1)
9.3 (4.0)
|
Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictabl… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-62xf-gv4m-h3vc |
|
Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-4r4r-4jp4-wwf9 |
|
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Executi… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-48q6-99pr-mcvm |
|
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3wfp-66x3-wgq2 |
|
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3q93-28v9-5x6v |
4.9 (3.1)
|
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fi… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-3px2-2xc4-mxr2 |
|
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3922-j2hh-9qcf |
5.4 (3.1)
|
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3547-c34m-73j3 |
6.5 (3.1)
6.9 (4.0)
|
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement ra… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-x8jx-9xwq-xwq6 |
|
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 a… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-wwg9-hv2r-mj8w |
|
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ES… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-v49m-r4w3-2p5x |
|
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox … | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-v33x-35cm-8gjc |
|
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-r837-hpv7-pc2f |
8.4 (3.1)
|
DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in t… | 2026-02-24T12:31:40Z | 2026-02-24T18:31:01Z |
| ghsa-r2q9-885m-j92q |
|
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Fire… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-qmr7-46p8-4c5r |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-q6rm-rhj9-jpg5 |
|
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2025-54 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.319321+00:00 |
| pysec-2025-53 |
|
vLLM is an inference and serving engine for large language models (LLMs). Prior to versio… | vllm | 2025-05-29T17:15:21+00:00 | 2025-06-26T21:23:06.231251+00:00 |
| pysec-2025-51 |
|
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) v… | apache-airflow-providers-snowflake | 2025-06-24T08:15:24+00:00 | 2025-06-26T21:23:03.132527+00:00 |
| pysec-2025-50 |
|
vLLM, an inference and serving engine for large language models (LLMs), has a Regular Exp… | vllm | 2025-05-30T18:15:32+00:00 | 2025-06-19T03:02:28.572160+00:00 |
| pysec-2024-255 |
|
Gradio before 4.20 allows credential leakage on Windows. | gradio | 2024-05-05T20:15:07+00:00 | 2025-06-17T19:21:48.983901+00:00 |
| pysec-2024-254 |
4.2 (3.1)
|
A session fixation vulnerability exists in the zenml-io/zenml application, where JWT toke… | zenml | 2024-04-16T00:15:11+00:00 | 2025-06-13T00:48:41.806476+00:00 |
| pysec-2025-49 |
8.8 (3.1)
|
setuptools is a package that allows users to download, build, install, upgrade, and unins… | setuptools | 2025-05-17T16:15:19+00:00 | 2025-06-12T22:23:11.115559+00:00 |
| pysec-2025-48 |
9.8 (3.1)
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2025-03-31T17:15:42+00:00 | 2025-06-12T22:23:10.476087+00:00 |
| pysec-2024-253 |
|
pretix before 2024.1.1 mishandles file validation. | pretix | 2024-02-26T16:28:00+00:00 | 2025-06-11T15:23:51.683422+00:00 |
| pysec-2024-252 |
|
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in t… | torch | 2024-04-17T19:15:07+00:00 | 2025-06-10T19:22:08.948962+00:00 |
| pysec-2024-251 |
|
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in… | torch | 2024-04-17T19:15:07+00:00 | 2025-06-10T03:12:59.077932+00:00 |
| pysec-2025-47 |
|
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2… | django | 2025-06-05T03:15:25+00:00 | 2025-06-05T05:23:28.296596+00:00 |
| pysec-2025-46 |
5.5 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as cri… | pypickle | 2025-05-26T08:15:19+00:00 | 2025-06-03T17:36:58.579358+00:00 |
| pysec-2025-45 |
7.8 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.… | pypickle | 2025-05-26T07:15:26+00:00 | 2025-06-03T17:36:58.528116+00:00 |
| pysec-2024-250 |
|
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csr… | torch | 2024-04-19T21:15:08+00:00 | 2025-06-03T15:23:56.072490+00:00 |
| pysec-2023-312 |
5.9 (3.1)
|
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server b… | redis | 2023-07-15T23:15:09Z | 2025-06-02T11:48:06.372423Z |
| pysec-2025-44 |
|
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in mod… | django-helpdesk | 2025-05-31T01:15:19+00:00 | 2025-05-31T03:09:35.357757+00:00 |
| pysec-2025-43 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions sta… | vllm | 2025-05-29T17:15:21+00:00 | 2025-05-29T19:21:01.611587+00:00 |
| pysec-2025-42 |
9.8 (3.1)
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Ver… | vllm | 2025-04-30T01:15:51+00:00 | 2025-05-28T21:23:12.396609+00:00 |
| pysec-2025-41 |
9.8 (3.1)
|
PyTorch is a Python package that provides tensor computation with strong GPU acceleration… | torch | 2025-04-18T16:15:23+00:00 | 2025-05-28T15:23:37.843138+00:00 |
| pysec-2025-40 |
7.5 (3.1)
|
A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`… | transformers | 2025-05-19T12:15:19+00:00 | 2025-05-21T19:22:10.801823+00:00 |
| pysec-2024-249 |
6.1 (3.1)
|
### Summary On all Label Studio versions prior to 1.11.0, data imported via file upload f… | label-studio | 2024-02-22T22:15:47+00:00 | 2025-05-19T11:22:35.312280+00:00 |
| pysec-2024-248 |
7.8 (3.1)
|
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its … | opencanary | 2024-10-14T21:15:12+00:00 | 2025-05-16T14:23:05.150356+00:00 |
| pysec-2025-39 |
|
motionEye is an online interface for the software motion, a video surveillance program wi… | motioneye | 2025-05-14T16:15:29+00:00 | 2025-05-14T17:22:51.050788+00:00 |
| pysec-2025-38 |
|
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during im… | ironic | 2025-05-08T17:16:01Z | 2025-05-13T04:24:03.083929Z |
| pysec-2024-247 |
9.9 (3.1)
|
A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically… | zenml | 2024-04-16T00:15:11+00:00 | 2025-05-12T15:23:53.861001+00:00 |
| pysec-2025-37 |
|
An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2… | django | 2025-05-08T04:17:18+00:00 | 2025-05-08T05:23:16.210893+00:00 |
| pysec-2025-36 |
9.8 (3.1)
|
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida… | langflow | 2025-04-07T15:15:44+00:00 | 2025-05-07T19:22:44.993642+00:00 |
| pysec-2024-246 |
5.3 (3.1)
|
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in… | vyper | 2024-04-25T17:15:50+00:00 | 2025-05-05T19:21:20.899426+00:00 |
| pysec-2024-111 |
9.1 (3.1)
|
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langcha… | langchain | 2024-10-29T13:15:00Z | 2025-05-02T18:39:47.588215Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33894 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.488420Z |
| gsd-2024-33902 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.486429Z |
| gsd-2024-33888 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.468423Z |
| gsd-2024-33885 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.441746Z |
| gsd-2024-33891 | Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… | 2024-04-29T05:02:07.412035Z |
| gsd-2024-33899 | RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… | 2024-04-29T05:02:07.400574Z |
| gsd-2024-33889 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.392587Z |
| gsd-2024-33893 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.381761Z |
| gsd-2024-33892 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.378170Z |
| gsd-2024-33890 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.344384Z |
| gsd-2024-33896 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.313250Z |
| gsd-2024-33903 | In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… | 2024-04-29T05:02:07.295775Z |
| gsd-2024-33900 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.290639Z |
| gsd-2024-33898 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287632Z |
| gsd-2024-33886 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287167Z |
| gsd-2024-33897 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.283756Z |
| gsd-2024-33883 | The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… | 2024-04-29T05:02:07.271727Z |
| gsd-2024-4303 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.716348Z |
| gsd-2024-4300 | E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… | 2024-04-29T05:02:05.715239Z |
| gsd-2024-4297 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… | 2024-04-29T05:02:05.700888Z |
| gsd-2024-4301 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.678292Z |
| gsd-2024-4296 | The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… | 2024-04-29T05:02:05.621428Z |
| gsd-2024-4299 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… | 2024-04-29T05:02:05.606402Z |
| gsd-2024-4302 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.603637Z |
| gsd-2024-4298 | The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… | 2024-04-29T05:02:05.598531Z |
| gsd-2024-33876 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.990196Z |
| gsd-2024-33874 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.959238Z |
| gsd-2024-33861 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.958057Z |
| gsd-2024-33850 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.952536Z |
| gsd-2024-33856 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.944669Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-995 | Malicious code in vl-ui-contact-card (npm) | 2026-02-22T20:34:24Z | 2026-02-23T04:21:36Z |
| mal-2026-994 | Malicious code in vl-ui-code-preview (npm) | 2026-02-22T20:44:05Z | 2026-02-23T04:21:36Z |
| mal-2026-993 | Malicious code in vl-ui-checkbox (npm) | 2026-02-22T20:34:08Z | 2026-02-23T04:21:36Z |
| mal-2026-992 | Malicious code in vl-ui-button (npm) | 2026-02-22T20:34:14Z | 2026-02-23T04:21:36Z |
| mal-2026-991 | Malicious code in vl-ui-breadcrumb (npm) | 2026-02-22T20:34:10Z | 2026-02-23T04:21:36Z |
| mal-2026-990 | Malicious code in vl-ui-body (npm) | 2026-02-22T20:34:10Z | 2026-02-23T04:21:36Z |
| mal-2026-989 | Malicious code in vl-ui-alert (npm) | 2026-02-22T19:59:59Z | 2026-02-23T04:21:36Z |
| mal-2026-988 | Malicious code in vl-ui-action-group (npm) | 2026-02-22T20:34:16Z | 2026-02-23T04:21:36Z |
| mal-2026-987 | Malicious code in vl-ui-accessibility (npm) | 2026-02-22T20:10:05Z | 2026-02-23T04:21:36Z |
| mal-2026-980 | Malicious code in the-storyverse (npm) | 2026-02-22T06:15:43Z | 2026-02-23T04:21:36Z |
| mal-2026-973 | Malicious code in veim (npm) | 2026-02-20T16:59:54Z | 2026-02-23T04:21:36Z |
| mal-2026-972 | Malicious code in uudi (npm) | 2026-02-20T16:59:55Z | 2026-02-23T04:21:36Z |
| mal-2026-971 | Malicious code in suport-color (npm) | 2026-02-20T16:56:11Z | 2026-02-23T04:21:36Z |
| mal-2026-945 | Malicious code in ui5-cap-event-app-server (npm) | 2026-02-18T19:20:54Z | 2026-02-23T04:21:36Z |
| mal-2026-929 | Malicious code in vds-monarch (npm) | 2026-02-17T15:55:37Z | 2026-02-23T04:21:36Z |
| mal-2026-918 | Malicious code in webpack-vite (npm) | 2026-02-16T15:03:26Z | 2026-02-23T04:21:36Z |
| mal-2026-892 | Malicious code in wropz-module (npm) | 2026-02-13T13:57:37Z | 2026-02-23T04:21:36Z |
| mal-2026-891 | Malicious code in wropz-6module (npm) | 2026-02-13T13:57:38Z | 2026-02-23T04:21:36Z |
| mal-2026-872 | Malicious code in stylelint-recommended (npm) | 2026-02-12T18:18:29Z | 2026-02-23T04:21:36Z |
| mal-2026-859 | Malicious code in systemtest-network (npm) | 2026-02-11T15:13:28Z | 2026-02-23T04:21:36Z |
| mal-2026-858 | Malicious code in systemtest-information (npm) | 2026-02-11T15:13:28Z | 2026-02-23T04:21:36Z |
| mal-2026-999 | Malicious code in react-dropzone-truffle (npm) | 2026-02-23T02:22:35Z | 2026-02-23T04:21:35Z |
| mal-2026-998 | Malicious code in rbxm-tools (npm) | 2026-02-23T02:14:37Z | 2026-02-23T04:21:35Z |
| mal-2026-976 | Malicious code in rollup-plugin-polyfill-swc (npm) | 2026-02-20T17:35:46Z | 2026-02-23T04:21:35Z |
| mal-2026-970 | Malicious code in secp256 (npm) | 2026-02-20T16:56:12Z | 2026-02-23T04:21:35Z |
| mal-2026-969 | Malicious code in scan-store (npm) | 2026-02-20T16:59:55Z | 2026-02-23T04:21:35Z |
| mal-2026-968 | Malicious code in rimarf (npm) | 2026-02-20T16:56:12Z | 2026-02-23T04:21:35Z |
| mal-2026-967 | Malicious code in parse-compat (npm) | 2026-02-20T16:59:56Z | 2026-02-23T04:21:35Z |
| mal-2026-966 | Malicious code in opencraw (npm) | 2026-02-20T16:56:11Z | 2026-02-23T04:21:35Z |
| mal-2026-944 | Malicious code in realestate-ask (npm) | 2026-02-17T10:30:44Z | 2026-02-23T04:21:35Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-postgresql-2026-2007 | PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory | 2026-02-16T16:03:46.313Z | 2026-02-16T16:32:40.318Z |
| bit-postgresql-2026-2006 | PostgreSQL missing validation of multibyte character length executes arbitrary code | 2026-02-16T16:03:41.880Z | 2026-02-16T16:32:40.318Z |
| bit-postgresql-2026-2005 | PostgreSQL pgcrypto heap buffer overflow executes arbitrary code | 2026-02-16T16:03:36.943Z | 2026-02-16T16:32:40.318Z |
| bit-postgresql-2026-2004 | PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code | 2026-02-16T16:03:32.935Z | 2026-02-16T16:32:40.318Z |
| bit-postgresql-2026-2003 | PostgreSQL oidvector discloses a few bytes of memory | 2026-02-16T16:03:27.354Z | 2026-02-16T16:32:40.318Z |
| bit-pip-2026-1703 | Limited path traversal when installing wheel archives | 2026-02-16T15:59:06.080Z | 2026-02-16T16:32:40.318Z |
| bit-pillow-2026-25990 | Pillow has an out-of-bounds write when loading PSD images | 2026-02-16T16:02:06.871Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2026-1458 | Allocation of Resources Without Limits or Throttling in GitLab | 2026-02-16T16:31:06.973Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2026-1456 | Allocation of Resources Without Limits or Throttling in GitLab | 2026-02-16T16:31:05.146Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2026-1282 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in GitLab | 2026-02-16T16:31:03.017Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2026-1094 | Improper Validation of Unsafe Equivalence in Input in GitLab | 2026-02-16T16:30:59.417Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2026-0958 | Interpretation Conflict in GitLab | 2026-02-16T16:30:57.233Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2026-0595 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2026-02-16T16:30:53.679Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2025-8099 | Allocation of Resources Without Limits or Throttling in GitLab | 2026-02-16T16:30:40.312Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2025-7659 | Origin Validation Error in GitLab | 2026-02-16T16:30:29.449Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2025-14594 | Authorization Bypass Through User-Controlled Key in GitLab | 2026-02-16T16:28:35.547Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2025-14592 | Missing Authorization in GitLab | 2026-02-16T16:28:33.785Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2025-14560 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2026-02-16T16:28:32.048Z | 2026-02-16T16:32:40.318Z |
| bit-gitlab-2025-12073 | Server-Side Request Forgery (SSRF) in GitLab | 2026-02-16T16:27:53.661Z | 2026-02-16T16:32:40.318Z |
| bit-dotnet-2026-21218 | .NET Spoofing Vulnerability | 2026-02-16T15:58:16.593Z | 2026-02-16T16:32:40.318Z |
| bit-moodle-2025-67857 | Moodle: moodle: data exposure of user identifiers in urls | 2026-02-12T08:51:13.591Z | 2026-02-12T09:10:24.600Z |
| bit-moodle-2025-67856 | Moodle: moodle: privilege escalation via incomplete role checks in badge awarding | 2026-02-12T08:51:12.105Z | 2026-02-12T09:10:24.600Z |
| bit-moodle-2025-67855 | Mooodle: mooodle: information disclosure and script execution via reflected cross-site scripting | 2026-02-12T08:51:10.563Z | 2026-02-12T09:10:24.600Z |
| bit-moodle-2025-67853 | Moodle: moodle: brute-force facilitation due to missing rate limiting in confirmation email service | 2026-02-12T08:51:08.996Z | 2026-02-12T09:10:24.600Z |
| bit-moodle-2025-67852 | Moodle: moodle: open redirect vulnerability in oauth login flow allows redirection to malicious sites. | 2026-02-12T08:51:07.525Z | 2026-02-12T09:10:24.600Z |
| bit-moodle-2025-67851 | Moodle: moodle: formula injection allows arbitrary formula execution via unescaped data export | 2026-02-12T08:51:05.950Z | 2026-02-12T09:10:24.600Z |
| bit-moodle-2025-67850 | Moodle: moodle: cross-site scripting vulnerability via inadequate input filtering in formula editor | 2026-02-12T08:51:04.289Z | 2026-02-12T09:10:24.600Z |
| bit-moodle-2025-67849 | Moodle: moodle: cross-site scripting (xss) via improper sanitization of ai prompt responses | 2026-02-12T08:51:02.532Z | 2026-02-12T09:10:24.600Z |
| bit-moodle-2025-67848 | Moodle: moodle: authentication bypass via lti provider allows suspended users to gain unauthorized access. | 2026-02-12T08:51:00.880Z | 2026-02-12T09:10:24.600Z |
| bit-airflow-2026-24098 | Apache Airflow: Assigning single DAG permission leaked all DAGs Import Errors | 2026-02-12T08:39:03.920Z | 2026-02-12T09:10:24.600Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-xe32069 | Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ... | 2026-02-06T01:10:32.733224Z | 2026-02-03T13:35:45Z |
| cleanstart-2026-wx01708 | vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device | 2026-02-06T01:10:02.024980Z | 2026-02-03T13:35:45Z |
| cleanstart-2026-xr99875 | Security fixes for GHSA-389x-839f-4rhx, GHSA-3p8m-j85q-pgmj, GHSA-5jpm-x58v-624v, GHSA-84h7-rjj3-6jx4, GHSA-fghv-69vj-qj49, GHSA-jq43-27x9-3v86, GHSA-qqpg-mvqg-649v applied in versions: 0.1.109-r0, 0.1.113-r1 | 2026-02-03T16:02:30.597873Z | 2026-02-03T11:13:56Z |
| cleanstart-2026-nb26505 | Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 4.5.1-r0 | 2026-02-03T16:02:27.744077Z | 2026-02-03T11:13:56Z |
| cleanstart-2026-my73913 | Security fixes for GHSA-r6j8-c6r2-37rr applied in versions: 4.12.1-r0 | 2026-02-03T16:02:28.659120Z | 2026-02-03T11:13:56Z |
| cleanstart-2026-fc21713 | Cancelling a query (e | 2026-02-03T16:02:29.570272Z | 2026-02-03T11:13:56Z |
| cleanstart-2026-cc08655 | Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 0.8.4-r0 | 2026-02-03T00:36:29.405423Z | 2026-02-02T12:32:10Z |
| cleanstart-2026-am95501 | When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11 | 2026-02-03T00:37:00.849369Z | 2026-02-02T12:32:10Z |
| cleanstart-2026-zz61324 | Hunspell 1 | 2026-01-30T17:14:26.562334Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-zp68963 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:47:54.288582Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-zo91195 | go-redis is the official Redis client library for the Go programming language | 2026-01-30T15:30:24.594235Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-zc18474 | PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access | 2026-01-30T17:04:56.559720Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yt18139 | issue was discovered in libexpat before 2 | 2026-01-30T17:26:57.202658Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ys66739 | Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3 | 2026-01-30T15:00:53.250874Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ym28538 | Prometheus Blackbox Exporter through 0 | 2026-01-30T14:06:20.601766Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yl27116 | tar | 2026-01-30T14:08:51.064236Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yk82785 | Within HostnameError | 2026-01-30T14:01:20.108833Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yk54840 | Within HostnameError | 2026-01-30T16:30:55.324232Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yj61997 | Cancelling a query (e | 2026-01-30T14:59:52.788649Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yc48827 | Within HostnameError | 2026-01-30T15:56:24.532632Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yb44027 | Moby is an open-source project created by Docker for software containerization | 2026-01-30T17:04:26.396860Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xz45798 | Within HostnameError | 2026-01-30T14:05:20.961893Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xs24366 | Cancelling a query (e | 2026-01-30T15:00:52.862887Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xr85161 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T16:02:54.934169Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xr17407 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-01-30T16:11:25.270681Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xo49545 | Within HostnameError | 2026-01-30T16:21:25.500719Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xi02879 | When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11 | 2026-01-30T16:18:55.578686Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xd92996 | Cancelling a query (e | 2026-01-30T15:46:24.650971Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-wq07901 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T16:01:54.911193Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-wi17406 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T17:35:28.375848Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2025-107 | 2025-09-24T17:18:08.000Z | 2025-09-24T17:18:08.000Z | |
| drupal-contrib-2025-106 | 2025-09-24T17:16:20.000Z | 2025-09-24T17:16:20.000Z | |
| drupal-contrib-2025-101 | 2025-08-27T17:19:59.000Z | 2025-09-03T18:55:46.000Z | |
| drupal-contrib-2025-097 | 2025-08-13T17:33:34.000Z | 2025-09-03T18:53:10.000Z | |
| drupal-contrib-2025-105 | 2025-09-03T16:15:48.000Z | 2025-09-03T16:15:48.000Z | |
| drupal-contrib-2025-100 | 2025-08-27T17:19:45.000Z | 2025-08-27T17:23:11.000Z | |
| drupal-contrib-2025-104 | 2025-08-27T17:20:41.000Z | 2025-08-27T17:20:41.000Z | |
| drupal-contrib-2025-103 | 2025-08-27T17:20:16.000Z | 2025-08-27T17:20:16.000Z | |
| drupal-contrib-2025-102 | 2025-08-27T17:20:11.000Z | 2025-08-27T17:20:11.000Z | |
| drupal-contrib-2025-099 | 2025-08-27T17:19:24.000Z | 2025-08-27T17:19:24.000Z | |
| drupal-contrib-2025-098 | 2025-08-27T17:19:14.000Z | 2025-08-27T17:19:14.000Z | |
| drupal-contrib-2025-096 | 2025-08-13T17:33:24.000Z | 2025-08-13T20:10:05.000Z | |
| drupal-contrib-2025-095 | 2025-08-06T16:50:43.000Z | 2025-08-06T16:50:43.000Z | |
| drupal-contrib-2025-094 | 2025-07-30T16:31:23.000Z | 2025-07-30T16:31:23.000Z | |
| drupal-contrib-2025-093 | 2025-07-30T16:30:44.000Z | 2025-07-30T16:30:44.000Z | |
| drupal-contrib-2025-092 | 2025-07-23T17:10:19.000Z | 2025-07-23T17:10:19.000Z | |
| drupal-contrib-2025-091 | 2025-07-16T16:46:49.000Z | 2025-07-17T14:42:36.000Z | |
| drupal-contrib-2025-090 | 2025-07-16T16:46:26.000Z | 2025-07-16T16:46:26.000Z | |
| drupal-contrib-2025-089 | 2025-07-16T16:46:08.000Z | 2025-07-16T16:46:08.000Z | |
| drupal-contrib-2025-087 | 2025-07-09T16:37:27.000Z | 2025-07-09T16:37:27.000Z | |
| drupal-contrib-2025-086 | 2025-07-02T17:37:13.000Z | 2025-07-02T17:37:13.000Z | |
| drupal-contrib-2025-085 | 2025-07-02T17:37:03.000Z | 2025-07-02T17:37:03.000Z | |
| drupal-contrib-2025-081 | 2025-06-25T18:42:06.000Z | 2025-06-26T18:17:29.000Z | |
| drupal-contrib-2025-084 | 2025-06-25T18:43:00.000Z | 2025-06-25T18:43:00.000Z | |
| drupal-contrib-2025-083 | 2025-06-25T18:42:38.000Z | 2025-06-25T18:42:38.000Z | |
| drupal-contrib-2025-082 | 2025-06-25T18:42:17.000Z | 2025-06-25T18:42:17.000Z | |
| drupal-contrib-2025-080 | 2025-06-25T18:41:56.000Z | 2025-06-25T18:41:56.000Z | |
| drupal-contrib-2025-079 | 2025-06-25T18:41:34.000Z | 2025-06-25T18:41:34.000Z | |
| drupal-contrib-2025-078 | 2025-06-25T18:41:20.000Z | 2025-06-25T18:41:20.000Z | |
| drupal-contrib-2025-077 | 2025-06-25T18:41:06.000Z | 2025-06-25T18:41:06.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-001972 | Archer MR600 vulnerable to OS command injection | 2026-01-28T10:41+09:00 | 2026-01-28T10:41+09:00 |
| jvndb-2026-000011 | beat-access for Windows may insecurely load Dynamic Link Libraries | 2026-01-27T18:22+09:00 | 2026-01-27T18:22+09:00 |
| jvndb-2026-001732 | Multiple Brother software installers may insecurely load Dynamic Link Libraries | 2026-01-26T16:04+09:00 | 2026-01-26T16:04+09:00 |
| jvndb-2026-000010 | Command injection vulnerability in ASUS routers | 2026-01-23T15:22+09:00 | 2026-01-23T15:22+09:00 |
| jvndb-2026-001663 | "iRMC S5/S6" implemented in PRIMERGY vulnerable to incorrect authorization | 2026-01-23T11:29+09:00 | 2026-01-23T11:29+09:00 |
| jvndb-2026-001662 | Multiple vulnerabilities in Trend Micro Apex Central (January 2026) | 2026-01-23T11:29+09:00 | 2026-01-23T11:29+09:00 |
| jvndb-2026-000009 | Installer of Fujitsu ServerView Agents for Windows may insecurely load Dynamic Link Libraries | 2026-01-21T15:17+09:00 | 2026-01-21T15:17+09:00 |
| jvndb-2026-000008 | Ruijie Networks AP180 series vulnerable to OS command injection | 2026-01-21T15:17+09:00 | 2026-01-21T15:17+09:00 |
| jvndb-2026-001582 | Security information for Hitachi Disk Array Systems | 2026-01-21T12:11+09:00 | 2026-01-21T12:11+09:00 |
| jvndb-2026-001578 | ETERNUS SF vulnerable to insertion of sensitive information into maintenance data | 2026-01-20T20:00+09:00 | 2026-01-20T20:00+09:00 |
| jvndb-2026-001380 | Multiple vulnerabilities in Canon Small Office Multifunction Printers and Laser Printers | 2026-01-19T10:08+09:00 | 2026-01-19T10:08+09:00 |
| jvndb-2026-000007 | Multiple Vulnerabilities in TOA Network Cameras TRIFORA 3 series | 2026-01-16T15:06+09:00 | 2026-01-16T15:06+09:00 |
| jvndb-2025-022878 | Media Player MP-01 vulnerable to Missing Authentication for Critical Function | 2025-12-24T11:10+09:00 | 2026-01-15T11:10+09:00 |
| jvndb-2026-000006 | Chainlit vulnerable to improper access restriction | 2026-01-14T17:03+09:00 | 2026-01-14T17:03+09:00 |
| jvndb-2026-000002 | Multiple vulnerabilities in multiple NEC branded projectors manufactured by Sharp Display Solutions, Ltd. | 2026-01-07T14:10+09:00 | 2026-01-14T16:54+09:00 |
| jvndb-2026-000005 | Multiple vulnerabilities in EATON UPS Companion | 2026-01-13T19:01+09:00 | 2026-01-13T19:01+09:00 |
| jvndb-2026-000003 | RICOH Streamline NX vulnerable to improper authorization | 2026-01-09T18:17+09:00 | 2026-01-09T18:17+09:00 |
| jvndb-2026-000004 | The installers for multiple PIONEER products may insecurely load Dynamic Link Libraries | 2026-01-08T13:47+09:00 | 2026-01-08T13:47+09:00 |
| jvndb-2026-000001 | Origin validation error vulnerability in Fujitsu Security Solution AuthConductor Client Basic V2 | 2026-01-07T14:19+09:00 | 2026-01-07T14:19+09:00 |
| jvndb-2026-001001 | Authentication bypass vulnerability in OpenBlocks series | 2026-01-07T10:46+09:00 | 2026-01-07T10:46+09:00 |
| jvndb-2025-019621 | EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts | 2025-11-21T15:31+09:00 | 2025-12-24T10:54+09:00 |
| jvndb-2025-014967 | Multiple vulnerabilities in multiple Keyence products | 2025-10-03T11:19+09:00 | 2025-12-23T14:36+09:00 |
| jvndb-2025-000117 | SEIKO EPSON printer Web Config vulnerable to stack-based buffer overflow | 2025-12-16T15:31+09:00 | 2025-12-23T11:57+09:00 |
| jvndb-2025-022400 | Ruijie Networks AP180 Series vulnerable to OS command injection | 2025-12-19T12:33+09:00 | 2025-12-19T12:33+09:00 |
| jvndb-2025-000118 | GROWI vulnerable to cross-site request forgery | 2025-12-17T13:04+09:00 | 2025-12-17T13:04+09:00 |
| jvndb-2025-022062 | Multiple vulnerabilities in CHOCO TEI WATCHER mini | 2025-12-17T11:28+09:00 | 2025-12-17T11:28+09:00 |
| jvndb-2025-000115 | QND vulnerable to privilege escalation | 2025-12-11T14:33+09:00 | 2025-12-11T14:33+09:00 |
| jvndb-2025-000113 | Multiple vulnerabilities in GroupSession | 2025-12-08T17:48+09:00 | 2025-12-11T11:30+09:00 |
| jvndb-2025-000091 | Multiple I-O DATA NAS management applications register Windows services with unquoted file paths | 2025-10-22T15:04+09:00 | 2025-12-10T16:20+09:00 |
| jvndb-2021-000081 | Multiple vulnerabilities in Sharp NEC Display Solutions' public displays | 2021-09-17T15:13+09:00 | 2025-12-10T10:24+09:00 |
| ID | Description | Updated |
|---|---|---|
| ts-2023-001 | TS-2023-001 | 2023-01-17T00:00 |
| ts-2022-005 | TS-2022-005 | 2022-11-21T00:00 |
| ts-2022-004 | TS-2022-004 | 2022-11-21T00:00 |
| ts-2022-003 | TS-2022-003 | 2022-06-14T00:00 |
| ts-2022-002 | TS-2022-002 | 2022-05-11T00:00 |
| ts-2022-001 | TS-2022-001 | 2022-02-07T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-10856 | Rockwell Automation FactoryTalk Linx权限提升漏洞 | 2025-10-17 | 2026-02-12 |
| cnvd-2026-10682 | Microsoft Windows SMB Server拒绝服务漏洞 | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10681 | Microsoft Windows SMB Server权限提升漏洞(CNVD-2026-10681) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10680 | Microsoft Windows SMB Server权限提升漏洞(CNVD-2026-10680) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10679 | Microsoft Windows SMB Server权限提升漏洞(CNVD-2026-10679) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10678 | Microsoft Windows SMB Server权限提升漏洞(CNVD-2026-10678) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10677 | Microsoft Windows SMB Server权限提升漏洞(CNVD-2026-10677) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-06390 | 北京星网锐捷网络技术有限公司RG-EST350 V2存在命令执行漏洞 | 2025-12-30 | 2026-02-12 |
| cnvd-2026-10676 | Microsoft Windows File Explorer欺骗漏洞(CNVD-2026-10676) | 2025-10-17 | 2026-02-11 |
| cnvd-2026-10675 | Microsoft Windows File Explorer信息泄露漏洞(CNVD-2026-10675) | 2026-01-19 | 2026-02-11 |
| cnvd-2026-10674 | Microsoft Windows File Explorer信息泄露漏洞(CNVD-2026-10674) | 2026-01-19 | 2026-02-11 |
| cnvd-2026-10673 | Microsoft Windows File Explorer信息泄露漏洞(CNVD-2026-10673) | 2026-01-19 | 2026-02-11 |
| cnvd-2026-10672 | Microsoft Windows File Explorer信息泄露漏洞 | 2026-01-19 | 2026-02-11 |
| cnvd-2026-10671 | MedDream PACS Premium跨站脚本漏洞(CNVD-2026-10671) | 2025-07-30 | 2026-02-11 |
| cnvd-2026-10670 | MedDream PACS Premium跨站脚本漏洞(CNVD-2026-10670) | 2026-01-26 | 2026-02-11 |
| cnvd-2026-10669 | MedDream PACS Premium跨站脚本漏洞(CNVD-2026-10669) | 2026-01-26 | 2026-02-11 |
| cnvd-2026-10668 | MedDream PACS Premium跨站脚本漏洞(CNVD-2026-10668) | 2026-01-26 | 2026-02-11 |
| cnvd-2026-10667 | MedDream PACS Premium跨站脚本漏洞(CNVD-2026-10667) | 2026-01-29 | 2026-02-11 |
| cnvd-2026-10666 | MedDream PACS Premium任意文件读取漏洞 | 2026-01-30 | 2026-02-11 |
| cnvd-2026-10665 | MedDream PACS Premium跨站脚本漏洞 | 2026-01-30 | 2026-02-11 |
| cnvd-2026-10898 | Adobe Creative Cloud Desktop Application拒绝服务漏洞(CNVD-2026-10898) | 2025-12-15 | 2026-02-10 |
| cnvd-2026-10855 | Rockwell Automation CompactLogix 5370拒绝服务漏洞 | 2026-01-30 | 2026-02-10 |
| cnvd-2026-10854 | Rockwell Automation ArmorStart LT拒绝服务漏洞(CNVD-2026-10854) | 2026-01-30 | 2026-02-10 |
| cnvd-2026-10852 | Rockwell Automation ArmorStart LT拒绝服务漏洞(CNVD-2026-10852) | 2026-01-30 | 2026-02-10 |
| cnvd-2026-10851 | Rockwell Automation ArmorStart LT拒绝服务漏洞(CNVD-2026-10851) | 2026-01-30 | 2026-02-10 |
| cnvd-2026-10850 | Rockwell Automation ArmorStart LT拒绝服务漏洞(CNVD-2026-10850) | 2026-01-30 | 2026-02-10 |
| cnvd-2026-10849 | Rockwell Automation ArmorStart LT拒绝服务漏洞(CNVD-2026-10849) | 2026-01-30 | 2026-02-10 |
| cnvd-2026-10848 | Rockwell Automation ArmorStart LT拒绝服务漏洞 | 2026-01-30 | 2026-02-10 |
| cnvd-2026-10846 | Rockwell Automation FactoryTalk View Machine Edition路径遍历漏洞 | 2025-10-17 | 2026-02-10 |
| cnvd-2026-10664 | IBM Aspera Console日志信息泄露漏洞 | 2026-01-30 | 2026-02-10 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01814 | Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с хр… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01813 | Уязвимость программного обеспечения Azure IoT Explorer, связанная с привязкой к открытым … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01812 | Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками представлени… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01811 | Уязвимость службы аналитики данных Azure HDInsights, связанная с непринятием мер по защит… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01810 | Уязвимость редактора электронных таблиц Microsoft Excel пакетов программ Microsoft Office… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01809 | Уязвимость службы хранилища данных Windows Storage Services операционных систем Windows, … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01808 | Уязвимость реализации протокола NTLM операционных систем Windows, позволяющая нарушителю … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01807 | Уязвимость системы аппаратной виртуализации Hyper-V операционной системы Windows, позволя… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01806 | Уязвимость механизма CCF (Cluster Client Failover) операционных систем Windows, позволяющ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01805 | Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01804 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01803 | Уязвимость драйвера WinSock операционных систем Windows, позволяющая нарушителю повысить … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01802 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01801 | Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01800 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01799 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю раскрыть защищаемую и… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01798 | Уязвимость программы для шифрования информации и создания электронных цифровых подписей G… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01797 | Уязвимость функции _bfd_elf_slurp_version_tables() компонента bfd/elf.c программного сред… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01796 | Уязвимость компонента libbfd.c программного средства разработки GNU Binutils, позволяющая… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01795 | Уязвимость программного средства управления конечными точками Ivanti Endpoint Manager, св… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01794 | Уязвимость функции usbg_make_tpg() модуля drivers/usb/gadget/function/f_tcm.c драйвера га… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01792 | Уязвимость программного средства локальной инфраструктуры Azure Local, связанная с ошибка… | 13.02.2026 | 16.02.2026 |
| bdu:2026-01727 | Уязвимость функции оценки избирательности расширения Intarray системы управления базами д… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01726 | Уязвимость функции обработки типов данных oidvector системы управления базами данных Post… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01724 | Уязвимость компонента pg_trgm системы управления базами данных PostgreSQL, позволяющая на… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01723 | Уязвимость системы управления базами данных PostgreSQL, связанная с неверным индексирован… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01722 | Уязвимость компонента pgcrypto системы управления базами данных PostgreSQL, позволяющая н… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01017 | Уязвимость ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код | 30.01.2026 | 16.02.2026 |
| bdu:2025-15831 | Уязвимость программного обеспечения для настройки безопасности astra-safepolicy, связанна… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15830 | Уязвимость компонента net ядра операционной системы Linux, позволяющая нарушителю вызвать… | 15.12.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0858 | Multiples vulnérabilités dans Mitel Micollab | 2024-10-10T00:00:00.000000 | 2026-02-17T00:00:00.000000 |
| certfr-2026-avi-0173 | Multiples vulnérabilités dans les produits Mattermost | 2026-02-16T00:00:00.000000 | 2026-02-16T00:00:00.000000 |
| certfr-2026-avi-0172 | Vulnérabilité dans Google Chrome | 2026-02-16T00:00:00.000000 | 2026-02-16T00:00:00.000000 |
| certfr-2026-avi-0052 | Multiples vulnérabilités dans Mattermost Server | 2026-01-16T00:00:00.000000 | 2026-02-16T00:00:00.000000 |
| certfr-2026-avi-0171 | Multiples vulnérabilités dans les produits IBM | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0170 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0169 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0168 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0167 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0166 | Multiples vulnérabilités dans le noyau Linux de Debian | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0165 | Vulnérabilité dans Mattermost Server | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0164 | Multiples vulnérabilités dans PostgreSQL | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0163 | Multiples vulnérabilités dans HAProxy | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0162 | Multiples vulnérabilités dans Juniper Networks Secure Analytics | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0161 | Vulnérabilité dans Tenable Nessus Agent | 2026-02-13T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0144 | Multiples vulnérabilités dans Ivanti Endpoint Manager | 2026-02-11T00:00:00.000000 | 2026-02-13T00:00:00.000000 |
| certfr-2026-avi-0160 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2026-02-12T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-avi-0159 | Multiples vulnérabilités dans Keycloak | 2026-02-12T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-avi-0158 | Multiples vulnérabilités dans les produits Apple | 2026-02-12T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-avi-0157 | Multiples vulnérabilités dans les produits Qnap | 2026-02-12T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-avi-0156 | Multiples vulnérabilités dans Google Chrome | 2026-02-12T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-avi-0155 | Multiples vulnérabilités dans SPIP | 2026-02-12T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-avi-0154 | Vulnérabilité dans Traefik | 2026-02-12T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-avi-0153 | Multiples vulnérabilités dans les produits Microsoft | 2026-02-11T00:00:00.000000 | 2026-02-11T00:00:00.000000 |
| certfr-2026-avi-0152 | Multiples vulnérabilités dans Microsoft Azure | 2026-02-11T00:00:00.000000 | 2026-02-11T00:00:00.000000 |
| certfr-2026-avi-0151 | Vulnérabilité dans Microsoft .Net | 2026-02-11T00:00:00.000000 | 2026-02-11T00:00:00.000000 |
| certfr-2026-avi-0150 | Multiples vulnérabilités dans Microsoft Windows | 2026-02-11T00:00:00.000000 | 2026-02-11T00:00:00.000000 |
| certfr-2026-avi-0149 | Multiples vulnérabilités dans Microsoft Office | 2026-02-11T00:00:00.000000 | 2026-02-11T00:00:00.000000 |
| certfr-2026-avi-0148 | Multiples vulnérabilités dans les produits Intel | 2026-02-11T00:00:00.000000 | 2026-02-11T00:00:00.000000 |
| certfr-2026-avi-0147 | Multiples vulnérabilités dans les produits Fortinet | 2026-02-11T00:00:00.000000 | 2026-02-11T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-ale-013 | Vulnérabilité dans Apache Struts 2 | 2023-12-13T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-012 | [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2023-10-23T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-011 | [MàJ] Multiples vulnérabilités dans Cisco IOS XE | 2023-10-17T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-010 | Multiples vulnérabilités dans Exim | 2023-10-02T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-008 | [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2023-07-19T00:00:00.000000 | 2024-01-02T00:00:00.000000 |
| certfr-2023-ale-007 | [MàJ] Vulnérabilité dans Zimbra Collaboration Suite | 2023-07-17T00:00:00.000000 | 2024-01-02T00:00:00.000000 |
| certfr-2023-ale-006 | Vulnérabilité dans les produits Microsoft | 2023-12-12T00:00:00.000000 | 2023-07-12T00:00:00.000000 |
| certfr-2023-ale-009 | [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile | 2023-07-26T00:00:00.000000 | 2023-09-15T00:00:00.000000 |
| certfr-2023-ale-005 | Synthèse sur l'exploitation d'une vulnérabilité dans MOVEit Transfer | 2023-07-05T00:00:00.000000 | 2023-09-11T00:00:00.000000 |
| certfr-2023-ale-004 | Vulnérabilité dans les produits Fortinet | 2023-06-13T00:00:00.000000 | 2023-09-11T00:00:00.000000 |
| certfr-2022-ale-014 | Multiples vulnérabilités dans AMI MegaRAC | 2022-12-16T00:00:00.000000 | 2023-09-11T00:00:00.000000 |
| certfr-2023-ale-002 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2023-03-15T00:00:00.000000 | 2023-05-11T00:00:00.000000 |
| certfr-2023-ale-003 | [MàJ] Compromission de l'application 3CX Desktop App | 2023-03-31T00:00:00.000000 | 2023-04-12T00:00:00.000000 |
| certfr-2023-ale-015 | [MàJ] Campagne d'exploitation d'une vulnérabilité affectant VMware ESXi | 2023-02-03T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2023-ale-001 | Vulnérabilité dans Fortinet FortiOS | 2023-03-14T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-013 | [MàJ] Vulnérabilité dans Citrix ADC et Gateway | 2022-12-13T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-010 | Multiples vulnérabilités dans GLPI | 2022-10-07T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-009 | [MaJ] Vulnérabilité dans Zimbra Collaboration | 2022-10-07T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-008 | [MaJ] Multiples vulnérabilités dans Microsoft Exchange | 2022-09-30T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-007 | Multiples vulnérabilités dans Microsoft Windows | 2022-09-16T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-012 | [MàJ] Vulnérabilité dans FortiOS SSL-VPN | 2022-12-13T00:00:00.000000 | 2022-12-20T00:00:00.000000 |
| certfr-2022-ale-011 | Vulnérabilité dans les produits Fortinet | 2022-10-14T00:00:00.000000 | 2022-10-14T00:00:00.000000 |
| certfr-2022-ale-006 | [MàJ] Vulnérabilité dans Atlassian Confluence | 2022-06-03T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-ale-002 | Vulnérabilité dans VMware Spring Cloud Gateway | 2022-03-03T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-ale-005 | [MàJ] Vulnérabilité dans Microsoft Windows | 2022-05-31T00:00:00.000000 | 2022-09-16T00:00:00.000000 |
| certfr-2022-ale-004 | Vulnérabilité dans F5 BIG-IP | 2022-05-11T00:00:00.000000 | 2022-09-16T00:00:00.000000 |
| certfr-2022-ale-003 | [MàJ] Vulnérabilité dans l'implémentation du protocole RPC par Microsoft | 2022-04-13T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2022-ale-001 | [MaJ] Vulnérabilité dans Microsoft Windows | 2022-01-12T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-022 | [MaJ] Vulnérabilité dans Apache Log4j | 2021-12-10T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-021 | Vulnérabilité dans Microsoft Exchange | 2021-11-10T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2023-800 | Heap-buffer-overflow in XCFImageFormat::loadTileRLE | 2023-09-07T14:00:27.693270Z | 2026-02-14T14:17:47.015069Z |
| osv-2023-55 | Index-out-of-bounds in LibRaw::apply_tiff | 2023-02-07T13:00:07.438565Z | 2026-02-14T14:17:36.706876Z |
| osv-2022-1018 | Index-out-of-bounds in LibRaw::kodak_radc_load_raw | 2022-10-06T00:02:27.511658Z | 2026-02-14T14:12:58.520590Z |
| osv-2021-972 | UNKNOWN READ in void mc_chroma<unsigned short> | 2021-07-13T00:00:16.631711Z | 2026-02-14T14:12:55.748229Z |
| osv-2021-948 | Use-of-uninitialized-value in residual_coding | 2021-07-10T00:01:12.890029Z | 2026-02-14T14:12:54.887987Z |
| osv-2021-735 | Use-of-uninitialized-value in decode_CABAC_FL_bypass | 2021-05-08T00:00:14.355747Z | 2026-02-14T14:12:52.068226Z |
| osv-2021-586 | Use-of-uninitialized-value in void intra_prediction_angular<unsigned short> | 2021-03-31T00:01:03.787831Z | 2026-02-14T14:12:51.015354Z |
| osv-2020-876 | Use-of-uninitialized-value in XCFImageFormat::mergeRGBToRGB | 2020-07-14T22:13:55.541274Z | 2026-02-14T14:12:21.660620Z |
| osv-2020-868 | Use-of-uninitialized-value in fetchARGB32ToRGBA64PM_avx2 | 2020-07-14T22:13:50.828646Z | 2026-02-14T14:12:19.230130Z |
| osv-2026-240 | Use-of-uninitialized-value in packet_get1 | 2026-02-14T00:09:50.559032Z | 2026-02-14T00:09:50.559326Z |
| osv-2023-390 | Heap-buffer-overflow in sdhci_write | 2023-05-12T14:00:08.854823Z | 2026-02-13T14:56:42.122885Z |
| osv-2022-581 | Heap-buffer-overflow in megasas_map_sgl | 2022-07-14T00:00:45.644503Z | 2026-02-13T14:29:03.475Z |
| osv-2021-820 | UNKNOWN READ in virtio_gpu_disable_scanout | 2021-06-02T00:00:31.619765Z | 2026-02-13T14:27:16.057293Z |
| osv-2022-1259 | Heap-buffer-overflow in dwg_decode_INSERT_private | 2022-12-13T13:00:46.870838Z | 2026-02-13T14:08:55.760270Z |
| osv-2024-451 | Use-of-uninitialized-value in XpackDynamicTable::_make_space | 2024-05-08T00:14:48.544622Z | 2026-02-12T14:18:05.600525Z |
| osv-2023-307 | Heap-buffer-overflow in bit_read_BB | 2023-04-13T14:02:09.774988Z | 2026-02-12T14:12:00.262856Z |
| osv-2023-1267 | Heap-buffer-overflow in dwg_free_object | 2023-12-08T00:11:02.971903Z | 2026-02-12T14:11:51.775549Z |
| osv-2022-714 | Heap-buffer-overflow in dynapi_set_helper | 2022-08-15T00:00:47.794062Z | 2026-02-12T14:10:16.110185Z |
| osv-2022-653 | Heap-double-free in dwg_free_common_entity_data | 2022-07-30T00:01:52.491112Z | 2026-02-12T14:10:04.908219Z |
| osv-2022-400 | Heap-double-free in dwg_free_XRECORD_private | 2022-05-08T00:00:40.782520Z | 2026-02-12T14:08:32.471352Z |
| osv-2022-388 | Segv on unknown address in dwg_ref_get_object | 2022-05-01T00:01:54.904711Z | 2026-02-12T14:08:30.026177Z |
| osv-2022-372 | Heap-buffer-overflow in dwg_encode_VERTEX_2D | 2022-04-26T00:00:09.352798Z | 2026-02-12T14:08:22.863193Z |
| osv-2022-379 | Segv on unknown address in bit_write_TV | 2022-04-27T00:00:44.539231Z | 2026-02-12T14:08:20.663182Z |
| osv-2022-1198 | Heap-buffer-overflow in dwg_json_LTYPE | 2022-11-23T13:02:06.623044Z | 2026-02-12T14:07:40.542042Z |
| osv-2022-1176 | Heap-double-free in dwg_free | 2022-11-18T13:00:26.857477Z | 2026-02-12T14:07:39.929918Z |
| osv-2021-1086 | Heap-buffer-overflow in dwg_convert_SAB_to_SAT1 | 2021-08-02T00:00:31.888461Z | 2026-02-12T14:07:34.523033Z |
| osv-2021-1343 | Heap-buffer-overflow in get_next_owned_entity | 2021-09-21T00:01:33.177403Z | 2026-02-12T14:07:19.665863Z |
| osv-2025-219 | Heap-buffer-overflow in opj_j2k_read_tile_header | 2025-03-18T00:18:30.566980Z | 2026-02-11T14:21:43.026699Z |
| osv-2022-725 | Heap-buffer-overflow in jxl::N_EMU128::WriteToU8Stage::ProcessRow | 2022-08-18T00:01:05.918943Z | 2026-02-11T14:11:54.187880Z |
| osv-2022-608 | Heap-use-after-free in jxl::WriteToPixelCallbackStage::ProcessRow | 2022-07-21T00:01:50.967627Z | 2026-02-11T14:11:11.571040Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2024-0436 | paste - no longer maintained | 2024-10-07T12:00:00Z | 2026-01-27T21:51:15Z |
| rustsec-2026-0005 | Potential use-after-free in `oneshot` when used asynchronously | 2026-01-25T12:00:00Z | 2026-01-27T05:50:51Z |
| rustsec-2026-0004 | Triton VM Soundness Vulnerability due to Improper Sampling of Randomness | 2026-01-21T12:00:00Z | 2026-01-23T05:50:29Z |
| rustsec-2021-0155 | Use After Free in lucet-runtime | 2021-11-30T12:00:00Z | 2026-01-17T19:50:19Z |
| rustsec-2025-0111 | `tokio-tar` parses PAX extended headers incorrectly, allows file smuggling | 2025-10-21T12:00:00Z | 2026-01-17T07:44:05Z |
| rustsec-2025-0141 | Bincode is unmaintained | 2025-12-16T12:00:00Z | 2026-01-16T11:04:42Z |
| rustsec-2026-0003 | Non-constant-time code generation on ARM32 targets | 2026-01-14T12:00:00Z | 2026-01-15T17:45:42Z |
| rustsec-2026-0002 | `IterMut` violates Stacked Borrows by invalidating internal pointer | 2026-01-07T12:00:00Z | 2026-01-08T05:46:06Z |
| rustsec-2026-0001 | Potential Undefined Behaviors in `Arc<T>`/`Rc<T>` impls of `from_value` on OOM | 2026-01-05T12:00:00Z | 2026-01-06T15:33:19Z |
| rustsec-2025-0139 | theshit vulnerable to unsafe loading of user-owned Python rules when running as root | 2025-12-30T12:00:00Z | 2026-01-04T20:34:25Z |
| rustsec-2023-0096 | Plaintext exposed in decrypt_in_place_detached even on tag verification failure | 2023-11-22T12:00:00Z | 2025-12-29T13:49:34Z |
| rustsec-2025-0138 | --allow-read / --allow-write permission bypass in `node:sqlite` | 2025-06-03T12:00:00Z | 2025-12-29T10:04:21Z |
| rustsec-2025-0137 | Unsoundness of safe `reciprocal_mg10` | 2025-12-22T12:00:00Z | 2025-12-28T09:42:26Z |
| rustsec-2024-0447 | Panics on Malformed Untrusted Input | 2024-12-05T12:00:00Z | 2025-12-24T14:48:25Z |
| rustsec-2023-0095 | Invalid Slice Split Results in Server Panic | 2023-08-03T12:00:00Z | 2025-12-22T18:53:25Z |
| rustsec-2024-0446 | Shell expansion in custom commands | 2024-07-26T12:00:00Z | 2025-12-22T13:54:49Z |
| rustsec-2022-0103 | Incorrect signature verification on gzip-compressed install images | 2022-03-04T12:00:00Z | 2025-12-21T13:45:28Z |
| rustsec-2024-0445 | cap-primitives doesn't fully sandbox all the Windows device filenames | 2024-11-05T12:00:00Z | 2025-12-19T21:01:24Z |
| rustsec-2024-0444 | Uncaught exception when transitioning the state of `AsyncGenerator` objects from within a property getter of `then` | 2024-08-14T12:00:00Z | 2025-12-19T06:15:15Z |
| rustsec-2022-0042 | malicious crate `rustdecimal` | 2022-05-10T12:00:00Z | 2025-12-17T17:06:41Z |
| rustsec-2021-0082 | vec-const attempts to construct a Vec from a pointer to a const slice | 2021-08-14T12:00:00Z | 2025-12-17T17:06:41Z |
| rustsec-2025-0136 | Underflow in aes_key_unwrap function | 2025-11-07T12:00:00Z | 2025-12-17T06:01:32Z |
| rustsec-2025-0135 | matrix-sdk-base: Denial of service due to custom `m.room.join_rules` events | 2025-12-08T12:00:00Z | 2025-12-08T12:23:54Z |
| rustsec-2025-0133 | Incorrect calculation on aarch64 | 2025-12-04T12:00:00Z | 2025-12-06T07:36:56Z |
| rustsec-2025-0134 | rustls-pemfile is unmaintained | 2025-11-28T12:00:00Z | 2025-12-05T19:07:24Z |
| rustsec-2025-0132 | `Reader::open_mmap` unsoundly marks unsafe memmap operation as safe | 2025-11-28T12:00:00Z | 2025-12-02T06:03:09Z |
| rustsec-2025-0131 | Lack of sufficient checks in public API | 2025-10-31T12:00:00Z | 2025-12-02T06:03:09Z |
| rustsec-2025-0120 | json5 crate is unmaintained | 2025-11-16T12:00:00Z | 2025-11-30T00:15:16Z |
| rustsec-2025-0126 | Heap-buffer-overflow in nftnl::Batch::with_page_size (nftnl-rs) | 2025-10-18T12:00:00Z | 2025-11-27T21:53:33Z |
| rustsec-2025-0130 | Missing check in ZK proof in CGGMP21 Threshold Signing Protocol | 2025-11-24T12:00:00Z | 2025-11-26T06:00:45Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:1939 | Important: python3.12-wheel security update | 2026-02-04T00:00:00Z | 2026-02-10T07:52:01Z |
| alsa-2026:2048 | Important: freerdp security update | 2026-02-05T00:00:00Z | 2026-02-10T07:49:11Z |
| alsa-2026:2220 | Important: thunderbird security update | 2026-02-09T00:00:00Z | 2026-02-10T07:45:12Z |
| alsa-2026:2286 | Important: thunderbird security update | 2026-02-09T00:00:00Z | 2026-02-09T12:36:11Z |
| alsa-2026:2264 | Moderate: kernel security update | 2026-02-09T00:00:00Z | 2026-02-09T11:47:42Z |
| alsa-2026:2271 | Important: firefox security update | 2026-02-09T00:00:00Z | 2026-02-09T11:39:07Z |
| alsa-2026:2215 | Important: libsoup security update | 2026-02-09T00:00:00Z | 2026-02-09T11:36:21Z |
| alsa-2026:2124 | Important: osbuild-composer security update | 2026-02-05T00:00:00Z | 2026-02-09T11:33:23Z |
| alsa-2026:2039 | Important: fontforge security update | 2026-02-05T00:00:00Z | 2026-02-06T21:29:46Z |
| alsa-2026:1831 | Moderate: qemu-kvm security update | 2026-02-03T00:00:00Z | 2026-02-06T17:34:44Z |
| alsa-2026:1837 | Moderate: osbuild-composer security update | 2026-02-03T00:00:00Z | 2026-02-06T17:33:01Z |
| alsa-2026:2182 | Important: libsoup3 security update | 2026-02-05T00:00:00Z | 2026-02-06T17:31:52Z |
| alsa-2026:1842 | Important: nodejs24 security update | 2026-02-03T00:00:00Z | 2026-02-06T17:30:17Z |
| alsa-2026:1843 | Important: nodejs22 security update | 2026-02-03T00:00:00Z | 2026-02-06T17:27:45Z |
| alsa-2026:2081 | Important: freerdp security update | 2026-02-05T00:00:00Z | 2026-02-06T08:53:33Z |
| alsa-2026:2090 | Important: python3.12-wheel security update | 2026-02-05T00:00:00Z | 2026-02-06T08:49:17Z |
| alsa-2026:2128 | Moderate: python3 security update | 2026-02-05T00:00:00Z | 2026-02-06T08:39:22Z |
| alsa-2026:1617 | Moderate: kernel security update | 2026-02-02T00:00:00Z | 2026-02-06T08:24:53Z |
| alsa-2026:2042 | Important: brotli security update | 2026-02-05T00:00:00Z | 2026-02-05T12:08:23Z |
| alsa-2026:1690 | Important: kernel security update | 2026-02-02T00:00:00Z | 2026-02-05T09:56:48Z |
| alsa-2026:1902 | Important: python-wheel security update | 2026-02-04T00:00:00Z | 2026-02-05T09:52:44Z |
| alsa-2026:1825 | Moderate: curl security update | 2026-02-03T00:00:00Z | 2026-02-05T09:50:43Z |
| alsa-2026:1828 | Moderate: python3.12 security update | 2026-02-03T00:00:00Z | 2026-02-05T09:48:47Z |
| alsa-2026:1696 | Moderate: util-linux security update | 2026-02-02T00:00:00Z | 2026-02-03T11:05:12Z |
| alsa-2026:1715 | Important: golang-github-openprinting-ipp-usb security update | 2026-02-02T00:00:00Z | 2026-02-03T11:03:28Z |
| alsa-2026:1714 | Moderate: wireshark security update | 2026-02-02T00:00:00Z | 2026-02-03T11:02:21Z |
| alsa-2026:1662 | Moderate: kernel security update | 2026-02-02T00:00:00Z | 2026-02-02T13:45:57Z |
| alsa-2026:1661 | Moderate: kernel-rt security update | 2026-02-02T00:00:00Z | 2026-02-02T13:40:07Z |
| alsa-2026:1631 | Moderate: python3 security update | 2026-02-02T00:00:00Z | 2026-02-02T12:08:18Z |
| alsa-2026:1592 | Moderate: iperf3 security update | 2026-01-29T00:00:00Z | 2026-02-02T11:56:57Z |