Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-22373 |
8.1 (3.1)
|
WordPress Fooddy theme <= 1.3.10 - Local File Inclusio… |
AncoraThemes |
Fooddy |
2026-02-20T15:47:05.132Z | 2026-02-24T20:50:59.622Z |
| CVE-2026-22375 |
8.1 (3.1)
|
WordPress Impacto Patronus theme <= 1.2.3 - Local File… |
AncoraThemes |
Impacto Patronus |
2026-02-20T15:47:05.586Z | 2026-02-24T20:50:59.430Z |
| CVE-2026-22379 |
8.1 (3.1)
|
WordPress Netmix theme <= 1.0.10 - Local File Inclusio… |
AncoraThemes |
Netmix |
2026-02-20T15:47:06.345Z | 2026-02-24T20:50:59.202Z |
| CVE-2026-3091 |
6.7 (3.1)
|
An uncontrolled search path element vulnerability… |
Synology |
Synology Presto Client |
2026-02-24T02:31:20.298Z | 2026-02-24T20:48:54.091Z |
| CVE-2026-26283 |
6.2 (3.1)
|
ImageMagick has possible infinite loop in JPEG encoder… |
ImageMagick |
ImageMagick |
2026-02-24T01:55:59.350Z | 2026-02-24T20:47:41.990Z |
| CVE-2026-26284 |
6.5 (3.1)
|
ImageMagick has heap overflow in pcd decoder that lead… |
ImageMagick |
ImageMagick |
2026-02-24T02:00:19.417Z | 2026-02-24T20:46:56.730Z |
| CVE-2026-3054 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
Alinto SOGo cross site scripting |
Alinto |
SOGo |
2026-02-24T02:02:06.992Z | 2026-02-24T20:45:48.226Z |
| CVE-2026-3057 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
a54552239 pearProjectApi Backend Task.php dateTotalFor… |
a54552239 |
pearProjectApi |
2026-02-24T02:02:08.977Z | 2026-02-24T20:42:56.315Z |
| CVE-2026-26198 |
9.8 (3.1)
|
ormar is vulnerable to SQL Injection through aggregate… |
collerek |
ormar |
2026-02-24T02:03:47.094Z | 2026-02-24T20:35:44.673Z |
| CVE-2026-22377 |
8.1 (3.1)
|
WordPress Saveo theme <= 1.1.2 - Local File Inclusion … |
AncoraThemes |
Saveo |
2026-02-20T15:47:05.960Z | 2026-02-24T20:30:39.293Z |
| CVE-2025-11847 |
4.9 (3.1)
|
A null pointer dereference vulnerability in the I… |
Zyxel |
VMG3625-T50B firmware |
2026-02-24T02:09:44.684Z | 2026-02-24T20:27:08.473Z |
| CVE-2025-11848 |
4.9 (3.1)
|
A null pointer dereference vulnerability in the W… |
Zyxel |
VMG3625-T50B firmware |
2026-02-24T02:14:18.688Z | 2026-02-24T20:25:28.725Z |
| CVE-2025-68841 |
7.5 (3.1)
|
WordPress TopperPack – Complete Elementor Addons, them… |
Themepul |
TopperPack – Complete Elementor Addons, Theme & CPT Builder |
2026-02-20T15:46:41.702Z | 2026-02-24T20:24:25.553Z |
| CVE-2025-69373 |
7.5 (3.1)
|
WordPress VidoRev theme <= 2.9.9.9.9.9.7 - Local File … |
beeteam368 |
VidoRev |
2026-02-20T15:46:51.695Z | 2026-02-24T20:24:25.192Z |
| CVE-2025-69387 |
7.5 (3.1)
|
WordPress Simple Retail Menus plugin <= 4.2.1 - Local … |
whatwouldjessedo |
Simple Retail Menus |
2026-02-20T15:46:54.745Z | 2026-02-24T20:09:12.911Z |
| CVE-2026-26331 |
8.8 (3.1)
|
yt-dlp: Arbitrary Command Injection when using the `--… |
yt-dlp |
yt-dlp |
2026-02-24T02:23:40.858Z | 2026-02-24T20:08:47.720Z |
| CVE-2025-69383 |
7.5 (3.1)
|
WordPress WP shop plugin <= 2.6.1 - Local File Inclusi… |
Agence web Eoxia - Montpellier |
WP shop |
2026-02-20T15:46:53.941Z | 2026-02-24T20:08:30.147Z |
| CVE-2026-22356 |
7.5 (3.1)
|
WordPress Jetpack CRM plugin <= 6.7.0 - Local File Inc… |
Automattic |
Jetpack CRM |
2026-02-20T15:47:01.362Z | 2026-02-24T20:06:17.125Z |
| CVE-2026-26981 |
6.5 (3.1)
|
OpenEXR has heap-buffer-overflow via signed integer un… |
AcademySoftwareFoundation |
openexr |
2026-02-24T02:26:16.659Z | 2026-02-24T20:03:54.667Z |
| CVE-2026-23803 |
6.4 (3.1)
|
WordPress Smart Auto Upload Images plugin <= 1.2.2 - S… |
Burhan Nasir |
Smart Auto Upload Images |
2026-02-19T08:26:50.148Z | 2026-02-24T19:57:55.720Z |
| CVE-2025-69299 |
7.2 (3.1)
|
WordPress Oxygen theme <= 6.0.8 - Server Side Request … |
Laborator |
Oxygen |
2026-02-20T15:46:46.533Z | 2026-02-24T19:57:23.888Z |
| CVE-2026-22341 |
5.4 (3.1)
|
WordPress Booked plugin <= 3.0.0 - Account Takeover vu… |
Case-Themes |
Booked |
2026-02-20T15:46:59.242Z | 2026-02-24T19:54:34.388Z |
| CVE-2025-69366 |
9.3 (3.1)
|
WordPress Emerce Core plugin <= 1.8 - SQL Injection vu… |
TeconceTheme |
Emerce Core |
2026-02-20T15:46:50.573Z | 2026-02-24T19:47:29.059Z |
| CVE-2025-69365 |
9.3 (3.1)
|
WordPress Uroan Core plugin <= 1.4.4 - SQL Injection v… |
TeconceTheme |
Uroan Core |
2026-02-20T15:46:50.375Z | 2026-02-24T19:47:28.889Z |
| CVE-2025-69337 |
9.3 (3.1)
|
WordPress Wolmart Core plugin <= 1.9.6 - SQL Injection… |
don-themes |
Wolmart Core |
2026-02-20T15:46:50.197Z | 2026-02-24T19:47:28.723Z |
| CVE-2025-69307 |
9.3 (3.1)
|
WordPress Medinik Core plugin <= 1.3.6 - SQL Injection… |
TeconceTheme |
Medinik Core |
2026-02-20T15:46:47.896Z | 2026-02-24T19:47:28.577Z |
| CVE-2025-69306 |
9.3 (3.1)
|
WordPress Electio Core plugin <= 1.4 - SQL Injection v… |
TeconceTheme |
Electio Core |
2026-02-20T15:46:47.710Z | 2026-02-24T19:47:28.415Z |
| CVE-2025-69305 |
9.3 (3.1)
|
WordPress Crete Core plugin <= 1.4.3 - SQL Injection v… |
TeconceTheme |
Crete Core |
2026-02-20T15:46:47.544Z | 2026-02-24T19:47:28.186Z |
| CVE-2026-27126 |
5.9 (4.0)
|
Craft CMS has Stored XSS in Table Field via "HTML" Col… |
craftcms |
cms |
2026-02-24T02:30:04.882Z | 2026-02-24T19:35:38.348Z |
| CVE-2026-22384 |
8.8 (3.1)
|
WordPress Applay - Shortcodes plugin <= 3.7 - PHP Obje… |
leafcolor |
Applay - Shortcodes |
2026-02-20T15:47:07.059Z | 2026-02-24T19:34:05.783Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-64113 | Emby Server is a user-installable home media server. Versions below 4.9.1.81 allow an attacker to g… | 2025-12-09T20:15:54.327 | 2026-02-24T19:58:28.187 |
| fkie_cve-2025-15310 | Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools. | 2026-02-10T00:16:05.370 | 2026-02-24T19:53:42.360 |
| fkie_cve-2026-25957 | Cube is a semantic layer for building data applications. From 1.1.17 to before 1.5.13 and 1.4.2, it… | 2026-02-09T23:16:06.780 | 2026-02-24T19:53:01.743 |
| fkie_cve-2026-26223 | SPIP before 4.4.8 allows cross-site scripting (XSS) in the private area via malicious iframe tags. … | 2026-02-19T16:27:15.817 | 2026-02-24T19:52:54.863 |
| fkie_cve-2025-2148 | A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by thi… | 2025-03-10T12:15:12.617 | 2026-02-24T19:52:04.730 |
| fkie_cve-2026-26345 | SPIP before 4.4.8 contains a stored cross-site scripting (XSS) vulnerability in the public area tri… | 2026-02-19T16:27:16.003 | 2026-02-24T19:51:50.930 |
| fkie_cve-2026-24846 | malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. St… | 2026-01-29T22:15:54.740 | 2026-02-24T19:51:41.880 |
| fkie_cve-2025-62599 | Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object… | 2026-02-03T18:16:15.073 | 2026-02-24T19:47:21.287 |
| fkie_cve-2026-27472 | SPIP before 4.4.9 allows Blind Server-Side Request Forgery (SSRF) via syndicated sites in the priva… | 2026-02-19T19:22:30.187 | 2026-02-24T19:45:15.137 |
| fkie_cve-2026-27473 | SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via syndicated sites in the private area… | 2026-02-19T19:22:30.363 | 2026-02-24T19:44:24.070 |
| fkie_cve-2026-27474 | SPIP before 4.4.9 allows Cross-Site Scripting (XSS) in the private area, complementing an incomplet… | 2026-02-19T19:22:30.540 | 2026-02-24T19:43:58.070 |
| fkie_cve-2026-27475 | SPIP before 4.4.9 allows Insecure Deserialization in the public area through the table_valeur filte… | 2026-02-19T19:22:30.720 | 2026-02-24T19:37:54.003 |
| fkie_cve-2015-6420 | Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and … | 2015-12-15T05:59:07.823 | 2026-02-24T19:36:10.860 |
| fkie_cve-2025-64328 | FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versio… | 2025-11-07T04:15:47.397 | 2026-02-24T19:30:59.130 |
| fkie_cve-2024-5412 | A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware versi… | 2024-09-03T02:15:05.103 | 2026-02-24T19:30:52.253 |
| fkie_cve-2024-38269 | An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing … | 2024-09-24T02:15:03.230 | 2026-02-24T19:30:52.253 |
| fkie_cve-2024-38268 | An improper restriction of operations within the bounds of a memory buffer in the MAC address parse… | 2024-09-24T02:15:02.987 | 2026-02-24T19:30:52.253 |
| fkie_cve-2024-38267 | An improper restriction of operations within the bounds of a memory buffer in the IPv6 address pars… | 2024-09-24T02:15:02.750 | 2026-02-24T19:30:52.253 |
| fkie_cve-2024-38266 | An improper restriction of operations within the bounds of a memory buffer in the parameter type pa… | 2024-09-24T02:15:02.220 | 2026-02-24T19:30:52.253 |
| fkie_cve-2023-37273 | Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 langua… | 2023-07-13T23:15:10.747 | 2026-02-24T19:27:37.630 |
| fkie_cve-2025-71244 | SPIP before 4.4.5 and 4.3.9 allows an Open Redirect via the login form when used in AJAX mode. An a… | 2026-02-19T16:27:12.507 | 2026-02-24T19:27:15.973 |
| fkie_cve-2023-40923 | MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabi… | 2023-11-15T06:15:27.797 | 2026-02-24T19:27:15.333 |
| fkie_cve-2023-37274 | Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 langua… | 2023-07-13T23:15:10.820 | 2026-02-24T19:26:33.467 |
| fkie_cve-2023-37275 | Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 langua… | 2023-07-13T23:15:10.890 | 2026-02-24T19:26:13.200 |
| fkie_cve-2025-71242 | SPIP before 4.3.6, 4.2.17, and 4.1.20 allows unauthorized content disclosure in the private area. T… | 2026-02-19T16:27:12.113 | 2026-02-24T19:25:58.373 |
| fkie_cve-2025-62600 | Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object… | 2026-02-03T19:16:14.170 | 2026-02-24T19:24:19.563 |
| fkie_cve-2026-22686 | Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, t… | 2026-01-14T00:15:49.957 | 2026-02-24T19:23:05.580 |
| fkie_cve-2026-24891 | openITCOCKPIT is an open source monitoring tool built for different monitoring engines like Nagios,… | 2026-02-20T18:25:51.143 | 2026-02-24T19:22:32.653 |
| fkie_cve-2026-2798 | Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thun… | 2026-02-24T14:16:28.307 | 2026-02-24T19:21:44.180 |
| fkie_cve-2026-25603 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Lin… | 2026-02-24T18:29:33.167 | 2026-02-24T19:21:42.927 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-mwrf-hg69-6h5g |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:33Z |
| ghsa-f6p8-2gf3-784r |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:33Z | 2026-02-24T21:31:33Z |
| ghsa-733c-qhrf-7cmm |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:33Z |
| ghsa-58h5-w6gx-q297 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:33Z |
| ghsa-wm72-rvv8-pj93 |
7.6 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-19T18:31:51Z | 2026-02-24T21:31:32Z |
| ghsa-v6hg-mv73-76vg |
6.4 (3.1)
|
Server-Side Request Forgery (SSRF) vulnerability in Burhan Nasir Smart Auto Upload Images smart-aut… | 2026-02-19T18:31:51Z | 2026-02-24T21:31:32Z |
| ghsa-ggw3-fhv7-grw9 |
7.2 (3.1)
|
Deserialization of Untrusted Data vulnerability in Brainstorm Force CartFlows cartflows allows Obje… | 2026-02-19T18:31:52Z | 2026-02-24T21:31:32Z |
| ghsa-qgqm-fpvv-jgfh |
8.8 (3.1)
8.7 (4.0)
|
FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enab… | 2026-02-13T06:30:48Z | 2026-02-24T21:31:31Z |
| ghsa-29v6-6hr2-37cw |
7.2 (3.1)
|
Deserialization of Untrusted Data vulnerability in YITHEMES YITH WooCommerce Compare yith-woocommer… | 2026-02-19T18:31:51Z | 2026-02-24T21:31:31Z |
| ghsa-hg87-qqvm-4pr4 |
5.5 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profil… | 2026-01-25T15:30:27Z | 2026-02-24T21:31:30Z |
| ghsa-3p2r-ffrh-j979 |
5.3 (3.1)
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-02-06T18:30:32Z | 2026-02-24T21:31:30Z |
| ghsa-39p9-g2pq-q8r7 |
7.5 (3.1)
5.9 (4.0)
|
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_dis… | 2026-02-06T18:30:32Z | 2026-02-24T21:31:30Z |
| ghsa-jxq9-79vj-rgvw |
9.3 (3.1)
|
Statamic is vulnerable to account takeover via password reset link injection | 2026-02-24T21:09:23Z | 2026-02-24T21:09:23Z |
| ghsa-243v-98vx-264h |
6.9 (4.0)
|
Wasmtime can panic when adding excessive fields to a `wasi:http/types.fields` instance | 2026-02-24T21:08:06Z | 2026-02-24T21:08:06Z |
| ghsa-mrq8-rjmw-wpq3 |
6.9 (4.0)
|
Fiber has a Denial of Service Vulnerability via Route Parameter Overflow | 2026-02-24T21:04:07Z | 2026-02-24T21:04:07Z |
| ghsa-3ppc-4f35-3m26 |
8.7 (4.0)
|
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern | 2026-02-18T22:38:11Z | 2026-02-24T20:59:57Z |
| ghsa-2mr3-m5q5-wgp6 |
7.5 (3.1)
|
Fiber is Vulnerable to Denial of Service via Flash Cookie Unbounded Allocation | 2026-02-24T20:57:25Z | 2026-02-24T20:57:25Z |
| ghsa-m3c2-496v-cw3v |
8.7 (4.0)
|
Fiber has an Arbitrary File Read in Static Middleware on Windows | 2026-02-24T20:51:01Z | 2026-02-24T20:51:01Z |
| ghsa-852m-cvvp-9p4w |
5.9 (4.0)
|
Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion | 2026-02-24T20:47:08Z | 2026-02-24T20:47:09Z |
| ghsa-xjhv-v822-pf94 |
6.9 (4.0)
|
Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future | 2026-02-24T20:44:46Z | 2026-02-24T20:44:46Z |
| ghsa-5r3v-vc8m-m96g |
8.9 (4.0)
|
Caddy: Unicode case-folding length expansion causes incorrect split_path index in FastCGI transport | 2026-02-24T20:39:08Z | 2026-02-24T20:39:08Z |
| ghsa-879p-475x-rqh2 |
6.9 (4.0)
|
Caddy is vulnerable to cross-origin config application via local admin API /load | 2026-02-24T20:37:35Z | 2026-02-24T20:37:35Z |
| ghsa-x76f-jf84-rqj8 |
7.7 (4.0)
|
Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth… | 2026-02-24T20:34:01Z | 2026-02-24T20:34:01Z |
| ghsa-g7pc-pc7g-h8jh |
7.7 (4.0)
|
Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth… | 2026-02-24T20:31:31Z | 2026-02-24T20:31:31Z |
| ghsa-hffm-g8v7-wrv7 |
8.8 (4.0)
|
Caddy: mTLS client authentication silently fails open when CA certificate file is missing or malformed | 2026-02-24T20:22:53Z | 2026-02-24T20:22:53Z |
| ghsa-4xrr-hq4w-6vf4 |
6.9 (4.0)
|
Caddy: Improper sanitization of glob characters in file matcher may lead to bypassing security prot… | 2026-02-24T20:16:55Z | 2026-02-24T20:16:56Z |
| ghsa-m2cq-xjgm-f668 |
9.2 (4.0)
|
ActualBudget server is Missing Authentication for SimpleFIN and Pluggy AI bank sync endpoints | 2026-02-24T20:13:30Z | 2026-02-24T20:13:30Z |
| ghsa-hhfx-5x8j-f5f6 |
6.5 (3.1)
|
Payload: Server-Side Request Forgery (SSRF) in External File URL Uploads | 2026-02-24T20:10:32Z | 2026-02-24T20:10:32Z |
| ghsa-4894-xqv6-vrfq |
8.8 (3.1)
|
MindsDB: Path Traversal in /api/files Leading to Remote Code Execution | 2026-02-24T20:07:58Z | 2026-02-24T20:07:59Z |
| ghsa-vxg3-v4p6-f3fp |
6.9 (4.0)
|
Pimcore vulnerable to SQL injection via unsanitized filter value in Dependency Dao RLIKE clause | 2026-02-24T20:03:23Z | 2026-02-24T20:03:23Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2022-43178 |
7.5 (3.1)
|
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo … | cleo | 2022-11-09T20:15:10+00:00 | 2025-04-09T17:27:24.793038+00:00 |
| pysec-2022-43177 |
9.8 (3.1)
|
Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40… | azure-cli | 2022-10-25T17:15:56+00:00 | 2025-04-09T17:27:24.642962+00:00 |
| pysec-2024-244 |
7.5 (3.1)
|
A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a by… | mlflow | 2024-05-16T09:15:14+00:00 | 2025-04-08T10:23:25.092581+00:00 |
| pysec-2024-243 |
9.3 (3.1)
|
mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs… | mlflow | 2024-04-16T00:15:12+00:00 | 2025-04-08T10:23:25.044416+00:00 |
| pysec-2024-242 |
7.5 (3.1)
|
A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically … | mlflow | 2024-06-06T19:15:55+00:00 | 2025-04-08T10:23:24.995743+00:00 |
| pysec-2024-241 |
9.6 (3.1)
|
Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untru… | mlflow | 2024-02-23T22:15:55+00:00 | 2025-04-08T10:23:24.946136+00:00 |
| pysec-2024-240 |
9.6 (3.1)
|
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This … | mlflow | 2024-02-23T22:15:55+00:00 | 2025-04-08T10:23:24.900947+00:00 |
| pysec-2024-239 |
8.8 (3.1)
|
A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to im… | mlflow | 2024-06-06T19:15:51+00:00 | 2025-04-08T10:23:24.852109+00:00 |
| pysec-2025-12 |
|
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2025-01-21T15:15:13+00:00 | 2025-04-08T10:23:23.899726+00:00 |
| pysec-2024-238 |
|
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2024-11-06T15:15:11+00:00 | 2025-04-08T10:23:23.857960+00:00 |
| pysec-2025-11 |
5.9 (3.1)
|
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index reposi… | llama-index | 2025-03-20T10:15:31+00:00 | 2025-04-01T23:22:47.294256+00:00 |
| pysec-2025-10 |
9.1 (3.1)
|
A vulnerability in the `download_model` function of the onnx/onnx framework, before and i… | onnx | 2025-03-20T10:15:37+00:00 | 2025-03-26T19:21:38.843396+00:00 |
| pysec-2025-9 |
|
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through… | invokeai | 2025-03-20T10:15:26+00:00 | 2025-03-20T11:21:37.872971+00:00 |
| pysec-2025-8 |
|
The `pygments-style-solarized` project was removed from PyPI by its owner on 2021-08-26. … | pygments-style-solarized | 2025-03-17T16:35:37+00:00 | |
| pysec-2024-237 |
9.4 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio… | octoprint | 2024-05-14T16:17:12+00:00 | 2025-03-05T17:22:29.121263+00:00 |
| pysec-2024-236 |
6.1 (3.1)
|
Jupyter Server Proxy allows users to run arbitrary external processes alongside their not… | jupyter-server-proxy | 2024-06-11T22:15:09+00:00 | 2025-02-26T23:22:41.524251+00:00 |
| pysec-2025-7 |
|
Published in 2021, the imblog package is a Python library that scrapes data from a blog p… | imblog | 2025-02-26T21:19:19+00:00 | |
| pysec-2025-6 |
|
Published in 2021, the colabrun package is a Python library that exfiltrates user cookies… | colabrun | 2025-02-26T20:59:48+00:00 | |
| pysec-2025-5 |
|
Published in 2020, the autodzee package is a Python library that bypasses Deezer API rest… | browsercmdhbt2 | 2025-02-26T20:57:11+00:00 | |
| pysec-2025-3 |
|
Published in 2019, the autodzee package is a Python library that bypasses Deezer API rest… | autodzee | 2025-02-26T20:54:20+00:00 | |
| pysec-2025-4 |
|
Published in 2019, the automslc package is a Python library that bypasses Deezer API rest… | automslc | 2025-02-26T19:26:49+00:00 | |
| pysec-2024-235 |
8.1 (3.1)
|
With the following crawler configuration: ```python from bs4 import BeautifulSoup as Sou… | langchain-exa | 2024-02-26T16:27:49+00:00 | 2025-02-26T02:48:56.937312+00:00 |
| pysec-2023-194 |
9.8 (3.1)
|
langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and exe… | langchain-experimental | 2023-10-09T20:15:00Z | 2025-02-23T07:46:11Z |
| pysec-2024-234 |
9.8 (3.1)
|
Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jup… | jupyter-server-proxy | 2024-03-20T20:15:08+00:00 | 2025-02-21T18:23:35.992501+00:00 |
| pysec-2023-163 |
9.8 (3.1)
|
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary… | numexpr | 2023-09-01T16:15:00Z | 2025-02-20T09:11:38.521949Z |
| pysec-2024-233 |
|
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consump… | python-jose | 2024-04-26T00:15:09+00:00 | 2025-02-18T19:20:15.511369+00:00 |
| pysec-2024-232 |
|
python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key f… | python-jose | 2024-04-26T00:15:09+00:00 | 2025-02-18T19:20:15.468012+00:00 |
| pysec-2024-231 |
8.1 (3.1)
|
LightGBM Remote Code Execution Vulnerability | lightgbm | 2024-11-12T18:15:28+00:00 | 2025-02-15T07:20:34.246161+00:00 |
| pysec-2024-230 |
7.5 (3.1)
|
Certifi is a curated collection of Root Certificates for validating the trustworthiness o… | certifi | 2024-07-05T19:15:10+00:00 | 2025-02-12T21:21:51.559667+00:00 |
| pysec-2024-229 |
8.8 (3.1)
|
Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execut… | transformers | 2024-11-22T22:15:07+00:00 | 2025-02-10T23:22:41.499413+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-4292 | A vulnerability classified as critical has been found in Contemporary Controls BASrouter … | 2024-04-28T05:02:06.073286Z |
| gsd-2024-4295 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:06.068263Z |
| gsd-2024-4291 | A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as cri… | 2024-04-28T05:02:06.058388Z |
| gsd-2024-4293 | A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Mana… | 2024-04-28T05:02:06.052534Z |
| gsd-2023-52722 | An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER … | 2024-04-28T05:01:28.746814Z |
| gsd-2022-48685 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:00:27.870720Z |
| gsd-2022-48684 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:00:27.715598Z |
| gsd-2024-24777 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:24.547536Z |
| gsd-2024-28875 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:20.401696Z |
| gsd-2024-33786 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.606155Z |
| gsd-2024-33697 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-27T05:02:18.598872Z |
| gsd-2024-33722 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.598142Z |
| gsd-2024-33784 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.595808Z |
| gsd-2024-33788 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.591276Z |
| gsd-2024-33814 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.590797Z |
| gsd-2024-33701 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.589032Z |
| gsd-2024-33776 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.587852Z |
| gsd-2024-33712 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.587066Z |
| gsd-2024-33840 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.586722Z |
| gsd-2024-33838 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.585807Z |
| gsd-2024-33749 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.584613Z |
| gsd-2024-33839 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.579161Z |
| gsd-2024-33733 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.577869Z |
| gsd-2024-33845 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.569462Z |
| gsd-2024-33741 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.568527Z |
| gsd-2024-33738 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.562140Z |
| gsd-2024-33822 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.561810Z |
| gsd-2024-33773 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.560326Z |
| gsd-2024-33769 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.558897Z |
| gsd-2024-33794 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.557396Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-959 | Malicious code in format-defaults (npm) | 2026-02-20T16:56:12Z | 2026-02-23T04:21:33Z |
| mal-2026-908 | Malicious code in hops-preset-jest (npm) | 2026-02-15T15:57:34Z | 2026-02-23T04:21:33Z |
| mal-2026-895 | Malicious code in json-mapping-src (npm) | 2026-02-13T17:34:17Z | 2026-02-23T04:21:33Z |
| mal-2026-884 | Malicious code in hxz-protection (npm) | 2026-02-13T13:57:39Z | 2026-02-23T04:21:33Z |
| mal-2026-834 | Malicious code in graphflowx (npm) | 2026-02-10T15:46:43Z | 2026-02-23T04:21:33Z |
| mal-2026-821 | Malicious code in jwtdotenv (npm) | 2026-02-09T17:27:19Z | 2026-02-23T04:21:33Z |
| mal-2026-820 | Malicious code in json-web-sources (npm) | 2026-02-09T17:25:32Z | 2026-02-23T04:21:33Z |
| mal-2026-819 | Malicious code in json-mapping-sources (npm) | 2026-02-09T17:25:32Z | 2026-02-23T04:21:33Z |
| mal-2026-986 | Malicious code in en-thrift-internal (npm) | 2026-02-22T21:50:01Z | 2026-02-23T04:21:32Z |
| mal-2026-985 | Malicious code in conduit-utils (npm) | 2026-02-22T20:45:43Z | 2026-02-23T04:21:32Z |
| mal-2026-981 | Malicious code in dt-fe-t2d-marketplace (npm) | 2026-02-22T07:22:23Z | 2026-02-23T04:21:32Z |
| mal-2026-958 | Malicious code in ethres (npm) | 2026-02-20T16:59:54Z | 2026-02-23T04:21:32Z |
| mal-2026-957 | Malicious code in detect-cache (npm) | 2026-02-20T16:59:55Z | 2026-02-23T04:21:32Z |
| mal-2026-956 | Malicious code in crypto-reader-info (npm) | 2026-02-20T16:56:12Z | 2026-02-23T04:21:32Z |
| mal-2026-955 | Malicious code in crypto-locale (npm) | 2026-02-20T16:59:55Z | 2026-02-23T04:21:32Z |
| mal-2026-954 | Malicious code in cloude-code (npm) | 2026-02-20T16:56:11Z | 2026-02-23T04:21:32Z |
| mal-2026-953 | Malicious code in cloude (npm) | 2026-02-20T16:56:11Z | 2026-02-23T04:21:32Z |
| mal-2026-952 | Malicious code in claud-code (npm) | 2026-02-20T16:56:11Z | 2026-02-23T04:21:32Z |
| mal-2026-943 | Malicious code in ethereums-lint (npm) | 2026-02-15T16:24:02Z | 2026-02-23T04:21:32Z |
| mal-2026-942 | Malicious code in ethereum-lint (npm) | 2026-02-15T16:20:05Z | 2026-02-23T04:21:32Z |
| mal-2026-941 | Malicious code in ether-lint (npm) | 2026-02-12T16:02:40Z | 2026-02-23T04:21:32Z |
| mal-2026-922 | Malicious code in compass-e2e-tests (npm) | 2026-02-16T19:55:51Z | 2026-02-23T04:21:32Z |
| mal-2026-883 | Malicious code in ecosystem_ui (npm) | 2026-02-13T14:01:24Z | 2026-02-23T04:21:32Z |
| mal-2026-882 | Malicious code in despicable-me (npm) | 2026-02-13T13:50:54Z | 2026-02-23T04:21:32Z |
| mal-2026-881 | Malicious code in contosoapp (npm) | 2026-02-13T14:01:25Z | 2026-02-23T04:21:32Z |
| mal-2026-880 | Malicious code in console-style-pro0o0o0o (npm) | 2026-02-13T13:50:54Z | 2026-02-23T04:21:32Z |
| mal-2026-879 | Malicious code in codexworld (npm) | 2026-02-13T14:01:25Z | 2026-02-23T04:21:32Z |
| mal-2026-871 | Malicious code in envoy1 (npm) | 2026-02-12T16:50:57Z | 2026-02-23T04:21:32Z |
| mal-2026-861 | Malicious code in express-gueues (npm) | 2026-02-11T16:43:01Z | 2026-02-23T04:21:32Z |
| mal-2026-856 | Malicious code in chai-prop (npm) | 2026-02-11T14:19:52Z | 2026-02-23T04:21:32Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-node-2024-21896 | 2024-06-04T09:50:22.403Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-21892 | 2024-05-24T07:27:13.552Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-21891 | 2024-06-04T09:50:51.602Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-21890 | 2024-06-04T09:51:05.804Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2023-44487 | 2024-03-06T10:58:56.877Z | 2026-02-11T09:09:18.507Z | |
| bit-nginx-2023-44487 | 2024-03-06T10:58:49.980Z | 2026-02-11T09:09:18.507Z | |
| bit-mlflow-2024-27133 | Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. | 2024-03-31T18:21:40.530Z | 2026-02-11T09:09:18.507Z |
| bit-mlflow-2024-27132 | Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. | 2024-03-31T18:21:50.638Z | 2026-02-11T09:09:18.507Z |
| bit-memcached-2021-37519 | 2024-11-08T19:14:19.674Z | 2026-02-11T09:09:18.507Z | |
| bit-mariadb-2024-21096 | 2024-10-05T07:09:39.139Z | 2026-02-11T09:09:18.507Z | |
| bit-mariadb-2023-22084 | 2024-10-05T07:10:03.039Z | 2026-02-11T09:09:18.507Z | |
| bit-mariadb-2022-21595 | 2024-03-06T11:02:57.167Z | 2026-02-11T09:09:18.507Z | |
| bit-mariadb-2022-21451 | 2024-03-06T11:03:07.365Z | 2026-02-11T09:09:18.507Z | |
| bit-mariadb-2022-21427 | 2024-03-06T11:03:19.770Z | 2026-02-11T09:09:18.507Z | |
| bit-libpython-2025-8194 | Tarfile infinite loop during parsing with negative member offset | 2025-08-11T15:33:34.813Z | 2026-02-11T09:09:18.507Z |
| bit-libpython-2024-50602 | 2025-08-11T13:52:47.408Z | 2026-02-11T09:09:18.507Z | |
| bit-libpython-2022-45061 | 2025-08-11T13:52:09.011Z | 2026-02-11T09:09:18.507Z | |
| bit-libphp-2022-4900 | Potential buffer overflow in php_cli_server_startup_workers | 2025-08-11T13:53:48.387Z | 2026-02-11T09:09:18.507Z |
| bit-keydb-2025-21605 | Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client | 2025-04-25T07:14:30.296Z | 2026-02-11T09:09:18.507Z |
| bit-keydb-2024-51741 | Redis allows denial-of-service due to malformed ACL selectors | 2025-01-08T07:13:13.917Z | 2026-02-11T09:09:18.507Z |
| bit-keydb-2024-46981 | Redis' Lua library commands may lead to remote code execution | 2025-01-08T07:13:21.212Z | 2026-02-11T09:09:18.507Z |
| bit-jenkins-2023-44487 | 2024-03-06T10:54:03.578Z | 2026-02-11T09:09:18.507Z | |
| bit-grafana-2024-10452 | 2024-10-31T07:09:47.399Z | 2026-02-11T09:09:18.507Z | |
| bit-golang-2025-68121 | Unexpected session resumption in crypto/tls | 2026-02-10T10:05:16.474Z | 2026-02-11T09:09:18.507Z |
| bit-golang-2023-44487 | 2024-03-06T10:53:14.274Z | 2026-02-11T09:09:18.507Z | |
| bit-envoy-2023-44487 | 2024-03-06T10:52:27.702Z | 2026-02-11T09:09:18.507Z | |
| bit-dotnet-2023-44487 | 2024-03-06T10:52:07.879Z | 2026-02-11T09:09:18.507Z | |
| bit-django-2024-27351 | 2024-07-02T07:16:49.319Z | 2026-02-11T09:09:18.507Z | |
| bit-contour-2023-44487 | 2024-03-06T10:50:58.800Z | 2026-02-11T09:09:18.507Z | |
| bit-apisix-2023-44487 | 2024-03-06T10:50:34.863Z | 2026-02-11T09:09:18.507Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-rt10702 | Within HostnameError | 2026-01-30T16:30:25.697056Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rq53330 | Within HostnameError | 2026-01-30T15:17:53.658995Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rl45001 | tar | 2026-01-30T15:01:22.967754Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rj88561 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:03:53.732429Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rd08428 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:17:23.554517Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rb28539 | Within HostnameError | 2026-01-30T14:43:52.571458Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-qw16951 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:48:54.464404Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-qk01721 | go-redis is the official Redis client library for the Go programming language | 2026-01-30T15:32:54.211133Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-qj89068 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:34:54.378061Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-qe58701 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T16:22:55.193625Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-qd78411 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T16:36:25.408698Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pz62650 | Cancelling a query (e | 2026-01-30T16:41:55.453512Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-py85990 | tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing | 2026-01-30T14:07:50.722290Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pt11267 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T16:22:25.604414Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-po40318 | go-redis is the official Redis client library for the Go programming language | 2026-01-30T15:31:53.772564Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pk92575 | ParseAddress function constructs domain-literal address components through repeated string concatenation | 2026-01-30T14:35:52.456913Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pk62208 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T16:20:55.127319Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ph90623 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:49:52.682724Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pg91940 | net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines | 2026-01-30T15:31:24.365282Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pd17156 | Cancelling a query (e | 2026-01-30T15:00:22.872625Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pc16040 | Within HostnameError | 2026-01-30T15:37:23.991168Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pb78859 | ParseAddress function constructs domain-literal address components through repeated string concatenation | 2026-01-30T17:25:56.763674Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oo42606 | Cancelling a query (e | 2026-01-30T15:00:52.876848Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oo14630 | tar | 2026-01-30T14:47:23.043882Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-on38469 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T16:37:25.667594Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ol60454 | Within HostnameError | 2026-01-30T14:52:23.086717Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ol25917 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:44:22.881508Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ok45738 | Within HostnameError | 2026-01-30T15:45:53.967263Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oj41940 | net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines | 2026-01-30T15:13:53.428815Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oj15484 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T16:37:55.388839Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2025-054 | 2025-05-07T17:07:32.000Z | 2025-05-07T17:16:32.000Z | |
| drupal-contrib-2025-053 | 2025-05-07T17:07:22.000Z | 2025-05-07T17:16:27.000Z | |
| drupal-contrib-2025-052 | 2025-05-07T17:07:14.000Z | 2025-05-07T17:16:21.000Z | |
| drupal-contrib-2025-047 | 2025-05-07T17:06:16.000Z | 2025-05-07T17:06:16.000Z | |
| drupal-contrib-2025-033 | 2025-04-09T17:04:56.000Z | 2025-04-29T07:18:22.000Z | |
| drupal-contrib-2025-046 | 2025-04-23T16:59:33.000Z | 2025-04-23T16:59:33.000Z | |
| drupal-contrib-2025-045 | 2025-04-23T16:59:19.000Z | 2025-04-23T16:59:19.000Z | |
| drupal-contrib-2025-044 | 2025-04-23T16:59:11.000Z | 2025-04-23T16:59:11.000Z | |
| drupal-contrib-2025-043 | 2025-04-23T16:59:01.000Z | 2025-04-23T16:59:01.000Z | |
| drupal-contrib-2025-042 | 2025-04-23T16:58:51.000Z | 2025-04-23T16:58:51.000Z | |
| drupal-contrib-2025-040 | 2025-04-16T16:26:13.000Z | 2025-04-16T16:26:13.000Z | |
| drupal-contrib-2025-039 | 2025-04-16T16:25:56.000Z | 2025-04-16T16:25:56.000Z | |
| drupal-contrib-2025-038 | 2025-04-16T16:25:45.000Z | 2025-04-16T16:25:45.000Z | |
| drupal-contrib-2025-037 | 2025-04-16T16:25:35.000Z | 2025-04-16T16:25:35.000Z | |
| drupal-contrib-2025-036 | 2025-04-16T16:25:27.000Z | 2025-04-16T16:25:27.000Z | |
| drupal-contrib-2025-035 | 2025-04-16T16:25:12.000Z | 2025-04-16T16:25:12.000Z | |
| drupal-contrib-2025-031 | 2025-04-09T17:04:15.000Z | 2025-04-10T16:01:51.000Z | |
| drupal-contrib-2025-032 | 2025-04-09T17:04:46.000Z | 2025-04-09T17:04:46.000Z | |
| drupal-contrib-2025-030 | 2025-04-09T17:04:09.000Z | 2025-04-09T17:04:09.000Z | |
| drupal-contrib-2025-029 | 2025-04-02T17:03:15.000Z | 2025-04-02T17:03:15.000Z | |
| drupal-contrib-2025-028 | 2025-04-02T17:02:32.000Z | 2025-04-02T17:02:32.000Z | |
| drupal-contrib-2025-027 | 2025-04-02T17:01:45.000Z | 2025-04-02T17:01:45.000Z | |
| drupal-contrib-2025-010 | 2025-01-29T16:57:22.000Z | 2025-03-31T22:23:22.000Z | |
| drupal-contrib-2025-006 | 2025-01-22T17:00:11.000Z | 2025-03-31T22:23:16.000Z | |
| drupal-contrib-2025-005 | 2025-01-22T16:59:00.000Z | 2025-03-31T22:23:08.000Z | |
| drupal-contrib-2025-002 | 2025-01-08T17:54:04.000Z | 2025-03-31T22:22:59.000Z | |
| drupal-contrib-2025-026 | 2025-03-19T18:53:42.000Z | 2025-03-31T22:07:23.000Z | |
| drupal-contrib-2025-025 | 2025-03-19T18:53:23.000Z | 2025-03-31T22:07:15.000Z | |
| drupal-contrib-2025-024 | 2025-03-19T18:52:53.000Z | 2025-03-31T22:07:08.000Z | |
| drupal-contrib-2025-023 | 2025-03-05T18:17:14.000Z | 2025-03-31T22:06:55.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000089 | Installer of AutoDownloader may insecurely load Dynamic Link Libraries | 2025-10-17T13:38+09:00 | 2025-10-17T13:38+09:00 |
| jvndb-2025-000074 | Multiple vulnerabilities in desknet's NEO | 2025-10-16T17:30+09:00 | 2025-10-16T17:30+09:00 |
| jvndb-2025-000076 | Multiple vulnerabilities in ChatLuck | 2025-10-16T17:17+09:00 | 2025-10-16T17:17+09:00 |
| jvndb-2025-000087 | Ruijie Networks RG-EST300 undocumented SSH functionality | 2025-10-16T14:19+09:00 | 2025-10-16T14:19+09:00 |
| jvndb-2025-016124 | Buffalo Wi-Fi router WXR9300BE6P series vulnerable to path traversal | 2025-10-16T11:16+09:00 | 2025-10-16T11:16+09:00 |
| jvndb-2025-000085 | Multiple RSUPPORT products may insecurely load Dynamic Link Libraries | 2025-10-15T15:55+09:00 | 2025-10-15T15:55+09:00 |
| jvndb-2025-000086 | Phoenix Contact CHARX SEC-3xxx vulnerable to code injection | 2025-10-15T15:54+09:00 | 2025-10-15T15:54+09:00 |
| jvndb-2025-000083 | BUFFALO NAS Navigator2 registers a Windows service with an unquoted file path | 2025-10-10T13:56+09:00 | 2025-10-10T13:56+09:00 |
| jvndb-2025-015451 | Multiple vulnerabilities in FUJI Electric V-SFT | 2025-10-09T13:39+09:00 | 2025-10-09T13:39+09:00 |
| jvndb-2025-000081 | DataSpider Servista improper restriction of XML external entity references | 2025-09-29T14:44+09:00 | 2025-10-07T16:54+09:00 |
| jvndb-2025-000082 | The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries | 2025-10-06T15:38+09:00 | 2025-10-06T15:38+09:00 |
| jvndb-2025-015061 | Trend Micro Antivirus for Mac vulnerable to Local Privilege Escalation | 2025-10-06T13:52+09:00 | 2025-10-06T13:52+09:00 |
| jvndb-2025-000044 | Denial-of-service (DoS) vulnerabilities in multiple Apache products | 2025-06-26T14:41+09:00 | 2025-10-01T14:18+09:00 |
| jvndb-2025-014642 | Multiple vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers | 2025-09-30T11:50+09:00 | 2025-09-30T11:50+09:00 |
| jvndb-2025-000066 | Improper file access permission settings in multiple i-FILTER products | 2025-08-27T19:50+09:00 | 2025-09-29T13:45+09:00 |
| jvndb-2025-000077 | RICOH Streamline NX vulnerable to tampering with operation history | 2025-09-08T13:42+09:00 | 2025-09-24T16:53+09:00 |
| jvndb-2025-007519 | Multiple vulnerabilities in multiple BROTHER products | 2025-06-26T18:15+09:00 | 2025-09-22T10:16+09:00 |
| jvndb-2025-014105 | OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path | 2025-09-19T16:21+09:00 | 2025-09-19T16:21+09:00 |
| jvndb-2025-014104 | Multiple vulnerabilities in I-O DATA wireless LAN routers | 2025-09-19T14:58+09:00 | 2025-09-19T14:58+09:00 |
| jvndb-2025-014081 | Multiple Brother and its OEM products with weak initial administrator passwords | 2025-09-19T10:52+09:00 | 2025-09-19T10:52+09:00 |
| jvndb-2025-000079 | UNIVERGE IX/IX-R/IX-V series routers provided by NEC Corporation vulnerable to cross-site scripting | 2025-09-18T17:43+09:00 | 2025-09-18T17:43+09:00 |
| jvndb-2025-000078 | Century HW RAID Manager registers a Windows service with an unquoted file path | 2025-09-17T13:45+09:00 | 2025-09-17T13:45+09:00 |
| jvndb-2025-000048 | WTW-EAGLE App vulnerable to improper server certificate validation | 2025-09-12T13:57+09:00 | 2025-09-12T13:57+09:00 |
| jvndb-2025-000070 | "Gunosy" App vulnerable to insertion of sensitive information into sent data | 2025-09-02T14:20+09:00 | 2025-09-09T09:51+09:00 |
| jvndb-2025-000072 | Obsidian GitHub Copilot Plugin stores sensitive information in cleartext | 2025-09-05T16:52+09:00 | 2025-09-05T16:52+09:00 |
| jvndb-2025-000073 | RATOC RAID Monitoring Manager for Windows registers a Windows service with an unquoted file path | 2025-09-05T16:20+09:00 | 2025-09-05T16:20+09:00 |
| jvndb-2025-000071 | "Yahoo! Shopping" App for Android fails to restrict custom URL schemes properly | 2025-09-05T15:12+09:00 | 2025-09-05T15:12+09:00 |
| jvndb-2025-000075 | Multiple vulnerabilities in TkEasyGUI | 2025-09-05T14:53+09:00 | 2025-09-05T14:53+09:00 |
| jvndb-2025-000069 | Web Caster V130 vulnerable to cross-site request forgery | 2025-09-03T14:23+09:00 | 2025-09-03T14:23+09:00 |
| jvndb-2025-000068 | Seiko Solutions SkyBridge BASIC MB-A130 vulnerable to OS command injection | 2025-09-01T16:21+09:00 | 2025-09-01T16:21+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-10324 | Google Pixel cn_NrmmDecoder.cpp文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10323 | Google Pixel gxp_buffer.h文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10322 | Google Pixel ss_LcsManagement.c文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10321 | Google Pixel代码执行漏洞(CNVD-2026-1032114) | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10358 | Digilent DASYLab越界写入漏洞(CNVD-2026-10358) | 2025-09-04 | 2026-02-05 |
| cnvd-2026-10357 | Digilent DASYLab越界写入漏洞 | 2025-09-04 | 2026-02-05 |
| cnvd-2026-10356 | TOTOLINK X6000R命令注入漏洞(CNVD-2026-10356) | 2026-02-05 | 2026-02-05 |
| cnvd-2026-10355 | D-Link DIR-860L命令注入漏洞 | 2025-08-26 | 2026-02-05 |
| cnvd-2026-10343 | D-Link DAP-1325访问控制错误漏洞 | 2025-12-25 | 2026-02-05 |
| cnvd-2026-10318 | Tenda AX1806 fromSetSysTime函数堆栈溢出漏洞 | 2026-01-30 | 2026-02-05 |
| cnvd-2026-10317 | Oracle MySQL Server存在未明漏洞(CNVD-2026-10317) | 2026-01-30 | 2026-02-05 |
| cnvd-2026-10316 | Tenda AX1806 deviceList参数堆栈溢出漏洞 | 2026-01-30 | 2026-02-05 |
| cnvd-2026-10313 | Oracle MySQL Server存在未明漏洞(CNVD-2026-10313) | 2026-01-30 | 2026-02-05 |
| cnvd-2026-10312 | Oracle MySQL Server存在未明漏洞(CNVD-2026-10312) | 2026-01-30 | 2026-02-05 |
| cnvd-2026-09798 | Apache NiFi代码问题漏洞(CNVD-2026-09798) | 2026-01-14 | 2026-02-04 |
| cnvd-2026-09797 | Apache SIS XML外部实体注入漏洞 | 2026-01-15 | 2026-02-04 |
| cnvd-2026-09795 | Apache NimBLE代码问题漏洞 | 2026-01-19 | 2026-02-04 |
| cnvd-2026-09634 | MedDream PACS Premium notifynewstudy功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09633 | MedDream PACS Premium modifyTranscript功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09632 | MedDream PACS Premium modifyRoute功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09631 | MedDream PACS Premium modifyHL7Route功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09629 | MedDream PACS Premium modifyEmail功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09628 | MedDream PACS Premium modifyCoercion功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09627 | MedDream PACS Premium modifyAutopurgeFilter功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09626 | MedDream PACS Premium modifyAeTitle功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09625 | MedDream PACS Premium ldapUser功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09624 | MedDream PACS Premium fetchPriorStudies功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09630 | MedDream PACS Premium modifyHL7App功能跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09623 | MedDream PACS Premium existingUser功能跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09622 | MedDream PACS Premium encapsulatedDoc功能跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2025-15785 | Уязвимость компонента imxfb ядра операционной системы Linux, позволяющая нарушителю вызва… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15782 | Уязвимость компонента cpcap-charger ядра операционной системы Linux, позволяющая нарушите… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15781 | Уязвимость компонента davinci ядра операционной системы Linux, позволяющая нарушителю выз… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15780 | Уязвимость компонента net/netfilter/xt_nfacct.c ядра операционной системы Linux, позволяю… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15779 | Уязвимость компонента net/mac80211/tdls.c ядра операционной системы Linux, позволяющая на… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15778 | Уязвимость компонента net/mlx5 ядра операционной системы Linux, позволяющая нарушителю вы… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15776 | Уязвимость компонента fs/f2fs/f2fs.h ядра операционной системы Linux, позволяющая нарушит… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15773 | Уязвимость компонента ice/ice_ddp.c ядра операционной системы Linux, позволяющая нарушите… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15772 | Уязвимость компонента netlink ядра операционной системы Linux, позволяющая нарушителю выз… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15771 | Уязвимость компонента drivers/regulator/core.c ядра операционной системы Linux, позволяющ… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15770 | Уязвимость компонента arm64/entry ядра операционной системы Linux, позволяющая нарушителю… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15769 | Уязвимость компонента drivers/i2c/busses/i2c-qup.c ядра операционной системы Linux, позво… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15767 | Уязвимость ядра операционной системы Linux, связанная с чтением за границами буфера памят… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15766 | Уязвимость компонента venus ядра операционной системы Linux, позволяющая нарушителю вызва… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15765 | Уязвимость компонента uvcvideo ядра операционной системы Linux, позволяющая нарушителю вы… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15764 | Уязвимость компонента mm/ptdump ядра операционной системы Linux, позволяющая нарушителю в… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15763 | Уязвимость компонента hv_netvsc ядра операционной системы Linux, позволяющая нарушителю в… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15762 | Уязвимость компонента net/sched ядра операционной системы Linux, позволяющая нарушителю в… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15761 | Уязвимость компонента media ядра операционной системы Linux, позволяющая нарушителю вызва… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15760 | Уязвимость компонента media/dvb-frontends/dib7000p.c ядра операционной системы Linux, поз… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15759 | Уязвимость компонента lpfc/lpfc_scsi.c ядра операционной системы Linux, позволяющая наруш… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15758 | Уязвимость компонента mips/kernel/process.c ядра операционной системы Linux, позволяющая … | 15.12.2025 | 16.02.2026 |
| bdu:2025-15757 | Уязвимость компонента jfs/jfs_dmap.c ядра операционной системы Linux, позволяющая нарушит… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15756 | Уязвимость компонента scsi/bfa/bfad_im.c ядра операционной системы Linux, позволяющая нар… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15755 | Уязвимость компонента scsi/libiscsi.c ядра операционной системы Linux, позволяющая наруши… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15753 | Уязвимость компонента sound/soc/soc-core.c ядра операционной системы Linux, позволяющая н… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15752 | Уязвимость компонента fs/hfsplus/xattr.c ядра операционной системы Linux, позволяющая нар… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15751 | Уязвимость компонента fs/hfs/bnode.c ядра операционной системы Linux, позволяющая нарушит… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15750 | Уязвимость компонента nf_conntrack_netlink.c ядра операционной системы Linux, позволяющая… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15749 | Уязвимость компонента fs/nfsd/nfs4state.c ядра операционной системы Linux, позволяющая на… | 15.12.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0115 | Multiples vulnérabilités dans Tenable Identity Exposure | 2026-02-04T00:00:00.000000 | 2026-02-04T00:00:00.000000 |
| certfr-2026-avi-0114 | Multiples vulnérabilités dans Google Chrome | 2026-02-04T00:00:00.000000 | 2026-02-04T00:00:00.000000 |
| certfr-2026-avi-0113 | Vulnérabilité dans Google Pixel | 2026-02-04T00:00:00.000000 | 2026-02-04T00:00:00.000000 |
| certfr-2026-avi-0112 | Multiples vulnérabilités dans les produits VMware | 2026-02-02T00:00:00.000000 | 2026-02-02T00:00:00.000000 |
| certfr-2026-avi-0111 | Vulnérabilité dans ESET Inspect Connector | 2026-02-02T00:00:00.000000 | 2026-02-02T00:00:00.000000 |
| certfr-2026-avi-0110 | Multiples vulnérabilités Ivanti Endpoint Manager Mobile (EPMM) | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0109 | Multiples vulnérabilités dans les produits IBM | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0108 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0107 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0106 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0105 | Vulnérabilité dans Microsoft Edge | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0104 | Vulnérabilité dans Qnap QTS | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0103 | Multiples vulnérabilités dans Node.js | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0102 | Vulnérabilité dans Splunk Enterprise | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0101 | Multiples vulnérabilités dans les produits Siemens | 2026-01-29T00:00:00.000000 | 2026-01-29T00:00:00.000000 |
| certfr-2026-avi-0100 | Multiples vulnérabilités dans les produits WithSecure | 2026-01-29T00:00:00.000000 | 2026-01-29T00:00:00.000000 |
| certfr-2026-avi-0099 | Multiples vulnérabilités dans SolarWinds Web Help Desk | 2026-01-28T00:00:00.000000 | 2026-01-29T00:00:00.000000 |
| certfr-2026-avi-0098 | Vulnérabilité dans les produits Symfony | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0097 | Vulnérabilité dans les produits Fortinet | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0096 | Multiples vulnérabilités dans OpenSSL | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0095 | Multiples vulnérabilités dans les produits Mozilla | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0094 | Multiples vulnérabilités dans HPE Aruba Networking Fabric Composer | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0093 | Multiples vulnérabilités dans Tenable Network Monitor | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0092 | Vulnérabilité dans Google Chrome | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2025-avi-0618 | Multiples vulnérabilités dans les produits Mitel | 2025-07-24T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0091 | Multiples vulnérabilités dans Xen | 2026-01-27T00:00:00.000000 | 2026-01-27T00:00:00.000000 |
| certfr-2026-avi-0090 | Multiples vulnérabilités dans Citrix XenServer | 2026-01-27T00:00:00.000000 | 2026-01-27T00:00:00.000000 |
| certfr-2026-avi-0089 | Vulnérabilité dans Microsoft Office | 2026-01-27T00:00:00.000000 | 2026-01-27T00:00:00.000000 |
| certfr-2026-avi-0088 | Vulnérabilité dans MariaDB | 2026-01-27T00:00:00.000000 | 2026-01-27T00:00:00.000000 |
| certfr-2026-avi-0087 | Vulnérabilité dans les produits Belden | 2026-01-26T00:00:00.000000 | 2026-01-26T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2020-ale-016 | Vulnérabilité dans Microsoft Domain Name System (DNS) Server | 2020-07-15T00:00:00.000000 | 2020-10-12T00:00:00.000000 |
| certfr-2020-ale-015 | Vulnérabilité dans F5 BIG-IP | 2020-07-05T00:00:00.000000 | 2020-09-15T00:00:00.000000 |
| certfr-2020-ale-014 | Vulnérabilité dans Palo Alto Networks PAN-OS | 2020-07-03T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-012 | Multiples vulnérabilités dans SaltStack | 2020-05-04T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-008 | Vulnérabilité dans l'implémentation du protocole SMB par Microsoft | 2020-03-11T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-002 | Vulnérabilité dans les produits Citrix ADC et Citrix Gateway | 2020-01-09T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-013 | Multiples vulnérabilités dans Microsoft Windows | 2020-07-01T00:00:00.000000 | 2020-07-05T00:00:00.000000 |
| certfr-2020-ale-011 | Multiples vulnérabilités dans les produits Microsoft qui utilisent la bibliothèque Autodesk FBX | 2020-04-22T00:00:00.000000 | 2020-06-23T00:00:00.000000 |
| certfr-2020-ale-009 | Multiples vulnérabilités dans Microsoft Windows | 2020-03-24T00:00:00.000000 | 2020-06-23T00:00:00.000000 |
| certfr-2020-ale-010 | Multiples vulnérabilités dans Mozilla Firefox | 2020-04-06T00:00:00.000000 | 2020-05-05T00:00:00.000000 |
| certfr-2020-ale-007 | Vulnérabilité dans Microsoft Exchange Server | 2020-02-27T00:00:00.000000 | 2020-05-05T00:00:00.000000 |
| certfr-2020-ale-001 | Multiples vulnérabilités dans les produits de Pulse Secure | 2020-01-09T00:00:00.000000 | 2020-05-05T00:00:00.000000 |
| certfr-2020-ale-006 | Vulnérabilité dans Microsoft Internet Explorer | 2020-01-20T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-ale-005 | Multiples vulnérabilités dans le serveur de passerelle RDP de Windows | 2020-01-14T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-ale-003 | Vulnérabilité dans les produits Mozilla | 2020-01-09T00:00:00.000000 | 2020-01-20T00:00:00.000000 |
| certfr-2020-ale-004 | Vulnérabilité dans Microsoft Windows | 2020-01-14T00:00:00.000000 | 2020-01-17T00:00:00.000000 |
| certfr-2019-ale-015 | Multiples vulnérabilités dans Google Chrome | 2019-11-04T00:00:00.000000 | 2020-01-08T00:00:00.000000 |
| certfr-2019-ale-014 | Vulnérabilité dans PHP | 2019-10-29T00:00:00.000000 | 2020-01-08T00:00:00.000000 |
| certfr-2019-ale-013 | Vulnérabilité dans Microsoft Internet Explorer | 2019-09-24T00:00:00.000000 | 2019-10-25T00:00:00.000000 |
| certfr-2019-ale-012 | Multiples vulnérabilités dans Microsoft Remote Desktop Services | 2019-08-14T00:00:00.000000 | 2019-10-25T00:00:00.000000 |
| certfr-2019-ale-006 | Vulnérabilité dans Microsoft Remote Desktop Services | 2019-05-22T00:00:00.000000 | 2019-10-25T00:00:00.000000 |
| certfr-2019-ale-011 | Vulnérabilité dans Oracle WebLogic | 2019-06-20T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-010 | Vulnérabilité dans Mozilla Firefox | 2019-06-20T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-009 | Vulnérabilité dans Exim | 2019-06-11T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-008 | Vulnérabilité dans Microsoft SharePoint Server | 2019-05-29T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-007 | Vulnérabilité dans le serveur DHCP de Windows | 2019-05-15T00:00:00.000000 | 2019-06-20T00:00:00.000000 |
| certfr-2019-ale-005 | Vulnérabilité dans Oracle WebLogic | 2019-04-26T00:00:00.000000 | 2019-06-20T00:00:00.000000 |
| certfr-2019-ale-003 | Campagnes de rançongiciels | 2019-01-31T00:00:00.000000 | 2019-06-20T00:00:00.000000 |
| certfr-2019-ale-004 | Multiples vulnérabilités dans Microsoft Edge et Internet Explorer | 2019-04-01T00:00:00.000000 | 2019-04-17T00:00:00.000000 |
| certfr-2019-ale-002 | Vulnérabilités affectant l'écosystème Microsoft Exchange et Active Directory | 2019-01-30T00:00:00.000000 | 2019-03-06T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2026-166 | Use-of-uninitialized-value in ntrip_parse_url | 2026-01-31T00:10:39.163525Z | 2026-01-31T00:10:39.163931Z |
| osv-2025-62 | UNKNOWN READ in RDKit::Dict::reset | 2025-01-27T00:01:51.692636Z | 2026-01-30T14:29:51.817835Z |
| osv-2024-838 | Bad-cast to RDKit::AtomRDKit::ROMol::initFromOther | 2024-08-16T00:03:32.029853Z | 2026-01-30T14:28:51.040311Z |
| osv-2022-1288 | Stack-buffer-overflow in bool SmilesParseOps::parser::parse_atom_props<std::__1::__wrap_iter<char const*> | 2024-11-04T00:16:22.516312Z | 2026-01-30T14:23:19.786593Z |
| osv-2022-675 | Heap-buffer-overflow in void RDKit::ParseV3000AtomProps<std::__1::vector<std::__1::basic_string_view<cha | 2022-08-06T00:00:51.363676Z | 2026-01-30T14:19:45.980447Z |
| osv-2025-312 | Heap-buffer-overflow in ZSTD_decompressMultiFrame | 2025-05-02T00:14:14.459388Z | 2026-01-29T14:23:29.688478Z |
| osv-2023-606 | Heap-buffer-overflow in ZSTD_decompressMultiFrame | 2023-07-23T14:01:02.159160Z | 2026-01-29T14:15:23.692004Z |
| osv-2023-1350 | Heap-buffer-overflow in inflate | 2023-12-23T00:12:38.562149Z | 2026-01-29T14:14:55.841286Z |
| osv-2023-319 | Heap-buffer-overflow in ZSTD_decompressSequencesLong_bmi2 | 2023-04-16T14:01:58.406534Z | 2026-01-29T14:14:53.604312Z |
| osv-2023-235 | Use-of-uninitialized-value in complexity_RC_reset_marking | 2023-03-26T13:00:16.681780Z | 2026-01-29T14:14:41.215909Z |
| osv-2023-234 | Use-of-uninitialized-value in ihevce_enc_frm_proc_slave_thrd | 2023-03-26T13:00:12.135289Z | 2026-01-29T14:14:40.129452Z |
| osv-2023-239 | Use-of-uninitialized-value in ihevce_strm_fill_done | 2023-03-26T13:02:03.445119Z | 2026-01-29T14:14:38.558891Z |
| osv-2022-776 | Heap-buffer-overflow in do_job | 2022-08-24T00:00:48.440951Z | 2026-01-29T14:13:36.232274Z |
| osv-2022-1134 | Heap-buffer-overflow in ndlz8_decompress | 2022-11-04T00:02:11.463429Z | 2026-01-29T14:10:23.427741Z |
| osv-2021-1070 | Heap-buffer-overflow in ZSTD_decompressBlock_internal | 2021-07-29T00:01:10.187569Z | 2026-01-29T14:10:02.243833Z |
| osv-2021-1672 | Heap-buffer-overflow in blosc_d | 2021-12-12T00:01:29.747137Z | 2026-01-29T14:09:48.329310Z |
| osv-2026-97 | Heap-buffer-overflow in vpx_wb_write_literal | 2026-01-21T00:09:09.897624Z | 2026-01-28T14:23:52.198239Z |
| osv-2026-156 | Segv on unknown address in aivdm_analyze | 2026-01-28T00:06:24.327227Z | 2026-01-28T00:06:24.327712Z |
| osv-2025-266 | Heap-buffer-overflow in lj_buf_ruleb128 | 2025-04-08T00:17:06.279554Z | 2026-01-27T14:24:04.437262Z |
| osv-2026-144 | Use-of-uninitialized-value in initFilter | 2026-01-26T00:05:57.473672Z | 2026-01-26T00:05:57.473958Z |
| osv-2026-141 | Segv on unknown address in yuv2rgb4_X_c | 2026-01-26T00:03:47.552290Z | 2026-01-26T00:03:47.552807Z |
| osv-2025-280 | Heap-buffer-overflow in Assimp::SceneCombiner::CopyScene | 2025-04-15T00:04:03.423453Z | 2026-01-25T14:19:05.873424Z |
| osv-2025-580 | UNKNOWN READ in signed char Assimp::StreamReader<false, false>::Get<signed char> | 2025-07-29T00:16:41.422221Z | 2026-01-25T14:18:57.285875Z |
| osv-2024-1220 | UNKNOWN READ in Assimp::NDOImporter::InternReadFile | 2024-10-14T00:17:45.088625Z | 2026-01-25T14:14:41.961973Z |
| osv-2023-869 | Heap-buffer-overflow in Assimp::MD5::MD5MeshParser::MD5MeshParser | 2023-09-17T14:01:25.028324Z | 2026-01-25T14:13:45.937535Z |
| osv-2026-136 | Memcpy-param-overlap in grk::memStreamRead | 2026-01-25T00:10:48.352834Z | 2026-01-25T00:10:48.353140Z |
| osv-2026-121 | Use-of-uninitialized-value in trySubset | 2026-01-24T00:15:22.824642Z | 2026-01-24T14:24:01.498986Z |
| osv-2026-122 | Use-of-uninitialized-value in rtcm2_unpack | 2026-01-24T00:18:15.169881Z | 2026-01-24T00:18:15.170285Z |
| osv-2026-119 | Segv on unknown address in gpsd_poll | 2026-01-23T00:09:08.434854Z | 2026-01-23T00:09:08.435286Z |
| osv-2026-112 | Use-of-uninitialized-value in PrintSERPacket | 2026-01-23T00:01:50.403598Z | 2026-01-23T00:01:50.404362Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2025-0049 | User-defined implementations of the safe trait scratchpad::Tracking can cause heap buffer overflows | 2025-08-14T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0044 | Four unique double-free vulnerabilities triggered via safe APIs | 2025-06-16T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0042 | Uninitialized read after allocating MemBump | 2025-07-11T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0040 | `root` appended to group listings | 2025-01-15T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0039 | Lack of sufficient checks in public API | 2025-05-06T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0038 | Out of bounds access in public safe API | 2025-04-24T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0037 | Pingora Request Smuggling and Cache Poisoning | 2025-05-22T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0035 | Multiple soundness issues in `macroquad` | 2025-04-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0034 | soundness issue and unmaintained | 2025-05-06T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0033 | Public API without sufficient bounds checking | 2025-03-27T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0032 | Safe API can cause heap-buffer-overflow | 2025-03-27T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0031 | Unsound public API in unmaintained crate | 2025-04-24T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0027 | Panic in mp3-metadata due to the lack of bounds checking | 2025-04-28T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0024 | crossbeam-channel: double free on Drop | 2025-04-08T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0023 | Broadcast channel calls clone in parallel, but does not require `Sync` | 2025-04-07T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0022 | Use-After-Free in `Md::fetch` and `Cipher::fetch` | 2025-04-04T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0020 | Risk of buffer overflow in `PyString::from_object` | 2025-04-01T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0019 | `array-init-cursor` in version 0.2.0 and below is unsound when used with types that implement `Drop` | 2025-03-27T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0018 | Potential out-of-bounds read with a malformed ELF file and the HashTable API. | 2025-03-26T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0016 | Use after free in `Parc` and `Prc` due to missing lifetime constraints | 2025-03-13T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0015 | Denial of Service via malicious Web Push endpoint | 2025-02-16T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0009 | Some AES functions may panic when overflow checking is enabled. | 2025-03-06T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0008 | Openh264 Decoding Functions Heap Overflow Vulnerability | 2025-02-24T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0006 | Hickory DNS failure to verify self-signed RRSIG for DNSKEYs | 2025-02-07T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0005 | Out of bounds write triggered by crafted coverage data | 2025-01-13T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0004 | ssl::select_next_proto use after free | 2025-02-02T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0003 | Segmentation fault due to lack of bound check | 2025-01-13T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0002 | Segmentation fault due to lack of bound check | 2025-01-13T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0443 | webp crate may expose memory contents when encoding an image | 2024-09-06T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0442 | Dump Undefined Memory by `JitDumpFile` | 2024-07-06T12:00:00Z | 2025-10-28T06:02:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:0932 | Important: java-1.8.0-openjdk security update | 2026-01-26T00:00:00Z | 2026-01-29T13:07:43Z |
| alsa-2026:1518 | Important: grafana-pcp security update | 2026-01-28T00:00:00Z | 2026-01-29T12:32:40Z |
| alsa-2026:1350 | Moderate: curl security update | 2026-01-27T00:00:00Z | 2026-01-29T12:31:06Z |
| alsa-2026:1334 | Moderate: glibc security update | 2026-01-27T00:00:00Z | 2026-01-29T12:29:45Z |
| alsa-2026:1254 | Important: python-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-29T12:14:07Z |
| alsa-2026:1344 | Important: grafana security update | 2026-01-27T00:00:00Z | 2026-01-29T12:12:24Z |
| alsa-2026:1374 | Moderate: python3.11 security update | 2026-01-27T00:00:00Z | 2026-01-29T12:10:37Z |
| alsa-2026:1380 | Moderate: osbuild-composer security update | 2026-01-27T00:00:00Z | 2026-01-29T12:07:35Z |
| alsa-2026:1408 | Moderate: python3.12 security update | 2026-01-27T00:00:00Z | 2026-01-29T12:05:44Z |
| alsa-2026:1410 | Moderate: python3.11 security update | 2026-01-27T00:00:00Z | 2026-01-29T12:02:18Z |
| alsa-2026:1429 | Important: php:8.3 security update | 2026-01-27T00:00:00Z | 2026-01-29T11:59:57Z |
| alsa-2026:1472 | Important: openssl security update | 2026-01-28T00:00:00Z | 2026-01-28T19:58:47Z |
| alsa-2026:1478 | Moderate: python3.9 security update | 2026-01-28T00:00:00Z | 2026-01-28T19:56:37Z |
| alsa-2026:0933 | Important: java-25-openjdk security update | 2026-01-26T00:00:00Z | 2026-01-28T14:39:55Z |
| alsa-2026:1224 | Important: python3.11-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:28:50Z |
| alsa-2026:1226 | Important: python3.12-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:21:23Z |
| alsa-2026:1087 | Important: python-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:19:22Z |
| alsa-2026:1088 | Important: python3.12-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:17:27Z |
| alsa-2026:1089 | Important: python3.11-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:15:08Z |
| alsa-2026:1148 | Important: kernel-rt security update | 2026-01-26T00:00:00Z | 2026-01-26T13:52:56Z |
| alsa-2026:1142 | Important: kernel security update | 2026-01-26T00:00:00Z | 2026-01-26T13:49:21Z |
| alsa-2026:1086 | Important: python-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-26T13:16:32Z |
| alsa-2026:0914 | Important: gimp security update | 2026-01-21T00:00:00Z | 2026-01-26T10:10:46Z |
| alsa-2026:0921 | Important: go-toolset:rhel8 security update | 2026-01-21T00:00:00Z | 2026-01-26T10:07:11Z |
| alsa-2026:0696 | Important: net-snmp security update | 2026-01-15T00:00:00Z | 2026-01-26T10:04:02Z |
| alsa-2026:0923 | Important: golang security update | 2026-01-21T00:00:00Z | 2026-01-24T01:54:58Z |
| alsa-2026:0927 | Important: java-17-openjdk security update | 2026-01-22T00:00:00Z | 2026-01-24T01:52:06Z |
| alsa-2026:0924 | Important: thunderbird security update | 2026-01-21T00:00:00Z | 2026-01-24T01:47:12Z |
| alsa-2026:0930 | Moderate: pcs security update | 2026-01-21T00:00:00Z | 2026-01-24T01:46:11Z |
| alsa-2026:0936 | Moderate: glib2 security update | 2026-01-21T00:00:00Z | 2026-01-24T01:44:09Z |