Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-48928 |
2.7 (4.0)
|
Piwigo's secret key can be brute forced |
Piwigo |
Piwigo |
2026-02-24T16:39:56.944Z | 2026-02-24T16:39:56.944Z |
| CVE-2026-27590 |
8.9 (4.0)
|
Caddy: Unicode case-folding length expansion causes in… |
caddyserver |
caddy |
2026-02-24T16:33:41.353Z | 2026-02-24T16:33:41.353Z |
| CVE-2026-27589 |
6.9 (4.0)
|
Caddy vulnerable to cross-origin config application vi… |
caddyserver |
caddy |
2026-02-24T16:30:52.016Z | 2026-02-24T16:31:35.510Z |
| CVE-2026-27588 |
7.7 (4.0)
|
Caddy: MatchHost becomes case-sensitive for large host… |
caddyserver |
caddy |
2026-02-24T16:28:28.106Z | 2026-02-24T16:28:28.106Z |
| CVE-2026-27587 |
7.7 (4.0)
|
Caddy: MatchPath %xx (escaped-path) branch skips case … |
caddyserver |
caddy |
2026-02-24T16:26:40.222Z | 2026-02-24T16:26:40.222Z |
| CVE-2026-27586 |
8.8 (4.0)
|
Caddy's mTLS client authentication silently fails open… |
caddyserver |
caddy |
2026-02-24T16:08:20.569Z | 2026-02-24T16:08:20.569Z |
| CVE-2026-27585 |
6.9 (4.0)
|
Caddy's improper sanitization of glob characters in fi… |
caddyserver |
caddy |
2026-02-24T16:06:05.030Z | 2026-02-24T16:06:05.030Z |
| CVE-2026-27571 |
5.9 (3.1)
|
nats-server websockets are vulnerable to pre-auth memory DoS |
nats-io |
nats-server |
2026-02-24T15:59:17.926Z | 2026-02-24T15:59:17.926Z |
| CVE-2025-13776 |
8.6 (4.0)
|
Hard-coded database credentials in Finka software |
TIK-SOFT |
Finka-FK |
2026-02-24T15:58:30.096Z | 2026-02-24T15:58:30.096Z |
| CVE-2025-47904 |
5.7 (4.0)
|
Unsigned upgrade package |
Microchip |
Time Provider 4100 |
2026-02-24T15:34:20.905Z | 2026-02-24T15:34:20.905Z |
| CVE-2026-27521 |
6.9 (4.0)
6.5 (3.1)
|
Binardat 10G08-0800GSM Network Switch Missing Login Ra… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:08:14.170Z | 2026-02-24T15:08:14.170Z |
| CVE-2026-27520 |
8.7 (4.0)
7.5 (3.1)
|
Binardat 10G08-0800GSM Network Switch Base64-encoded P… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:07:41.085Z | 2026-02-24T15:07:41.085Z |
| CVE-2026-27519 |
8.7 (4.0)
7.5 (3.1)
|
Binardat 10G08-0800GSM Network Switch Hard-coded RC4 E… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:07:10.410Z | 2026-02-24T15:07:10.410Z |
| CVE-2026-27518 |
5.1 (4.0)
4.3 (3.1)
|
Binardat 10G08-0800GSM Network Switch CSRF |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:06:39.513Z | 2026-02-24T15:06:39.513Z |
| CVE-2026-27517 |
5.1 (4.0)
5.4 (3.1)
|
Binardat 10G08-0800GSM Network Switch XSS |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:06:08.974Z | 2026-02-24T15:06:08.974Z |
| CVE-2026-27516 |
8.6 (4.0)
8.1 (3.1)
|
Binardat 10G08-0800GSM Network Switch Plaintext Passwo… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:05:12.384Z | 2026-02-24T15:05:12.384Z |
| CVE-2026-27515 |
9.3 (4.0)
9.1 (3.1)
|
Binardat 10G08-0800GSM Network Switch Predictable Sess… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:04:41.427Z | 2026-02-24T15:04:41.427Z |
| CVE-2026-27507 |
9.3 (4.0)
9.8 (3.1)
|
Binardat 10G08-0800GSM Network Switch Hard-coded Credentials |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:04:16.616Z | 2026-02-24T15:04:16.616Z |
| CVE-2026-23678 |
8.7 (4.0)
8.8 (3.1)
|
Binardat 10G08-0800GSM Network Switch Traceroute CLI C… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:03:35.734Z | 2026-02-24T15:03:49.724Z |
| CVE-2026-27584 |
9.2 (4.0)
|
ActualBudget server is Missing Authentication for Simp… |
actualbudget |
actual |
2026-02-24T14:59:21.175Z | 2026-02-24T14:59:21.175Z |
| CVE-2026-0402 |
4.9 (3.1)
|
A post-authentication Out-of-bounds Read vulnerab… |
SonicWall |
SonicOS |
2026-02-24T14:58:37.608Z | 2026-02-24T15:33:50.674Z |
| CVE-2026-27732 |
8.6 (4.0)
|
AVideo has Authenticated Server-Side Request Forgery v… |
WWBN |
AVideo |
2026-02-24T14:56:55.372Z | 2026-02-24T14:56:55.372Z |
| CVE-2026-0401 |
4.9 (3.1)
|
A post-authentication NULL Pointer Dereference vu… |
SonicWall |
SonicOS |
2026-02-24T14:55:57.545Z | 2026-02-24T15:34:30.604Z |
| CVE-2026-0400 |
4.9 (3.1)
|
A post-authentication Format String vulnerability… |
SonicWall |
SonicOS |
2026-02-24T14:54:15.394Z | 2026-02-24T15:35:10.650Z |
| CVE-2026-27568 |
5.1 (4.0)
|
AVideo has Stored Cross-Site Scripting via Markdown Co… |
WWBN |
AVideo |
2026-02-24T14:53:20.826Z | 2026-02-24T14:53:20.826Z |
| CVE-2026-0399 |
4.9 (3.1)
|
Multiple post-authentication stack-based buffer o… |
SonicWall |
SonicOS |
2026-02-24T14:52:10.841Z | 2026-02-24T15:50:29.865Z |
| CVE-2026-3102 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
exiftool PNG File MacOS.pm SetMacOSTags os command injection |
n/a |
exiftool |
2026-02-24T14:32:13.272Z | 2026-02-24T14:32:13.272Z |
| CVE-2026-3101 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
Intelbras TIP 635G Ping os command injection |
Intelbras |
TIP 635G |
2026-02-24T14:32:08.166Z | 2026-02-24T14:32:08.166Z |
| CVE-2026-27567 |
6.5 (3.1)
|
Payload has Server-Side Request Forgery (SSRF) in Exte… |
payloadcms |
payload |
2026-02-24T14:22:37.803Z | 2026-02-24T14:22:37.803Z |
| CVE-2025-10010 |
6.8 (3.1)
|
Integrity Validation Bypass in CryptoPro Secure Disk f… |
CPSD IT SERVICES GMBH |
CryptoPro Secure Disk for BitLocker |
2026-02-24T14:13:29.155Z | 2026-02-24T14:53:28.726Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-xx53-6qqj-gr7w |
|
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence o… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-xqx8-2c6c-9g3g |
4.9 (3.1)
|
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-v5qr-j3c6-xxx2 |
|
TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cste… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-pr9m-7cjw-258w |
4.9 (3.1)
|
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-pq5g-x5q3-3g25 |
4.9 (3.1)
|
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management … | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-mr6q-w873-6jfr |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function Se… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-6pf6-w4c2-rx3f |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code o… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-58j5-qr69-3544 |
6.8 (3.1)
|
The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user aut… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-3q93-28v9-5x6v |
4.9 (3.1)
|
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fi… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-xchm-7954-5wvg |
|
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-wcpx-2xqg-ff43 |
|
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-vxjv-c6cq-74m6 |
|
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148 and … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-q6rm-rhj9-jpg5 |
|
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-p9gc-q2gc-jc6r |
4.2 (3.1)
|
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-p4fg-vw73-vr29 |
|
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-m8jj-q5xq-4qhp |
|
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This v… | 2026-02-24T15:30:32Z | 2026-02-24T15:30:32Z |
| ghsa-jvc5-7j9r-q4m6 |
|
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 14… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-hwjj-g6g7-p8cf |
|
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-hjq8-wc3q-9xf3 |
|
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, F… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-h79p-mfpr-8qm4 |
|
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-h4vm-j32v-95qm |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-gvhp-5j8m-528x |
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-gjwv-rvwj-p62j |
|
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-g9cv-cvhp-755f |
|
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-fvj5-5qvq-g8wf |
8.8 (3.1)
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T21:31:45Z |
| ghsa-cgrc-pwqf-64v8 |
|
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-c5fj-xq9f-fjxm |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fir… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-c3q8-4689-m4p6 |
|
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-94rx-4fcc-c849 |
|
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-8g7m-g6r7-rqcp |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-213 |
6.5 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:10+00:00 | 2025-01-19T22:22:23.310301+00:00 |
| pysec-2024-197 |
5.3 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:10+00:00 | 2025-01-19T16:22:57.732726+00:00 |
| pysec-2024-196 |
8.3 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:10+00:00 | 2025-01-19T16:22:57.640183+00:00 |
| pysec-2024-168 |
6.5 (3.1)
|
Taipy is an open-source Python library for easy, end-to-end application development for d… | taipy | 2024-10-09T19:15:14+00:00 | 2025-01-18T19:19:07.718423+00:00 |
| pysec-2024-109 |
7.8 (3.1)
|
DeepSpeed Remote Code Execution Vulnerability | deepspeed | 2024-10-08T18:15:00+00:00 | 2024-10-17T23:22:43.000269+00:00 |
| pysec-2024-102 |
|
An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.… | django | 2024-10-08T16:15:00+00:00 | 2024-10-08T19:19:01.400873+00:00 |
| pysec-2024-121 |
6.5 (3.1)
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from… | openc3 | 2024-10-02T20:15:00+00:00 | 2024-11-13T20:22:56.434107+00:00 |
| pysec-2024-101 |
6.5 (3.1)
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from… | openc3 | 2024-10-02T20:15:00+00:00 | 2024-10-08T17:22:06.539206+00:00 |
| pysec-2024-100 |
6.1 (3.1)
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from… | openc3 | 2024-10-02T20:15:00+00:00 | 2024-10-08T17:22:06.493109+00:00 |
| pysec-2024-186 |
6.5 (3.1)
|
RestrictedPython is a restricted execution environment for Python to run untrusted code. … | restrictedpython | 2024-09-30T16:15:09+00:00 | 2025-01-19T04:23:01.259448+00:00 |
| pysec-2024-171 |
8.0 (3.1)
|
Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, mult… | strawberry-graphql | 2024-09-25T18:15:05+00:00 | 2025-01-18T22:21:43.412172+00:00 |
| pysec-2024-99 |
7.5 (3.1)
|
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords. | openslides | 2024-09-25T15:15:00+00:00 | 2024-10-01T21:22:35.777428+00:00 |
| pysec-2024-96 |
7.5 (3.1)
|
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affe… | micropython-string | 2024-09-17T19:15:00+00:00 | 2024-09-25T06:23:56.151249+00:00 |
| pysec-2024-95 |
7.5 (3.1)
|
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affe… | micropython-os-path | 2024-09-17T19:15:00+00:00 | 2024-09-25T06:23:56.045949+00:00 |
| pysec-2024-94 |
8.1 (3.1)
|
A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affect… | micropython-io | 2024-09-17T19:15:00+00:00 | 2024-09-25T06:23:55.930133+00:00 |
| pysec-2024-93 |
7.5 (3.1)
|
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affe… | micropython-io | 2024-09-17T19:15:00+00:00 | 2024-09-25T06:23:55.864558+00:00 |
| pysec-2024-92 |
8.1 (3.1)
|
A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affect… | micropython-copy | 2024-09-17T19:15:00+00:00 | 2024-09-25T06:23:55.787891+00:00 |
| pysec-2024-91 |
7.5 (3.1)
|
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affe… | micropython-copy | 2024-09-17T19:15:00+00:00 | 2024-09-25T06:23:55.729708+00:00 |
| pysec-2024-89 |
7.5 (3.1)
|
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected … | micropython-os | 2024-09-17T19:15:00+00:00 | 2024-09-23T21:22:09.689786+00:00 |
| pysec-2024-88 |
7.5 (3.1)
|
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected … | micropython-io | 2024-09-17T19:15:00+00:00 | 2024-09-23T21:22:09.570550+00:00 |
| pysec-2024-87 |
7.5 (3.1)
|
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected … | micropython-copy | 2024-09-17T19:15:00+00:00 | 2024-09-23T21:22:09.445188+00:00 |
| pysec-2024-85 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-20T08:46:02.775917Z |
| pysec-2024-84 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-20T08:46:02.679012Z |
| pysec-2024-83 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-20T08:46:02.578402Z |
| pysec-2024-82 |
8.8 (3.1)
|
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-20T08:46:02.480722Z |
| pysec-2024-81 |
8.8 (3.1)
|
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of … | mindsdb | 2024-09-12T13:15:00+00:00 | 2024-09-16T19:20:05.004524+00:00 |
| pysec-2024-80 |
8.8 (3.1)
|
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of … | mindsdb | 2024-09-12T13:15:00+00:00 | 2024-09-16T19:20:04.922906+00:00 |
| pysec-2024-79 |
8.8 (3.1)
|
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of … | mindsdb | 2024-09-12T13:15:00+00:00 | 2024-09-16T19:20:04.841635+00:00 |
| pysec-2024-78 |
8.8 (3.1)
|
An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of … | mindsdb | 2024-09-12T13:15:00+00:00 | 2024-09-16T19:20:04.697678+00:00 |
| pysec-2024-77 |
8.8 (3.1)
|
An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of … | mindsdb | 2024-09-12T13:15:00+00:00 | 2024-09-16T19:20:04.616691+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-902 | Malicious code in crc32fast (PyPI) | 2026-02-14T13:26:41Z | 2026-02-14T14:13:09Z |
| mal-2026-900 | Malicious code in cubaflixdownload (PyPI) | 2026-02-14T12:34:41Z | 2026-02-14T12:34:41Z |
| mal-2026-901 | Malicious code in platforms (PyPI) | 2026-02-14T12:29:36Z | 2026-02-14T12:29:36Z |
| mal-2026-899 | Malicious code in dzuseragents (PyPI) | 2026-02-14T11:56:39Z | 2026-02-14T11:56:39Z |
| mal-2024-12375 | Malicious code in langraph (PyPI) | 2026-02-14T05:25:23Z | 2026-02-14T18:48:58Z |
| mal-2026-898 | Malicious code in magicwolf (PyPI) | 2026-02-14T02:02:26Z | 2026-02-15T22:44:50Z |
| mal-2026-897 | Malicious code in clawdest (PyPI) | 2026-02-13T23:10:47Z | 2026-02-15T22:44:50Z |
| mal-2026-896 | Malicious code in sinon-web3-chain (npm) | 2026-02-13T17:36:45Z | 2026-02-23T04:21:35Z |
| mal-2026-895 | Malicious code in json-mapping-src (npm) | 2026-02-13T17:34:17Z | 2026-02-23T04:21:33Z |
| mal-2026-894 | Malicious code in troncloud (PyPI) | 2026-02-13T17:22:10Z | 2026-02-13T18:20:45Z |
| mal-2026-890 | Malicious code in responsible-ai (npm) | 2026-02-13T14:01:25Z | 2026-02-23T04:21:35Z |
| mal-2026-881 | Malicious code in contosoapp (npm) | 2026-02-13T14:01:25Z | 2026-02-23T04:21:32Z |
| mal-2026-879 | Malicious code in codexworld (npm) | 2026-02-13T14:01:25Z | 2026-02-23T04:21:32Z |
| mal-2026-889 | Malicious code in responses-starter-app (npm) | 2026-02-13T14:01:24Z | 2026-02-23T04:21:35Z |
| mal-2026-888 | Malicious code in pyright-root (npm) | 2026-02-13T14:01:24Z | 2026-02-23T04:21:35Z |
| mal-2026-887 | Malicious code in pyrefly (npm) | 2026-02-13T14:01:24Z | 2026-02-23T04:21:35Z |
| mal-2026-886 | Malicious code in open-answer-engine-frontend (npm) | 2026-02-13T14:01:24Z | 2026-02-23T04:21:35Z |
| mal-2026-883 | Malicious code in ecosystem_ui (npm) | 2026-02-13T14:01:24Z | 2026-02-23T04:21:32Z |
| mal-2026-884 | Malicious code in hxz-protection (npm) | 2026-02-13T13:57:39Z | 2026-02-23T04:21:33Z |
| mal-2026-891 | Malicious code in wropz-6module (npm) | 2026-02-13T13:57:38Z | 2026-02-23T04:21:36Z |
| mal-2026-892 | Malicious code in wropz-module (npm) | 2026-02-13T13:57:37Z | 2026-02-23T04:21:36Z |
| mal-2026-893 | Malicious code in xsstesting (npm) | 2026-02-13T13:50:54Z | 2026-02-23T04:21:37Z |
| mal-2026-885 | Malicious code in metadata-stripper (npm) | 2026-02-13T13:50:54Z | 2026-02-23T04:21:34Z |
| mal-2026-882 | Malicious code in despicable-me (npm) | 2026-02-13T13:50:54Z | 2026-02-23T04:21:32Z |
| mal-2026-880 | Malicious code in console-style-pro0o0o0o (npm) | 2026-02-13T13:50:54Z | 2026-02-23T04:21:32Z |
| mal-2026-878 | Malicious code in magichat (PyPI) | 2026-02-13T10:56:11Z | 2026-02-15T22:44:50Z |
| mal-2026-875 | Malicious code in displaydoc (PyPI) | 2026-02-13T10:45:53Z | 2026-02-13T11:45:52Z |
| mal-2026-876 | Malicious code in acpi-tables (PyPI) | 2026-02-13T10:35:04Z | 2026-02-13T10:35:04Z |
| mal-2026-877 | Malicious code in arrayvec (PyPI) | 2026-02-13T10:27:10Z | 2026-02-13T10:27:10Z |
| mal-2026-874 | Malicious code in google-search-result (PyPI) | 2026-02-12T23:27:54Z | 2026-02-13T00:38:45Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-moodle-2025-3641 | Moodle: authenticated remote code execution risk in the moodle lms dropbox repository | 2026-01-26T14:49:44.921Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3640 | Moodle: idor in web service allows users enrolled in a course to access some details of other users | 2026-01-26T14:49:43.349Z | 2026-01-26T15:09:56.435Z |
| bit-python-2025-15282 | Header injection via newlines in data URL mediatype | 2026-01-26T14:49:40.631Z | 2026-02-23T12:55:58.474Z |
| bit-moodle-2025-3637 | Moodle: csrf token exposure via url in moodle mod_data module | 2026-01-26T14:49:40.549Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3636 | Moodle: idor in moodle rss block allows unauthorized access to rss feeds | 2026-01-26T14:49:39.118Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3635 | Moodle: csrf risk in moodle user tours manager allows tour duplication | 2026-01-26T14:49:37.686Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3634 | Moodle: moodle allows course self-enrolment before completing mfa | 2026-01-26T14:49:36.271Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3628 | Moodle: moodle assignment submission search leaks anonymous student identities | 2026-01-26T14:49:34.772Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3627 | Moodle: partial data exposure in moodle before completing multi-factor authentication | 2026-01-26T14:49:33.343Z | 2026-01-26T15:09:56.435Z |
| bit-python-2025-11468 | Folding email comments of unfoldable characters doesn't preserve parenthesis | 2026-01-26T14:49:32.088Z | 2026-02-20T15:52:56.451Z |
| bit-moodle-2025-3625 | Moodle: user dos and name disclosure via idor in moodle mfa email factor revoke action | 2026-01-26T14:49:31.897Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-32045 | Moodle: hidden grades shown to users without permission on some grade reports | 2026-01-26T14:49:30.385Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-32044 | Moodle: unauthenticated rest api user data exposure | 2026-01-26T14:49:29.093Z | 2026-01-26T15:09:56.435Z |
| bit-node-2026-21637 | 2026-01-26T14:48:02.384Z | 2026-01-31T09:09:11.750Z | |
| bit-node-2026-21636 | 2026-01-26T14:48:00.613Z | 2026-01-31T09:09:11.750Z | |
| bit-node-2025-59466 | 2026-01-26T14:47:58.830Z | 2026-01-31T09:09:11.750Z | |
| bit-node-2025-59465 | 2026-01-26T14:47:56.981Z | 2026-01-26T15:09:56.435Z | |
| bit-node-2025-59464 | 2026-01-26T14:47:55.131Z | 2026-01-31T09:09:11.750Z | |
| bit-node-2025-55132 | 2026-01-26T14:47:53.358Z | 2026-02-04T10:19:33.233Z | |
| bit-node-2025-55131 | 2026-01-26T14:47:51.686Z | 2026-01-26T15:09:56.435Z | |
| bit-node-2025-55130 | 2026-01-26T14:47:49.864Z | 2026-02-04T10:19:33.233Z | |
| bit-libpython-2026-0865 | wsgiref.headers.Headers allows header newline injection | 2026-01-26T14:43:33.890Z | 2026-02-24T09:11:39.593Z |
| bit-libpython-2026-0672 | Header injection in http.cookies.Morsel | 2026-01-26T14:43:32.238Z | 2026-02-20T15:52:56.451Z |
| bit-libpython-2025-15282 | Header injection via newlines in data URL mediatype | 2026-01-26T14:43:08.856Z | 2026-02-23T12:55:58.474Z |
| bit-libpython-2025-11468 | Folding email comments of unfoldable characters doesn't preserve parenthesis | 2026-01-26T14:42:59.991Z | 2026-02-20T15:52:56.451Z |
| bit-harbor-2024-22261 | SQL Injection in Harbor scan log API | 2026-01-26T14:40:06.365Z | 2026-01-26T15:09:56.435Z |
| bit-harbor-2022-31666 | Harbor fails to validate user permissions while Viewing, updating and deleting Webhook policies | 2026-01-26T14:39:52.521Z | 2026-01-26T15:09:56.435Z |
| bit-crossplane-2023-38495 | Crossplane vulnerable to possible image tampering from missing image validation for Packages | 2026-01-26T14:36:56.233Z | 2026-01-26T15:09:56.435Z |
| bit-crossplane-2023-37900 | Crossplane vulnerable to denial of service from large image | 2026-01-26T14:36:54.817Z | 2026-01-26T15:09:56.435Z |
| bit-gradle-2026-22865 | Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts | 2026-01-21T08:41:11.981Z | 2026-01-21T09:22:22.325Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-hg66170 | Cancelling a query (e | 2026-01-30T15:35:23.809128Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-qj89068 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:34:54.378061Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bz92766 | beego is an open-source web framework for the Go programming language | 2026-01-30T15:34:54.149400Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nv07964 | Cancelling a query (e | 2026-01-30T15:33:23.809279Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-av38242 | Cancelling a query (e | 2026-01-30T15:33:23.662793Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oi08379 | Cancelling a query (e | 2026-01-30T15:32:54.729863Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-qk01721 | go-redis is the official Redis client library for the Go programming language | 2026-01-30T15:32:54.211133Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-po40318 | go-redis is the official Redis client library for the Go programming language | 2026-01-30T15:31:53.772564Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ry09679 | go-redis is the official Redis client library for the Go programming language | 2026-01-30T15:31:53.660443Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pg91940 | net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines | 2026-01-30T15:31:24.365282Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ct39828 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T15:31:23.928259Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ur80185 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:30:24.609590Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-zo91195 | go-redis is the official Redis client library for the Go programming language | 2026-01-30T15:30:24.594235Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ts42581 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T15:29:23.600518Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-sy95837 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T15:28:53.594094Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fs64938 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:24:53.185811Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-tl71584 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:23:53.438748Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-cy03855 | tar | 2026-01-30T15:18:53.133348Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ns41924 | Within HostnameError | 2026-01-30T15:18:53.115636Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ts12850 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:17:53.937628Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rq53330 | Within HostnameError | 2026-01-30T15:17:53.658995Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rd08428 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:17:23.554517Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oj41940 | net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines | 2026-01-30T15:13:53.428815Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kc06686 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:10:53.141957Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fn26367 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:10:23.074072Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-il25782 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:09:53.055759Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bl06950 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:08:23.121647Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-tf52804 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:08:23.107112Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fm00685 | Cancelling a query (e | 2026-01-30T15:07:53.091254Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ck72347 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:07:23.436298Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2025-016 | 2025-02-12T17:38:09.000Z | 2025-03-31T22:05:16.000Z | |
| drupal-contrib-2025-015 | 2025-02-12T17:37:59.000Z | 2025-03-31T22:05:08.000Z | |
| drupal-contrib-2025-014 | 2025-02-12T17:37:40.000Z | 2025-03-31T22:05:00.000Z | |
| drupal-contrib-2025-013 | 2025-02-05T17:24:48.000Z | 2025-03-31T22:04:51.000Z | |
| drupal-contrib-2025-012 | 2025-01-29T17:16:19.000Z | 2025-03-31T22:04:42.000Z | |
| drupal-contrib-2025-011 | 2025-01-29T17:13:29.000Z | 2025-03-31T22:04:35.000Z | |
| drupal-contrib-2025-010 | 2025-01-29T16:57:22.000Z | 2025-03-31T22:23:22.000Z | |
| drupal-contrib-2025-009 | 2025-01-29T16:54:02.000Z | 2025-03-31T22:04:22.000Z | |
| drupal-contrib-2025-008 | 2025-01-29T08:51:50.000Z | 2025-03-31T22:04:11.000Z | |
| drupal-contrib-2025-007 | 2025-01-22T17:01:38.000Z | 2025-03-31T22:04:03.000Z | |
| drupal-contrib-2025-006 | 2025-01-22T17:00:11.000Z | 2025-03-31T22:23:16.000Z | |
| drupal-contrib-2025-005 | 2025-01-22T16:59:00.000Z | 2025-03-31T22:23:08.000Z | |
| drupal-contrib-2025-004 | 2025-01-22T16:50:12.000Z | 2025-05-29T18:26:44.000Z | |
| drupal-contrib-2025-003 | 2025-01-15T15:58:05.000Z | 2025-03-31T22:03:43.000Z | |
| drupal-contrib-2025-002 | 2025-01-08T17:54:04.000Z | 2025-03-31T22:22:59.000Z | |
| drupal-contrib-2025-001 | 2025-01-08T17:22:11.000Z | 2025-06-19T22:05:09.000Z | |
| drupal-contrib-2024-076 | 2024-12-11T16:53:22.000Z | 2025-02-20T20:08:37.000Z | |
| drupal-contrib-2024-075 | 2024-12-11T14:31:11.000Z | 2025-02-20T20:08:28.000Z | |
| drupal-contrib-2024-074 | 2024-12-11T14:27:22.000Z | 2025-02-20T20:08:21.000Z | |
| drupal-contrib-2024-073 | 2024-12-11T12:36:29.000Z | 2025-02-20T20:08:10.000Z | |
| drupal-contrib-2024-072 | 2024-12-11T07:44:40.000Z | 2025-02-20T20:08:00.000Z | |
| drupal-contrib-2024-071 | 2024-12-04T16:20:57.000Z | 2025-02-20T20:07:52.000Z | |
| drupal-contrib-2024-070 | 2024-12-04T15:51:12.000Z | 2025-02-20T20:07:46.000Z | |
| drupal-contrib-2024-069 | 2024-12-04T15:13:14.000Z | 2025-02-20T20:07:35.000Z | |
| drupal-contrib-2024-068 | 2024-12-04T14:46:03.000Z | 2025-02-20T20:07:26.000Z | |
| drupal-contrib-2024-067 | 2024-12-04T14:40:50.000Z | 2025-02-20T20:07:11.000Z | |
| drupal-contrib-2024-064 | 2024-11-27T16:41:51.000Z | 2025-02-20T20:06:49.000Z | |
| drupal-contrib-2024-062 | 2024-11-20T17:36:55.000Z | 2025-02-20T20:06:35.000Z | |
| drupal-contrib-2024-060 | 2024-11-13T17:37:36.000Z | 2025-02-20T20:06:18.000Z | |
| drupal-contrib-2024-059 | 2024-11-13T17:36:48.000Z | 2025-02-20T20:06:05.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-011884 | FUJIFILM Healthcare Americas Synapse Mobility vulnerable to Privilege Escalation | 2025-08-21T11:49+09:00 | 2025-08-25T10:38+09:00 |
| jvndb-2025-000061 | Multiple vulnerabilities in Movable Type | 2025-08-20T15:30+09:00 | 2025-08-20T15:30+09:00 |
| jvndb-2025-000060 | PgManage vulnerable to injection | 2025-08-18T13:40+09:00 | 2025-08-18T13:40+09:00 |
| jvndb-2025-000059 | Seagate Toolkit registers a Windows service with an unquoted file path | 2025-08-14T12:32+09:00 | 2025-08-19T14:40+09:00 |
| jvndb-2025-000058 | WordPress plugin "Advanced Custom Fields" vulnerable to HTML injection | 2025-08-08T15:29+09:00 | 2025-08-08T15:29+09:00 |
| jvndb-2025-010972 | Multiple SEIKO EPSON products use weak initial passwords | 2025-08-08T14:50+09:00 | 2025-08-08T14:50+09:00 |
| jvndb-2025-000057 | Multiple vulnerabilities in Mubit Powered BLUE 870 | 2025-08-08T14:47+09:00 | 2025-08-08T14:47+09:00 |
| jvndb-2025-010854 | Trend Micro Endpoint security products for enterprises vulnerable to multiple OS command injection | 2025-08-07T12:25+09:00 | 2025-08-19T11:36+09:00 |
| jvndb-2025-000056 | Multiple vulnerabilities in Sato label printers CL4/6NX Plus and CL4/6NX-J Plus series | 2025-08-06T16:38+09:00 | 2025-08-06T16:38+09:00 |
| jvndb-2025-010603 | Out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs | 2025-08-05T11:29+09:00 | 2025-08-05T11:29+09:00 |
| jvndb-2025-010408 | Multiple vulnerabilities in PowerCMS | 2025-08-01T12:05+09:00 | 2025-08-01T12:05+09:00 |
| jvndb-2025-000055 | ZXHN-F660T and ZXHN-F660A use a common credential for all installations | 2025-07-31T15:12+09:00 | 2025-07-31T15:12+09:00 |
| jvndb-2025-000054 | Apache Jena Fuseki vulnerable to path traversal | 2025-07-30T14:17+09:00 | 2025-07-30T14:17+09:00 |
| jvndb-2025-000053 | "SwitchBot" App vulnerable to insertion of sensitive information into log file | 2025-07-29T13:44+09:00 | 2025-07-29T13:44+09:00 |
| jvndb-2025-010056 | TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection | 2025-07-28T17:53+09:00 | 2025-07-28T17:53+09:00 |
| jvndb-2025-000052 | TP-Link Archer C1200 vulnerable to clickjacking | 2025-07-24T14:16+09:00 | 2025-07-24T14:16+09:00 |
| jvndb-2025-000051 | Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input | 2025-07-23T13:54+09:00 | 2025-07-23T13:54+09:00 |
| jvndb-2025-009576 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-07-23T11:13+09:00 | 2025-07-23T11:13+09:00 |
| jvndb-2025-000050 | "region PAY" App for Android vulnerable to insertion of sensitive information into log file | 2025-07-22T13:33+09:00 | 2025-07-22T13:33+09:00 |
| jvndb-2025-009150 | Security updates for Trend Micro products (June 2025) | 2025-07-17T17:03+09:00 | 2025-07-17T17:03+09:00 |
| jvndb-2025-000049 | ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials | 2025-07-16T13:54+09:00 | 2025-07-16T13:54+09:00 |
| jvndb-2025-008881 | Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers | 2025-07-15T15:54+09:00 | 2025-07-15T15:54+09:00 |
| jvndb-2025-008783 | Firebox T15 contains an issue with hidden functionality | 2025-07-14T17:22+09:00 | 2025-07-14T17:22+09:00 |
| jvndb-2025-008145 | Epson Web Installer for Mac vulnerable to missing authentication for critical function | 2025-07-08T14:08+09:00 | 2025-07-08T14:08+09:00 |
| jvndb-2025-008106 | Heap-based buffer overflow vulnerability in V-SFT and TELLUS | 2025-07-07T16:26+09:00 | 2025-07-07T16:26+09:00 |
| jvndb-2025-008105 | Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521) | 2025-07-07T16:04+09:00 | 2025-07-07T16:04+09:00 |
| jvndb-2025-000047 | Multiple vulnerabilities in Nimesa Backup and Recovery | 2025-07-07T15:26+09:00 | 2025-07-07T15:26+09:00 |
| jvndb-2025-007978 | Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837) | 2025-07-04T13:28+09:00 | 2025-07-04T13:28+09:00 |
| jvndb-2025-000045 | Multiple vulnerabilities in Active! mail | 2025-07-02T14:13+09:00 | 2025-07-02T14:13+09:00 |
| jvndb-2025-007754 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2025-07-02T11:31+09:00 | 2025-07-02T11:31+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-08425 | iccDEV CIccSparseMatrix::CIccSparseMatrix函数堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08424 | iccDEV CIccProfile::LoadTag函数输入验证不当漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08423 | iccDEV CIccMBB::Validate函数堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08422 | iccDEV CIccCalculatorFunc::SequenceNeedTempReset函数越界读取漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08421 | iccDEV ICC颜色配置文件未定义行为漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08420 | iccDEV计算器解析器堆栈缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08419 | iccDEV CIccProfileXml::ParseBasic函数空指针取消引用漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07954 | iccDEV拒绝服务漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07953 | iccDEV空指针成员调用漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07952 | iccDEV未知标签解析器空指针取消引用漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07951 | iccDEV ICC色彩配置文件空指针取消引用漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07950 | iccDEV数字错误漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07949 | iccDEV CIccTagLutAtoB::Validate函数未定义行为漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07948 | iccDEV CIccTagLut16::Read函数未定义行为漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07947 | iccDEV XML计算器宏扩展堆栈缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07946 | iccDEV XML标签解析器空指针引用漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07945 | iccDEV CIccTagSpectralViewingConditions函数未定义行为漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07944 | iccDEV签名解析器空指针引用漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07943 | iccDEV无效枚举值漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07942 | iccDEV XML计算器解析器空指针取消引用漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07941 | iccDEV CIccTagCurve::CIccTagCurve函数未定义行为漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07940 | iccDEV CIccTagSparseMatrixArray空指针引用漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07939 | iccDEV XML解析器空指针引用漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07938 | iccDEV ToneMap解析器堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07937 | iccDEV IccTagXml函数堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07936 | iccDEV CIccXmlArrayType::ParseText函数堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07935 | iccDEV CIccLocalizedUnicode::GetText函数堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07934 | iccDEV CIccCLUT::Init函数堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07933 | iccDEV堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07553 | WordPress插件EventPrime信息泄露漏洞 | 2026-01-19 | 2026-01-28 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01708 | Уязвимость функции commonprefix() модуля pip языка программирования Python, позволяющая н… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01707 | Уязвимость библиотеки обработки JSON-данных Json-smart, связанная с неконтролируемой реку… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01706 | Уязвимость функции toFixed() среды выполнения JavaScript-кода Rhino, позволяющая нарушите… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01705 | Уязвимость классов ManifestParser и AmazonS3 системы контроля версий Git на языке Java Ec… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01704 | Уязвимость компонента JSON Web Token Handler программного средства для управления иденти… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01703 | Уязвимость функции h2v2_merged_upsample_internal() библиотеки libjpeg-turbo, позволяющая … | 11.02.2026 | 11.02.2026 |
| bdu:2026-01702 | Уязвимость диспетчера окон рабочего стола (Desktop Window Manager) операционных систем Wi… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01701 | Уязвимость службы удаленного рабочего стола Remote Desktop Services (RDS) операционных си… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01700 | Уязвимость компонента MSHTML операционных систем Windows, позволяющая нарушителю обойти ф… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01699 | Уязвимость пакета программ Microsoft Office, связанная с использованием ненадежных входны… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01698 | Уязвимость службы Remote Access Connection Manager (RASMan) операционной системы Windows,… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01639 | Уязвимость функций virtio_queue_rqs() и virtblk_poll() модуля drivers/block/virtio_blk.c … | 11.02.2026 | 11.02.2026 |
| bdu:2026-01636 | Уязвимость функции felix_change_tag_protocol() модуля drivers/net/dsa/ocelot/felix.c драй… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01635 | Уязвимость анализатора XML-файлов Xerces2 Java, связанная с ошибками управления ресурсом,… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01634 | Уязвимость библиотеки синтаксического анализа XML Apache Xerces, связанная с выполнением … | 11.02.2026 | 11.02.2026 |
| bdu:2026-01633 | Уязвимость функции gfx_v9_0_hw_fini() модуля drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c драйве… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01632 | Уязвимость компонента io.netty.handler.codec.http.HttpRequestEncoder сетевого программног… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01631 | Уязвимость функции nouveau_gem_prime_import_sg_table() модуля drivers/gpu/drm/nouveau/nou… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01630 | Уязвимость командной оболочки Shell операционных систем Windows, позволяющая нарушителю о… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01629 | Уязвимость функции efivar_ssdt_load() модуля drivers/firmware/efi/efi.c драйвера прошивок… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01628 | Уязвимость функции irdma_net_event() модуля drivers/infiniband/hw/irdma/utils.c драйвера … | 11.02.2026 | 11.02.2026 |
| bdu:2026-01627 | Уязвимость функции kimage_map_segment() модуля kernel/kexec_core.c ядра операционной сист… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01626 | Уязвимость функций rtw89_core_register_hw(), rtw89_pci_probe() модуля drivers/net/wireles… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01625 | Уязвимость инструмента создания сценариев веб-клиента системы для управления взаимоотноше… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01599 | Уязвимость функции drain_obj_stock() модуля mm/memcontrol.c подсистемы управления памятью… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01598 | Уязвимость функции f2fs_put_super() модуля fs/f2fs/super.c файловой системы F2FS ядра опе… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01570 | Уязвимость функции a7xx_patch_pwrup_reglist() модуля drivers/gpu/drm/msm/adreno/a6xx_gpu… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01569 | Уязвимость функции exynos_clkout_probe() модуля drivers/clk/samsung/clk-exynos-clkout.c д… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01568 | Уязвимость функции adv7842_cp_log_status() модуля drivers/media/i2c/adv7842.c драйвера му… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01567 | Уязвимость функции raid1_remove_disk() модуля drivers/md/raid1.c драйвера нескольких устр… | 11.02.2026 | 11.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0083 | Multiples vulnérabilités dans les produits IBM | 2026-01-23T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2026-avi-0082 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-23T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2026-avi-0081 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-23T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2026-avi-0080 | Vulnérabilité dans Broadcom Web Security Services Agent | 2026-01-23T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2026-avi-0079 | Vulnérabilité dans Python | 2026-01-22T00:00:00.000000 | 2026-01-22T00:00:00.000000 |
| certfr-2026-avi-0078 | Vulnérabilité dans Ceph | 2026-01-22T00:00:00.000000 | 2026-01-22T00:00:00.000000 |
| certfr-2026-avi-0077 | Multiples vulnérabilités dans les produits Symantec | 2026-01-22T00:00:00.000000 | 2026-01-22T00:00:00.000000 |
| certfr-2026-avi-0076 | Vulnérabilité dans les produits Cisco | 2026-01-22T00:00:00.000000 | 2026-01-22T00:00:00.000000 |
| certfr-2026-avi-0075 | Multiples vulnérabilités dans GitLab | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0074 | Multiples vulnérabilités dans Oracle Weblogic | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0073 | Multiples vulnérabilités dans Oracle Virtualization | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0072 | Multiples vulnérabilités dans Oracle Systems | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0071 | Multiples vulnérabilités dans Oracle PeopleSoft | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0070 | Multiples vulnérabilités dans Oracle MySQL | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0069 | Multiples vulnérabilités dans Oracle Java SE | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0068 | Multiples vulnérabilités dans Oracle Database Server | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0067 | Multiples vulnérabilités dans Python | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0066 | Vulnérabilité dans Google Chrome | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0065 | Multiples vulnérabilités dans les produits Atlassian | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0064 | Vulnérabilité Microsoft Power Apps | 2026-01-19T00:00:00.000000 | 2026-01-19T00:00:00.000000 |
| certfr-2026-avi-0063 | Multiples vulnérabilités dans Microsoft Edge | 2026-01-19T00:00:00.000000 | 2026-01-19T00:00:00.000000 |
| certfr-2026-avi-0062 | Vulnérabilité dans Mattermost Desktop App | 2026-01-19T00:00:00.000000 | 2026-01-19T00:00:00.000000 |
| certfr-2026-avi-0061 | Multiples vulnérabilités dans les produits IBM | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0060 | Vulnérabilité dans Apache Struts | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0059 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0058 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0057 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0056 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0055 | Multiples vulnérabilités dans GLPI | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0054 | Multiples vulnérabilités dans Centreon Infra Monitoring | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2019-ale-001 | Vulnérabilité dans le gestionnaire de paquets APT | 2019-01-22T00:00:00.000000 | 2019-02-27T00:00:00.000000 |
| certfr-2018-ale-013 | Vulnérabilité dans Microsoft Internet Explorer | 2018-12-20T00:00:00.000000 | 2019-02-04T00:00:00.000000 |
| certfr-2018-ale-012 | Vulnérabilité dans Wallix AdminBastion | 2018-10-26T00:00:00.000000 | 2019-02-04T00:00:00.000000 |
| certfr-2018-ale-011 | Vulnérabilité dans le client Git | 2018-10-08T00:00:00.000000 | 2018-10-12T00:00:00.000000 |
| certfr-2018-ale-010 | Vulnérabilité activement exploitée dans le framework STRUTS 2 | 2018-08-29T00:00:00.000000 | 2018-10-10T00:00:00.000000 |
| certfr-2018-ale-009 | Vulnérabilité dans Microsoft Windows | 2018-08-29T00:00:00.000000 | 2018-09-17T00:00:00.000000 |
| certfr-2018-ale-008 | Campagne de messages électroniques non sollicités de type Locky Locker | 2018-08-03T00:00:00.000000 | 2018-10-10T00:00:00.000000 |
| certfr-2018-ale-007 | Multiples vulnérabilités dans S/MIME et OpenPGP | 2018-05-14T00:00:00.000000 | 2018-10-10T00:00:00.000000 |
| certfr-2018-ale-006 | Vulnérabilité dans Cisco IOS et IOS XE Smart Install Client | 2018-04-06T00:00:00.000000 | 2018-07-30T00:00:00.000000 |
| certfr-2018-ale-005 | Multiples vulnérabilités dans Drupal | 2018-03-29T00:00:00.000000 | 2018-07-30T00:00:00.000000 |
| certfr-2018-ale-004 | Vulnérabilité dans le serveur de messagerie Exim | 2018-03-07T00:00:00.000000 | 2018-07-30T00:00:00.000000 |
| certfr-2018-ale-003 | Vulnérabilité dans Adobe Flash Player | 2018-02-02T00:00:00.000000 | 2018-02-07T00:00:00.000000 |
| certfr-2018-ale-002 | Vulnérabilité dans Cisco Adaptive Security Appliance | 2018-02-01T00:00:00.000000 | 2018-04-06T00:00:00.000000 |
| certfr-2018-ale-001 | Multiples vulnérabilités de fuite d'informations dans des processeurs | 2018-01-04T00:00:00.000000 | 2018-10-10T00:00:00.000000 |
| certfr-2017-ale-020 | Vulnérabilité dans des implémentations de TLS | 2017-12-13T00:00:00.000000 | 2018-04-06T00:00:00.000000 |
| certfr-2017-ale-019 | Vulnérabilité d'usurpation d'identité dans plusieurs clients de messagerie | 2017-12-05T00:00:00.000000 | 2018-03-07T00:00:00.000000 |
| certfr-2017-ale-018 | Vulnérabilité dans Apple MacOS High Sierra | 2017-11-29T00:00:00.000000 | 2017-11-30T00:00:00.000000 |
| certfr-2017-ale-017 | Vulnérabilité dans le serveur de messagerie Exim | 2017-11-27T00:00:00.000000 | 2018-02-01T00:00:00.000000 |
| certfr-2017-ale-016 | Campagne de rançongiciel Bad Rabbit | 2017-10-25T00:00:00.000000 | 2017-10-27T00:00:00.000000 |
| certfr-2017-ale-014 | Vulnérabilité dans le protocole WPA/WPA2 | 2017-10-18T00:00:00.000000 | 2017-10-19T00:00:00.000000 |
| certfr-2017-ale-015 | Vulnérabilités dans la bibliothèque Infineon RSA | 2017-10-16T00:00:00.000000 | 2017-10-17T00:00:00.000000 |
| certfr-2017-ale-013 | Présence de code malveillant dans Piriform CCleaner | 2017-09-18T00:00:00.000000 | 2017-10-09T00:00:00.000000 |
| certfr-2017-ale-012 | Campagne de maliciels prenant l'apparence d'un rançongiciel à multiples capacités de propagation | 2017-06-27T00:00:00.000000 | 2017-08-03T00:00:00.000000 |
| certfr-2017-ale-011 | Campagne de messages électroniques non sollicités de type Jaff | 2017-05-14T00:00:00.000000 | 2017-06-27T00:00:00.000000 |
| certfr-2017-ale-010 | Propagation d'un rançongiciel exploitant les vulnérabilités MS17-010 | 2017-05-12T00:00:00.000000 | 2017-06-27T00:00:00.000000 |
| certfr-2017-ale-009 | Vulnérabilité dans Microsoft Malware Protection Engine | 2017-05-09T00:00:00.000000 | 2017-05-15T00:00:00.000000 |
| certfr-2017-ale-008 | Multiples vulnérabilités dans Microsoft Windows XP et Windows Server 2003 | 2017-04-14T00:00:00.000000 | 2017-09-06T00:00:00.000000 |
| certfr-2017-ale-007 | Vulnérabilité dans Microsoft Office | 2017-04-10T00:00:00.000000 | 2017-04-12T00:00:00.000000 |
| certfr-2017-ale-006 | Multiples vulnérabilités dans SCADA Siemens RUGGEDCOM ROX I | 2017-03-29T00:00:00.000000 | 2017-03-29T00:00:00.000000 |
| certfr-2017-ale-005 | Vulnérabilité dans les commutateurs Cisco | 2017-03-20T00:00:00.000000 | 2017-05-10T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2025-565 | Heap-buffer-overflow in pcpp::IPv6Address::IPv6Address | 2025-07-21T00:09:57.314960Z | 2025-12-22T14:22:23.333531Z |
| osv-2025-564 | Heap-buffer-overflow in ndpi_match_host_subprotocol | 2025-07-21T00:03:40.000875Z | 2025-07-21T00:03:40.001170Z |
| osv-2025-550 | Use-of-uninitialized-value in CFF::cff2_cs_opset_t<cff2_cs_opset_subr_subset_t, CFF::subr_subset_param_t, CFF: | 2025-07-16T00:09:08.050994Z | 2025-07-16T00:09:08.051469Z |
| osv-2025-547 | Security exception in com.alibaba.fastjson2.JSONReader.readArray | 2025-07-15T00:09:03.936493Z | 2026-02-07T14:17:37.720783Z |
| osv-2025-544 | Heap-buffer-overflow in N_BELE_RTP::LEPolicy::get32 | 2025-07-11T00:16:53.687776Z | 2025-07-11T00:16:53.688703Z |
| osv-2025-542 | Use-of-uninitialized-value in httpEncode64_3 | 2025-07-10T00:07:45.698070Z | 2025-07-10T00:07:45.698655Z |
| osv-2025-541 | Heap-buffer-overflow in js_create_function | 2025-07-09T00:20:09.455729Z | 2025-07-09T00:20:09.456170Z |
| osv-2025-538 | Heap-double-free in policydb_destroy | 2025-07-09T00:05:37.052433Z | 2025-12-20T14:25:14.356814Z |
| osv-2025-534 | Heap-use-after-free in ih264_inter_pred_luma_horz_ssse3 | 2025-07-08T00:08:11.218515Z | 2025-07-08T00:08:11.218991Z |
| osv-2025-530 | Invalid-free in cli_pdf | 2025-07-07T00:17:21.884018Z | 2025-07-07T00:17:21.884367Z |
| osv-2025-528 | Heap-buffer-overflow in xmlnode_parser_structural_error_libxml | 2025-07-07T00:10:42.902465Z | 2025-07-07T00:10:42.902766Z |
| osv-2025-525 | UNKNOWN READ in std::__1::__function::__func<cv::PngDecoder::compose_frame | 2025-07-06T00:18:54.304371Z | 2025-07-06T00:18:54.304891Z |
| osv-2025-524 | Heap-buffer-overflow in JS_CallInternal | 2025-07-05T00:19:21.758513Z | 2025-07-05T00:19:21.758880Z |
| osv-2025-515 | Use-of-uninitialized-value in JS_DefineProperty | 2025-07-03T00:16:17.481972Z | 2025-07-03T00:16:17.482410Z |
| osv-2025-512 | Invalid-free in pdf_decodestream | 2025-07-03T00:00:40.745577Z | 2025-07-03T00:00:40.746200Z |
| osv-2025-500 | UNKNOWN READ in getUShort | 2025-06-29T00:08:49.553890Z | 2025-06-29T00:08:49.554520Z |
| osv-2025-491 | Heap-buffer-overflow in libssl.soNUMBER | 2025-06-27T00:16:09.822144Z | 2025-06-27T00:16:09.822510Z |
| osv-2025-486 | Bad-cast to cv::PngDecoder from invalid vptr | 2025-06-24T00:16:24.786334Z | 2025-06-24T00:16:24.786690Z |
| osv-2025-485 | Use-of-uninitialized-value in pcpp::IDnsResource::decodeName | 2025-06-24T00:11:04.762139Z | 2025-06-24T00:11:04.762681Z |
| osv-2025-484 | Heap-buffer-overflow in load_protocols_file_fd | 2025-06-23T00:14:46.656195Z | 2025-06-23T00:14:46.656704Z |
| osv-2025-481 | Stack-buffer-overflow in void glz::from<10000u, int>::op<glz::opts_csv{10000u, | 2025-06-20T00:15:46.185029Z | 2025-06-20T00:15:46.185445Z |
| osv-2025-480 | Stack-buffer-overflow in void glz::from<10000u, std::__1::__bit_reference<std::__1::vector<bool, std::__1 | 2025-06-20T00:14:17.007847Z | 2025-06-20T00:14:17.008310Z |
| osv-2025-469 | Use-of-uninitialized-value in ndpi_strdup | 2025-06-16T00:17:21.776120Z | 2025-06-16T00:17:21.776520Z |
| osv-2025-465 | Heap-buffer-overflow in xmlParsePubidLiteral | 2025-06-15T00:09:20.387117Z | 2025-06-15T00:09:20.387490Z |
| osv-2025-461 | Heap-buffer-overflow in xmlParsePubidLiteral | 2025-06-14T00:10:49.391511Z | 2025-06-14T00:10:49.391787Z |
| osv-2025-457 | Heap-buffer-overflow in xmlParsePubidLiteral | 2025-06-14T00:04:11.416575Z | 2025-06-14T00:04:11.417116Z |
| osv-2025-456 | Use-of-uninitialized-value in ppd_hash_option | 2025-06-12T00:10:52.355312Z | 2025-06-12T00:10:52.355684Z |
| osv-2025-454 | Use-of-uninitialized-value in _cups_strcasecmp | 2025-06-11T00:12:12.952969Z | 2025-06-11T00:12:12.953357Z |
| osv-2025-449 | Heap-buffer-overflow in check_content_type_and_change_protocol | 2025-06-10T00:16:50.624468Z | 2025-06-10T00:16:50.624907Z |
| osv-2025-447 | Use-of-uninitialized-value in spvtools::EmitNumericLiteral | 2025-06-09T00:05:11.128452Z | 2025-09-24T14:18:33.220549Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2025-0047 | Out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check | 2025-08-12T12:00:00Z | 2025-08-12T09:41:13Z |
| rustsec-2025-0051 | `xcb::Connection::connect_to_fd*` functions violate I/O safety | 2025-08-05T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0048 | tsify-next is unmaintained, use tsify instead | 2025-07-29T12:00:00Z | 2025-08-13T14:05:32Z |
| rustsec-2025-0112 | Possible host crash with host-to-wasm component intrinsics | 2025-07-18T12:00:00Z | 2025-10-25T11:20:30Z |
| rustsec-2025-0046 | Host panic with `fd_renumber` WASIp1 function | 2025-07-18T12:00:00Z | 2025-07-18T19:48:13Z |
| rustsec-2025-0045 | ConstStaticCell could have been used to pass non-Send values to another thread | 2025-07-17T12:00:00Z | 2025-07-17T14:38:11Z |
| rustsec-2025-0043 | matrix-sdk-sqlite: SQL injection vulnerability in `SqliteEventCacheStore::find_event_with_relations` | 2025-07-11T12:00:00Z | 2025-07-11T15:30:12Z |
| rustsec-2025-0042 | Uninitialized read after allocating MemBump | 2025-07-11T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0044 | Four unique double-free vulnerabilities triggered via safe APIs | 2025-06-16T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0041 | matrix-sdk-crypto vulnerable to encrypted event sender spoofing by homeserver administrator | 2025-06-11T12:00:00Z | 2025-06-12T09:17:43Z |
| rustsec-2025-0138 | --allow-read / --allow-write permission bypass in `node:sqlite` | 2025-06-03T12:00:00Z | 2025-12-29T10:04:21Z |
| rustsec-2025-0062 | Heap Buffer Overflow in the DrainCol Destructor | 2025-05-22T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0037 | Pingora Request Smuggling and Cache Poisoning | 2025-05-22T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0036 | surf is unmaintained | 2025-05-17T12:00:00Z | 2025-05-17T13:43:35Z |
| rustsec-2025-0113 | soundness issue and unmaintained | 2025-05-06T12:00:00Z | 2025-11-04T06:10:22Z |
| rustsec-2025-0064 | soundness issue and unmaintained | 2025-05-06T12:00:00Z | 2025-09-11T07:03:09Z |
| rustsec-2025-0039 | Lack of sufficient checks in public API | 2025-05-06T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0034 | soundness issue and unmaintained | 2025-05-06T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0027 | Panic in mp3-metadata due to the lack of bounds checking | 2025-04-28T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0025 | rustc-serialize is unmaintained | 2025-04-28T12:00:00Z | 2025-04-28T13:38:14Z |
| rustsec-2025-0063 | Possible unsound public API | 2025-04-25T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0038 | Out of bounds access in public safe API | 2025-04-24T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0031 | Unsound public API in unmaintained crate | 2025-04-24T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0035 | Multiple soundness issues in `macroquad` | 2025-04-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0024 | crossbeam-channel: double free on Drop | 2025-04-08T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0023 | Broadcast channel calls clone in parallel, but does not require `Sync` | 2025-04-07T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0022 | Use-After-Free in `Md::fetch` and `Cipher::fetch` | 2025-04-04T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0021 | SHA-1 collision attacks are not detected | 2025-04-03T12:00:00Z | 2025-04-08T07:10:04Z |
| rustsec-2025-0020 | Risk of buffer overflow in `PyString::from_object` | 2025-04-01T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0033 | Public API without sufficient bounds checking | 2025-03-27T12:00:00Z | 2025-10-28T06:02:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:0921 | Important: go-toolset:rhel8 security update | 2026-01-21T00:00:00Z | 2026-01-26T10:07:11Z |
| alsa-2026:0914 | Important: gimp security update | 2026-01-21T00:00:00Z | 2026-01-26T10:10:46Z |
| alsa-2026:0845 | Important: brotli security update | 2026-01-20T00:00:00Z | 2026-01-21T10:45:25Z |
| alsa-2026:0793 | Important: kernel security update | 2026-01-19T00:00:00Z | 2026-01-23T13:22:18Z |
| alsa-2026:0786 | Important: kernel security update | 2026-01-19T00:00:00Z | 2026-01-23T07:53:26Z |
| alsa-2026:0771 | Important: gpsd-minimal security update | 2026-01-19T00:00:00Z | 2026-01-20T11:54:05Z |
| alsa-2026:0770 | Important: gpsd security update | 2026-01-19T00:00:00Z | 2026-01-21T10:46:37Z |
| alsa-2026:0760 | Important: kernel-rt security update | 2026-01-19T00:00:00Z | 2026-01-20T08:13:58Z |
| alsa-2026:0759 | Important: kernel security update | 2026-01-19T00:00:00Z | 2026-01-20T08:07:16Z |
| alsa-2026:0756 | Moderate: transfig security update | 2026-01-19T00:00:00Z | 2026-01-19T10:24:15Z |
| alsa-2026:0753 | Important: container-tools:rhel8 security update | 2026-01-19T00:00:00Z | 2026-01-21T09:07:00Z |
| alsa-2026:0752 | Important: jmc security update | 2026-01-19T00:00:00Z | 2026-01-20T11:59:21Z |
| alsa-2026:0750 | Important: net-snmp security update | 2026-01-19T00:00:00Z | 2026-01-20T07:38:35Z |
| alsa-2026:0728 | Important: gnupg2 security update | 2026-01-15T00:00:00Z | 2026-01-16T08:41:48Z |
| alsa-2026:0719 | Important: gnupg2 security update | 2026-01-15T00:00:00Z | 2026-01-16T08:23:06Z |
| alsa-2026:0700 | Moderate: transfig security update | 2026-01-15T00:00:00Z | 2026-01-16T14:46:41Z |
| alsa-2026:0697 | Important: gnupg2 security update | 2026-01-15T00:00:00Z | 2026-01-16T08:52:59Z |
| alsa-2026:0696 | Important: net-snmp security update | 2026-01-15T00:00:00Z | 2026-01-26T10:04:02Z |
| alsa-2026:0695 | Moderate: libpq security update | 2026-01-15T00:00:00Z | 2026-01-16T14:48:26Z |
| alsa-2026:0694 | Important: firefox security update | 2026-01-15T00:00:00Z | 2026-01-16T14:51:10Z |
| alsa-2026:0668 | Important: net-snmp security update | 2026-01-15T00:00:00Z | 2026-01-16T14:53:15Z |
| alsa-2026:0667 | Important: firefox security update | 2026-01-15T00:00:00Z | 2026-02-12T10:37:47Z |
| alsa-2026:0608 | Moderate: vsftpd security update | 2026-01-14T00:00:00Z | 2026-01-16T14:54:25Z |
| alsa-2026:0606 | Moderate: vsftpd security update | 2026-01-14T00:00:00Z | 2026-01-16T14:56:39Z |
| alsa-2026:0605 | Moderate: vsftpd security update | 2026-01-14T00:00:00Z | 2026-01-16T14:57:43Z |
| alsa-2026:0596 | Moderate: cups security update | 2026-01-14T00:00:00Z | 2026-01-16T14:59:53Z |
| alsa-2026:0594 | Moderate: libpq security update | 2026-01-14T00:00:00Z | 2026-01-16T15:02:50Z |
| alsa-2026:0545 | Important: podman security update | 2026-01-14T00:00:00Z | 2026-01-16T15:04:20Z |
| alsa-2026:0525 | Moderate: postgresql16 security update | 2026-01-13T00:00:00Z | 2026-01-16T15:06:52Z |
| alsa-2026:0524 | Moderate: postgresql:15 security update | 2026-01-13T00:00:00Z | 2026-01-16T15:09:07Z |