Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-69306 |
9.3 (3.1)
|
WordPress Electio Core plugin <= 1.4 - SQL Injection v… |
TeconceTheme |
Electio Core |
2026-02-20T15:46:47.710Z | 2026-02-24T19:47:28.415Z |
| CVE-2025-69305 |
9.3 (3.1)
|
WordPress Crete Core plugin <= 1.4.3 - SQL Injection v… |
TeconceTheme |
Crete Core |
2026-02-20T15:46:47.544Z | 2026-02-24T19:47:28.186Z |
| CVE-2026-27126 |
5.9 (4.0)
|
Craft CMS has Stored XSS in Table Field via "HTML" Col… |
craftcms |
cms |
2026-02-24T02:30:04.882Z | 2026-02-24T19:35:38.348Z |
| CVE-2026-22384 |
8.8 (3.1)
|
WordPress Applay - Shortcodes plugin <= 3.7 - PHP Obje… |
leafcolor |
Applay - Shortcodes |
2026-02-20T15:47:07.059Z | 2026-02-24T19:34:05.783Z |
| CVE-2026-3064 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
HummerRisk Cloud Task Scheduler ResourceCreateService.… |
n/a |
HummerRisk |
2026-02-24T02:32:08.524Z | 2026-02-24T19:30:05.511Z |
| CVE-2025-69304 |
9.3 (3.1)
|
WordPress Allmart plugin <= 1.1 - SQL Injection vulner… |
TeconceTheme |
Allmart |
2026-02-20T15:46:47.349Z | 2026-02-24T19:25:57.137Z |
| CVE-2025-69295 |
9.3 (3.1)
|
WordPress Coven Core plugin <= 1.3 - SQL Injection vul… |
TeconceTheme |
Coven Core |
2026-02-20T15:46:45.751Z | 2026-02-24T19:22:56.561Z |
| CVE-2025-67987 |
8.5 (3.1)
|
WordPress Quiz And Survey Master plugin <= 10.3.1 - SQ… |
ExpressTech Systems |
Quiz And Survey Master |
2026-02-20T15:46:31.764Z | 2026-02-24T19:21:20.336Z |
| CVE-2026-23805 |
7.6 (3.1)
|
WordPress Media Search Enhanced plugin <= 0.9.1 - SQL … |
Yoren Chang |
Media Search Enhanced |
2026-02-19T08:26:50.551Z | 2026-02-24T19:21:03.214Z |
| CVE-2026-1459 |
7.2 (3.1)
|
A post-authentication command injection vulnerabi… |
Zyxel |
VMG3625-T50B firmware |
2026-02-24T02:48:35.439Z | 2026-02-24T19:20:03.711Z |
| CVE-2026-27205 |
2.3 (4.0)
|
Flask session does not add `Vary: Cookie` header when … |
pallets |
flask |
2026-02-21T05:21:17.214Z | 2026-02-24T19:03:11.374Z |
| CVE-2026-27199 |
6.3 (4.0)
|
Werkzeug safe_join() allows Windows special device names |
pallets |
werkzeug |
2026-02-21T05:15:53.335Z | 2026-02-24T19:02:19.689Z |
| CVE-2026-3131 |
N/A
|
Improper access control in multiple DVLS REST AP… |
Devolutions |
Server |
2026-02-24T19:01:29.096Z | 2026-02-24T19:01:29.096Z |
| CVE-2026-27198 |
8.8 (3.1)
|
Formwork Improperly Manages Privileges During User Creation |
getformwork |
formwork |
2026-02-21T05:11:42.535Z | 2026-02-24T19:01:22.284Z |
| CVE-2026-1768 |
N/A
|
A permission cache poisoning vulnerability in Dev… |
Devolutions |
Devolutions Server |
2026-02-24T19:01:07.640Z | 2026-02-24T19:01:07.640Z |
| CVE-2026-27477 |
4.6 (4.0)
|
Mastodon has SSRF via unvalidated FASP Provider base_url |
mastodon |
mastodon |
2026-02-24T19:00:20.590Z | 2026-02-24T19:00:20.590Z |
| CVE-2026-27197 |
9.1 (3.1)
|
Sentry: Improper Authentication on SAML SSO process al… |
getsentry |
sentry |
2026-02-21T04:35:14.635Z | 2026-02-24T19:00:07.663Z |
| CVE-2026-27196 |
8.1 (3.1)
|
Statamic affected by privilege escalation via stored C… |
statamic |
cms |
2026-02-21T04:30:05.184Z | 2026-02-24T18:59:19.390Z |
| CVE-2026-27194 |
8.1 (4.0)
|
D-Tale affected by Remote Code Execution through the /… |
man-group |
dtale |
2026-02-21T04:25:38.628Z | 2026-02-24T18:58:24.887Z |
| CVE-2026-27461 |
6.9 (4.0)
|
Pimcore vulnerable to SQL injection via unsanitized fi… |
pimcore |
pimcore |
2026-02-24T02:50:48.287Z | 2026-02-24T18:58:07.625Z |
| CVE-2026-27206 |
8.1 (3.1)
|
Zumba Json Serializer has a potential PHP Object Injec… |
zumba |
json-serializer |
2026-02-21T07:01:00.843Z | 2026-02-24T18:57:10.054Z |
| CVE-2026-27458 |
8.7 (4.0)
|
LinkAce: Stored XSS in Atom Feed via CDATA Escape in L… |
Kovah |
LinkAce |
2026-02-21T06:54:41.308Z | 2026-02-24T18:55:40.498Z |
| CVE-2026-3066 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
HummerRisk Cloud Compliance Scanning PlatformUtils.jav… |
n/a |
HummerRisk |
2026-02-24T03:02:07.364Z | 2026-02-24T18:55:12.566Z |
| CVE-2026-27452 |
9.2 (4.0)
|
ASN.1 TypeScript Library: Decoding an INTEGER could le… |
JonathanWilbur |
asn1-ts |
2026-02-21T06:50:35.877Z | 2026-02-24T18:54:48.702Z |
| CVE-2026-27471 |
9.3 (4.0)
|
ERP: Document access through endpoints due to missing … |
frappe |
erpnext |
2026-02-21T06:38:11.220Z | 2026-02-24T18:53:57.291Z |
| CVE-2026-27212 |
9.4 (4.0)
|
Swiper has a Prototype Pollution Vulnerability |
nolimits4web |
swiper |
2026-02-21T05:43:07.072Z | 2026-02-24T18:53:04.131Z |
| CVE-2025-69308 |
9.3 (3.1)
|
WordPress Nestbyte Core plugin <= 1.2 - SQL Injection … |
TeconceTheme |
Nestbyte Core |
2026-02-20T15:46:48.088Z | 2026-02-24T18:52:10.320Z |
| CVE-2026-27482 |
5.9 (3.1)
|
Ray: Dashboard DELETE endpoints allow unauthenticated … |
ray-project |
ray |
2026-02-21T09:18:26.027Z | 2026-02-24T18:52:03.874Z |
| CVE-2025-69309 |
9.3 (3.1)
|
WordPress Saasplate Core plugin <= 1.2.8 - SQL Injecti… |
TeconceTheme |
Saasplate Core |
2026-02-20T15:46:48.321Z | 2026-02-24T18:51:23.216Z |
| CVE-2026-27464 |
7.7 (3.1)
|
Metabase: Server-Side Template Injection via Notificat… |
metabase |
metabase |
2026-02-21T07:57:50.957Z | 2026-02-24T18:51:05.408Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-27208 | bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an… | 2026-02-24T15:21:37.843 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-27156 | NiceGUI is a Python-based UI framework. Prior to version 3.8.0, several NiceGUI APIs that execute m… | 2026-02-24T18:29:33.490 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-26342 | Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an au… | 2026-02-24T20:27:48.310 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-26341 | Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with defau… | 2026-02-24T20:27:48.103 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-26340 | Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP str… | 2026-02-24T20:27:47.793 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-2634 | Malicious scripts could cause desynchronization between the address bar and web content before a re… | 2026-02-24T14:16:23.810 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-26222 | Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes insecure .NET Remoti… | 2026-02-24T18:29:33.293 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-25603 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Lin… | 2026-02-24T18:29:33.167 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-2460 | A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and … | 2026-02-24T14:16:23.647 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-2459 | A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter … | 2026-02-24T14:16:23.477 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-24443 | EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the a… | 2026-02-24T21:16:29.293 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-24241 | NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an at… | 2026-02-24T20:27:47.620 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23984 | An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated u… | 2026-02-24T14:16:23.307 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23983 | A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to r… | 2026-02-24T14:16:23.143 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23982 | An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user… | 2026-02-24T14:16:22.980 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23980 | Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability i… | 2026-02-24T14:16:22.807 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23969 | Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execu… | 2026-02-24T14:16:22.623 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23859 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-… | 2026-02-24T20:27:47.460 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23858 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input … | 2026-02-24T20:27:47.303 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23678 | Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command i… | 2026-02-24T16:24:08.090 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-22766 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with … | 2026-02-24T20:27:46.957 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-22765 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerabilit… | 2026-02-24T20:27:46.790 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-22553 | All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in… | 2026-02-24T21:16:28.713 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-21410 | InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious … | 2026-02-24T21:16:25.790 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-1773 | IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product… | 2026-02-24T14:16:22.420 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-1772 | RTU500 web interface: An unprivileged user can read user management information. The information ca… | 2026-02-24T14:16:22.180 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-1768 | A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypa… | 2026-02-24T20:27:46.300 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0402 | A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash… | 2026-02-24T15:21:37.410 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0401 | A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to… | 2026-02-24T15:21:37.267 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0400 | A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fi… | 2026-02-24T15:21:37.127 | 2026-02-24T21:52:01.367 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-q6xg-x4rx-4p97 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-jjpv-2mhh-mcmm |
9.8 (3.1)
|
Deserialization of Untrusted Data vulnerability in LoftOcean PatioTime patiotime allows Object Inje… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-f3xp-j3c9-999x |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-97hf-p3f7-pjq2 |
8.5 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-7gx4-4vpm-w576 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:34Z |
| ghsa-4ff7-6hm2-x86r |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-3h5g-fffj-jhx9 |
7.5 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:35Z | 2026-02-24T21:31:34Z |
| ghsa-mwrf-hg69-6h5g |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:33Z |
| ghsa-f6p8-2gf3-784r |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:33Z | 2026-02-24T21:31:33Z |
| ghsa-733c-qhrf-7cmm |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:33Z |
| ghsa-58h5-w6gx-q297 |
8.1 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-02-20T18:31:34Z | 2026-02-24T21:31:33Z |
| ghsa-wm72-rvv8-pj93 |
7.6 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-19T18:31:51Z | 2026-02-24T21:31:32Z |
| ghsa-v6hg-mv73-76vg |
6.4 (3.1)
|
Server-Side Request Forgery (SSRF) vulnerability in Burhan Nasir Smart Auto Upload Images smart-aut… | 2026-02-19T18:31:51Z | 2026-02-24T21:31:32Z |
| ghsa-ggw3-fhv7-grw9 |
7.2 (3.1)
|
Deserialization of Untrusted Data vulnerability in Brainstorm Force CartFlows cartflows allows Obje… | 2026-02-19T18:31:52Z | 2026-02-24T21:31:32Z |
| ghsa-qgqm-fpvv-jgfh |
8.8 (3.1)
8.7 (4.0)
|
FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enab… | 2026-02-13T06:30:48Z | 2026-02-24T21:31:31Z |
| ghsa-29v6-6hr2-37cw |
7.2 (3.1)
|
Deserialization of Untrusted Data vulnerability in YITHEMES YITH WooCommerce Compare yith-woocommer… | 2026-02-19T18:31:51Z | 2026-02-24T21:31:31Z |
| ghsa-hg87-qqvm-4pr4 |
5.5 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profil… | 2026-01-25T15:30:27Z | 2026-02-24T21:31:30Z |
| ghsa-3p2r-ffrh-j979 |
5.3 (3.1)
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-02-06T18:30:32Z | 2026-02-24T21:31:30Z |
| ghsa-39p9-g2pq-q8r7 |
7.5 (3.1)
5.9 (4.0)
|
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_dis… | 2026-02-06T18:30:32Z | 2026-02-24T21:31:30Z |
| ghsa-jxq9-79vj-rgvw |
9.3 (3.1)
|
Statamic is vulnerable to account takeover via password reset link injection | 2026-02-24T21:09:23Z | 2026-02-24T21:09:23Z |
| ghsa-243v-98vx-264h |
6.9 (4.0)
|
Wasmtime can panic when adding excessive fields to a `wasi:http/types.fields` instance | 2026-02-24T21:08:06Z | 2026-02-24T21:08:06Z |
| ghsa-mrq8-rjmw-wpq3 |
6.9 (4.0)
|
Fiber has a Denial of Service Vulnerability via Route Parameter Overflow | 2026-02-24T21:04:07Z | 2026-02-24T21:04:07Z |
| ghsa-3ppc-4f35-3m26 |
8.7 (4.0)
|
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern | 2026-02-18T22:38:11Z | 2026-02-24T20:59:57Z |
| ghsa-2mr3-m5q5-wgp6 |
7.5 (3.1)
|
Fiber is Vulnerable to Denial of Service via Flash Cookie Unbounded Allocation | 2026-02-24T20:57:25Z | 2026-02-24T20:57:25Z |
| ghsa-m3c2-496v-cw3v |
8.7 (4.0)
|
Fiber has an Arbitrary File Read in Static Middleware on Windows | 2026-02-24T20:51:01Z | 2026-02-24T20:51:01Z |
| ghsa-852m-cvvp-9p4w |
5.9 (4.0)
|
Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion | 2026-02-24T20:47:08Z | 2026-02-24T20:47:09Z |
| ghsa-xjhv-v822-pf94 |
6.9 (4.0)
|
Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future | 2026-02-24T20:44:46Z | 2026-02-24T20:44:46Z |
| ghsa-5r3v-vc8m-m96g |
8.9 (4.0)
|
Caddy: Unicode case-folding length expansion causes incorrect split_path index in FastCGI transport | 2026-02-24T20:39:08Z | 2026-02-24T20:39:08Z |
| ghsa-879p-475x-rqh2 |
6.9 (4.0)
|
Caddy is vulnerable to cross-origin config application via local admin API /load | 2026-02-24T20:37:35Z | 2026-02-24T20:37:35Z |
| ghsa-x76f-jf84-rqj8 |
7.7 (4.0)
|
Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth… | 2026-02-24T20:34:01Z | 2026-02-24T20:34:01Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-228 |
8.8 (3.1)
|
Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code … | transformers | 2024-11-22T22:15:07+00:00 | 2025-02-10T23:22:41.449105+00:00 |
| pysec-2024-227 |
8.8 (3.1)
|
Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execu… | transformers | 2024-11-22T22:15:06+00:00 | 2025-02-10T23:22:41.399021+00:00 |
| pysec-2024-226 |
7.8 (3.1)
|
Pymatgen (Python Materials Genomics) is an open-source Python library for materials analy… | pymatgen | 2024-02-21T17:15:09+00:00 | 2025-02-06T00:34:28.734730+00:00 |
| pysec-2024-225 |
7.5 (3.1)
|
cryptography is a package designed to expose cryptographic primitives and recipes to Pyth… | cryptography | 2024-02-21T17:15:09+00:00 | 2025-02-06T00:34:24.427679+00:00 |
| pysec-2024-224 |
7.0 (3.1)
|
Excessive directory permissions in MLflow leads to local privilege escalation when using … | mlflow | 2024-11-25T14:15:06+00:00 | 2025-02-03T16:23:40.409646+00:00 |
| pysec-2024-27 |
9.8 (3.1)
|
CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI componen… | crate | 2024-01-30T01:15:00Z | 2025-01-30T22:47:57.847403Z |
| pysec-2019-242 |
5.5 (3.1)
|
Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) i… | capstone | 2019-05-15T14:29:00Z | 2025-01-28T17:34:08.578134Z |
| pysec-2025-2 |
|
uniapi version 1.0.7 introduces code that would execute on import of the module and downl… | uniapi | 2025-01-24T19:56:53+00:00 | |
| pysec-2024-223 |
9.1 (3.1)
|
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds … | onnx | 2024-02-23T18:15:50+00:00 | 2025-01-22T16:23:22.060512+00:00 |
| pysec-2024-222 |
7.5 (3.1)
|
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Trav… | onnx | 2024-02-23T18:15:50+00:00 | 2025-01-22T16:23:21.994731+00:00 |
| pysec-2024-221 |
5.3 (3.1)
|
aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd i… | aiosmtpd | 2024-03-12T21:15:58+00:00 | 2025-01-22T16:23:18.042465+00:00 |
| pysec-2024-220 |
5.4 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:03+00:00 | 2025-01-19T22:22:23.972580+00:00 |
| pysec-2024-219 |
9.1 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:03+00:00 | 2025-01-19T22:22:23.897787+00:00 |
| pysec-2024-218 |
8.1 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:03+00:00 | 2025-01-19T22:22:23.803143+00:00 |
| pysec-2024-217 |
7.5 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This is a **data … | gradio | 2024-10-10T23:15:02+00:00 | 2025-01-19T22:22:23.723816+00:00 |
| pysec-2024-216 |
7.5 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:02+00:00 | 2025-01-19T22:22:23.549944+00:00 |
| pysec-2024-215 |
9.8 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:11+00:00 | 2025-01-19T22:22:23.471780+00:00 |
| pysec-2024-214 |
5.4 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:10+00:00 | 2025-01-19T22:22:23.399444+00:00 |
| pysec-2024-213 |
6.5 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:10+00:00 | 2025-01-19T22:22:23.310301+00:00 |
| pysec-2024-212 |
|
Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add… | apache-airflow | 2024-09-07T08:15:11+00:00 | 2025-01-19T22:22:22.289672+00:00 |
| pysec-2024-211 |
7.5 (3.1)
|
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote clien… | waitress | 2024-10-29T15:15:12+00:00 | 2025-01-19T19:19:01.852094+00:00 |
| pysec-2024-210 |
4.8 (3.1)
|
Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may… | waitress | 2024-10-29T15:15:11+00:00 | 2025-01-19T19:19:01.811922+00:00 |
| pysec-2024-209 |
5.3 (3.1)
|
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions… | vyper | 2024-04-25T18:15:09+00:00 | 2025-01-19T19:19:01.689044+00:00 |
| pysec-2024-208 |
5.3 (3.1)
|
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions… | vyper | 2024-04-25T18:15:08+00:00 | 2025-01-19T19:19:01.647736+00:00 |
| pysec-2024-207 |
5.3 (3.1)
|
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions… | vyper | 2024-04-25T18:15:08+00:00 | 2025-01-19T19:19:01.605918+00:00 |
| pysec-2024-206 |
5.3 (3.1)
|
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions… | vyper | 2024-04-25T18:15:08+00:00 | 2025-01-19T19:19:01.566553+00:00 |
| pysec-2024-205 |
5.3 (3.1)
|
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using … | vyper | 2024-02-26T20:19:05+00:00 | 2025-01-19T19:19:01.519824+00:00 |
| pysec-2024-204 |
8.1 (3.1)
|
TorchGeo Remote Code Execution Vulnerability | torchgeo | 2024-11-12T18:15:45+00:00 | 2025-01-19T19:19:01.299352+00:00 |
| pysec-2024-203 |
7.5 (3.1)
|
DuckDB is a SQL database management system. In versions 1.0.0 and prior, content in files… | duckdb | 2024-07-24T18:15:05+00:00 | 2025-01-19T19:18:58.299130+00:00 |
| pysec-2024-202 |
6.5 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio… | octoprint | 2024-11-05T19:15:07+00:00 | 2025-01-19T16:22:59.212853+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33818 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.556720Z |
| gsd-2024-33793 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.552273Z |
| gsd-2024-33833 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.551960Z |
| gsd-2024-33835 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.550838Z |
| gsd-2024-33744 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.543395Z |
| gsd-2024-33789 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.534336Z |
| gsd-2024-33760 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.533361Z |
| gsd-2024-33702 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.530768Z |
| gsd-2024-33797 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.530297Z |
| gsd-2024-33684 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.529859Z |
| gsd-2024-33827 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.528643Z |
| gsd-2024-33810 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.527741Z |
| gsd-2024-33729 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.527542Z |
| gsd-2024-33807 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.526483Z |
| gsd-2024-33688 | Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affect… | 2024-04-27T05:02:18.524420Z |
| gsd-2024-33685 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.523707Z |
| gsd-2024-33713 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.522989Z |
| gsd-2024-33768 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.521409Z |
| gsd-2024-33720 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.519711Z |
| gsd-2024-33809 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.516352Z |
| gsd-2024-33727 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.514916Z |
| gsd-2024-33770 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.514460Z |
| gsd-2024-33732 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.513959Z |
| gsd-2024-33829 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.511177Z |
| gsd-2024-33714 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.510684Z |
| gsd-2024-33693 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-27T05:02:18.509326Z |
| gsd-2024-33766 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.508057Z |
| gsd-2024-33779 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.507854Z |
| gsd-2024-33792 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.507383Z |
| gsd-2024-33704 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.504657Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-856 | Malicious code in chai-prop (npm) | 2026-02-11T14:19:52Z | 2026-02-23T04:21:32Z |
| mal-2026-852 | Malicious code in chai-await (npm) | 2026-02-11T10:54:36Z | 2026-02-23T04:21:32Z |
| mal-2026-833 | Malicious code in express-configer (npm) | 2026-02-10T16:15:42Z | 2026-02-23T04:21:32Z |
| mal-2026-832 | Malicious code in chai-as-approved (npm) | 2026-02-10T15:56:44Z | 2026-02-23T04:21:32Z |
| mal-2026-831 | Malicious code in bigmathix (npm) | 2026-02-10T15:48:53Z | 2026-02-23T04:21:32Z |
| mal-2026-975 | Malicious code in azure-postgresql-auth (npm) | 2026-02-20T17:55:01Z | 2026-02-23T04:21:31Z |
| mal-2026-940 | Malicious code in abcxyzz (npm) | 2026-02-18T09:35:39Z | 2026-02-23T04:21:31Z |
| mal-2026-939 | Malicious code in ably-forks (npm) | 2026-02-19T10:50:50Z | 2026-02-23T04:21:31Z |
| mal-2026-920 | Malicious code in ambar-src (npm) | 2026-02-16T17:03:16Z | 2026-02-23T04:21:31Z |
| mal-2026-914 | Malicious code in @qualys/react-web (npm) | 2026-02-16T08:50:48Z | 2026-02-23T04:21:31Z |
| mal-2026-873 | Malicious code in @depro0x/despicable-me (npm) | 2026-02-12T20:40:54Z | 2026-02-23T04:21:31Z |
| mal-2026-830 | Malicious code in aligners (npm) | 2026-02-10T16:05:06Z | 2026-02-23T04:21:31Z |
| mal-2026-829 | Malicious code in @uniconvex/dotenv (npm) | 2026-02-10T16:30:16Z | 2026-02-23T04:21:31Z |
| mal-2026-828 | Malicious code in @reimorg/config (npm) | 2026-02-10T16:30:16Z | 2026-02-23T04:21:31Z |
| mal-2026-816 | Malicious code in @skyeng/libs (npm) | 2026-02-09T15:12:24Z | 2026-02-23T04:21:31Z |
| mal-2026-996 | Malicious code in rubocop-vintedmetrics (RubyGems) | 2026-02-20T11:40:23Z | 2026-02-23T03:10:14Z |
| mal-2026-984 | Malicious code in myasicapi (PyPI) | 2026-02-22T19:42:08Z | 2026-02-22T19:42:08Z |
| mal-2026-983 | Malicious code in tensorflow-opt (PyPI) | 2026-02-22T16:53:45Z | 2026-02-22T16:53:45Z |
| mal-2026-982 | Malicious code in trunket-dev-driver (PyPI) | 2026-02-22T14:51:28Z | 2026-02-22T14:51:28Z |
| mal-2026-979 | Malicious code in home-robot (PyPI) | 2026-02-22T04:48:51Z | 2026-02-22T04:48:51Z |
| mal-2024-12283 | Malicious code in hello-bozzo2 (PyPI) | 2024-08-23T22:55:41Z | 2026-02-20T22:10:10Z |
| mal-2026-977 | Malicious code in airbnb-identity (PyPI) | 2026-02-20T19:56:56Z | 2026-02-20T19:56:56Z |
| mal-2026-951 | Malicious code in printrables (PyPI) | 2026-02-20T06:59:50Z | 2026-02-20T06:59:50Z |
| mal-2026-949 | Malicious code in ethrpc-keys (PyPI) | 2026-02-19T23:39:31Z | 2026-02-20T00:22:44Z |
| mal-2026-947 | Malicious code in ethrpc (PyPI) | 2026-02-19T23:56:09Z | 2026-02-19T23:56:09Z |
| mal-2026-950 | Malicious code in web3tool (PyPI) | 2026-02-19T23:53:33Z | 2026-02-19T23:53:33Z |
| mal-2026-948 | Malicious code in ethrpc-accounts (PyPI) | 2026-02-19T23:44:13Z | 2026-02-19T23:44:13Z |
| mal-2026-946 | Malicious code in lala6992 (PyPI) | 2026-02-12T05:30:51Z | 2026-02-19T22:47:48Z |
| mal-2026-921 | Malicious code in cicibot-fix-message-naming (PyPI) | 2026-02-16T17:55:41Z | 2026-02-19T22:47:48Z |
| mal-2026-905 | Malicious code in marshmellows (PyPI) | 2026-02-15T09:25:56Z | 2026-02-19T22:47:48Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-apache-2023-27522 | Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting | 2024-03-06T10:51:05.888Z | 2026-02-11T09:09:18.507Z |
| bit-nginx-2026-1642 | 2026-02-10T18:00:00.000Z | 2026-02-10T18:00:00.000Z | |
| bit-prestashop-2026-25597 | PrestaShop has a time based enumeration in FO login form | 2026-02-10T10:02:58.336Z | 2026-02-10T10:34:11.934Z |
| bit-golang-2025-61732 | Potential code smuggling via doc comments in cmd/cgo | 2026-02-10T08:48:31.170Z | 2026-02-10T09:16:50.296Z |
| bit-discourse-2025-67723 | Discourse vulnerable to stored Cross-site Scripting via Katex in discourse-math plugin | 2026-02-02T08:42:10.509Z | 2026-02-10T09:16:50.296Z |
| bit-checkov-2021-3040 | Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution | 2026-02-09T11:36:28.864Z | 2026-02-09T12:10:11.303Z |
| bit-checkov-2021-3035 | Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution | 2026-02-09T11:36:27.254Z | 2026-02-09T12:10:11.303Z |
| bit-mastodon-2026-25540 | Mastodon's signature-dependent ActivityPub collection responses cached under signature-independent keys (Web Cache Poisoning via `Rails.cache`) | 2026-02-06T08:46:33.665Z | 2026-02-06T09:20:48.186Z |
| bit-golang-2025-22873 | Improper access to parent directory of root in os | 2026-02-06T08:45:38.334Z | 2026-02-06T09:20:48.186Z |
| bit-valkey-2025-32023 | Redis allows out of bounds writes in hyperloglog commands leading to RCE | 2025-10-16T12:07:58.321Z | 2026-02-05T09:10:30.960Z |
| bit-redis-2025-32023 | Redis allows out of bounds writes in hyperloglog commands leading to RCE | 2025-10-16T12:06:41.782Z | 2026-02-05T09:10:30.960Z |
| bit-keydb-2025-32023 | Redis allows out of bounds writes in hyperloglog commands leading to RCE | 2025-10-16T12:00:41.031Z | 2026-02-05T09:10:30.960Z |
| bit-gitlab-2026-1751 | Missing Authorization in GitLab | 2026-02-05T09:09:05.467Z | 2026-02-05T09:10:30.960Z |
| bit-django-2026-1312 | Potential SQL injection via QuerySet.order_by and FilteredRelation | 2026-02-05T08:38:43.002Z | 2026-02-05T09:10:30.960Z |
| bit-django-2026-1287 | Potential SQL injection in column aliases via control characters | 2026-02-05T08:38:41.246Z | 2026-02-05T09:10:30.960Z |
| bit-django-2026-1285 | Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods | 2026-02-05T08:38:39.228Z | 2026-02-05T09:10:30.960Z |
| bit-django-2026-1207 | Potential SQL injection via raster lookups on PostGIS | 2026-02-05T08:38:37.158Z | 2026-02-05T09:10:30.960Z |
| bit-django-2025-14550 | Potential denial-of-service vulnerability via repeated headers when using ASGI | 2026-02-05T08:38:18.195Z | 2026-02-05T09:10:30.960Z |
| bit-django-2025-13473 | Username enumeration through timing difference in mod_wsgi authentication handler | 2026-02-05T08:38:16.508Z | 2026-02-05T09:10:30.960Z |
| bit-node-2025-55132 | 2026-01-26T14:47:53.358Z | 2026-02-04T10:19:33.233Z | |
| bit-node-2025-55130 | 2026-01-26T14:47:49.864Z | 2026-02-04T10:19:33.233Z | |
| bit-gitlab-2021-39935 | 2024-03-06T11:17:28.508Z | 2026-02-04T10:19:33.233Z | |
| bit-airflow-2025-68675 | Apache Airflow: proxy credentials for various providers might leak in task logs | 2026-01-21T08:39:24.383Z | 2026-02-04T10:19:33.233Z |
| bit-python-2007-4559 | 2026-02-03T16:04:06.884Z | 2026-02-03T16:04:06.884Z | |
| bit-mastodon-2026-23964 | Mastodon has insufficient access control to push notification settings | 2026-01-31T08:43:24.123Z | 2026-02-03T09:12:55.720Z |
| bit-mastodon-2026-23963 | Mastodon missing length limits on list names, filter names, and filter keywords | 2026-02-03T08:44:38.949Z | 2026-02-03T09:12:55.720Z |
| bit-mastodon-2026-23962 | Mastodon vulnerable to Denial of Service from a single post (client/server) | 2026-02-03T08:44:37.076Z | 2026-02-03T09:12:55.720Z |
| bit-mastodon-2026-23961 | Mastodon may allow a remote suspension bypass | 2026-02-03T08:44:35.033Z | 2026-02-03T09:12:55.720Z |
| bit-kyverno-2026-23881 | Kyverno Denial of Service via Context Variable Amplification in Policy Engine | 2026-02-03T08:42:39.101Z | 2026-02-03T09:12:55.720Z |
| bit-kyverno-2026-22039 | Kyverno Cross-Namespace Privilege Escalation via Policy apiCall | 2026-02-03T08:42:37.380Z | 2026-02-03T09:12:55.720Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-oi08379 | Cancelling a query (e | 2026-01-30T15:32:54.729863Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oh86281 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:52:25.054249Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nz19387 | Within HostnameError | 2026-01-30T14:52:23.218213Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nv82543 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T16:29:25.549030Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nv07964 | Cancelling a query (e | 2026-01-30T15:33:23.809279Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ns41924 | Within HostnameError | 2026-01-30T15:18:53.115636Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nr68832 | libexpat in Expat before 2 | 2026-01-30T16:22:25.447471Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nl96892 | Within HostnameError | 2026-01-30T16:31:25.336110Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ni96678 | Within HostnameError | 2026-01-30T15:06:52.947220Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nf19624 | ParseAddress function constructs domain-literal address components through repeated string concatenation | 2026-01-30T17:20:26.466437Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nd19988 | Cancelling a query (e | 2026-01-30T14:59:22.824513Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-na36743 | Within HostnameError | 2026-01-30T16:35:55.379246Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-mz27698 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T14:39:52.940858Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ml51665 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T16:20:55.711028Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-mj51212 | Cancelling a query (e | 2026-01-30T15:40:23.782215Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-mb75553 | vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record | 2026-01-30T16:26:25.443727Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ma27248 | Cancelling a query (e | 2026-01-30T16:28:55.356497Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-lz10721 | Within HostnameError | 2026-01-30T16:40:55.517816Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-lp38773 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:03:53.100242Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ll43287 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:50:54.603931Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ld23143 | Cancelling a query (e | 2026-01-30T14:52:52.766441Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-la33013 | Within HostnameError | 2026-01-30T14:40:22.526589Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kz63902 | tar | 2026-01-30T14:41:22.559595Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kz60560 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T16:19:55.200542Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kv78041 | processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input | 2026-01-30T14:56:23.125184Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kq33111 | Cancelling a query (e | 2026-01-30T15:02:22.834896Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kk41938 | Within HostnameError | 2026-01-30T15:06:23.375949Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kg18353 | Within HostnameError | 2026-01-30T14:02:50.542288Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kf66928 | Within HostnameError | 2026-01-30T14:53:23.030035Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kd20596 | Cancelling a query (e | 2026-01-30T16:28:55.316811Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2025-022 | 2025-03-05T17:27:19.000Z | 2025-03-31T22:06:45.000Z | |
| drupal-contrib-2025-021 | 2025-03-05T17:18:25.000Z | 2025-03-31T22:06:37.000Z | |
| drupal-contrib-2025-020 | 2025-02-26T18:35:21.000Z | 2025-03-31T22:06:18.000Z | |
| drupal-contrib-2025-019 | 2025-02-26T18:35:11.000Z | 2025-03-31T22:06:12.000Z | |
| drupal-contrib-2025-018 | 2025-02-26T18:34:59.000Z | 2025-03-31T22:06:05.000Z | |
| drupal-contrib-2025-017 | 2025-02-12T17:38:22.000Z | 2025-03-31T22:05:40.000Z | |
| drupal-contrib-2025-016 | 2025-02-12T17:38:09.000Z | 2025-03-31T22:05:16.000Z | |
| drupal-contrib-2025-015 | 2025-02-12T17:37:59.000Z | 2025-03-31T22:05:08.000Z | |
| drupal-contrib-2025-014 | 2025-02-12T17:37:40.000Z | 2025-03-31T22:05:00.000Z | |
| drupal-contrib-2025-013 | 2025-02-05T17:24:48.000Z | 2025-03-31T22:04:51.000Z | |
| drupal-contrib-2025-012 | 2025-01-29T17:16:19.000Z | 2025-03-31T22:04:42.000Z | |
| drupal-contrib-2025-011 | 2025-01-29T17:13:29.000Z | 2025-03-31T22:04:35.000Z | |
| drupal-contrib-2025-009 | 2025-01-29T16:54:02.000Z | 2025-03-31T22:04:22.000Z | |
| drupal-contrib-2025-008 | 2025-01-29T08:51:50.000Z | 2025-03-31T22:04:11.000Z | |
| drupal-contrib-2025-007 | 2025-01-22T17:01:38.000Z | 2025-03-31T22:04:03.000Z | |
| drupal-contrib-2025-003 | 2025-01-15T15:58:05.000Z | 2025-03-31T22:03:43.000Z | |
| drupal-contrib-2024-051 | 2024-10-23T15:45:41.000Z | 2025-02-20T20:08:44.000Z | |
| drupal-contrib-2024-076 | 2024-12-11T16:53:22.000Z | 2025-02-20T20:08:37.000Z | |
| drupal-contrib-2024-075 | 2024-12-11T14:31:11.000Z | 2025-02-20T20:08:28.000Z | |
| drupal-contrib-2024-074 | 2024-12-11T14:27:22.000Z | 2025-02-20T20:08:21.000Z | |
| drupal-contrib-2024-073 | 2024-12-11T12:36:29.000Z | 2025-02-20T20:08:10.000Z | |
| drupal-contrib-2024-072 | 2024-12-11T07:44:40.000Z | 2025-02-20T20:08:00.000Z | |
| drupal-contrib-2024-071 | 2024-12-04T16:20:57.000Z | 2025-02-20T20:07:52.000Z | |
| drupal-contrib-2024-070 | 2024-12-04T15:51:12.000Z | 2025-02-20T20:07:46.000Z | |
| drupal-contrib-2024-069 | 2024-12-04T15:13:14.000Z | 2025-02-20T20:07:35.000Z | |
| drupal-contrib-2024-068 | 2024-12-04T14:46:03.000Z | 2025-02-20T20:07:26.000Z | |
| drupal-contrib-2024-067 | 2024-12-04T14:40:50.000Z | 2025-02-20T20:07:11.000Z | |
| drupal-contrib-2024-064 | 2024-11-27T16:41:51.000Z | 2025-02-20T20:06:49.000Z | |
| drupal-contrib-2024-062 | 2024-11-20T17:36:55.000Z | 2025-02-20T20:06:35.000Z | |
| drupal-contrib-2024-060 | 2024-11-13T17:37:36.000Z | 2025-02-20T20:06:18.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-012659 | Denial-of-service (DoS) vulnerability in Konica Minolta bizhub series | 2025-09-01T15:22+09:00 | 2025-09-01T15:22+09:00 |
| jvndb-2025-000067 | Multiple vulnerabilities in multiple iND products | 2025-08-29T14:47+09:00 | 2025-08-29T14:47+09:00 |
| jvndb-2025-000064 | Multiple vulnerabilities in SS1 | 2025-08-27T15:13+09:00 | 2025-08-27T15:13+09:00 |
| jvndb-2025-000065 | ScanSnap Manager installers vulnerable to privilege escalation | 2025-08-27T14:22+09:00 | 2025-08-27T14:22+09:00 |
| jvndb-2025-011884 | FUJIFILM Healthcare Americas Synapse Mobility vulnerable to Privilege Escalation | 2025-08-21T11:49+09:00 | 2025-08-25T10:38+09:00 |
| jvndb-2025-000063 | Western Digital Kitfox registers a Windows service with an unquoted file path | 2025-08-22T13:37+09:00 | 2025-08-22T13:37+09:00 |
| jvndb-2025-000062 | Multiple vulnerabilities in Group-Office | 2025-08-21T14:03+09:00 | 2025-08-21T14:03+09:00 |
| jvndb-2025-000061 | Multiple vulnerabilities in Movable Type | 2025-08-20T15:30+09:00 | 2025-08-20T15:30+09:00 |
| jvndb-2025-000059 | Seagate Toolkit registers a Windows service with an unquoted file path | 2025-08-14T12:32+09:00 | 2025-08-19T14:40+09:00 |
| jvndb-2025-010854 | Trend Micro Endpoint security products for enterprises vulnerable to multiple OS command injection | 2025-08-07T12:25+09:00 | 2025-08-19T11:36+09:00 |
| jvndb-2025-007521 | Multiple Brother driver installers for Windows vulnerable to privilege escalation | 2025-06-27T09:37+09:00 | 2025-08-19T11:29+09:00 |
| jvndb-2025-000060 | PgManage vulnerable to injection | 2025-08-18T13:40+09:00 | 2025-08-18T13:40+09:00 |
| jvndb-2025-000058 | WordPress plugin "Advanced Custom Fields" vulnerable to HTML injection | 2025-08-08T15:29+09:00 | 2025-08-08T15:29+09:00 |
| jvndb-2025-010972 | Multiple SEIKO EPSON products use weak initial passwords | 2025-08-08T14:50+09:00 | 2025-08-08T14:50+09:00 |
| jvndb-2025-000057 | Multiple vulnerabilities in Mubit Powered BLUE 870 | 2025-08-08T14:47+09:00 | 2025-08-08T14:47+09:00 |
| jvndb-2025-000056 | Multiple vulnerabilities in Sato label printers CL4/6NX Plus and CL4/6NX-J Plus series | 2025-08-06T16:38+09:00 | 2025-08-06T16:38+09:00 |
| jvndb-2025-010603 | Out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs | 2025-08-05T11:29+09:00 | 2025-08-05T11:29+09:00 |
| jvndb-2025-010408 | Multiple vulnerabilities in PowerCMS | 2025-08-01T12:05+09:00 | 2025-08-01T12:05+09:00 |
| jvndb-2025-000055 | ZXHN-F660T and ZXHN-F660A use a common credential for all installations | 2025-07-31T15:12+09:00 | 2025-07-31T15:12+09:00 |
| jvndb-2025-000054 | Apache Jena Fuseki vulnerable to path traversal | 2025-07-30T14:17+09:00 | 2025-07-30T14:17+09:00 |
| jvndb-2025-000053 | "SwitchBot" App vulnerable to insertion of sensitive information into log file | 2025-07-29T13:44+09:00 | 2025-07-29T13:44+09:00 |
| jvndb-2025-010056 | TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection | 2025-07-28T17:53+09:00 | 2025-07-28T17:53+09:00 |
| jvndb-2025-000052 | TP-Link Archer C1200 vulnerable to clickjacking | 2025-07-24T14:16+09:00 | 2025-07-24T14:16+09:00 |
| jvndb-2025-000051 | Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input | 2025-07-23T13:54+09:00 | 2025-07-23T13:54+09:00 |
| jvndb-2025-009576 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-07-23T11:13+09:00 | 2025-07-23T11:13+09:00 |
| jvndb-2025-000050 | "region PAY" App for Android vulnerable to insertion of sensitive information into log file | 2025-07-22T13:33+09:00 | 2025-07-22T13:33+09:00 |
| jvndb-2025-009150 | Security updates for Trend Micro products (June 2025) | 2025-07-17T17:03+09:00 | 2025-07-17T17:03+09:00 |
| jvndb-2025-000030 | Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2025-05-12T18:00+09:00 | 2025-07-17T10:06+09:00 |
| jvndb-2025-000049 | ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials | 2025-07-16T13:54+09:00 | 2025-07-16T13:54+09:00 |
| jvndb-2025-008881 | Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers | 2025-07-15T15:54+09:00 | 2025-07-15T15:54+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-09621 | MedDream PACS Premium config.php功能worklistsrc参数跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09620 | MedDream PACS Premium config.php功能uploaddir参数跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09619 | MedDream PACS Premium config.php功能thumbnaildir参数跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09618 | MedDream PACS Premium config.php功能status参数跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09617 | MedDream PACS Premium config.php功能phpexe参数跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09616 | MedDream PACS Premium config.php功能phpdir参数跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09615 | MedDream PACS Premium config.php功能longtermdir参数跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09614 | MedDream PACS Premium config.php功能imagedir参数跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09461 | WordPress插件AWP Classifieds信息泄露漏洞 | 2026-01-30 | 2026-02-02 |
| cnvd-2026-09460 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-09460) | 2025-10-15 | 2026-02-02 |
| cnvd-2026-09459 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-09459) | 2025-10-15 | 2026-02-02 |
| cnvd-2026-09458 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-09458) | 2025-10-15 | 2026-02-02 |
| cnvd-2026-09457 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-09457) | 2025-10-15 | 2026-02-02 |
| cnvd-2026-09456 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-09456) | 2025-10-15 | 2026-02-02 |
| cnvd-2026-09455 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-09455) | 2025-10-15 | 2026-02-02 |
| cnvd-2026-09454 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-09454) | 2025-10-15 | 2026-02-02 |
| cnvd-2026-09453 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-09453) | 2025-10-15 | 2026-02-02 |
| cnvd-2026-09452 | Juniper Networks Junos Space信息泄露漏洞(CNVD-2026-09452) | 2025-10-15 | 2026-02-02 |
| cnvd-2026-06411 | 杭州飞致云信息科技有限公司SQLBot存在命令执行漏洞 | 2025-12-24 | 2026-02-01 |
| cnvd-2026-05878 | 麒麟软件有限公司银河麒麟操作系统存在二进制漏洞 | 2025-12-18 | 2026-02-01 |
| cnvd-2026-06567 | 中科方德软件有限公司方德桌面操作系统存在本地提权漏洞 | 2025-12-25 | 2026-01-31 |
| cnvd-2026-09811 | OpenEMR未授权访问漏洞 | 2026-01-30 | 2026-01-30 |
| cnvd-2026-09802 | Adobe Dreamweaver命令注入漏洞 | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09801 | Adobe Substance 3D Sampler缓冲区溢出漏洞 | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09800 | Adobe Substance 3D Painter缓冲区溢出漏洞(CNVD-2026-09800) | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09799 | Adobe InCopy缓冲区溢出漏洞(CNVD-2026-09799) | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09796 | Apache Uniffle信任管理问题漏洞 | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09794 | Apache bRPC远程命令注入漏洞 | 2026-01-29 | 2026-01-30 |
| cnvd-2026-09793 | Apache Solr输入验证错误漏洞 | 2026-01-30 | 2026-01-30 |
| cnvd-2026-09792 | Apache Linkis信息泄露漏洞(CNVD-2026-09792) | 2026-01-30 | 2026-01-30 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2025-15748 | Уязвимость драйвера net/usb/asix_devices.c ядра операционной системы Linux, позволяющая н… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15746 | Уязвимость компонента net/netlink/af_netlink.c ядра операционной системы Linux, позволяющ… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15745 | Уязвимость компонента fs/smb/client/smb2ops.c ядра операционной системы Linux, позволяюща… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15744 | Уязвимость компонента sound/usb/validate.c ядра операционной системы Linux, позволяющая н… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15743 | Уязвимость компонента netfilter ядра операционной системы Linux, позволяющая нарушителю п… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15741 | Уязвимость драйвера ppp ядра операционной системы Linux, позволяющая нарушителю вызвать о… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15740 | Уязвимость компонента drm/amd/display ядра операционной системы Linux, позволяющая наруши… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15739 | Уязвимость функции qla4xxx_get_ep_fwdb() драйвера qla4xxx ядра операционной системы Linux… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15733 | Уязвимость компонента trace ядра операционной системы Linux, позволяющая нарушителю вызва… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15732 | Уязвимость компонента comedi/drivers/pcl726.c ядра операционной системы Linux, позволяюща… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15731 | Уязвимость драйвера comedi ядра операционной системы Linux, позволяющая нарушителю вызват… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15730 | Уязвимость модуля smb ядра операционной системы Linux, позволяющая нарушителю вызвать отк… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15729 | Уязвимость компонента amdgpu_dm.c ядра операционной системы Linux, позволяющая нарушителю… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15728 | Уязвимость компонента s390/char/sclp.c ядра операционной системы Linux, позволяющая наруш… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15724 | Уязвимость компонента NFS ядра операционной системы Linux, позволяющая нарушителю вызвать… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15717 | Уязвимость драйвера acpi/pfr_update.c ядра операционной системы Linux, позволяющая наруши… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15716 | Уязвимость компонента net/ipv6/seg6_hmac.c ядра операционной системы Linux, позволяющая н… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15715 | Уязвимость компонента net/hsr/hsr_slave.c ядра операционной системы Linux, позволяющая на… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15714 | Уязвимость компонента drm/amdkfd ядра операционной системы Linux, позволяющая нарушителю … | 15.12.2025 | 16.02.2026 |
| bdu:2025-15713 | Уязвимость компонента qcom/venus/hfi_venus.c ядра операционной системы Linux, позволяющая… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15712 | Уязвимость драйвера rainshadow-cec ядра операционной системы Linux, позволяющая нарушител… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15711 | Уязвимость компонента iio/imu/bno055/bno055.c ядра операционной системы Linux, позволяюща… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15708 | Уязвимость компонента drivers/tty/serial/8250 ядра операционной системы Linux, позволяюща… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15706 | Уязвимость функции nfs_fh_to_dentry() компонента fs/nfs/export.c ядра операционной систем… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15705 | Уязвимость компонента fs/f2fs ядра операционной системы Linux, позволяющая нарушителю выз… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15704 | Уязвимость функции __kmemleak_do_cleanup() компонента mm/kmemleak.c ядра операционной сис… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15703 | Уязвимость компонента fs/btrfs ядра операционной системы Linux, позволяющая нарушителю на… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15702 | Уязвимость компонента fs/jfs ядра операционной системы Linux, позволяющая нарушителю полу… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15701 | Уязвимость функции rcu_preempt_deferred_qs_handler() компонента kernel/rcu/tree_plugin.h … | 15.12.2025 | 16.02.2026 |
| bdu:2025-15696 | Уязвимость компонента net/sched ядра операционной системы Linux, позволяющая нарушителю в… | 15.12.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0086 | Vulnérabilité dans CPython | 2026-01-26T00:00:00.000000 | 2026-01-26T00:00:00.000000 |
| certfr-2026-avi-0085 | Multiples vulnérabilités dans NetApp Brocade SAN Navigator | 2026-01-26T00:00:00.000000 | 2026-01-26T00:00:00.000000 |
| certfr-2026-avi-0084 | Vulnérabilité dans Microsoft Edge | 2026-01-26T00:00:00.000000 | 2026-01-26T00:00:00.000000 |
| certfr-2026-avi-0083 | Multiples vulnérabilités dans les produits IBM | 2026-01-23T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2026-avi-0082 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-23T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2026-avi-0081 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-23T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2026-avi-0080 | Vulnérabilité dans Broadcom Web Security Services Agent | 2026-01-23T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2025-avi-0970 | Multiples vulnérabilités dans Synacor Zimbra Collaboration | 2025-11-06T00:00:00.000000 | 2026-01-23T00:00:00.000000 |
| certfr-2026-avi-0079 | Vulnérabilité dans Python | 2026-01-22T00:00:00.000000 | 2026-01-22T00:00:00.000000 |
| certfr-2026-avi-0078 | Vulnérabilité dans Ceph | 2026-01-22T00:00:00.000000 | 2026-01-22T00:00:00.000000 |
| certfr-2026-avi-0077 | Multiples vulnérabilités dans les produits Symantec | 2026-01-22T00:00:00.000000 | 2026-01-22T00:00:00.000000 |
| certfr-2026-avi-0076 | Vulnérabilité dans les produits Cisco | 2026-01-22T00:00:00.000000 | 2026-01-22T00:00:00.000000 |
| certfr-2026-avi-0075 | Multiples vulnérabilités dans GitLab | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0074 | Multiples vulnérabilités dans Oracle Weblogic | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0073 | Multiples vulnérabilités dans Oracle Virtualization | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0072 | Multiples vulnérabilités dans Oracle Systems | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0071 | Multiples vulnérabilités dans Oracle PeopleSoft | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0070 | Multiples vulnérabilités dans Oracle MySQL | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0069 | Multiples vulnérabilités dans Oracle Java SE | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0068 | Multiples vulnérabilités dans Oracle Database Server | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0067 | Multiples vulnérabilités dans Python | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0066 | Vulnérabilité dans Google Chrome | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0065 | Multiples vulnérabilités dans les produits Atlassian | 2026-01-21T00:00:00.000000 | 2026-01-21T00:00:00.000000 |
| certfr-2026-avi-0064 | Vulnérabilité Microsoft Power Apps | 2026-01-19T00:00:00.000000 | 2026-01-19T00:00:00.000000 |
| certfr-2026-avi-0063 | Multiples vulnérabilités dans Microsoft Edge | 2026-01-19T00:00:00.000000 | 2026-01-19T00:00:00.000000 |
| certfr-2026-avi-0062 | Vulnérabilité dans Mattermost Desktop App | 2026-01-19T00:00:00.000000 | 2026-01-19T00:00:00.000000 |
| certfr-2026-avi-0061 | Multiples vulnérabilités dans les produits IBM | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0060 | Vulnérabilité dans Apache Struts | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0059 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0058 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2019-ale-001 | Vulnérabilité dans le gestionnaire de paquets APT | 2019-01-22T00:00:00.000000 | 2019-02-27T00:00:00.000000 |
| certfr-2018-ale-013 | Vulnérabilité dans Microsoft Internet Explorer | 2018-12-20T00:00:00.000000 | 2019-02-04T00:00:00.000000 |
| certfr-2018-ale-012 | Vulnérabilité dans Wallix AdminBastion | 2018-10-26T00:00:00.000000 | 2019-02-04T00:00:00.000000 |
| certfr-2018-ale-011 | Vulnérabilité dans le client Git | 2018-10-08T00:00:00.000000 | 2018-10-12T00:00:00.000000 |
| certfr-2018-ale-010 | Vulnérabilité activement exploitée dans le framework STRUTS 2 | 2018-08-29T00:00:00.000000 | 2018-10-10T00:00:00.000000 |
| certfr-2018-ale-008 | Campagne de messages électroniques non sollicités de type Locky Locker | 2018-08-03T00:00:00.000000 | 2018-10-10T00:00:00.000000 |
| certfr-2018-ale-007 | Multiples vulnérabilités dans S/MIME et OpenPGP | 2018-05-14T00:00:00.000000 | 2018-10-10T00:00:00.000000 |
| certfr-2018-ale-001 | Multiples vulnérabilités de fuite d'informations dans des processeurs | 2018-01-04T00:00:00.000000 | 2018-10-10T00:00:00.000000 |
| certfr-2018-ale-009 | Vulnérabilité dans Microsoft Windows | 2018-08-29T00:00:00.000000 | 2018-09-17T00:00:00.000000 |
| certfr-2018-ale-006 | Vulnérabilité dans Cisco IOS et IOS XE Smart Install Client | 2018-04-06T00:00:00.000000 | 2018-07-30T00:00:00.000000 |
| certfr-2018-ale-005 | Multiples vulnérabilités dans Drupal | 2018-03-29T00:00:00.000000 | 2018-07-30T00:00:00.000000 |
| certfr-2018-ale-004 | Vulnérabilité dans le serveur de messagerie Exim | 2018-03-07T00:00:00.000000 | 2018-07-30T00:00:00.000000 |
| certfr-2018-ale-002 | Vulnérabilité dans Cisco Adaptive Security Appliance | 2018-02-01T00:00:00.000000 | 2018-04-06T00:00:00.000000 |
| certfr-2017-ale-020 | Vulnérabilité dans des implémentations de TLS | 2017-12-13T00:00:00.000000 | 2018-04-06T00:00:00.000000 |
| certfr-2017-ale-019 | Vulnérabilité d'usurpation d'identité dans plusieurs clients de messagerie | 2017-12-05T00:00:00.000000 | 2018-03-07T00:00:00.000000 |
| certfr-2018-ale-003 | Vulnérabilité dans Adobe Flash Player | 2018-02-02T00:00:00.000000 | 2018-02-07T00:00:00.000000 |
| certfr-2017-ale-017 | Vulnérabilité dans le serveur de messagerie Exim | 2017-11-27T00:00:00.000000 | 2018-02-01T00:00:00.000000 |
| certfr-2017-ale-018 | Vulnérabilité dans Apple MacOS High Sierra | 2017-11-29T00:00:00.000000 | 2017-11-30T00:00:00.000000 |
| certfr-2017-ale-016 | Campagne de rançongiciel Bad Rabbit | 2017-10-25T00:00:00.000000 | 2017-10-27T00:00:00.000000 |
| certfr-2017-ale-014 | Vulnérabilité dans le protocole WPA/WPA2 | 2017-10-18T00:00:00.000000 | 2017-10-19T00:00:00.000000 |
| certfr-2017-ale-015 | Vulnérabilités dans la bibliothèque Infineon RSA | 2017-10-16T00:00:00.000000 | 2017-10-17T00:00:00.000000 |
| certfr-2017-ale-013 | Présence de code malveillant dans Piriform CCleaner | 2017-09-18T00:00:00.000000 | 2017-10-09T00:00:00.000000 |
| certfr-2017-ale-008 | Multiples vulnérabilités dans Microsoft Windows XP et Windows Server 2003 | 2017-04-14T00:00:00.000000 | 2017-09-06T00:00:00.000000 |
| certfr-2017-ale-012 | Campagne de maliciels prenant l'apparence d'un rançongiciel à multiples capacités de propagation | 2017-06-27T00:00:00.000000 | 2017-08-03T00:00:00.000000 |
| certfr-2017-ale-011 | Campagne de messages électroniques non sollicités de type Jaff | 2017-05-14T00:00:00.000000 | 2017-06-27T00:00:00.000000 |
| certfr-2017-ale-010 | Propagation d'un rançongiciel exploitant les vulnérabilités MS17-010 | 2017-05-12T00:00:00.000000 | 2017-06-27T00:00:00.000000 |
| certfr-2017-ale-009 | Vulnérabilité dans Microsoft Malware Protection Engine | 2017-05-09T00:00:00.000000 | 2017-05-15T00:00:00.000000 |
| certfr-2017-ale-005 | Vulnérabilité dans les commutateurs Cisco | 2017-03-20T00:00:00.000000 | 2017-05-10T00:00:00.000000 |
| certfr-2017-ale-004 | Vulnérabilité dans Apache Struts | 2017-03-10T00:00:00.000000 | 2017-05-10T00:00:00.000000 |
| certfr-2017-ale-007 | Vulnérabilité dans Microsoft Office | 2017-04-10T00:00:00.000000 | 2017-04-12T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2026-105 | Use-of-uninitialized-value in pcpp::SSLServerHelloMessage::ServerHelloTLSFingerprint::toString | 2026-01-22T00:08:03.696405Z | 2026-01-22T00:08:03.696709Z |
| osv-2025-1061 | Security exception in org.apache.poi.hssf.record.aggregates.SharedValueManager$SharedFormulaGroup.<ini | 2026-01-18T00:03:40.245475Z | 2026-01-21T14:26:21.135983Z |
| osv-2026-87 | Security exception in org.apache.poi.util.IOUtils.safelyAllocate | 2026-01-18T00:18:36.932063Z | 2026-01-20T14:24:38.539978Z |
| osv-2026-91 | Use-after-poison in compress.cc | 2026-01-20T00:09:07.159786Z | 2026-01-20T00:09:07.160128Z |
| osv-2026-86 | Security exception in java.base/java.util.Arrays.copyOfRange | 2026-01-18T00:18:18.214799Z | 2026-01-18T00:18:18.215108Z |
| osv-2026-74 | Heap-buffer-overflow in ___interceptor_strtol | 2026-01-17T00:19:48.575833Z | 2026-01-17T00:19:48.576151Z |
| osv-2023-1129 | UNKNOWN READ in HeifPixelImage::overlay | 2023-11-09T13:00:44.441721Z | 2026-01-16T14:20:00.488466Z |
| osv-2020-2308 | Heap-buffer-overflow in derive_collocated_motion_vectors | 2021-02-10T00:00:17.357392Z | 2026-01-16T14:15:52.974687Z |
| osv-2022-867 | Heap-buffer-overflow in get_utf_8_string | 2022-09-09T00:01:54.157712Z | 2026-01-15T16:46:52.305133Z |
| osv-2026-55 | Use-of-uninitialized-value in vp9_quantize_fp_avx2 | 2026-01-15T00:19:29.465463Z | 2026-01-15T00:19:29.465794Z |
| osv-2026-54 | Heap-use-after-free in _dwarf_exec_frame_instr | 2026-01-15T00:17:17.477757Z | 2026-01-15T00:17:17.478056Z |
| osv-2026-53 | Heap-use-after-free in graph::LigatureSubstFormat1::shrink | 2026-01-15T00:16:26.117926Z | 2026-01-15T00:16:26.118291Z |
| osv-2024-195 | Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept | 2024-03-24T00:14:24.746452Z | 2026-01-13T14:21:46.144635Z |
| osv-2023-1328 | Stack-buffer-overflow in icu_75::TZDBTimeZoneNames::getMetaZoneNames | 2023-12-18T00:13:09.643640Z | 2026-01-13T10:59:58.280849Z |
| osv-2024-662 | Security exception in com.github.javaparser.CommentsInserter.insertComments | 2024-07-18T00:06:40.832938Z | 2026-01-13T04:48:14.077313Z |
| osv-2020-786 | UNKNOWN READ in H5T__bit_find | 2020-07-14T05:37:33.311187Z | 2026-01-13T04:47:48.710766Z |
| osv-2024-85 | Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept | 2024-02-08T00:13:58.690460Z | 2026-01-13T04:47:29.127821Z |
| osv-2024-680 | Security exception in com.github.javaparser.GeneratedJavaParser.Expression | 2024-07-26T00:06:29.761307Z | 2026-01-13T04:46:21.094915Z |
| osv-2024-675 | Security exception in com.github.javaparser.CommentsInserter.insertComments | 2024-07-24T00:07:37.523933Z | 2026-01-13T04:45:52.716176Z |
| osv-2024-248 | Security exception in com.github.javaparser.CommentsInserter.insertComments | 2024-04-10T00:06:40.907073Z | 2026-01-13T04:44:52.454141Z |
| osv-2024-239 | Use-of-uninitialized-value in H5G__ent_to_link | 2024-04-06T00:11:00.845086Z | 2026-01-13T04:44:11.568412Z |
| osv-2024-223 | UNKNOWN READ in H5HG_read | 2024-04-01T00:01:29.989664Z | 2026-01-13T04:44:02.988515Z |
| osv-2023-1256 | Heap-buffer-overflow in H5T__bit_copy | 2023-12-03T13:02:43.376076Z | 2026-01-13T04:40:40.198673Z |
| osv-2023-1073 | Heap-buffer-overflow in H5D__scatter_mem | 2023-10-27T13:00:49.296462Z | 2026-01-13T04:40:23.305571Z |
| osv-2021-363 | Heap-buffer-overflow in H5HG_read | 2021-02-11T00:00:41.682350Z | 2026-01-13T04:33:24.937147Z |
| osv-2021-219 | UNKNOWN READ in H5HG__cache_heap_deserialize | 2021-01-22T00:01:04.834439Z | 2026-01-13T04:32:50.029402Z |
| osv-2021-184 | Heap-buffer-overflow in H5HL__fl_deserialize | 2021-01-15T00:00:16.202094Z | 2026-01-13T04:27:53.975862Z |
| osv-2026-30 | Use-of-uninitialized-value in vp9_quantize_fp_avx2 | 2026-01-11T00:08:32.391680Z | 2026-01-11T00:08:32.392050Z |
| osv-2026-21 | Use-of-uninitialized-value in processTLSBlock | 2026-01-09T00:20:25.200679Z | 2026-01-09T00:20:25.201303Z |
| osv-2026-2 | Heap-buffer-overflow in cmt_mpack_consume_uint_tag | 2026-01-03T00:15:15.907754Z | 2026-01-03T00:15:15.908130Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2024-0437 | Crash due to uncontrolled recursion in protobuf crate | 2024-12-12T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0435 | Unsound usages of `Vec::from_raw_parts` | 2024-12-19T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0431 | Unsound usages of `core::slice::from_raw_parts` | 2024-12-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0430 | Use of insecure cryptographic algorithms | 2024-12-28T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0429 | Unsoundness in `Iterator` and `DoubleEndedIterator` impls for `glib::VariantStrIter` | 2024-03-30T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0428 | Undefined behaviour in `kvm_ioctls::ioctls::vm::VmFd::create_device` | 2024-12-05T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0426 | Unsound usages of `u8` type casting | 2024-12-19T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0424 | Unsound usages of `core::slice::from_raw_parts_mut` | 2024-12-19T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0421 | `idna` accepts Punycode labels that do not produce any non-ASCII when decoded | 2024-12-09T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0409 | Build corruption when using `PYO3_CONFIG_FILE` environment variable | 2024-12-04T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0408 | Unsound usages of `std::slice::from_raw_parts` | 2024-12-04T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0407 | Fails to ensure slice elements match the slice's declared type | 2024-03-05T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0405 | op_panic in the base runtime can force a panic in the runtime's containing thread | 2024-07-18T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0404 | Unsoundness in anstream | 2024-09-08T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0403 | op_panic in the base runtime can force a panic in the runtime's containing thread | 2024-07-18T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0402 | Borsh serialization of HashMap is non-canonical | 2024-10-11T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0400 | `ruzstd` uninit and out-of-bounds memory reads | 2024-11-28T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0399 | rustls network-reachable panic in `Acceptor::accept` | 2024-11-22T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0398 | Bias of Polynomial Coefficients in Secret Sharing | 2024-11-16T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0393 | Ambiguous challenge derivation | 2024-07-18T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0392 | Ambiguous challenge derivation | 2024-07-18T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0391 | Ambiguous challenge derivation | 2024-07-18T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0379 | Multiple soundness issues | 2024-10-31T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0378 | Risk of use-after-free in `borrowed` reads from Python weak references | 2024-10-12T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0377 | Heap Buffer overflow using c_chars_to_str function | 2024-10-07T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0374 | Segmentation fault due to use of uninitialized memory | 2024-09-22T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0368 | olm-sys: wrapped library unmaintained, potentially vulnerable | 2024-09-02T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0366 | CWA-2023-004: Excessive number of function parameters in compiled Wasm | 2024-08-27T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0365 | Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts | 2024-08-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0363 | Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts | 2024-08-15T12:00:00Z | 2025-10-28T06:02:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:0991 | Moderate: glib2 security update | 2026-01-22T00:00:00Z | 2026-01-24T01:40:03Z |
| alsa-2026:0928 | Important: java-21-openjdk security update | 2026-01-22T00:00:00Z | 2026-01-24T01:32:22Z |
| alsa-2026:0922 | Important: golang security update | 2026-01-21T00:00:00Z | 2026-01-23T23:39:55Z |
| alsa-2026:0975 | Moderate: glib2 security update | 2026-01-22T00:00:00Z | 2026-01-23T23:34:09Z |
| alsa-2026:0793 | Important: kernel security update | 2026-01-19T00:00:00Z | 2026-01-23T13:22:18Z |
| alsa-2026:0786 | Important: kernel security update | 2026-01-19T00:00:00Z | 2026-01-23T07:53:26Z |
| alsa-2026:0770 | Important: gpsd security update | 2026-01-19T00:00:00Z | 2026-01-21T10:46:37Z |
| alsa-2026:0845 | Important: brotli security update | 2026-01-20T00:00:00Z | 2026-01-21T10:45:25Z |
| alsa-2026:0753 | Important: container-tools:rhel8 security update | 2026-01-19T00:00:00Z | 2026-01-21T09:07:00Z |
| alsa-2026:0752 | Important: jmc security update | 2026-01-19T00:00:00Z | 2026-01-20T11:59:21Z |
| alsa-2026:0771 | Important: gpsd-minimal security update | 2026-01-19T00:00:00Z | 2026-01-20T11:54:05Z |
| alsa-2026:0760 | Important: kernel-rt security update | 2026-01-19T00:00:00Z | 2026-01-20T08:13:58Z |
| alsa-2026:0759 | Important: kernel security update | 2026-01-19T00:00:00Z | 2026-01-20T08:07:16Z |
| alsa-2026:0750 | Important: net-snmp security update | 2026-01-19T00:00:00Z | 2026-01-20T07:38:35Z |
| alsa-2026:0756 | Moderate: transfig security update | 2026-01-19T00:00:00Z | 2026-01-19T10:24:15Z |
| alsa-2026:0492 | Moderate: postgresql:15 security update | 2026-01-13T00:00:00Z | 2026-01-19T10:02:02Z |
| alsa-2026:0493 | Moderate: postgresql:16 security update | 2026-01-13T00:00:00Z | 2026-01-19T09:45:22Z |
| alsa-2026:0436 | Important: buildah security update | 2026-01-12T00:00:00Z | 2026-01-16T15:50:15Z |
| alsa-2026:0423 | Important: libsoup3 security update | 2026-01-12T00:00:00Z | 2026-01-16T15:49:08Z |
| alsa-2026:0422 | Important: libsoup security update | 2026-01-12T00:00:00Z | 2026-01-16T15:46:52Z |
| alsa-2026:0421 | Important: libsoup security update | 2026-01-12T00:00:00Z | 2026-01-16T15:44:34Z |
| alsa-2026:0337 | Moderate: openssl security update | 2026-01-08T00:00:00Z | 2026-01-16T15:42:22Z |
| alsa-2026:0312 | Moderate: cups security update | 2026-01-08T00:00:00Z | 2026-01-16T15:40:37Z |
| alsa-2026:0437 | Important: buildah security update | 2026-01-12T00:00:00Z | 2026-01-16T15:38:30Z |
| alsa-2026:0443 | Important: kernel-rt security update | 2026-01-12T00:00:00Z | 2026-01-16T15:37:02Z |
| alsa-2026:0444 | Important: kernel security update | 2026-01-12T00:00:00Z | 2026-01-16T15:34:47Z |
| alsa-2026:0445 | Moderate: kernel security update | 2026-01-12T00:00:00Z | 2026-01-16T15:31:40Z |
| alsa-2026:0453 | Important: kernel security update | 2026-01-12T00:00:00Z | 2026-01-16T15:27:10Z |
| alsa-2026:0458 | Moderate: libpq security update | 2026-01-12T00:00:00Z | 2026-01-16T15:21:50Z |
| alsa-2026:0464 | Moderate: cups security update | 2026-01-12T00:00:00Z | 2026-01-16T15:20:45Z |