Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-23678 |
8.7 (4.0)
8.8 (3.1)
|
Binardat 10G08-0800GSM Network Switch Traceroute CLI C… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:03:35.734Z | 2026-02-24T15:03:49.724Z |
| CVE-2026-27584 |
9.2 (4.0)
|
ActualBudget server is Missing Authentication for Simp… |
actualbudget |
actual |
2026-02-24T14:59:21.175Z | 2026-02-24T14:59:21.175Z |
| CVE-2026-0402 |
4.9 (3.1)
|
A post-authentication Out-of-bounds Read vulnerab… |
SonicWall |
SonicOS |
2026-02-24T14:58:37.608Z | 2026-02-24T15:33:50.674Z |
| CVE-2026-27732 |
8.6 (4.0)
|
AVideo has Authenticated Server-Side Request Forgery v… |
WWBN |
AVideo |
2026-02-24T14:56:55.372Z | 2026-02-24T14:56:55.372Z |
| CVE-2026-0401 |
4.9 (3.1)
|
A post-authentication NULL Pointer Dereference vu… |
SonicWall |
SonicOS |
2026-02-24T14:55:57.545Z | 2026-02-24T15:34:30.604Z |
| CVE-2026-0400 |
4.9 (3.1)
|
A post-authentication Format String vulnerability… |
SonicWall |
SonicOS |
2026-02-24T14:54:15.394Z | 2026-02-24T15:35:10.650Z |
| CVE-2026-27568 |
5.1 (4.0)
|
AVideo has Stored Cross-Site Scripting via Markdown Co… |
WWBN |
AVideo |
2026-02-24T14:53:20.826Z | 2026-02-24T14:53:20.826Z |
| CVE-2026-0399 |
4.9 (3.1)
|
Multiple post-authentication stack-based buffer o… |
SonicWall |
SonicOS |
2026-02-24T14:52:10.841Z | 2026-02-24T15:50:29.865Z |
| CVE-2026-3102 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
exiftool PNG File MacOS.pm SetMacOSTags os command injection |
n/a |
exiftool |
2026-02-24T14:32:13.272Z | 2026-02-24T14:32:13.272Z |
| CVE-2026-3101 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
Intelbras TIP 635G Ping os command injection |
Intelbras |
TIP 635G |
2026-02-24T14:32:08.166Z | 2026-02-24T14:32:08.166Z |
| CVE-2026-27567 |
6.5 (3.1)
|
Payload has Server-Side Request Forgery (SSRF) in Exte… |
payloadcms |
payload |
2026-02-24T14:22:37.803Z | 2026-02-24T14:22:37.803Z |
| CVE-2025-10010 |
6.8 (3.1)
|
Integrity Validation Bypass in CryptoPro Secure Disk f… |
CPSD IT SERVICES GMBH |
CryptoPro Secure Disk for BitLocker |
2026-02-24T14:13:29.155Z | 2026-02-24T14:53:28.726Z |
| CVE-2026-27483 |
8.8 (3.1)
|
MindsDB has Path Traversal in /api/files Leading to Re… |
mindsdb |
mindsdb |
2026-02-24T14:00:05.402Z | 2026-02-24T14:00:05.402Z |
| CVE-2026-27208 |
9.2 (3.1)
|
api-gateway-deploy Affected by Exploitable Command Inj… |
bleon-ethical |
api-gateway-deploy |
2026-02-24T13:52:43.155Z | 2026-02-24T13:52:43.155Z |
| CVE-2026-2807 |
N/A
|
Memory safety bugs fixed in Firefox 148 and Thunderbird 148 |
Mozilla |
Firefox |
2026-02-24T13:33:34.035Z | 2026-02-25T04:55:40.953Z |
| CVE-2026-2806 |
N/A
|
Uninitialized memory in the Graphics: Text component |
Mozilla |
Firefox |
2026-02-24T13:33:33.407Z | 2026-02-24T17:30:46.157Z |
| CVE-2026-2805 |
N/A
|
Invalid pointer in the DOM: Core & HTML component |
Mozilla |
Firefox |
2026-02-24T13:33:32.768Z | 2026-02-24T17:30:45.766Z |
| CVE-2026-2804 |
5.4 (3.1)
|
Use-after-free in the JavaScript: WebAssembly component |
Mozilla |
Firefox |
2026-02-24T13:33:32.144Z | 2026-02-24T17:30:44.942Z |
| CVE-2026-2803 |
N/A
|
Information disclosure, mitigation bypass in the Setti… |
Mozilla |
Firefox |
2026-02-24T13:33:31.491Z | 2026-02-24T17:30:44.561Z |
| CVE-2026-2802 |
4.2 (3.1)
|
Race condition in the JavaScript: GC component |
Mozilla |
Firefox |
2026-02-24T13:33:30.784Z | 2026-02-24T17:30:44.158Z |
| CVE-2026-2801 |
N/A
|
Incorrect boundary conditions in the JavaScript: WebAs… |
Mozilla |
Firefox |
2026-02-24T13:33:29.929Z | 2026-02-24T17:30:43.776Z |
| CVE-2026-2800 |
N/A
|
Spoofing issue in the WebAuthn component in Firefox fo… |
Mozilla |
Firefox |
2026-02-24T13:33:29.312Z | 2026-02-24T17:30:43.309Z |
| CVE-2026-2799 |
N/A
|
Use-after-free in the DOM: Core & HTML component |
Mozilla |
Firefox |
2026-02-24T13:33:28.665Z | 2026-02-24T17:30:42.844Z |
| CVE-2026-2798 |
8.8 (3.1)
|
Use-after-free in the DOM: Core & HTML component |
Mozilla |
Firefox |
2026-02-24T13:33:28.034Z | 2026-02-24T18:25:31.688Z |
| CVE-2026-2797 |
N/A
|
Use-after-free in the JavaScript: GC component |
Mozilla |
Firefox |
2026-02-24T13:33:27.406Z | 2026-02-24T17:30:42.064Z |
| CVE-2026-2796 |
N/A
|
JIT miscompilation in the JavaScript: WebAssembly component |
Mozilla |
Firefox |
2026-02-24T13:33:26.775Z | 2026-02-24T17:30:41.643Z |
| CVE-2026-2795 |
N/A
|
Use-after-free in the JavaScript: GC component |
Mozilla |
Firefox |
2026-02-24T13:33:26.111Z | 2026-02-24T17:30:41.221Z |
| CVE-2026-2794 |
N/A
|
Information disclosure due to uninitialized memory in … |
Mozilla |
Firefox |
2026-02-24T13:33:25.399Z | 2026-02-24T13:33:25.399Z |
| CVE-2026-2634 |
N/A
|
Spoofed web content presented under trusted domains us… |
Mozilla |
Firefox for iOS |
2026-02-24T13:33:24.725Z | 2026-02-24T13:33:24.725Z |
| CVE-2026-2793 |
N/A
|
Memory safety bugs fixed in Firefox ESR 115.33, Firefo… |
Mozilla |
Firefox |
2026-02-24T13:33:23.571Z | 2026-02-25T04:55:54.904Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-gjwv-rvwj-p62j |
|
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-g9cv-cvhp-755f |
|
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-fvj5-5qvq-g8wf |
8.8 (3.1)
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T21:31:45Z |
| ghsa-cgrc-pwqf-64v8 |
|
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-c5fj-xq9f-fjxm |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fir… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-c3q8-4689-m4p6 |
|
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-94rx-4fcc-c849 |
|
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-8g7m-g6r7-rqcp |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-839v-3vpr-fpgf |
|
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-7xqm-gm4h-p23x |
|
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vuln… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-7cfj-7vv8-r64h |
|
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-6rcf-f85p-pmgj |
|
Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-62xf-gv4m-h3vc |
|
Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-48q6-99pr-mcvm |
|
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3wfp-66x3-wgq2 |
|
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3qgm-jcxp-m9m6 |
|
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnera… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-3px2-2xc4-mxr2 |
|
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3922-j2hh-9qcf |
5.4 (3.1)
|
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-x8jx-9xwq-xwq6 |
|
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 a… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-wwg9-hv2r-mj8w |
|
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ES… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-v49m-r4w3-2p5x |
|
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox … | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-v33x-35cm-8gjc |
|
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-r2q9-885m-j92q |
|
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Fire… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-qmr7-46p8-4c5r |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-mg9m-c3pr-5p64 |
7.6 (4.0)
|
A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and … | 2026-02-24T15:30:31Z | 2026-02-24T15:30:31Z |
| ghsa-m65f-px5x-xq9x |
|
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Fir… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-h67m-x9c3-v9wp |
8.8 (3.1)
|
Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-h3qc-gf9h-42g6 |
|
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Fire… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-gxg5-574v-j5f6 |
|
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Fi… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-gwgg-r543-4wvw |
|
Malicious scripts could cause desynchronization between the address bar and web content before a re… | 2026-02-24T15:30:31Z | 2026-02-24T15:30:31Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-212 |
|
Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add… | apache-airflow | 2024-09-07T08:15:11+00:00 | 2025-01-19T22:22:22.289672+00:00 |
| pysec-2024-74 |
9.1 (3.1)
|
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to… | mindsdb | 2024-09-05T17:15:00+00:00 | 2024-09-06T15:22:53.971446+00:00 |
| pysec-2024-90 |
6.1 (3.1)
|
Indico is an event management system that uses Flask-Multipass, a multi-backend authentic… | indico | 2024-09-04T20:15:00+00:00 | 2024-09-25T06:23:55.564403+00:00 |
| pysec-2024-180 |
5.4 (3.1)
|
Stored XSS in organizer and event settings of pretix up to 2024.7.0 allows malicious even… | pretix | 2024-08-23T15:15:17+00:00 | 2025-01-19T01:52:24.493530+00:00 |
| pysec-2024-192 |
|
An issue was discovered in llama_index before 0.10.38. download/integration.py includes a… | llama-index | 2024-08-22T20:15:10+00:00 | 2025-01-19T13:22:29.175614+00:00 |
| pysec-2024-181 |
6.1 (3.1)
|
Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of… | apache-airflow | 2024-08-21T16:15:08+00:00 | 2025-01-19T04:22:59.351008+00:00 |
| pysec-2024-72 |
8.8 (3.1)
|
LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running … | ekuiper | 2024-08-20T15:15:00Z | 2024-09-18T07:04:07.042699Z |
| pysec-2024-71 |
7.5 (3.1)
|
A vulnerability in corydolphin/flask-cors up to version 4.0.1 allows the `Access-Control-… | flask-cors | 2024-08-18T19:15:00Z | 2024-09-09T07:59:30.591275Z |
| pysec-2024-188 |
6.1 (3.1)
|
WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Lo… | webob | 2024-08-14T21:15:17+00:00 | 2025-01-19T04:23:01.908824+00:00 |
| pysec-2024-153 |
6.5 (3.1)
|
Streamlit is a data oriented application development framework for python. Snowflake Stre… | streamlit | 2024-08-12T17:15:17+00:00 | 2024-11-25T21:22:50.933853+00:00 |
| pysec-2024-200 |
7.2 (3.1)
|
JupyterHub is software that allows one to create a multi-user server for Jupyter notebook… | jupyterhub | 2024-08-08T15:15:17+00:00 | 2025-01-19T16:22:58.171761+00:00 |
| pysec-2024-70 |
|
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values… | django | 2024-08-07T15:15:00+00:00 | 2024-08-07T17:22:10.804411+00:00 |
| pysec-2024-69 |
|
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and … | django | 2024-08-07T15:15:00+00:00 | 2024-08-07T17:22:10.745844+00:00 |
| pysec-2024-68 |
|
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() an… | django | 2024-08-07T15:15:00+00:00 | 2024-08-07T17:22:10.682679+00:00 |
| pysec-2024-67 |
|
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat… | django | 2024-08-07T15:15:00+00:00 | 2024-08-07T17:22:10.613440+00:00 |
| pysec-2024-73 |
9.1 (3.1)
|
A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 … | chuanhuchatgpt | 2024-07-31T01:15:00+00:00 | 2024-08-27T15:22:40.259109+00:00 |
| pysec-2024-75 |
6.1 (3.1)
|
Twisted is an event-based framework for internet applications, supporting Python 3.6+. Th… | twisted | 2024-07-29T16:15:00+00:00 | 2024-09-11T19:19:18.005250+00:00 |
| pysec-2024-203 |
7.5 (3.1)
|
DuckDB is a SQL database management system. In versions 1.0.0 and prior, content in files… | duckdb | 2024-07-24T18:15:05+00:00 | 2025-01-19T19:18:58.299130+00:00 |
| pysec-2024-65 |
|
Roundup before 2.4.0 allows XSS via JavaScript in PDF, XML, and SVG documents. | roundup | 2024-07-17T20:15:00+00:00 | 2024-07-17T23:22:05.024899+00:00 |
| pysec-2024-64 |
|
Roundup before 2.4.0 allows XSS via a SCRIPT element in an HTTP Referer header. | roundup | 2024-07-17T20:15:00+00:00 | 2024-07-17T23:22:04.987078+00:00 |
| pysec-2024-63 |
|
In Roundup before 2.4.0, classhelpers (_generic.help.html) allow XSS. | roundup | 2024-07-17T20:15:00+00:00 | 2024-07-17T23:22:04.949977+00:00 |
| pysec-2024-173 |
8.8 (3.1)
|
Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such… | streampipes | 2024-07-17T10:15:01+00:00 | 2025-01-18T22:21:43.618882+00:00 |
| pysec-2024-174 |
4.3 (3.1)
|
Server-Side Request Forgery (SSRF) vulnerability in Apache StreamPipes during installatio… | streampipes | 2024-07-17T09:15:02+00:00 | 2025-01-18T22:21:43.678475+00:00 |
| pysec-2024-172 |
3.7 (3.1)
|
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache StreamPipes in … | streampipes | 2024-07-17T09:15:02+00:00 | 2025-01-18T22:21:43.557516+00:00 |
| pysec-2024-190 |
8.8 (3.1)
|
Apache Airflow 2.4.0, and versions before 2.9.3, has a vulnerability that allows authenti… | apache-airflow | 2024-07-17T08:15:02+00:00 | 2025-01-19T07:21:16.859034+00:00 |
| pysec-2024-189 |
5.4 (3.1)
|
Apache Airflow versions before 2.9.3 have a vulnerability that allows an authenticated at… | apache-airflow | 2024-07-17T08:15:01+00:00 | 2025-01-19T07:21:16.796301+00:00 |
| pysec-2024-66 |
7.8 (3.1)
|
dbt enables data analysts and engineers to transform their data using the same practices … | dbt-core | 2024-07-16T23:15:00+00:00 | 2024-07-19T17:21:49.664320+00:00 |
| pysec-2024-62 |
|
Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerab… | langchain-experimental | 2024-07-15T05:15:00+00:00 | 2024-07-15T11:19:36.686972+00:00 |
| pysec-2024-86 |
4.9 (3.1)
|
Wagtail is an open source content management system built on Django. A bug in Wagtail's `… | wagtail | 2024-07-11T16:15:00+00:00 | 2024-09-19T19:20:17.668744+00:00 |
| pysec-2024-61 |
6.1 (3.1)
|
A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt ve… | chuanhuchatgpt | 2024-07-11T11:15:00+00:00 | 2024-07-12T21:33:00.657381+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-874 | Malicious code in google-search-result (PyPI) | 2026-02-12T23:27:54Z | 2026-02-13T00:38:45Z |
| mal-2026-873 | Malicious code in @depro0x/despicable-me (npm) | 2026-02-12T20:40:54Z | 2026-02-23T04:21:31Z |
| mal-2026-872 | Malicious code in stylelint-recommended (npm) | 2026-02-12T18:18:29Z | 2026-02-23T04:21:36Z |
| mal-2026-871 | Malicious code in envoy1 (npm) | 2026-02-12T16:50:57Z | 2026-02-23T04:21:32Z |
| mal-2026-941 | Malicious code in ether-lint (npm) | 2026-02-12T16:02:40Z | 2026-02-23T04:21:32Z |
| mal-2026-870 | Malicious code in b10connoisseur (PyPI) | 2026-02-12T12:10:26Z | 2026-02-12T12:10:26Z |
| mal-2026-869 | Malicious code in ritch (PyPI) | 2026-02-12T08:10:35Z | 2026-02-19T22:47:48Z |
| mal-2026-866 | Malicious code in oraceldb (PyPI) | 2026-02-12T08:03:03Z | 2026-02-19T22:47:48Z |
| mal-2026-863 | Malicious code in krbutils (PyPI) | 2026-02-12T08:00:39Z | 2026-02-19T22:47:48Z |
| mal-2026-868 | Malicious code in pydantics (PyPI) | 2026-02-12T07:55:49Z | 2026-02-19T22:47:48Z |
| mal-2026-867 | Malicious code in pandaai (PyPI) | 2026-02-12T07:51:33Z | 2026-02-19T22:47:48Z |
| mal-2026-865 | Malicious code in opentelematry-api (PyPI) | 2026-02-12T07:30:47Z | 2026-02-19T22:47:48Z |
| mal-2026-864 | Malicious code in marshmellow (PyPI) | 2026-02-12T07:10:57Z | 2026-02-19T22:47:48Z |
| mal-2026-946 | Malicious code in lala6992 (PyPI) | 2026-02-12T05:30:51Z | 2026-02-19T22:47:48Z |
| mal-2026-862 | Malicious code in get-incorrect-name-bob (PyPI) | 2026-02-12T00:01:39Z | 2026-02-12T00:01:39Z |
| mal-2026-861 | Malicious code in express-gueues (npm) | 2026-02-11T16:43:01Z | 2026-02-23T04:21:32Z |
| mal-2026-860 | Malicious code in osopackagepy (PyPI) | 2026-02-11T15:50:58Z | 2026-02-11T16:53:59Z |
| mal-2026-859 | Malicious code in systemtest-network (npm) | 2026-02-11T15:13:28Z | 2026-02-23T04:21:36Z |
| mal-2026-858 | Malicious code in systemtest-information (npm) | 2026-02-11T15:13:28Z | 2026-02-23T04:21:36Z |
| mal-2026-857 | Malicious code in osopackage (npm) | 2026-02-11T15:13:28Z | 2026-02-23T04:21:35Z |
| mal-2026-856 | Malicious code in chai-prop (npm) | 2026-02-11T14:19:52Z | 2026-02-23T04:21:32Z |
| mal-2026-855 | Malicious code in config-toolkit (PyPI) | 2026-02-11T14:08:58Z | 2026-02-11T14:08:58Z |
| mal-2026-854 | Malicious code in sinon-node (npm) | 2026-02-11T10:54:37Z | 2026-02-23T04:21:35Z |
| mal-2026-853 | Malicious code in node-dotenv-cli (npm) | 2026-02-11T10:54:37Z | 2026-02-23T04:21:34Z |
| mal-2026-852 | Malicious code in chai-await (npm) | 2026-02-11T10:54:36Z | 2026-02-23T04:21:32Z |
| mal-2026-851 | Malicious code in python-files-mod (PyPI) | 2026-02-11T10:40:53Z | 2026-02-11T10:40:53Z |
| mal-2024-12374 | Malicious code in ci-metadata-python-logging (PyPI) | 2026-02-11T10:26:41Z | 2026-02-14T18:48:58Z |
| mal-2025-193013 | Malicious code in tablixs (PyPI) | 2026-02-11T10:04:22Z | 2026-02-14T18:48:58Z |
| mal-2026-850 | Malicious code in ntoctfutils (PyPI) | 2026-02-11T08:58:36Z | 2026-02-11T08:58:36Z |
| mal-2026-849 | Malicious code in jsonconfig-utils (PyPI) | 2026-02-11T06:56:16Z | 2026-02-11T06:56:16Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-gradle-2026-22816 | Gradle fails to disable repositories which can expose builds to malicious artifacts | 2026-01-21T08:41:10.153Z | 2026-01-21T09:22:22.325Z |
| bit-airflow-2025-68675 | Apache Airflow: proxy credentials for various providers might leak in task logs | 2026-01-21T08:39:24.383Z | 2026-02-04T10:19:33.233Z |
| bit-airflow-2025-68438 | Apache Airflow: Secrets in rendered templates could contain parts of sensitive values when truncated | 2026-01-21T08:39:22.633Z | 2026-01-21T09:22:22.325Z |
| bit-gitlab-2025-11224 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2026-01-16T09:05:53.033Z | 2026-01-22T09:11:07.452Z |
| bit-kibana-2026-0543 | Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation | 2026-01-16T08:42:18.049Z | 2026-01-16T09:10:29.256Z |
| bit-kibana-2026-0532 | External Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini Connector | 2026-01-16T08:42:16.599Z | 2026-01-16T09:10:29.256Z |
| bit-kibana-2026-0531 | Allocation of Resources Without Limits or Throttling in Kibana Fleet | 2026-01-16T08:42:14.963Z | 2026-01-16T09:10:29.256Z |
| bit-kibana-2026-0530 | Allocation of Resources Without Limits or Throttling in Kibana Leading to Excessive Allocation | 2026-01-16T08:42:13.351Z | 2026-01-16T09:10:29.256Z |
| bit-elk-2026-0543 | Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation | 2026-01-16T08:39:07.127Z | 2026-01-16T09:10:29.256Z |
| bit-elk-2026-0532 | External Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini Connector | 2026-01-16T08:39:05.407Z | 2026-01-16T09:10:29.256Z |
| bit-elk-2026-0531 | Allocation of Resources Without Limits or Throttling in Kibana Fleet | 2026-01-16T08:39:03.612Z | 2026-01-16T09:10:29.256Z |
| bit-elk-2026-0530 | Allocation of Resources Without Limits or Throttling in Kibana Leading to Excessive Allocation | 2026-01-16T08:39:01.662Z | 2026-01-16T09:10:29.256Z |
| bit-appsmith-2026-22794 | Account Takeover Vulnerability in Appsmith | 2026-01-14T08:37:00.092Z | 2026-01-22T09:11:07.452Z |
| bit-mastodon-2026-22246 | Local Mastodon users can enumerate and access severed relationships of every other local user | 2026-01-13T11:27:33.626Z | 2026-01-26T15:09:56.435Z |
| bit-mastodon-2026-22245 | Mastodon has SSRF Protection bypass | 2026-01-13T11:27:28.319Z | 2026-01-13T12:01:00.363Z |
| bit-gitlab-2025-9222 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2026-01-13T09:09:30.025Z | 2026-01-26T15:09:56.435Z |
| bit-gitlab-2025-3950 | Exposure of Private Personal Information to an Unauthorized Actor in GitLab | 2026-01-13T09:08:23.763Z | 2026-01-13T09:11:00.781Z |
| bit-gitlab-2025-13781 | Missing Authorization in GitLab | 2026-01-13T09:07:23.273Z | 2026-01-13T09:11:00.781Z |
| bit-gitlab-2025-13772 | Missing Authorization in GitLab | 2026-01-13T09:07:21.509Z | 2026-01-26T15:09:56.435Z |
| bit-gitlab-2025-13761 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2026-01-13T09:07:19.725Z | 2026-01-26T15:09:56.435Z |
| bit-gitlab-2025-11246 | Insufficient Granularity of Access Control in GitLab | 2026-01-13T09:06:35.458Z | 2026-01-13T09:11:00.781Z |
| bit-gitlab-2025-10569 | Allocation of Resources Without Limits or Throttling in GitLab | 2026-01-13T09:06:21.471Z | 2026-01-13T09:11:00.781Z |
| bit-virtualenv-2026-22702 | virtualenv Has TOCTOU Vulnerabilities in Directory Creation | 2026-01-13T08:53:06.703Z | 2026-01-13T09:11:00.781Z |
| bit-ghost-2026-22597 | Ghost has SSRF via External Media Inliner | 2026-01-13T08:40:27.429Z | 2026-01-13T09:11:00.781Z |
| bit-ghost-2026-22596 | Ghost has SQL Injection in Members Activity Feed | 2026-01-13T08:40:25.592Z | 2026-01-16T09:10:29.256Z |
| bit-ghost-2026-22595 | Ghost has Staff Token permission bypass | 2026-01-13T08:40:23.758Z | 2026-01-13T09:11:00.781Z |
| bit-ghost-2026-22594 | Ghost has Staff 2FA bypass | 2026-01-13T08:40:22.071Z | 2026-01-13T09:11:00.781Z |
| bit-cosign-2026-22703 | Cosign verification accepts any valid Rekor entry under certain conditions | 2026-01-13T08:37:37.120Z | 2026-01-13T09:11:00.781Z |
| bit-php-2025-14180 | NULL Pointer Dereference in PDO quoting | 2026-01-08T11:48:33.482Z | 2026-01-08T12:08:29.041Z |
| bit-php-2025-14178 | Heap buffer overflow in array_merge() | 2026-01-08T11:48:32.142Z | 2026-01-26T15:09:56.435Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-ni96678 | Within HostnameError | 2026-01-30T15:06:52.947220Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ib05679 | Within HostnameError | 2026-01-30T15:06:23.436295Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kk41938 | Within HostnameError | 2026-01-30T15:06:23.375949Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-jx43631 | Within HostnameError | 2026-01-30T15:06:23.337190Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-sh75345 | Cancelling a query (e | 2026-01-30T15:05:23.442396Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bh03809 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:04:53.009971Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-vl83369 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:03:53.758258Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rj88561 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:03:53.732429Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-lp38773 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:03:53.100242Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-uj17204 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:03:52.998379Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fd27182 | Cancelling a query (e | 2026-01-30T15:02:52.949683Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ti76190 | Cancelling a query (e | 2026-01-30T15:02:23.296683Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-di91874 | Cancelling a query (e | 2026-01-30T15:02:23.274144Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-vc16841 | Within HostnameError | 2026-01-30T15:02:22.944744Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-sq13072 | Moby is an open source container framework developed by Docker Inc | 2026-01-30T15:02:22.907312Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kq33111 | Cancelling a query (e | 2026-01-30T15:02:22.834896Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rl45001 | tar | 2026-01-30T15:01:22.967754Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ys66739 | Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3 | 2026-01-30T15:00:53.250874Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oo42606 | Cancelling a query (e | 2026-01-30T15:00:52.876848Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xs24366 | Cancelling a query (e | 2026-01-30T15:00:52.862887Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bj28314 | Within HostnameError | 2026-01-30T15:00:22.906070Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pd17156 | Cancelling a query (e | 2026-01-30T15:00:22.872625Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yj61997 | Cancelling a query (e | 2026-01-30T14:59:52.788649Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-nd19988 | Cancelling a query (e | 2026-01-30T14:59:22.824513Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-aj76138 | tar | 2026-01-30T14:58:52.957172Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kv78041 | processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input | 2026-01-30T14:56:23.125184Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kf66928 | Within HostnameError | 2026-01-30T14:53:23.030035Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-dd39330 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:53:22.793144Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ld23143 | Cancelling a query (e | 2026-01-30T14:52:52.766441Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fr57243 | Cancelling a query (e | 2026-01-30T14:52:52.746706Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2024-058 | 2024-11-06T16:28:56.000Z | 2025-02-20T20:05:57.000Z | |
| drupal-contrib-2024-056 | 2024-10-30T17:11:24.000Z | 2025-02-20T20:05:41.000Z | |
| drupal-contrib-2024-055 | 2024-10-30T17:07:09.000Z | 2025-02-20T20:05:30.000Z | |
| drupal-contrib-2024-052 | 2024-10-23T15:45:47.000Z | 2025-02-20T20:05:19.000Z | |
| drupal-contrib-2024-051 | 2024-10-23T15:45:41.000Z | 2025-02-20T20:08:44.000Z | |
| drupal-contrib-2024-050 | 2024-10-23T12:09:48.000Z | 2025-02-20T19:25:41.000Z | |
| drupal-contrib-2024-049 | 2024-10-09T16:40:07.000Z | 2025-02-20T19:25:53.000Z | |
| drupal-contrib-2024-048 | 2024-10-09T15:56:35.000Z | 2025-02-20T19:26:05.000Z | |
| drupal-contrib-2024-047 | 2024-10-09T15:54:27.000Z | 2025-02-20T19:26:17.000Z | |
| drupal-contrib-2024-046 | 2024-10-09T15:48:11.000Z | 2025-02-20T19:26:30.000Z | |
| drupal-contrib-2024-045 | 2024-10-09T15:48:10.000Z | 2025-02-20T19:26:40.000Z | |
| drupal-contrib-2024-044 | 2024-10-02T16:27:12.000Z | 2025-02-20T19:26:51.000Z | |
| drupal-contrib-2024-043 | 2024-10-02T16:20:48.000Z | 2025-02-20T19:27:03.000Z | |
| drupal-contrib-2024-042 | 2024-10-02T16:15:59.000Z | 2025-02-20T19:27:15.000Z | |
| drupal-contrib-2024-039 | 2024-09-11T16:21:22.000Z | 2025-02-20T19:22:14.000Z | |
| drupal-contrib-2024-038 | 2024-09-04T16:20:17.000Z | 2025-02-20T19:22:30.000Z | |
| drupal-contrib-2024-037 | 2024-09-04T16:15:41.000Z | 2025-02-20T19:22:50.000Z | |
| drupal-contrib-2024-036 | 2024-09-04T15:42:05.000Z | 2025-02-20T19:23:09.000Z | |
| drupal-contrib-2024-035 | 2024-09-04T15:40:44.000Z | 2025-02-20T19:23:27.000Z | |
| drupal-contrib-2024-034 | 2024-09-04T15:35:55.000Z | 2025-02-20T19:23:44.000Z | |
| drupal-contrib-2024-033 | 2024-08-28T15:32:41.000Z | 2025-02-20T19:24:02.000Z | |
| drupal-contrib-2024-030 | 2024-08-21T16:23:02.000Z | 2025-02-20T19:11:48.000Z | |
| drupal-contrib-2024-029 | 2024-08-07T17:36:15.000Z | 2025-02-20T19:12:05.000Z | |
| drupal-contrib-2024-028 | 2024-08-07T17:30:20.000Z | 2025-02-20T19:12:22.000Z | |
| drupal-contrib-2024-027 | 2024-08-07T17:19:30.000Z | 2025-02-20T19:12:37.000Z | |
| drupal-contrib-2024-026 | 2024-07-31T15:59:06.000Z | 2025-02-20T19:12:56.000Z | |
| drupal-contrib-2024-025 | 2024-06-05T16:45:02.000Z | 2025-02-20T19:13:15.000Z | |
| drupal-contrib-2024-024 | 2024-05-29T16:58:59.000Z | 2025-02-20T19:13:35.000Z | |
| drupal-contrib-2024-023 | 2024-05-29T16:52:42.000Z | 2025-02-20T19:13:53.000Z | |
| drupal-contrib-2024-022 | 2024-05-29T16:44:55.000Z | 2025-02-20T19:14:10.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-007607 | Pass-Back Attack vulnerability in Konica Minorta bizhub series | 2025-07-01T14:09+09:00 | 2025-07-01T14:09+09:00 |
| jvndb-2025-007595 | Multiple vulnerabilities in Web Connection of Konica Minolta MFPs | 2025-07-01T14:02+09:00 | 2025-07-01T14:02+09:00 |
| jvndb-2025-000046 | SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting | 2025-06-30T15:45+09:00 | 2025-06-30T15:45+09:00 |
| jvndb-2025-007552 | Multiple vulnerabilities in TB-eye network recorders and AHD recorders | 2025-06-30T14:45+09:00 | 2025-06-30T14:45+09:00 |
| jvndb-2025-007521 | Multiple Brother driver installers for Windows vulnerable to privilege escalation | 2025-06-27T09:37+09:00 | 2025-08-19T11:29+09:00 |
| jvndb-2025-007519 | Multiple vulnerabilities in multiple BROTHER products | 2025-06-26T18:15+09:00 | 2025-09-22T10:16+09:00 |
| jvndb-2025-000043 | Multiple vulnerabilities in iroha Board | 2025-06-26T15:13+09:00 | 2025-06-26T15:13+09:00 |
| jvndb-2025-000044 | Denial-of-service (DoS) vulnerabilities in multiple Apache products | 2025-06-26T14:41+09:00 | 2025-10-01T14:18+09:00 |
| jvndb-2025-000042 | Inefficient regular expressions in GROWI | 2025-06-24T15:25+09:00 | 2025-06-24T15:25+09:00 |
| jvndb-2025-000041 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-06-24T14:50+09:00 | 2026-02-03T15:35+09:00 |
| jvndb-2025-007390 | Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385) | 2025-06-24T11:18+09:00 | 2025-06-24T11:18+09:00 |
| jvndb-2025-000040 | KCM3100 vulnerable to authentication bypass using an alternate path or channel | 2025-06-18T13:42+09:00 | 2025-06-18T13:42+09:00 |
| jvndb-2025-000039 | Multiple vulnerabilities in RICOH Streamline NX PC Client | 2025-06-13T16:09+09:00 | 2025-06-13T16:09+09:00 |
| jvndb-2025-000038 | UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints | 2025-06-12T15:56+09:00 | 2025-06-12T15:56+09:00 |
| jvndb-2025-000037 | Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery | 2025-06-06T13:56+09:00 | 2025-06-06T13:56+09:00 |
| jvndb-2025-000036 | TimeWorks vulnerable to path traversal | 2025-06-03T15:35+09:00 | 2025-06-03T15:35+09:00 |
| jvndb-2025-000035 | Improper file access permission settings in PC Time Tracer | 2025-06-03T14:40+09:00 | 2025-06-03T14:40+09:00 |
| jvndb-2025-000034 | Multiple vulnerabilities in wivia 5 | 2025-05-30T15:57+09:00 | 2025-05-30T15:57+09:00 |
| jvndb-2025-000032 | Mailform Pro CGI generating error messages containing sensitive information | 2025-05-26T14:22+09:00 | 2025-05-26T14:22+09:00 |
| jvndb-2025-000033 | Improper pattern file validation in i-FILTER optional feature 'Anti-Virus & Sandbox' | 2025-05-23T15:36+09:00 | 2025-05-23T15:36+09:00 |
| jvndb-2025-005467 | Passback vulnerabilities in Canon Production Printers, Office/Small Office Multifunction Printers, and Laser Printers | 2025-05-22T15:03+09:00 | 2025-05-22T15:03+09:00 |
| jvndb-2025-005107 | Multiple vulnerabilities in V-SFT | 2025-05-16T14:32+09:00 | 2025-05-16T14:32+09:00 |
| jvndb-2025-005057 | Multiple vulnerabilities in I-O DATA network attached hard disk 'HDL-T Series' | 2025-05-15T18:27+09:00 | 2025-05-15T18:27+09:00 |
| jvndb-2025-005050 | Multiple vulnerabilities in a-blog cms | 2025-05-15T18:11+09:00 | 2025-05-15T18:11+09:00 |
| jvndb-2025-000031 | Pgpool-II vulnerable to authentication bypass by primary weakness | 2025-05-15T16:14+09:00 | 2025-05-15T16:14+09:00 |
| jvndb-2025-004863 | Panasonic IR Control Hub vulnerable to Unauthorised firmware loading | 2025-05-14T11:30+09:00 | 2025-05-14T11:30+09:00 |
| jvndb-2025-000030 | Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2025-05-12T18:00+09:00 | 2025-07-17T10:06+09:00 |
| jvndb-2025-004671 | Multiple vulnerabilities in GL-MT2500 and GL-MT2500A | 2025-05-12T17:52+09:00 | 2025-05-12T17:52+09:00 |
| jvndb-2025-004079 | Improper access permission settings in multiple SEIKO EPSON printer drivers for Windows OS | 2025-04-30T11:46+09:00 | 2025-04-30T11:46+09:00 |
| jvndb-2025-004076 | Security Update for Trend Micro Trend Vision One (April 2025) | 2025-04-30T10:38+09:00 | 2025-04-30T10:38+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-07552 | WordPress插件PDF Resume Parser信息泄露漏洞 | 2026-01-19 | 2026-01-28 |
| cnvd-2026-07551 | WordPress插件LottieFiles – Lottie block for Gutenberg信息泄露漏洞 | 2026-01-19 | 2026-01-28 |
| cnvd-2026-07206 | Microsoft SharePoint Server远程代码执行漏洞(CNVD-2026-07206) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07205 | Microsoft SharePoint Server欺骗漏洞(CNVD-2026-07205) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07204 | Microsoft SharePoint远程代码执行漏洞(CNVD-2026-07204) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07203 | Microsoft SharePoint信息泄露漏洞(CNVD-2026-07203) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07202 | Microsoft SharePoint Server远程代码执行漏洞(CNVD-2026-07202) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07201 | Microsoft Office代码执行漏洞(CNVD-2026-07201) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07200 | Microsoft Office代码执行漏洞(CNVD-2026-07200) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07199 | Microsoft Office Click-To-Run代码执行漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07198 | Microsoft Excel代码执行漏洞(CNVD-2026-07198) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07197 | Microsoft Excel代码执行漏洞(CNVD-2026-07197) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07196 | Microsoft Excel代码执行漏洞(CNVD-2026-07196) | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07195 | Adobe Substance3D Stager资源管理错误漏洞(CNVD-2026-07195) | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07194 | Adobe Substance3D Modeler越界读取漏洞(CNVD-2026-07194) | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07193 | Adobe Substance3D Modeler越界读取漏洞(CNVD-2026-07193) | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07192 | Adobe Substance3D Designer越界读取漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07191 | Adobe Substance3D Designer缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07190 | Adobe Illustrator代码问题漏洞(CNVD-2026-07190) | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07189 | Adobe Illustrator代码问题漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07188 | Adobe Dreamweaver Desktop输入验证错误漏洞(CNVD-2026-07188) | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07187 | Adobe Dreamweaver Desktop输入验证错误漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-07159 | Intern Membership Management System /add_admin.php文件SQL注入漏洞 | 2026-01-19 | 2026-01-22 |
| cnvd-2026-07158 | Intern Membership Management System /add_activity.php文件SQL注入漏洞 | 2026-01-19 | 2026-01-22 |
| cnvd-2026-07040 | WordPress WP-Members Membership plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07039 | WordPress WP-CRM System plugin未经授权访问漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07027 | WordPress Uploadify plugin代码问题漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07026 | WordPress Testimonials Creator plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07025 | WordPress Supreme Modules Lite plugin代码问题漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-07012 | WordPress Stopwords for comments plugin跨站请求伪造漏洞 | 2026-01-19 | 2026-01-23 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01566 | Уязвимость функции f2fs_map_blocks() модуля fs/f2fs/data.c файловой системы F2FS ядра опе… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01565 | Уязвимость функции nfsd_splice_actor() модуля fs/nfsd/vfs.c поддержки сетевой файловой си… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01564 | Уязвимость функции ext4_io_end_defer_completion() модуля fs/ext4/page-io.c файловой сист… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01563 | Уязвимость функции hns_roce_v2_init() модуля drivers/infiniband/hw/hns/hns_roce_hw_v2.c д… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01562 | Уязвимость функции gmin_get_config_var() модуля drivers/staging/media/atomisp/pci/atomisp… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01561 | Уязвимость функции blocking_domain_set_dev_pasid() модуля drivers/iommu/intel/iommu.c дра… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01560 | Уязвимость функции dmabuf_exp_from_pages() модуля drivers/xen/gntdev-dmabuf.c драйвера ус… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01559 | Уязвимость функции panthor_gem_create_with_handle() модуля drivers/gpu/drm/panthor/pantho… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01558 | Уязвимость функции meson_encoder_hdmi_init() модуля drivers/gpu/drm/meson/meson_encoder_h… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01557 | Уязвимость функции signal_our_withdraw() модуля fs/gfs2/util.c файловой системы GFS2 ядра… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01556 | Уязвимость функции __fbnic_open() модуля drivers/net/ethernet/meta/fbnic/fbnic_netdev.c д… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01555 | Уязвимость функции scarlett2_input_select_ctl_info() модуля sound/usb/mixer_scarlett2.c п… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01554 | Уязвимость функции inet6_rt_notify() модуля net/ipv6/route.c ядра операционной системы Li… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01553 | Уязвимость функции ieee80211_link_info_change_notify() модуля net/mac80211/main.c реализа… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01550 | Уязвимость функций usbnet_stop() и usbnet_disconnect() ядра операционной системы Linux, п… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01549 | Уязвимость функций scpi_init_versions() и scpi_probe() ядра операционной системы Linux, п… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01548 | Уязвимость функции pm8001_chip_reg_dev_req() модуля drivers/scsi/pm8001/pm8001_hwi.c драй… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01547 | Уязвимость функции pm8001_send_abort_all() модуля drivers/scsi/pm8001/pm8001_hwi.c драйве… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01546 | Уязвимость функции attempt_restore_of_faulty_devices() ядра операционной системы Linux, п… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01545 | Уязвимость функций qla2x00_async_login_sp_done(), qla2x00_async_adisc_sp_done(), qla2x00_… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01544 | Уязвимость функции qla24xx_handle_plogi_done_event() модуля drivers/scsi/qla2xxx/qla_init… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01543 | Уязвимость функции qla2xxx_create_qpair() модуля drivers/scsi/qla2xxx/qla_init.c драйвера… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01542 | Уязвимость функции avic_pi_update_irte() модуля arch/x86/kvm/svm/avic.c подсистемы виртуа… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01541 | Уязвимость функции hci_sync_conn_complete_evt() модуля net/bluetooth/hci_event.c подсисте… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01540 | Уязвимость функции dp_link_settings_read() модуля drivers/gpu/drm/amd/display/amdgpu_dm/a… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01539 | Уязвимость функции mlxsw_sp_pude_event_func() модуля drivers/net/ethernet/mellanox/mlxsw/… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01538 | Уязвимость функции kfd_process_notifier_release() модуля drivers/gpu/drm/amd/amdkfd/kfd_p… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01537 | Уязвимость функции acpi_processor_get_lpi_info() модуля drivers/acpi/processor_idle.c дра… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01536 | Уязвимость функций ext4_writepage(), mpage_prepare_extent_to_map() модуля fs/ext4/inode.c… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01535 | Уязвимость функции ntfs_read_inode_mount() модуля fs/ntfs/inode.c файловой системы ядра о… | 10.02.2026 | 10.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0059 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0058 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0057 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0056 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0055 | Multiples vulnérabilités dans GLPI | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0054 | Multiples vulnérabilités dans Centreon Infra Monitoring | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0053 | Vulnérabilité dans Traefik | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0052 | Multiples vulnérabilités dans Mattermost Server | 2026-01-16T00:00:00.000000 | 2026-02-16T00:00:00.000000 |
| certfr-2026-avi-0051 | Multiples vulnérabilités dans les produits Mozilla | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0050 | Multiples vulnérabilités dans les produits Juniper Networks | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0049 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0048 | Multiples vulnérabilités dans Wireshark | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0047 | Vulnérabilité dans F5 NGINX Ingress Controller | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0046 | Multiples vulnérabilités dans les produits Microsoft | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0045 | Multiples vulnérabilités dans Microsoft Azure | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0044 | Multiples vulnérabilités dans Microsoft Windows | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0043 | Multiples vulnérabilités dans Microsoft Office | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0042 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0041 | Multiples vulnérabilités dans les produits Elastic | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0040 | Multiples vulnérabilités dans Google Chrome | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0039 | Multiples vulnérabilités dans Node.js | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0038 | Multiples vulnérabilités dans les produits Mozilla | 2026-01-14T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0037 | Multiples vulnérabilités dans Typo3 | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0036 | Multiples vulnérabilités dans Suricata | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0035 | Multiples vulnérabilités dans les produits Fortinet | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0034 | Multiples vulnérabilités dans les produits SAP | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0033 | Multiples vulnérabilités dans les produits Schneider Electric | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0032 | Multiples vulnérabilités dans les produits Siemens | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0031 | Vulnérabilité dans le greffon VSCode pour Spring CLI | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0030 | Vulnérabilité dans MISP | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2017-ale-004 | Vulnérabilité dans Apache Struts | 2017-03-10T00:00:00.000000 | 2017-05-10T00:00:00.000000 |
| certfr-2017-ale-003 | Vulnérabilité dans les navigateurs Microsoft | 2017-02-27T00:00:00.000000 | 2017-03-15T00:00:00.000000 |
| certfr-2017-ale-002 | Vulnérabilité dans Microsoft Windows | 2017-02-20T00:00:00.000000 | 2017-03-15T00:00:00.000000 |
| certfr-2017-ale-001 | Vulnérabilité dans Cisco WebEx | 2017-01-25T00:00:00.000000 | 2017-01-31T00:00:00.000000 |
| certfr-2016-ale-010 | Vulnérabilité dans les routeurs Netgear | 2016-12-13T00:00:00.000000 | 2016-12-26T00:00:00.000000 |
| certfr-2016-ale-009 | Campagne d'attaque contre des routeurs DSL | 2016-12-01T00:00:00.000000 | 2017-01-26T00:00:00.000000 |
| certfr-2016-ale-008 | Vulnérabilité dans Microsoft Windows | 2016-11-02T00:00:00.000000 | 2016-11-09T00:00:00.000000 |
| certfr-2016-ale-007 | Vulnérabilité dans Cisco IOS, IOS XE et IOS XR | 2016-09-19T00:00:00.000000 | 2016-09-19T00:00:00.000000 |
| certfr-2016-ale-006 | Campagne de messages électroniques non sollicités de type Zepto/Odin | 2016-09-05T00:00:00.000000 | 2016-11-17T00:00:00.000000 |
| certfr-2016-ale-005 | Multiples vulnérabilités dans les pare-feux Cisco | 2016-08-18T00:00:00.000000 | 2016-09-05T00:00:00.000000 |
| certfr-2016-ale-004 | Vulnérabilité dans Adobe Flash Player | 2016-06-15T00:00:00.000000 | 2016-06-16T00:00:00.000000 |
| certfr-2016-ale-003 | Vulnérabilité dans Adobe Flash Player | 2016-05-11T00:00:00.000000 | 2016-05-12T00:00:00.000000 |
| certfr-2016-ale-002 | Vulnérabilité dans Adobe Flash Player | 2016-04-06T00:00:00.000000 | 2016-04-08T00:00:00.000000 |
| certfr-2016-ale-001 | Campagne de messages électroniques non sollicités de type Locky | 2016-02-19T00:00:00.000000 | 2016-04-07T00:00:00.000000 |
| certfr-2015-ale-015 | Campagne de messages électroniques non sollicités de type TeslaCrypt | 2015-12-21T00:00:00.000000 | 2016-03-10T00:00:00.000000 |
| certfr-2015-ale-014 | Vulnérabilité dans Juniper ScreenOS | 2015-12-18T00:00:00.000000 | 2016-04-11T00:00:00.000000 |
| certfr-2015-ale-013 | Vulnérabilité dans Joomla! | 2015-12-14T00:00:00.000000 | 2016-08-01T00:00:00.000000 |
| certfr-2015-ale-012 | Campagne de messages électroniques non sollicités de type Dridex | 2015-10-23T00:00:00.000000 | 2015-11-26T00:00:00.000000 |
| certfr-2015-ale-011 | Vulnérabilité dans Adobe Flash Player | 2015-10-14T00:00:00.000000 | 2015-10-19T00:00:00.000000 |
| certfr-2015-ale-010 | Multiples vulnérabilités dans Google Android | 2015-07-28T00:00:00.000000 | 2015-10-06T00:00:00.000000 |
| certfr-2015-ale-009 | Vulnérabilité dans Apple Mac OS X | 2015-07-24T00:00:00.000000 | 2015-12-22T00:00:00.000000 |
| certfr-2015-ale-008 | Vulnérabilité dans le pilote de gestion des polices de caractères de Microsoft Windows | 2015-07-20T00:00:00.000000 | 2015-07-30T00:00:00.000000 |
| certfr-2015-ale-007 | Vulnérabilité dans Oracle Java SE | 2015-07-13T00:00:00.000000 | 2015-07-20T00:00:00.000000 |
| certfr-2015-ale-006 | Vulnérabilité dans Adobe Flash Player | 2015-07-11T00:00:00.000000 | 2015-07-20T00:00:00.000000 |
| certfr-2015-ale-005 | Vulnérabilité dans Adobe Flash Player | 2015-07-08T00:00:00.000000 | 2015-07-10T00:00:00.000000 |
| certfr-2015-ale-004 | Vulnérabilité dans Microsoft Internet Explorer | 2015-02-10T00:00:00.000000 | 2015-03-31T00:00:00.000000 |
| certfr-2015-ale-003 | Nouvelle campagne d'hameçonnage de type rançongiciel | 2015-02-05T00:00:00.000000 | 2015-07-10T00:00:00.000000 |
| certfr-2015-ale-002 | Vulnérabilité dans Adobe Flash Player | 2015-02-02T00:00:00.000000 | 2015-02-05T00:00:00.000000 |
| certfr-2015-ale-001 | Vulnérabilité dans Adobe Flash Player | 2015-01-22T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-011 | Vulnérabilité de l'implémentation Kerberos dans Microsoft Windows | 2014-11-18T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2025-454 | Use-of-uninitialized-value in _cups_strcasecmp | 2025-06-11T00:12:12.952969Z | 2025-06-11T00:12:12.953357Z |
| osv-2025-449 | Heap-buffer-overflow in check_content_type_and_change_protocol | 2025-06-10T00:16:50.624468Z | 2025-06-10T00:16:50.624907Z |
| osv-2025-447 | Use-of-uninitialized-value in spvtools::EmitNumericLiteral | 2025-06-09T00:05:11.128452Z | 2025-09-24T14:18:33.220549Z |
| osv-2024-1446 | Segv on unknown address in glslang::TIntermediate::addSymbol | 2025-06-06T00:12:59.981959Z | 2025-06-06T00:12:59.982286Z |
| osv-2025-442 | Security exception in org.jsoup.parser.HtmlTreeBuilder.process | 2025-06-06T00:12:40.427852Z | 2025-06-06T00:12:40.428189Z |
| osv-2025-437 | Heap-buffer-overflow in mmcall | 2025-06-05T00:18:59.402795Z | 2025-06-05T00:18:59.403189Z |
| osv-2025-436 | Security exception in graphql.parser.GraphqlAntlrToLanguage.createNonNullType | 2025-06-05T00:11:24.382209Z | 2025-06-05T00:11:24.382444Z |
| osv-2025-433 | Null-dereference READ in _libssh2_packet_add | 2025-06-05T00:02:57.199903Z | 2025-06-05T00:02:57.200566Z |
| osv-2025-424 | UNKNOWN READ in RDKit::RDValue::destroy | 2025-06-03T00:12:35.236863Z | 2025-09-24T14:19:44.921114Z |
| osv-2025-412 | UNKNOWN WRITE in luaL_newstate | 2025-05-28T00:06:09.320289Z | 2025-05-28T00:06:09.320970Z |
| osv-2025-408 | Heap-buffer-overflow in sav_parse_long_variable_names_record | 2025-05-27T00:12:59.401698Z | 2025-05-27T00:12:59.402180Z |
| osv-2025-406 | Security exception in com.puppycrawl.tools.checkstyle.JavaAstVisitor.getInnerBopAst | 2025-05-27T00:01:44.628210Z | 2025-05-27T00:01:44.628747Z |
| osv-2025-404 | Use-of-uninitialized-value in JS_FreeRuntime | 2025-05-23T00:14:00.218149Z | 2025-05-23T00:14:00.218494Z |
| osv-2025-401 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2025-05-23T00:07:37.622395Z | 2025-05-23T00:07:37.622817Z |
| osv-2025-396 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2025-05-22T00:16:08.210127Z | 2025-05-22T00:16:08.210510Z |
| osv-2025-384 | Segv on unknown address in rtpp_refcnt_decref | 2025-05-20T00:04:47.616424Z | 2025-05-20T00:04:47.617104Z |
| osv-2025-374 | Use-of-uninitialized-value in pcpp::SomeIpSdEntry::SomeIpSdEntry | 2025-05-17T00:16:26.661924Z | 2025-05-17T00:16:26.662355Z |
| osv-2025-373 | Heap-use-after-free in aiMesh::~aiMesh | 2025-05-17T00:11:17.621374Z | 2025-08-22T19:20:38.723565Z |
| osv-2025-371 | Index-out-of-bounds in tcp_analyze_sequence_number | 2025-05-16T00:16:16.300219Z | 2025-05-16T00:16:16.300689Z |
| osv-2025-369 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2025-05-15T00:19:04.752117Z | 2025-05-15T00:19:04.752522Z |
| osv-2025-368 | Heap-buffer-overflow in __parse_options | 2025-05-15T00:03:04.543640Z | 2025-05-15T00:03:04.544159Z |
| osv-2025-363 | Heap-buffer-overflow in jv_string_vfmt | 2025-05-14T00:03:23.388719Z | 2025-05-14T00:03:23.389224Z |
| osv-2025-357 | Segv on unknown address in pcpp::Packet::computeCalculateFields | 2025-05-12T00:13:14.901744Z | 2025-09-10T14:24:05.862334Z |
| osv-2025-354 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.statement | 2025-05-11T00:17:30.348393Z | 2025-05-11T00:17:30.348809Z |
| osv-2025-352 | Use-of-uninitialized-value in JS_FreeRuntime | 2025-05-10T00:17:01.243609Z | 2025-05-10T00:17:01.243981Z |
| osv-2025-346 | Heap-buffer-overflow in JS_CallInternal | 2025-05-09T00:16:48.213077Z | 2025-05-09T00:16:48.213425Z |
| osv-2025-326 | Heap-use-after-free in __JS_FreeValueRT | 2025-05-05T00:17:02.285374Z | 2025-05-05T00:17:02.285666Z |
| osv-2025-324 | Index-out-of-bounds in dwg_decode_eed | 2025-05-05T00:11:42.580777Z | 2025-05-05T00:11:42.581345Z |
| osv-2025-323 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2025-05-04T00:19:17.568436Z | 2025-05-04T00:19:17.568755Z |
| osv-2025-321 | Use-of-uninitialized-value in JS_DefineProperty | 2025-05-04T00:16:03.249115Z | 2025-05-04T00:16:03.249427Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2025-0032 | Safe API can cause heap-buffer-overflow | 2025-03-27T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0019 | `array-init-cursor` in version 0.2.0 and below is unsound when used with types that implement `Drop` | 2025-03-27T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0018 | Potential out-of-bounds read with a malformed ELF file and the HashTable API. | 2025-03-26T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0017 | The `trust-dns` project has been rebranded to `hickory-dns` | 2025-03-23T12:00:00Z | 2025-03-23T07:00:21Z |
| rustsec-2025-0016 | Use after free in `Parc` and `Prc` due to missing lifetime constraints | 2025-03-13T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0149 | World Writable Directory in /var/log/below Allows Local Privilege Escalation | 2025-03-12T12:00:00Z | 2026-02-08T07:26:28Z |
| rustsec-2025-0014 | humantime is unmaintained | 2025-03-08T12:00:00Z | 2025-03-13T00:41:50Z |
| rustsec-2025-0009 | Some AES functions may panic when overflow checking is enabled. | 2025-03-06T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0010 | Versions of *ring* prior to 0.17 are unmaintained. | 2025-03-05T12:00:00Z | 2025-03-07T15:46:47Z |
| rustsec-2025-0012 | `backoff` is unmaintained. | 2025-03-04T12:00:00Z | 2025-08-06T09:33:04Z |
| rustsec-2025-0011 | `openpgp-card-sequoia` is unmaintained. | 2025-03-04T12:00:00Z | 2025-03-07T15:47:21Z |
| rustsec-2025-0008 | Openh264 Decoding Functions Heap Overflow Vulnerability | 2025-02-24T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0013 | resolve is unmaintained | 2025-02-21T12:00:00Z | 2025-03-07T15:52:15Z |
| rustsec-2025-0007 | *ring* is unmaintained | 2025-02-20T12:00:00Z | 2025-03-06T21:16:59Z |
| rustsec-2025-0015 | Denial of Service via malicious Web Push endpoint | 2025-02-16T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0030 | totally-safe-transmute allows transmuting any type to any other type in safe Rust | 2025-02-10T12:00:00Z | 2025-05-06T20:14:30Z |
| rustsec-2025-0029 | totally-safe introduces memory vulnerabilities in safe Rust | 2025-02-10T12:00:00Z | 2025-05-05T18:31:28Z |
| rustsec-2025-0028 | cve-rs introduces memory vulnerabilities in safe Rust | 2025-02-10T12:00:00Z | 2025-05-06T21:08:48Z |
| rustsec-2025-0006 | Hickory DNS failure to verify self-signed RRSIG for DNSKEYs | 2025-02-07T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0004 | ssl::select_next_proto use after free | 2025-02-02T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0001 | gix-worktree-state nonexclusive checkout sets executable files world-writable | 2025-01-18T12:00:00Z | 2025-01-22T17:11:51Z |
| rustsec-2025-0040 | `root` appended to group listings | 2025-01-15T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0026 | registry is unmaintained | 2025-01-13T12:00:00Z | 2025-04-29T08:11:21Z |
| rustsec-2025-0005 | Out of bounds write triggered by crafted coverage data | 2025-01-13T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0003 | Segmentation fault due to lack of bound check | 2025-01-13T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0002 | Segmentation fault due to lack of bound check | 2025-01-13T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0430 | Use of insecure cryptographic algorithms | 2024-12-28T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0431 | Unsound usages of `core::slice::from_raw_parts` | 2024-12-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0435 | Unsound usages of `Vec::from_raw_parts` | 2024-12-19T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0426 | Unsound usages of `u8` type casting | 2024-12-19T12:00:00Z | 2025-10-28T06:02:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:0523 | Moderate: postgresql:13 security update | 2026-01-13T00:00:00Z | 2026-01-16T15:11:39Z |
| alsa-2026:0519 | Moderate: postgresql:16 security update | 2026-01-13T00:00:00Z | 2026-01-16T15:14:12Z |
| alsa-2026:0493 | Moderate: postgresql:16 security update | 2026-01-13T00:00:00Z | 2026-01-19T09:45:22Z |
| alsa-2026:0492 | Moderate: postgresql:15 security update | 2026-01-13T00:00:00Z | 2026-01-19T10:02:02Z |
| alsa-2026:0491 | Moderate: postgresql security update | 2026-01-13T00:00:00Z | 2026-01-16T15:16:39Z |
| alsa-2026:0470 | Important: podman security update | 2026-01-12T00:00:00Z | 2026-01-16T15:18:30Z |
| alsa-2026:0464 | Moderate: cups security update | 2026-01-12T00:00:00Z | 2026-01-16T15:20:45Z |
| alsa-2026:0458 | Moderate: libpq security update | 2026-01-12T00:00:00Z | 2026-01-16T15:21:50Z |
| alsa-2026:0453 | Important: kernel security update | 2026-01-12T00:00:00Z | 2026-01-16T15:27:10Z |
| alsa-2026:0445 | Moderate: kernel security update | 2026-01-12T00:00:00Z | 2026-01-16T15:31:40Z |
| alsa-2026:0444 | Important: kernel security update | 2026-01-12T00:00:00Z | 2026-01-16T15:34:47Z |
| alsa-2026:0443 | Important: kernel-rt security update | 2026-01-12T00:00:00Z | 2026-01-16T15:37:02Z |
| alsa-2026:0437 | Important: buildah security update | 2026-01-12T00:00:00Z | 2026-01-16T15:38:30Z |
| alsa-2026:0436 | Important: buildah security update | 2026-01-12T00:00:00Z | 2026-01-16T15:50:15Z |
| alsa-2026:0423 | Important: libsoup3 security update | 2026-01-12T00:00:00Z | 2026-01-16T15:49:08Z |
| alsa-2026:0422 | Important: libsoup security update | 2026-01-12T00:00:00Z | 2026-01-16T15:46:52Z |
| alsa-2026:0421 | Important: libsoup security update | 2026-01-12T00:00:00Z | 2026-01-16T15:44:34Z |
| alsa-2026:0337 | Moderate: openssl security update | 2026-01-08T00:00:00Z | 2026-01-16T15:42:22Z |
| alsa-2026:0312 | Moderate: cups security update | 2026-01-08T00:00:00Z | 2026-01-16T15:40:37Z |
| alsa-2026:0247 | Important: mariadb:10.11 security update | 2026-01-07T00:00:00Z | 2026-01-12T10:57:59Z |
| alsa-2026:0241 | Important: libpng security update | 2026-01-07T00:00:00Z | 2026-01-07T21:34:12Z |
| alsa-2026:0238 | Important: libpng security update | 2026-01-07T00:00:00Z | 2026-01-07T21:36:21Z |
| alsa-2026:0237 | Important: libpng security update | 2026-01-07T00:00:00Z | 2026-01-07T21:38:33Z |
| alsa-2026:0233 | Important: mariadb:10.5 security update | 2026-01-07T00:00:00Z | 2026-01-12T10:45:28Z |
| alsa-2026:0232 | Important: mariadb:10.11 security update | 2026-01-07T00:00:00Z | 2026-01-12T10:48:54Z |
| alsa-2026:0225 | Important: mariadb:10.3 security update | 2026-01-07T00:00:00Z | 2026-01-12T10:51:12Z |
| alsa-2026:0137 | Important: mariadb security update | 2026-01-06T00:00:00Z | 2026-01-07T14:24:03Z |
| alsa-2026:0136 | Important: mariadb10.11 security update | 2026-01-06T00:00:00Z | 2026-01-12T10:55:58Z |
| alsa-2026:0130 | Moderate: poppler security update | 2026-01-06T00:00:00Z | 2026-01-07T14:26:34Z |
| alsa-2026:0128 | Moderate: poppler security update | 2026-01-06T00:00:00Z | 2026-01-07T14:29:22Z |