Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-26198 |
9.8 (3.1)
|
ormar is vulnerable to SQL Injection through aggregate… |
collerek |
ormar |
2026-02-24T02:03:47.094Z | 2026-02-24T20:35:44.673Z |
| CVE-2026-22377 |
8.1 (3.1)
|
WordPress Saveo theme <= 1.1.2 - Local File Inclusion … |
AncoraThemes |
Saveo |
2026-02-20T15:47:05.960Z | 2026-02-24T20:30:39.293Z |
| CVE-2025-11847 |
4.9 (3.1)
|
A null pointer dereference vulnerability in the I… |
Zyxel |
VMG3625-T50B firmware |
2026-02-24T02:09:44.684Z | 2026-02-24T20:27:08.473Z |
| CVE-2025-11848 |
4.9 (3.1)
|
A null pointer dereference vulnerability in the W… |
Zyxel |
VMG3625-T50B firmware |
2026-02-24T02:14:18.688Z | 2026-02-24T20:25:28.725Z |
| CVE-2025-68841 |
7.5 (3.1)
|
WordPress TopperPack – Complete Elementor Addons, them… |
Themepul |
TopperPack – Complete Elementor Addons, Theme & CPT Builder |
2026-02-20T15:46:41.702Z | 2026-02-24T20:24:25.553Z |
| CVE-2025-69373 |
7.5 (3.1)
|
WordPress VidoRev theme <= 2.9.9.9.9.9.7 - Local File … |
beeteam368 |
VidoRev |
2026-02-20T15:46:51.695Z | 2026-02-24T20:24:25.192Z |
| CVE-2025-69387 |
7.5 (3.1)
|
WordPress Simple Retail Menus plugin <= 4.2.1 - Local … |
whatwouldjessedo |
Simple Retail Menus |
2026-02-20T15:46:54.745Z | 2026-02-24T20:09:12.911Z |
| CVE-2026-26331 |
8.8 (3.1)
|
yt-dlp: Arbitrary Command Injection when using the `--… |
yt-dlp |
yt-dlp |
2026-02-24T02:23:40.858Z | 2026-02-24T20:08:47.720Z |
| CVE-2025-69383 |
7.5 (3.1)
|
WordPress WP shop plugin <= 2.6.1 - Local File Inclusi… |
Agence web Eoxia - Montpellier |
WP shop |
2026-02-20T15:46:53.941Z | 2026-02-24T20:08:30.147Z |
| CVE-2026-22356 |
7.5 (3.1)
|
WordPress Jetpack CRM plugin <= 6.7.0 - Local File Inc… |
Automattic |
Jetpack CRM |
2026-02-20T15:47:01.362Z | 2026-02-24T20:06:17.125Z |
| CVE-2026-26981 |
6.5 (3.1)
|
OpenEXR has heap-buffer-overflow via signed integer un… |
AcademySoftwareFoundation |
openexr |
2026-02-24T02:26:16.659Z | 2026-02-24T20:03:54.667Z |
| CVE-2026-23803 |
6.4 (3.1)
|
WordPress Smart Auto Upload Images plugin <= 1.2.2 - S… |
Burhan Nasir |
Smart Auto Upload Images |
2026-02-19T08:26:50.148Z | 2026-02-24T19:57:55.720Z |
| CVE-2025-69299 |
7.2 (3.1)
|
WordPress Oxygen theme <= 6.0.8 - Server Side Request … |
Laborator |
Oxygen |
2026-02-20T15:46:46.533Z | 2026-02-24T19:57:23.888Z |
| CVE-2026-22341 |
5.4 (3.1)
|
WordPress Booked plugin <= 3.0.0 - Account Takeover vu… |
Case-Themes |
Booked |
2026-02-20T15:46:59.242Z | 2026-02-24T19:54:34.388Z |
| CVE-2025-69366 |
9.3 (3.1)
|
WordPress Emerce Core plugin <= 1.8 - SQL Injection vu… |
TeconceTheme |
Emerce Core |
2026-02-20T15:46:50.573Z | 2026-02-24T19:47:29.059Z |
| CVE-2025-69365 |
9.3 (3.1)
|
WordPress Uroan Core plugin <= 1.4.4 - SQL Injection v… |
TeconceTheme |
Uroan Core |
2026-02-20T15:46:50.375Z | 2026-02-24T19:47:28.889Z |
| CVE-2025-69337 |
9.3 (3.1)
|
WordPress Wolmart Core plugin <= 1.9.6 - SQL Injection… |
don-themes |
Wolmart Core |
2026-02-20T15:46:50.197Z | 2026-02-24T19:47:28.723Z |
| CVE-2025-69307 |
9.3 (3.1)
|
WordPress Medinik Core plugin <= 1.3.6 - SQL Injection… |
TeconceTheme |
Medinik Core |
2026-02-20T15:46:47.896Z | 2026-02-24T19:47:28.577Z |
| CVE-2025-69306 |
9.3 (3.1)
|
WordPress Electio Core plugin <= 1.4 - SQL Injection v… |
TeconceTheme |
Electio Core |
2026-02-20T15:46:47.710Z | 2026-02-24T19:47:28.415Z |
| CVE-2025-69305 |
9.3 (3.1)
|
WordPress Crete Core plugin <= 1.4.3 - SQL Injection v… |
TeconceTheme |
Crete Core |
2026-02-20T15:46:47.544Z | 2026-02-24T19:47:28.186Z |
| CVE-2026-27126 |
5.9 (4.0)
|
Craft CMS has Stored XSS in Table Field via "HTML" Col… |
craftcms |
cms |
2026-02-24T02:30:04.882Z | 2026-02-24T19:35:38.348Z |
| CVE-2026-22384 |
8.8 (3.1)
|
WordPress Applay - Shortcodes plugin <= 3.7 - PHP Obje… |
leafcolor |
Applay - Shortcodes |
2026-02-20T15:47:07.059Z | 2026-02-24T19:34:05.783Z |
| CVE-2026-3064 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
HummerRisk Cloud Task Scheduler ResourceCreateService.… |
n/a |
HummerRisk |
2026-02-24T02:32:08.524Z | 2026-02-24T19:30:05.511Z |
| CVE-2025-69304 |
9.3 (3.1)
|
WordPress Allmart plugin <= 1.1 - SQL Injection vulner… |
TeconceTheme |
Allmart |
2026-02-20T15:46:47.349Z | 2026-02-24T19:25:57.137Z |
| CVE-2025-69295 |
9.3 (3.1)
|
WordPress Coven Core plugin <= 1.3 - SQL Injection vul… |
TeconceTheme |
Coven Core |
2026-02-20T15:46:45.751Z | 2026-02-24T19:22:56.561Z |
| CVE-2025-67987 |
8.5 (3.1)
|
WordPress Quiz And Survey Master plugin <= 10.3.1 - SQ… |
ExpressTech Systems |
Quiz And Survey Master |
2026-02-20T15:46:31.764Z | 2026-02-24T19:21:20.336Z |
| CVE-2026-23805 |
7.6 (3.1)
|
WordPress Media Search Enhanced plugin <= 0.9.1 - SQL … |
Yoren Chang |
Media Search Enhanced |
2026-02-19T08:26:50.551Z | 2026-02-24T19:21:03.214Z |
| CVE-2026-1459 |
7.2 (3.1)
|
A post-authentication command injection vulnerabi… |
Zyxel |
VMG3625-T50B firmware |
2026-02-24T02:48:35.439Z | 2026-02-24T19:20:03.711Z |
| CVE-2026-27205 |
2.3 (4.0)
|
Flask session does not add `Vary: Cookie` header when … |
pallets |
flask |
2026-02-21T05:21:17.214Z | 2026-02-24T19:03:11.374Z |
| CVE-2026-27199 |
6.3 (4.0)
|
Werkzeug safe_join() allows Windows special device names |
pallets |
werkzeug |
2026-02-21T05:15:53.335Z | 2026-02-24T19:02:19.689Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-24241 | NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an at… | 2026-02-24T20:27:47.620 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23984 | An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated u… | 2026-02-24T14:16:23.307 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23983 | A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to r… | 2026-02-24T14:16:23.143 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23982 | An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user… | 2026-02-24T14:16:22.980 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23980 | Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability i… | 2026-02-24T14:16:22.807 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23969 | Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execu… | 2026-02-24T14:16:22.623 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23859 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-… | 2026-02-24T20:27:47.460 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23858 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input … | 2026-02-24T20:27:47.303 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23678 | Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command i… | 2026-02-24T16:24:08.090 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-22766 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with … | 2026-02-24T20:27:46.957 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-22765 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerabilit… | 2026-02-24T20:27:46.790 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-22553 | All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in… | 2026-02-24T21:16:28.713 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-21410 | InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious … | 2026-02-24T21:16:25.790 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-1773 | IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product… | 2026-02-24T14:16:22.420 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-1772 | RTU500 web interface: An unprivileged user can read user management information. The information ca… | 2026-02-24T14:16:22.180 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-1768 | A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypa… | 2026-02-24T20:27:46.300 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0402 | A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash… | 2026-02-24T15:21:37.410 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0401 | A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to… | 2026-02-24T15:21:37.267 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0400 | A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fi… | 2026-02-24T15:21:37.127 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0399 | Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management … | 2026-02-24T15:21:36.980 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-69985 | FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Executi… | 2026-02-24T16:24:07.120 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-67445 | TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cste… | 2026-02-24T15:21:36.707 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-63409 | Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authe… | 2026-02-24T16:24:06.990 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-62512 | Piwigo is an open source photo gallery application for the web. In version 15.5.0 and likely earlie… | 2026-02-24T18:29:32.930 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-47904 | Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malic… | 2026-02-24T16:24:06.680 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-33181 | NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T20:27:43.127 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-33180 | NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T20:27:42.943 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-33179 | NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T20:27:42.733 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-1789 | Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows use… | 2026-02-24T20:27:42.597 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-1787 | Local admin could to leak information from the Genetec Update Service configuration web page. An au… | 2026-02-24T20:27:42.413 | 2026-02-24T21:52:01.367 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-m3c2-496v-cw3v |
8.7 (4.0)
|
Fiber has an Arbitrary File Read in Static Middleware on Windows | 2026-02-24T20:51:01Z | 2026-02-24T20:51:01Z |
| ghsa-852m-cvvp-9p4w |
5.9 (4.0)
|
Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion | 2026-02-24T20:47:08Z | 2026-02-24T20:47:09Z |
| ghsa-xjhv-v822-pf94 |
6.9 (4.0)
|
Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future | 2026-02-24T20:44:46Z | 2026-02-24T20:44:46Z |
| ghsa-5r3v-vc8m-m96g |
8.9 (4.0)
|
Caddy: Unicode case-folding length expansion causes incorrect split_path index in FastCGI transport | 2026-02-24T20:39:08Z | 2026-02-24T20:39:08Z |
| ghsa-879p-475x-rqh2 |
6.9 (4.0)
|
Caddy is vulnerable to cross-origin config application via local admin API /load | 2026-02-24T20:37:35Z | 2026-02-24T20:37:35Z |
| ghsa-x76f-jf84-rqj8 |
7.7 (4.0)
|
Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth… | 2026-02-24T20:34:01Z | 2026-02-24T20:34:01Z |
| ghsa-g7pc-pc7g-h8jh |
7.7 (4.0)
|
Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth… | 2026-02-24T20:31:31Z | 2026-02-24T20:31:31Z |
| ghsa-hffm-g8v7-wrv7 |
8.8 (4.0)
|
Caddy: mTLS client authentication silently fails open when CA certificate file is missing or malformed | 2026-02-24T20:22:53Z | 2026-02-24T20:22:53Z |
| ghsa-4xrr-hq4w-6vf4 |
6.9 (4.0)
|
Caddy: Improper sanitization of glob characters in file matcher may lead to bypassing security prot… | 2026-02-24T20:16:55Z | 2026-02-24T20:16:56Z |
| ghsa-m2cq-xjgm-f668 |
9.2 (4.0)
|
ActualBudget server is Missing Authentication for SimpleFIN and Pluggy AI bank sync endpoints | 2026-02-24T20:13:30Z | 2026-02-24T20:13:30Z |
| ghsa-hhfx-5x8j-f5f6 |
6.5 (3.1)
|
Payload: Server-Side Request Forgery (SSRF) in External File URL Uploads | 2026-02-24T20:10:32Z | 2026-02-24T20:10:32Z |
| ghsa-4894-xqv6-vrfq |
8.8 (3.1)
|
MindsDB: Path Traversal in /api/files Leading to Remote Code Execution | 2026-02-24T20:07:58Z | 2026-02-24T20:07:59Z |
| ghsa-vxg3-v4p6-f3fp |
6.9 (4.0)
|
Pimcore vulnerable to SQL injection via unsanitized filter value in Dependency Dao RLIKE clause | 2026-02-24T20:03:23Z | 2026-02-24T20:03:23Z |
| ghsa-78qv-3mpx-9cqq |
6.1 (3.1)
8.6 (4.0)
|
NiceGUI vulnerable to XSS via Code Injection during client-side element function execution | 2026-02-24T19:56:18Z | 2026-02-24T19:56:18Z |
| ghsa-gfvx-3cf3-5x6x |
10.0 (4.0)
|
Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes insecure .NET Remoti… | 2026-02-24T18:31:03Z | 2026-02-24T18:31:03Z |
| ghsa-8fr6-83vj-w7xh |
6.2 (4.0)
|
A vulnerability identified in the Trellix HX Agent driver file fekern.sys allowed a threat actor w… | 2026-02-24T18:31:03Z | 2026-02-24T18:31:03Z |
| ghsa-xx53-6qqj-gr7w |
|
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence o… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-xqx8-2c6c-9g3g |
4.9 (3.1)
|
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-xjw5-9f76-gvpv |
7.5 (3.1)
8.7 (4.0)
|
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-xfph-w5p7-mhh4 |
5.4 (3.1)
5.1 (4.0)
|
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior reflect unsanitized… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-xchm-7954-5wvg |
|
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-wcpx-2xqg-ff43 |
|
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-vxjv-c6cq-74m6 |
|
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148 and … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-vrfc-p4p2-v8r2 |
|
Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authe… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-pr9m-7cjw-258w |
4.9 (3.1)
|
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-pq5g-x5q3-3g25 |
4.9 (3.1)
|
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management … | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-p9gc-q2gc-jc6r |
4.2 (3.1)
|
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-m84g-fpm8-mqg8 |
7.5 (3.1)
8.7 (4.0)
|
Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user passwo… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-jvc5-7j9r-q4m6 |
|
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 14… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-jj9w-3m27-jg69 |
8.1 (3.1)
8.6 (4.0)
|
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwor… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-201 |
6.1 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio… | octoprint | 2024-11-05T19:15:05+00:00 | 2025-01-19T16:22:59.154645+00:00 |
| pysec-2024-200 |
7.2 (3.1)
|
JupyterHub is software that allows one to create a multi-user server for Jupyter notebook… | jupyterhub | 2024-08-08T15:15:17+00:00 | 2025-01-19T16:22:58.171761+00:00 |
| pysec-2024-199 |
3.7 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:02+00:00 | 2025-01-19T16:22:57.938459+00:00 |
| pysec-2024-198 |
4.3 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:11+00:00 | 2025-01-19T16:22:57.845317+00:00 |
| pysec-2024-197 |
5.3 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:10+00:00 | 2025-01-19T16:22:57.732726+00:00 |
| pysec-2024-196 |
8.3 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:10+00:00 | 2025-01-19T16:22:57.640183+00:00 |
| pysec-2024-195 |
5.5 (3.1)
|
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow… | apache-airflow | 2024-06-14T09:15:09+00:00 | 2025-01-19T16:22:56.419822+00:00 |
| pysec-2024-194 |
6.1 (3.1)
|
A clickjacking vulnerability exists in zenml-io/zenml versions up to and including 0.55.5… | zenml | 2024-06-06T19:15:54+00:00 | 2025-01-19T13:22:31.835293+00:00 |
| pysec-2024-193 |
3.3 (3.1)
|
An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to imp… | zenml | 2024-06-06T19:15:53+00:00 | 2025-01-19T13:22:31.701775+00:00 |
| pysec-2024-192 |
|
An issue was discovered in llama_index before 0.10.38. download/integration.py includes a… | llama-index | 2024-08-22T20:15:10+00:00 | 2025-01-19T13:22:29.175614+00:00 |
| pysec-2024-191 |
5.5 (3.1)
|
The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2024-10-24T22:15:04+00:00 | 2025-01-19T10:22:29.812605+00:00 |
| pysec-2024-190 |
8.8 (3.1)
|
Apache Airflow 2.4.0, and versions before 2.9.3, has a vulnerability that allows authenti… | apache-airflow | 2024-07-17T08:15:02+00:00 | 2025-01-19T07:21:16.859034+00:00 |
| pysec-2024-189 |
5.4 (3.1)
|
Apache Airflow versions before 2.9.3 have a vulnerability that allows an authenticated at… | apache-airflow | 2024-07-17T08:15:01+00:00 | 2025-01-19T07:21:16.796301+00:00 |
| pysec-2024-188 |
6.1 (3.1)
|
WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Lo… | webob | 2024-08-14T21:15:17+00:00 | 2025-01-19T04:23:01.908824+00:00 |
| pysec-2024-187 |
9.8 (3.1)
|
virtualenv before 20.26.6 allows command injection through the activation scripts for a v… | virtualenv | 2024-11-24T16:15:06+00:00 | 2025-01-19T04:23:01.784352+00:00 |
| pysec-2024-186 |
6.5 (3.1)
|
RestrictedPython is a restricted execution environment for Python to run untrusted code. … | restrictedpython | 2024-09-30T16:15:09+00:00 | 2025-01-19T04:23:01.259448+00:00 |
| pysec-2024-185 |
|
Nebari through 2024.4.1 prints the temporary Keycloak root password. | nebari | 2024-05-06T00:15:10+00:00 | 2025-01-19T04:23:00.951638+00:00 |
| pysec-2024-184 |
7.5 (3.1)
|
A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio ve… | gradio | 2024-06-06T18:15:18+00:00 | 2025-01-19T04:23:00.017053+00:00 |
| pysec-2024-183 |
|
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2024-11-06T15:15:11+00:00 | 2025-01-19T04:22:59.576907+00:00 |
| pysec-2024-182 |
|
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive… | apache-airflow | 2024-11-15T09:15:14+00:00 | 2025-01-19T04:22:59.398988+00:00 |
| pysec-2024-181 |
6.1 (3.1)
|
Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of… | apache-airflow | 2024-08-21T16:15:08+00:00 | 2025-01-19T04:22:59.351008+00:00 |
| pysec-2024-180 |
5.4 (3.1)
|
Stored XSS in organizer and event settings of pretix up to 2024.7.0 allows malicious even… | pretix | 2024-08-23T15:15:17+00:00 | 2025-01-19T01:52:24.493530+00:00 |
| pysec-2024-179 |
4.8 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio… | octoprint | 2024-03-18T22:15:07+00:00 | 2025-01-19T01:52:24.377662+00:00 |
| pysec-2024-178 |
7.5 (3.1)
|
Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 2… | litestar | 2024-11-20T21:15:08+00:00 | 2025-01-19T01:52:23.772726+00:00 |
| pysec-2024-177 |
9.8 (3.1)
|
Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach… | langflow | 2024-06-10T20:15:15+00:00 | 2025-01-19T01:52:23.722576+00:00 |
| pysec-2024-176 |
6.1 (3.1)
|
A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml ver… | zenml | 2024-06-30T16:15:03+00:00 | 2025-01-18T22:21:45.122426+00:00 |
| pysec-2024-175 |
|
WordOps through 3.20.0 has a wo/cli/plugins/stack_pref.py TOCTOU race condition because t… | wordops | 2024-05-06T00:15:10+00:00 | 2025-01-18T22:21:44.991242+00:00 |
| pysec-2024-174 |
4.3 (3.1)
|
Server-Side Request Forgery (SSRF) vulnerability in Apache StreamPipes during installatio… | streampipes | 2024-07-17T09:15:02+00:00 | 2025-01-18T22:21:43.678475+00:00 |
| pysec-2024-173 |
8.8 (3.1)
|
Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such… | streampipes | 2024-07-17T10:15:01+00:00 | 2025-01-18T22:21:43.618882+00:00 |
| pysec-2024-172 |
3.7 (3.1)
|
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache StreamPipes in … | streampipes | 2024-07-17T09:15:02+00:00 | 2025-01-18T22:21:43.557516+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33758 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.500910Z |
| gsd-2024-33710 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.499457Z |
| gsd-2024-33707 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.497095Z |
| gsd-2024-33781 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.495881Z |
| gsd-2024-33679 | Cross-Site Request Forgery (CSRF) vulnerability in FameThemes FameTheme Demo Importer.Thi… | 2024-04-27T05:02:18.492186Z |
| gsd-2024-33777 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.489805Z |
| gsd-2024-33743 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.488662Z |
| gsd-2024-33791 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.488352Z |
| gsd-2024-33747 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.485640Z |
| gsd-2024-33774 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.484899Z |
| gsd-2024-33734 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.482444Z |
| gsd-2024-33740 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.479260Z |
| gsd-2024-33801 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.476298Z |
| gsd-2024-33682 | Cross-Site Request Forgery (CSRF) vulnerability in Cookie Information A/S WP GDPR Complia… | 2024-04-27T05:02:18.470225Z |
| gsd-2024-33709 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.469333Z |
| gsd-2024-33745 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.468253Z |
| gsd-2024-33690 | Cross-Site Request Forgery (CSRF) vulnerability in Jegstudio Financio.This issue affects … | 2024-04-27T05:02:18.467205Z |
| gsd-2024-33808 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.458232Z |
| gsd-2024-33767 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.454953Z |
| gsd-2024-33805 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.453392Z |
| gsd-2024-33711 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.452695Z |
| gsd-2024-33790 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.450431Z |
| gsd-2024-33759 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.447890Z |
| gsd-2024-33680 | Cross-Site Request Forgery (CSRF) vulnerability in MainWP MainWP Child Reports.This issue… | 2024-04-27T05:02:18.444951Z |
| gsd-2024-33715 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.440563Z |
| gsd-2024-33748 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.439408Z |
| gsd-2024-33683 | Cross-Site Request Forgery (CSRF) vulnerability in WP Republic Hide Dashboard Notificatio… | 2024-04-27T05:02:18.438205Z |
| gsd-2024-33755 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.436135Z |
| gsd-2024-33687 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.432624Z |
| gsd-2024-33753 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.430763Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-869 | Malicious code in ritch (PyPI) | 2026-02-12T08:10:35Z | 2026-02-19T22:47:48Z |
| mal-2026-868 | Malicious code in pydantics (PyPI) | 2026-02-12T07:55:49Z | 2026-02-19T22:47:48Z |
| mal-2026-867 | Malicious code in pandaai (PyPI) | 2026-02-12T07:51:33Z | 2026-02-19T22:47:48Z |
| mal-2026-866 | Malicious code in oraceldb (PyPI) | 2026-02-12T08:03:03Z | 2026-02-19T22:47:48Z |
| mal-2026-865 | Malicious code in opentelematry-api (PyPI) | 2026-02-12T07:30:47Z | 2026-02-19T22:47:48Z |
| mal-2026-864 | Malicious code in marshmellow (PyPI) | 2026-02-12T07:10:57Z | 2026-02-19T22:47:48Z |
| mal-2026-863 | Malicious code in krbutils (PyPI) | 2026-02-12T08:00:39Z | 2026-02-19T22:47:48Z |
| mal-2026-938 | Malicious code in pylibcugraphops (PyPI) | 2026-02-19T09:16:31Z | 2026-02-19T09:16:31Z |
| mal-2026-936 | Malicious code in questpro (PyPI) | 2026-02-18T19:43:37Z | 2026-02-18T19:43:37Z |
| mal-2026-937 | Malicious code in telebot-infee (PyPI) | 2026-02-18T19:32:14Z | 2026-02-18T19:32:14Z |
| mal-2026-934 | Malicious code in telebot-infoe (PyPI) | 2026-02-18T18:42:29Z | 2026-02-18T18:42:29Z |
| mal-2026-935 | Malicious code in telebot-infoo (PyPI) | 2026-02-18T18:36:00Z | 2026-02-18T18:36:00Z |
| mal-2026-932 | Malicious code in easyreg (PyPI) | 2026-02-17T23:17:30Z | 2026-02-18T00:36:33Z |
| mal-2026-933 | Malicious code in pywin-simple-gui (PyPI) | 2026-02-17T23:14:17Z | 2026-02-17T23:14:17Z |
| mal-2026-930 | Malicious code in telebot-info (PyPI) | 2026-02-17T20:18:25Z | 2026-02-17T21:16:32Z |
| mal-2026-931 | Malicious code in telebot-infe (PyPI) | 2026-02-17T20:36:23Z | 2026-02-17T20:45:24Z |
| mal-2026-910 | Malicious code in dns-execution-test (PyPI) | 2026-02-15T23:20:54Z | 2026-02-17T11:48:47Z |
| mal-2026-928 | Malicious code in polyutil (PyPI) | 2026-02-17T04:31:14Z | 2026-02-17T04:31:14Z |
| mal-2026-926 | Malicious code in auto-backup-wsl (PyPI) | 2026-01-05T23:50:24Z | 2026-02-17T00:36:40Z |
| mal-2026-925 | Malicious code in auto-backup-wins (PyPI) | 2026-01-05T23:49:57Z | 2026-02-17T00:36:40Z |
| mal-2026-924 | Malicious code in auto-backup-macos (PyPI) | 2026-01-05T23:50:38Z | 2026-02-17T00:36:40Z |
| mal-2026-923 | Malicious code in auto-backup-linux (PyPI) | 2026-01-05T23:50:47Z | 2026-02-17T00:36:40Z |
| mal-2026-927 | Malicious code in polyclawd (PyPI) | 2026-02-16T23:40:13Z | 2026-02-16T23:40:13Z |
| mal-2025-5096 | Malicious code in aliyun-ai-labs-snippets-sdk (PyPI) | 2025-05-19T15:43:26Z | 2026-02-16T14:24:05Z |
| mal-2025-5094 | Malicious code in ai-labs-snippets-sdk (PyPI) | 2025-05-19T15:43:26Z | 2026-02-16T14:24:05Z |
| mal-2026-917 | Malicious code in aliyun-python-sdk-v2 (PyPI) | 2026-02-16T11:28:09Z | 2026-02-16T11:28:09Z |
| mal-2026-916 | Malicious code in alibabacloude (PyPI) | 2026-02-16T11:20:53Z | 2026-02-16T11:20:53Z |
| mal-2026-915 | Malicious code in alibabacloud-code-tool (PyPI) | 2026-02-16T11:19:13Z | 2026-02-16T11:19:13Z |
| mal-2026-913 | Malicious code in groq-ppe-pkg (PyPI) | 2026-02-16T07:09:54Z | 2026-02-16T07:09:54Z |
| mal-2026-912 | Malicious code in http-request-toolkit (PyPI) | 2026-02-16T07:03:21Z | 2026-02-16T07:03:21Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-golang-2025-61730 | Handshake messages may be processed at the incorrect encryption level in crypto/tls | 2026-01-31T08:43:36.684Z | 2026-02-03T09:12:55.720Z |
| bit-ghost-2026-24778 | Ghost vulnerable to XSS via malicious Portal preview links | 2026-02-03T08:40:51.583Z | 2026-02-03T09:12:55.720Z |
| bit-discourse-2026-24742 | Discourse staff action logs expose sensitive information to moderators | 2026-02-02T08:42:31.943Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2026-21865 | Discourse topic conversion permission vulnerability for moderators | 2026-02-02T08:42:28.354Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-69289 | Discourse has insecure default configuration that allows non-admin moderators to takeover any non-staff account via email change | 2026-02-02T08:42:26.675Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-69218 | Discourse moderators can access admin-only reports exposing private upload URLs | 2026-02-02T08:42:24.998Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-68934 | Discourse Has Denial of Service (DoS) Vulnerability in Drafts Creation Endpoint | 2026-02-02T08:42:23.259Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-68933 | Discourse non-admin moderators can exfiltrate private content via post ownership transfer | 2026-02-02T08:42:21.302Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-68666 | Discourse users archives leaked to users with moderation privileges | 2026-02-02T08:42:19.452Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-68662 | FinalDestination hostname matching allows SSRF protection bypass | 2026-02-02T08:42:17.844Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-68660 | Discourse AI Discover's continue conversation allows threat actor to impersonate user | 2026-02-02T08:42:16.289Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-68659 | Discourse has DoS vulnerability in username change endpoint | 2026-02-02T08:42:14.606Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-68479 | Discourse subscriptions are susceptible to takeover | 2026-02-02T08:42:12.613Z | 2026-02-02T09:12:04.887Z |
| bit-discourse-2025-66488 | Discourse allows script execution in uploaded HTML/XML files on S3 | 2026-02-02T08:42:08.194Z | 2026-02-02T09:12:04.887Z |
| bit-node-2026-21637 | 2026-01-26T14:48:02.384Z | 2026-01-31T09:09:11.750Z | |
| bit-node-2026-21636 | 2026-01-26T14:48:00.613Z | 2026-01-31T09:09:11.750Z | |
| bit-node-2025-59466 | 2026-01-26T14:47:58.830Z | 2026-01-31T09:09:11.750Z | |
| bit-node-2025-59464 | 2026-01-26T14:47:55.131Z | 2026-01-31T09:09:11.750Z | |
| bit-joomla-2025-63083 | Joomla! Core - [20260102] - XSS vector in the pagebreak plugin | 2026-01-31T08:43:33.433Z | 2026-01-31T09:09:11.750Z |
| bit-joomla-2025-63082 | Joomla! Core - [20260101] - Inadequate content filtering for data URLs | 2026-01-31T08:43:31.962Z | 2026-01-31T09:09:11.750Z |
| bit-golang-2025-68119 | Unexpected code execution when invoking toolchain in cmd/go | 2026-01-31T08:43:40.539Z | 2026-01-31T09:09:11.750Z |
| bit-golang-2025-61731 | Arbitrary file write using cgo pkg-config directive in cmd/go | 2026-01-31T08:43:38.643Z | 2026-01-31T09:09:11.750Z |
| bit-golang-2025-61728 | Excessive CPU consumption when building archive index in archive/zip | 2026-01-31T08:43:32.870Z | 2026-01-31T09:09:11.750Z |
| bit-golang-2025-61726 | Memory exhaustion in query parameter parsing in net/url | 2026-01-31T08:43:29.079Z | 2026-01-31T09:09:11.750Z |
| bit-discourse-2026-23743 | Discourse allows permalinks to restricted resources to leak resource slugs to unauthorized users | 2026-01-31T08:42:04.050Z | 2026-01-31T09:09:11.750Z |
| bit-gitea-2026-20912 | Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure | 2026-01-30T08:40:49.607Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20904 | Gitea: Broken access control in OpenID visibility toggle enables cross-user visibility changes | 2026-01-30T08:40:47.849Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20897 | Gitea Git LFS Lock Deletion Broken Access Control (Cross-Repo IDOR) | 2026-01-30T08:40:45.840Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20888 | Gitea Pull Requests Auto-Merge: Read-Only Users Can Cancel Scheduled Auto-Merge via Web Endpoint (Authorization Bypass) | 2026-01-30T08:40:43.950Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20883 | Gitea Stopwatch API Missing Authorization Check Leads to Post-Revocation Information Disclosure | 2026-01-30T08:40:41.879Z | 2026-01-30T09:12:31.676Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-kc06686 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:10:53.141957Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-jx43631 | Within HostnameError | 2026-01-30T15:06:23.337190Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-jr48309 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T16:11:25.334563Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-jm36781 | Within HostnameError | 2026-01-30T14:37:22.513933Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-iy17697 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T16:37:55.497960Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-il25782 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:09:53.055759Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ib84500 | security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion | 2026-01-30T16:29:55.343868Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ib05679 | Within HostnameError | 2026-01-30T15:06:23.436295Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ia26094 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:51:22.634752Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hy43775 | Within HostnameError | 2026-01-30T14:46:52.607713Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hv28992 | Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3 | 2026-01-30T15:55:24.450018Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ht23337 | flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm | 2026-01-30T17:15:56.746125Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hl71566 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T16:50:56.129322Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hj34439 | Go before 1 | 2026-01-30T16:39:55.415446Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hj04971 | vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT | 2026-01-30T17:21:56.808972Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hg66170 | Cancelling a query (e | 2026-01-30T15:35:23.809128Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hf39630 | potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf | 2026-01-30T17:20:56.632450Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-gs30434 | Within HostnameError | 2026-01-30T14:35:22.588418Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-gq48460 | Cancelling a query (e | 2026-01-30T16:26:55.253385Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-gj12884 | Within HostnameError | 2026-01-30T16:31:25.827659Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-gc16599 | Cancelling a query (e | 2026-01-30T15:46:54.243517Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fz95989 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:40:52.734894Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fs64938 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:24:53.185811Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fr57243 | Cancelling a query (e | 2026-01-30T14:52:52.746706Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fr00621 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T14:36:52.496829Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fn26367 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:10:23.074072Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fn12833 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security) | 2026-01-30T16:25:25.422564Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fm00685 | Cancelling a query (e | 2026-01-30T15:07:53.091254Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fd27182 | Cancelling a query (e | 2026-01-30T15:02:52.949683Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-er42900 | ParseAddress function constructs domain-literal address components through repeated string concatenation | 2026-01-30T15:41:23.817747Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2024-059 | 2024-11-13T17:36:48.000Z | 2025-02-20T20:06:05.000Z | |
| drupal-contrib-2024-058 | 2024-11-06T16:28:56.000Z | 2025-02-20T20:05:57.000Z | |
| drupal-contrib-2024-056 | 2024-10-30T17:11:24.000Z | 2025-02-20T20:05:41.000Z | |
| drupal-contrib-2024-055 | 2024-10-30T17:07:09.000Z | 2025-02-20T20:05:30.000Z | |
| drupal-contrib-2024-052 | 2024-10-23T15:45:47.000Z | 2025-02-20T20:05:19.000Z | |
| drupal-contrib-2024-042 | 2024-10-02T16:15:59.000Z | 2025-02-20T19:27:15.000Z | |
| drupal-contrib-2024-043 | 2024-10-02T16:20:48.000Z | 2025-02-20T19:27:03.000Z | |
| drupal-contrib-2024-044 | 2024-10-02T16:27:12.000Z | 2025-02-20T19:26:51.000Z | |
| drupal-contrib-2024-045 | 2024-10-09T15:48:10.000Z | 2025-02-20T19:26:40.000Z | |
| drupal-contrib-2024-046 | 2024-10-09T15:48:11.000Z | 2025-02-20T19:26:30.000Z | |
| drupal-contrib-2024-047 | 2024-10-09T15:54:27.000Z | 2025-02-20T19:26:17.000Z | |
| drupal-contrib-2024-048 | 2024-10-09T15:56:35.000Z | 2025-02-20T19:26:05.000Z | |
| drupal-contrib-2024-049 | 2024-10-09T16:40:07.000Z | 2025-02-20T19:25:53.000Z | |
| drupal-contrib-2024-050 | 2024-10-23T12:09:48.000Z | 2025-02-20T19:25:41.000Z | |
| drupal-contrib-2024-033 | 2024-08-28T15:32:41.000Z | 2025-02-20T19:24:02.000Z | |
| drupal-contrib-2024-034 | 2024-09-04T15:35:55.000Z | 2025-02-20T19:23:44.000Z | |
| drupal-contrib-2024-035 | 2024-09-04T15:40:44.000Z | 2025-02-20T19:23:27.000Z | |
| drupal-contrib-2024-036 | 2024-09-04T15:42:05.000Z | 2025-02-20T19:23:09.000Z | |
| drupal-contrib-2024-037 | 2024-09-04T16:15:41.000Z | 2025-02-20T19:22:50.000Z | |
| drupal-contrib-2024-038 | 2024-09-04T16:20:17.000Z | 2025-02-20T19:22:30.000Z | |
| drupal-contrib-2024-039 | 2024-09-11T16:21:22.000Z | 2025-02-20T19:22:14.000Z | |
| drupal-contrib-2024-021 | 2024-05-22T16:21:55.000Z | 2025-02-20T19:14:35.000Z | |
| drupal-contrib-2024-022 | 2024-05-29T16:44:55.000Z | 2025-02-20T19:14:10.000Z | |
| drupal-contrib-2024-023 | 2024-05-29T16:52:42.000Z | 2025-02-20T19:13:53.000Z | |
| drupal-contrib-2024-024 | 2024-05-29T16:58:59.000Z | 2025-02-20T19:13:35.000Z | |
| drupal-contrib-2024-025 | 2024-06-05T16:45:02.000Z | 2025-02-20T19:13:15.000Z | |
| drupal-contrib-2024-026 | 2024-07-31T15:59:06.000Z | 2025-02-20T19:12:56.000Z | |
| drupal-contrib-2024-027 | 2024-08-07T17:19:30.000Z | 2025-02-20T19:12:37.000Z | |
| drupal-contrib-2024-028 | 2024-08-07T17:30:20.000Z | 2025-02-20T19:12:22.000Z | |
| drupal-contrib-2024-029 | 2024-08-07T17:36:15.000Z | 2025-02-20T19:12:05.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-008783 | Firebox T15 contains an issue with hidden functionality | 2025-07-14T17:22+09:00 | 2025-07-14T17:22+09:00 |
| jvndb-2025-008145 | Epson Web Installer for Mac vulnerable to missing authentication for critical function | 2025-07-08T14:08+09:00 | 2025-07-08T14:08+09:00 |
| jvndb-2025-008106 | Heap-based buffer overflow vulnerability in V-SFT and TELLUS | 2025-07-07T16:26+09:00 | 2025-07-07T16:26+09:00 |
| jvndb-2025-008105 | Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521) | 2025-07-07T16:04+09:00 | 2025-07-07T16:04+09:00 |
| jvndb-2025-000047 | Multiple vulnerabilities in Nimesa Backup and Recovery | 2025-07-07T15:26+09:00 | 2025-07-07T15:26+09:00 |
| jvndb-2025-007978 | Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837) | 2025-07-04T13:28+09:00 | 2025-07-04T13:28+09:00 |
| jvndb-2025-000045 | Multiple vulnerabilities in Active! mail | 2025-07-02T14:13+09:00 | 2025-07-02T14:13+09:00 |
| jvndb-2025-007754 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2025-07-02T11:31+09:00 | 2025-07-02T11:31+09:00 |
| jvndb-2025-007607 | Pass-Back Attack vulnerability in Konica Minorta bizhub series | 2025-07-01T14:09+09:00 | 2025-07-01T14:09+09:00 |
| jvndb-2025-007595 | Multiple vulnerabilities in Web Connection of Konica Minolta MFPs | 2025-07-01T14:02+09:00 | 2025-07-01T14:02+09:00 |
| jvndb-2025-000046 | SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting | 2025-06-30T15:45+09:00 | 2025-06-30T15:45+09:00 |
| jvndb-2025-007552 | Multiple vulnerabilities in TB-eye network recorders and AHD recorders | 2025-06-30T14:45+09:00 | 2025-06-30T14:45+09:00 |
| jvndb-2024-004595 | Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series | 2024-07-29T17:51+09:00 | 2025-06-30T09:56+09:00 |
| jvndb-2025-000043 | Multiple vulnerabilities in iroha Board | 2025-06-26T15:13+09:00 | 2025-06-26T15:13+09:00 |
| jvndb-2025-000042 | Inefficient regular expressions in GROWI | 2025-06-24T15:25+09:00 | 2025-06-24T15:25+09:00 |
| jvndb-2025-007390 | Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385) | 2025-06-24T11:18+09:00 | 2025-06-24T11:18+09:00 |
| jvndb-2025-000040 | KCM3100 vulnerable to authentication bypass using an alternate path or channel | 2025-06-18T13:42+09:00 | 2025-06-18T13:42+09:00 |
| jvndb-2025-000039 | Multiple vulnerabilities in RICOH Streamline NX PC Client | 2025-06-13T16:09+09:00 | 2025-06-13T16:09+09:00 |
| jvndb-2025-000038 | UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints | 2025-06-12T15:56+09:00 | 2025-06-12T15:56+09:00 |
| jvndb-2025-000037 | Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery | 2025-06-06T13:56+09:00 | 2025-06-06T13:56+09:00 |
| jvndb-2025-000036 | TimeWorks vulnerable to path traversal | 2025-06-03T15:35+09:00 | 2025-06-03T15:35+09:00 |
| jvndb-2025-000035 | Improper file access permission settings in PC Time Tracer | 2025-06-03T14:40+09:00 | 2025-06-03T14:40+09:00 |
| jvndb-2025-000034 | Multiple vulnerabilities in wivia 5 | 2025-05-30T15:57+09:00 | 2025-05-30T15:57+09:00 |
| jvndb-2025-001238 | Multiple out-of-bounds write vulnerabilities in Canon Office/Small Office Multifunction Printers and Laser Printers | 2025-01-29T13:41+09:00 | 2025-05-27T16:06+09:00 |
| jvndb-2025-000032 | Mailform Pro CGI generating error messages containing sensitive information | 2025-05-26T14:22+09:00 | 2025-05-26T14:22+09:00 |
| jvndb-2025-000033 | Improper pattern file validation in i-FILTER optional feature 'Anti-Virus & Sandbox' | 2025-05-23T15:36+09:00 | 2025-05-23T15:36+09:00 |
| jvndb-2025-005467 | Passback vulnerabilities in Canon Production Printers, Office/Small Office Multifunction Printers, and Laser Printers | 2025-05-22T15:03+09:00 | 2025-05-22T15:03+09:00 |
| jvndb-2024-000117 | Stack-based buffer overflow vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2024-10-31T16:44+09:00 | 2025-05-19T17:59+09:00 |
| jvndb-2025-005107 | Multiple vulnerabilities in V-SFT | 2025-05-16T14:32+09:00 | 2025-05-16T14:32+09:00 |
| jvndb-2025-005057 | Multiple vulnerabilities in I-O DATA network attached hard disk 'HDL-T Series' | 2025-05-15T18:27+09:00 | 2025-05-15T18:27+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-09791 | Apache Linkis授权问题漏洞 | 2026-01-30 | 2026-01-30 |
| cnvd-2026-09790 | Apache Airflow信息泄露漏洞 | 2026-01-30 | 2026-01-30 |
| cnvd-2026-09789 | Apache Hadoop HDFS越界写入漏洞 | 2026-01-30 | 2026-01-30 |
| cnvd-2026-08344 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08344) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08340 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08340) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08339 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08339) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08338 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08338) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08337 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08337) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08336 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08336) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08335 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08335) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08334 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08334) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08333 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08333) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08332 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08332) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08331 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08331) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08330 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08330) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08329 | Juniper Networks Junos Space跨站脚本漏洞(CNVD-2026-08329) | 2025-10-15 | 2026-01-30 |
| cnvd-2026-08359 | Google Android拒绝服务漏洞(CNVD-2026-08359) | 2025-09-04 | 2026-01-29 |
| cnvd-2026-08358 | Google Android权限提升漏洞(CNVD-2026-08358) | 2025-09-04 | 2026-01-29 |
| cnvd-2026-08357 | Google Android信息泄露漏洞(CNVD-2026-08357) | 2025-09-04 | 2026-01-29 |
| cnvd-2026-08356 | Google Android权限提升漏洞(CNVD-2026-08356) | 2025-09-04 | 2026-01-29 |
| cnvd-2026-08355 | Google Android权限提升漏洞(CNVD-2026-08355) | 2025-09-04 | 2026-01-29 |
| cnvd-2026-08354 | Google Android信息泄露漏洞(CNVD-2026-08354) | 2025-09-04 | 2026-01-29 |
| cnvd-2026-08353 | Google Android权限提升漏洞(CNVD-2026-08353) | 2025-09-04 | 2026-01-29 |
| cnvd-2026-08352 | Google Android权限提升漏洞(CNVD-2026-08352) | 2025-09-04 | 2026-01-29 |
| cnvd-2026-08351 | Google Android信息泄露漏洞(CNVD-2026-08351) | 2025-09-08 | 2026-01-29 |
| cnvd-2026-08350 | Google Android权限提升漏洞(CNVD-2026-08350) | 2025-09-08 | 2026-01-29 |
| cnvd-2026-08349 | Google Android权限提升漏洞(CNVD-2026-08349) | 2025-09-08 | 2026-01-29 |
| cnvd-2026-08348 | Google Android权限提升漏洞(CNVD-2026-08348) | 2025-09-08 | 2026-01-29 |
| cnvd-2026-08347 | Google Android权限提升漏洞(CNVD-2026-08347) | 2025-09-08 | 2026-01-29 |
| cnvd-2026-08346 | Google Android权限提升漏洞(CNVD-2026-08346) | 2025-09-08 | 2026-01-29 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2025-15695 | Уязвимость компонента drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c ядра операционной с… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15694 | Уязвимость функции br_multicast_query_expired() компонента net/bridge/br_multicast.c ядра… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15693 | Уязвимость функции destroy_args() компонента mm/debug_vm_pgtable.c ядра операционной сист… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15692 | Уязвимость компонента ufs-exynos.c ядра операционной системы Linux, позволяющая нарушител… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15690 | Уязвимость компонента drivers/bus ядра операционной системы Linux, позволяющая нарушителю… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15688 | Уязвимость компонента fs/nfs ядра операционной системы Linux, позволяющая нарушителю полу… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15687 | Уязвимость компонента dwc3 ядра операционной системы Linux, позволяющая нарушителю вызват… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15686 | Уязвимость функции mt_report_fixup() ядра операционной системы Linux, позволяющая нарушит… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15683 | Уязвимость функции trace_printk_seq() ядра операционной системы Linux, связанная с неконт… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15682 | Уязвимость компонента efivarfs ядра операционной системы Linux, позволяющая нарушителю вы… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15680 | Уязвимость компонента fs/smb ядра операционной системы Linux, позволяющая нарушителю вызв… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15679 | Уязвимость компонента inode.c ядра операционной системы Linux, позволяющая нарушителю пол… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15678 | Уязвимость компонентов rose ядра операционной системы Linux, позволяющая нарушителю получ… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15677 | Уязвимость компонента rose_route.c ядра операционной системы Linux, позволяющая нарушител… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15676 | Уязвимость компонента xfs ядра операционной системы Linux, позволяющая нарушителю вызвать… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15674 | Уязвимость модуля wifi ядра операционной системы Linux, позволяющая нарушителю получить д… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15669 | Уязвимость компонента slub.c ядра операционной системы Linux, позволяющая нарушителю вызв… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15667 | Уязвимость функции do_validate_mem() компонента rsrc_nonstatic.c ядра операционной систем… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15665 | Уязвимость компонента arch/x86 ядра операционной системы Linux, позволяющая нарушителю по… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15660 | Уязвимость компонента fs/hfsplus/unicode.c ядра операционной системы Linux, позволяющая н… | 14.12.2025 | 16.02.2026 |
| bdu:2025-15659 | Уязвимость компонента fs/hfsplus/bnode.c ядра операционной системы Linux, позволяющая нар… | 14.12.2025 | 16.02.2026 |
| bdu:2025-15658 | Уязвимость компонента netfilter ядра операционной системы Linux, позволяющая нарушителю в… | 14.12.2025 | 16.02.2026 |
| bdu:2025-15559 | Уязвимость функции sqlite3KeyInfoFromExprList системы управления базами данных SQLite, по… | 11.12.2025 | 16.02.2026 |
| bdu:2025-15558 | Уязвимость реализации протокола IEEE 802.11 ядра операционной системы Linux, позволяющая … | 11.12.2025 | 16.02.2026 |
| bdu:2025-15556 | Уязвимость компонента jfs_imap.c ядра операционной системы Linux, позволяющая нарушителю … | 11.12.2025 | 16.02.2026 |
| bdu:2025-15555 | Уязвимость компонента ksmbd ядра операционной системы Linux, позволяющая нарушителю вызва… | 11.12.2025 | 16.02.2026 |
| bdu:2025-15554 | Уязвимость ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | 11.12.2025 | 16.02.2026 |
| bdu:2025-15553 | Уязвимость компонента net/sched ядра операционной системы Linux, позволяющая нарушителю в… | 11.12.2025 | 16.02.2026 |
| bdu:2025-15552 | Уязвимость компонента eventpoll ядра операционной системы Linux, позволяющая нарушителю в… | 11.12.2025 | 16.02.2026 |
| bdu:2025-15551 | Уязвимость функции nf_tables_updchain компонента net/netfilter/nf_tables_api.c ядра опера… | 11.12.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0057 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0056 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0055 | Multiples vulnérabilités dans GLPI | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0054 | Multiples vulnérabilités dans Centreon Infra Monitoring | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0053 | Vulnérabilité dans Traefik | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2025-avi-1122 | Multiples vulnérabilités dans Mattermost Server | 2025-12-18T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0051 | Multiples vulnérabilités dans les produits Mozilla | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0050 | Multiples vulnérabilités dans les produits Juniper Networks | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0049 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0048 | Multiples vulnérabilités dans Wireshark | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0047 | Vulnérabilité dans F5 NGINX Ingress Controller | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0038 | Multiples vulnérabilités dans les produits Mozilla | 2026-01-14T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0046 | Multiples vulnérabilités dans les produits Microsoft | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0045 | Multiples vulnérabilités dans Microsoft Azure | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0044 | Multiples vulnérabilités dans Microsoft Windows | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0043 | Multiples vulnérabilités dans Microsoft Office | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0042 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0041 | Multiples vulnérabilités dans les produits Elastic | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0040 | Multiples vulnérabilités dans Google Chrome | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0039 | Multiples vulnérabilités dans Node.js | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0037 | Multiples vulnérabilités dans Typo3 | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0036 | Multiples vulnérabilités dans Suricata | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0035 | Multiples vulnérabilités dans les produits Fortinet | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0034 | Multiples vulnérabilités dans les produits SAP | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0033 | Multiples vulnérabilités dans les produits Schneider Electric | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0032 | Multiples vulnérabilités dans les produits Siemens | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0031 | Vulnérabilité dans le greffon VSCode pour Spring CLI | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0030 | Vulnérabilité dans MISP | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0029 | Multiples vulnérabilités dans VMware Tanzu Gemfire | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0028 | Multiples vulnérabilités dans MariaDB | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2017-ale-006 | Multiples vulnérabilités dans SCADA Siemens RUGGEDCOM ROX I | 2017-03-29T00:00:00.000000 | 2017-03-29T00:00:00.000000 |
| certfr-2017-ale-003 | Vulnérabilité dans les navigateurs Microsoft | 2017-02-27T00:00:00.000000 | 2017-03-15T00:00:00.000000 |
| certfr-2017-ale-002 | Vulnérabilité dans Microsoft Windows | 2017-02-20T00:00:00.000000 | 2017-03-15T00:00:00.000000 |
| certfr-2017-ale-001 | Vulnérabilité dans Cisco WebEx | 2017-01-25T00:00:00.000000 | 2017-01-31T00:00:00.000000 |
| certfr-2016-ale-009 | Campagne d'attaque contre des routeurs DSL | 2016-12-01T00:00:00.000000 | 2017-01-26T00:00:00.000000 |
| certfr-2016-ale-010 | Vulnérabilité dans les routeurs Netgear | 2016-12-13T00:00:00.000000 | 2016-12-26T00:00:00.000000 |
| certfr-2016-ale-006 | Campagne de messages électroniques non sollicités de type Zepto/Odin | 2016-09-05T00:00:00.000000 | 2016-11-17T00:00:00.000000 |
| certfr-2016-ale-008 | Vulnérabilité dans Microsoft Windows | 2016-11-02T00:00:00.000000 | 2016-11-09T00:00:00.000000 |
| certfr-2016-ale-007 | Vulnérabilité dans Cisco IOS, IOS XE et IOS XR | 2016-09-19T00:00:00.000000 | 2016-09-19T00:00:00.000000 |
| certfr-2016-ale-005 | Multiples vulnérabilités dans les pare-feux Cisco | 2016-08-18T00:00:00.000000 | 2016-09-05T00:00:00.000000 |
| certfr-2015-ale-013 | Vulnérabilité dans Joomla! | 2015-12-14T00:00:00.000000 | 2016-08-01T00:00:00.000000 |
| certfr-2016-ale-004 | Vulnérabilité dans Adobe Flash Player | 2016-06-15T00:00:00.000000 | 2016-06-16T00:00:00.000000 |
| certfr-2016-ale-003 | Vulnérabilité dans Adobe Flash Player | 2016-05-11T00:00:00.000000 | 2016-05-12T00:00:00.000000 |
| certfr-2015-ale-014 | Vulnérabilité dans Juniper ScreenOS | 2015-12-18T00:00:00.000000 | 2016-04-11T00:00:00.000000 |
| certfr-2016-ale-002 | Vulnérabilité dans Adobe Flash Player | 2016-04-06T00:00:00.000000 | 2016-04-08T00:00:00.000000 |
| certfr-2016-ale-001 | Campagne de messages électroniques non sollicités de type Locky | 2016-02-19T00:00:00.000000 | 2016-04-07T00:00:00.000000 |
| certfr-2015-ale-015 | Campagne de messages électroniques non sollicités de type TeslaCrypt | 2015-12-21T00:00:00.000000 | 2016-03-10T00:00:00.000000 |
| certfr-2015-ale-009 | Vulnérabilité dans Apple Mac OS X | 2015-07-24T00:00:00.000000 | 2015-12-22T00:00:00.000000 |
| certfr-2015-ale-012 | Campagne de messages électroniques non sollicités de type Dridex | 2015-10-23T00:00:00.000000 | 2015-11-26T00:00:00.000000 |
| certfr-2015-ale-011 | Vulnérabilité dans Adobe Flash Player | 2015-10-14T00:00:00.000000 | 2015-10-19T00:00:00.000000 |
| certfr-2015-ale-010 | Multiples vulnérabilités dans Google Android | 2015-07-28T00:00:00.000000 | 2015-10-06T00:00:00.000000 |
| certfr-2015-ale-008 | Vulnérabilité dans le pilote de gestion des polices de caractères de Microsoft Windows | 2015-07-20T00:00:00.000000 | 2015-07-30T00:00:00.000000 |
| certfr-2015-ale-007 | Vulnérabilité dans Oracle Java SE | 2015-07-13T00:00:00.000000 | 2015-07-20T00:00:00.000000 |
| certfr-2015-ale-006 | Vulnérabilité dans Adobe Flash Player | 2015-07-11T00:00:00.000000 | 2015-07-20T00:00:00.000000 |
| certfr-2015-ale-005 | Vulnérabilité dans Adobe Flash Player | 2015-07-08T00:00:00.000000 | 2015-07-10T00:00:00.000000 |
| certfr-2015-ale-003 | Nouvelle campagne d'hameçonnage de type rançongiciel | 2015-02-05T00:00:00.000000 | 2015-07-10T00:00:00.000000 |
| certfr-2015-ale-004 | Vulnérabilité dans Microsoft Internet Explorer | 2015-02-10T00:00:00.000000 | 2015-03-31T00:00:00.000000 |
| certfr-2015-ale-002 | Vulnérabilité dans Adobe Flash Player | 2015-02-02T00:00:00.000000 | 2015-02-05T00:00:00.000000 |
| certfr-2015-ale-001 | Vulnérabilité dans Adobe Flash Player | 2015-01-22T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-011 | Vulnérabilité de l'implémentation Kerberos dans Microsoft Windows | 2014-11-18T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2024-395 | Use-of-uninitialized-value in pcapint_filter_with_aux_data | 2024-05-01T00:04:54.392345Z | 2025-12-31T14:19:24.719836Z |
| osv-2024-793 | Heap-buffer-overflow in H5HL__fl_deserialize | 2024-08-16T00:01:45.237305Z | 2025-12-31T14:19:11.515108Z |
| osv-2023-444 | Heap-buffer-overflow in opj_jp2_apply_pclr | 2023-05-31T14:02:00.753503Z | 2025-12-31T14:18:46.286556Z |
| osv-2022-394 | Incorrect-function-pointer-type in cv::split | 2022-05-04T00:00:27.326853Z | 2025-12-31T14:15:38.077191Z |
| osv-2025-1049 | Heap-buffer-overflow in unsigned char* std::__1::vector<unsigned char, std::__1::allocator<unsigned char | 2025-12-31T00:18:06.669541Z | 2025-12-31T00:18:06.670109Z |
| osv-2023-137 | Heap-buffer-overflow in OT::Layout::Common::Coverage::get_population | 2023-03-03T13:00:38.278632Z | 2025-12-28T14:11:53.546267Z |
| osv-2022-834 | Heap-use-after-free in mk_event_timeout_destroy | 2022-09-04T00:00:31.605787Z | 2025-12-24T14:22:31.811787Z |
| osv-2022-1277 | Heap-use-after-free in mk_event_timeout_destroy | 2023-06-26T14:01:01.876870Z | 2025-12-24T14:19:36.252391Z |
| osv-2024-1348 | Heap-buffer-overflow in glslang::HlslGrammar::acceptDeclaration | 2024-12-10T00:00:50.788Z | 2025-12-23T15:50:48.626100Z |
| osv-2024-1355 | UNKNOWN READ in glslang::TInfoSinkBase::location | 2024-12-10T00:08:00.540533Z | 2025-12-23T15:50:47.917708Z |
| osv-2024-1346 | UNKNOWN READ in glslang::HlslTokenStream::advanceToken | 2024-12-10T00:00:20.380006Z | 2025-12-23T15:50:47.126469Z |
| osv-2024-1343 | Container-overflow in glslang::HlslParseContext::decomposeIntrinsic | 2024-11-27T00:13:21.103465Z | 2025-12-23T15:50:45.708425Z |
| osv-2025-565 | Heap-buffer-overflow in pcpp::IPv6Address::IPv6Address | 2025-07-21T00:09:57.314960Z | 2025-12-22T14:22:23.333531Z |
| osv-2024-953 | UNKNOWN READ in pcpp::PcapNgFileReaderDevice::getNextPacket | 2024-08-16T00:13:41.933683Z | 2025-12-22T14:21:34.886075Z |
| osv-2024-954 | Use-of-uninitialized-value in pcpp::MplsLayer::toString | 2024-08-16T00:13:43.824630Z | 2025-12-22T14:21:33.246456Z |
| osv-2024-816 | Use-of-uninitialized-value in pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toString | 2024-08-16T00:02:36.618439Z | 2025-12-22T14:21:20.173609Z |
| osv-2024-812 | Use-of-uninitialized-value in pcpp::PcapFileWriterDevice::writePacket | 2024-08-16T00:02:26.387902Z | 2025-12-22T14:21:19.473015Z |
| osv-2024-360 | Heap-buffer-overflow in pcpp::TelnetLayer::getFieldLen | 2024-04-30T00:05:53.016170Z | 2025-12-22T14:20:47.423159Z |
| osv-2024-369 | Segv on unknown address in pcpp::IPv6Layer::~IPv6Layer | 2024-04-30T00:07:01.572543Z | 2025-12-22T14:20:46.950585Z |
| osv-2024-334 | Heap-buffer-overflow in readParsedPacket | 2024-04-30T00:01:24.720399Z | 2025-12-22T14:20:39.449858Z |
| osv-2023-952 | Heap-buffer-overflow in back_passDoAction | 2023-10-02T13:03:05.682426Z | 2025-12-22T14:19:45.912864Z |
| osv-2024-1023 | Use-of-uninitialized-value in pcpp::SomeIpLayer::parseSomeIpLayer | 2024-08-16T00:17:01.984623Z | 2025-12-22T14:18:12.391769Z |
| osv-2025-718 | Heap-buffer-overflow in pcpp::ArpLayer::toString | 2025-09-10T00:08:49.177204Z | 2025-12-22T14:17:36.857810Z |
| osv-2023-1306 | Heap-use-after-free in pcpp::TLVRecordReader<pcpp::DhcpOption>::getTLVRecord | 2023-12-15T00:10:21.932370Z | 2025-12-22T14:15:50.738544Z |
| osv-2023-1232 | Heap-buffer-overflow in pcpp::TLSECPointFormatExtension::getECPointFormatList | 2023-11-28T13:01:23.208343Z | 2025-12-22T14:15:49.713990Z |
| osv-2023-1150 | Heap-buffer-overflow in pcpp::computeChecksum | 2023-11-13T13:01:45.923889Z | 2025-12-22T14:15:48.387128Z |
| osv-2022-819 | Use-of-uninitialized-value in init_main_qtable | 2022-09-02T00:00:49.565627Z | 2025-12-22T14:15:44.411248Z |
| osv-2025-994 | Heap-buffer-overflow in rx_icmp | 2025-12-18T00:00:43.710332Z | 2025-12-21T14:32:46.078182Z |
| osv-2025-1004 | Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal | 2025-12-21T00:18:27.214786Z | 2025-12-21T00:18:27.215115Z |
| osv-2025-1001 | Dynamic-stack-buffer-overflow in _ox_err_set_with_location | 2025-12-21T00:04:56.743119Z | 2025-12-21T00:04:56.743638Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2024-0362 | Stack overflow when parsing specially crafted JSON ABI strings | 2024-07-30T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0360 | `XmpFile::close` can trigger UB | 2024-07-26T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0358 | Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files | 2024-07-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0357 | `MemBio::get_buf` has undefined behavior with empty buffers | 2024-07-21T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0347 | Incorrect usage of `#[repr(packed)]` | 2024-07-01T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0346 | Incorrect usage of `#[repr(packed)]` | 2024-07-01T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0345 | Low severity (DoS) vulnerability in sequoia-openpgp | 2024-06-26T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0344 | Timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub` | 2024-06-18T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0340 | Tor path lengths too short when "full Vanguards" configured | 2024-05-15T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0338 | Arithmetic overflows in cosmwasm-std | 2024-04-24T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0012 | Stack overflow during recursive JSON parsing | 2024-01-24T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0011 | Unauthenticated Nonce Increment in snow | 2024-01-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0006 | Multiple issues involving quote API | 2024-01-21T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0087 | `MaybeUninit` misuse in `simd-json-derive` | 2023-10-14T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0086 | Multiple soundness issues | 2023-09-03T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0080 | Buffer overflow due to integer overflow in `transpose` | 2023-12-18T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0077 | Remotely exploitable DoS condition in Rosenpass <=0.2.0 | 2023-11-04T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0068 | Sequential calls of encryption API (`encrypt`, `wrap`, and `dump`) result in nonce reuse | 2023-10-15T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0064 | gix-transport code execution vulnerability | 2023-09-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0044 | `openssl` `X509VerifyParamRef::set_host` buffer over-read | 2023-06-20T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0039 | Out-of-bounds array access leads to panic | 2023-05-16T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2023-0038 | Out-of-bounds array access leads to panic | 2023-05-16T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2022-0101 | Miscompilation of constant values in division on AArch64 | 2022-07-05T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2022-0096 | Invalid drop of VMExternRef from partially-initialized instances in the pooling instance allocator | 2022-02-17T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2022-0094 | Mimalloc Can Allocate Memory with Bad Alignment | 2022-11-23T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2022-0093 | Double Public Key Signing Function Oracle Attack on `ed25519-dalek` | 2022-06-11T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2021-0154 | Uninitalized memory read & leak caused by fuser crate | 2021-09-10T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2021-0132 | Integer overflow in the bundled Brotli C library | 2021-12-20T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0112 | Possible host crash with host-to-wasm component intrinsics | 2025-07-18T12:00:00Z | 2025-10-25T11:20:30Z |
| rustsec-2025-0110 | astral-tokio-tar Vulnerable to PAX Header Desynchronization | 2025-10-21T12:00:00Z | 2025-10-25T11:18:52Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:0470 | Important: podman security update | 2026-01-12T00:00:00Z | 2026-01-16T15:18:30Z |
| alsa-2026:0491 | Moderate: postgresql security update | 2026-01-13T00:00:00Z | 2026-01-16T15:16:39Z |
| alsa-2026:0519 | Moderate: postgresql:16 security update | 2026-01-13T00:00:00Z | 2026-01-16T15:14:12Z |
| alsa-2026:0523 | Moderate: postgresql:13 security update | 2026-01-13T00:00:00Z | 2026-01-16T15:11:39Z |
| alsa-2026:0524 | Moderate: postgresql:15 security update | 2026-01-13T00:00:00Z | 2026-01-16T15:09:07Z |
| alsa-2026:0525 | Moderate: postgresql16 security update | 2026-01-13T00:00:00Z | 2026-01-16T15:06:52Z |
| alsa-2026:0545 | Important: podman security update | 2026-01-14T00:00:00Z | 2026-01-16T15:04:20Z |
| alsa-2026:0594 | Moderate: libpq security update | 2026-01-14T00:00:00Z | 2026-01-16T15:02:50Z |
| alsa-2026:0596 | Moderate: cups security update | 2026-01-14T00:00:00Z | 2026-01-16T14:59:53Z |
| alsa-2026:0605 | Moderate: vsftpd security update | 2026-01-14T00:00:00Z | 2026-01-16T14:57:43Z |
| alsa-2026:0606 | Moderate: vsftpd security update | 2026-01-14T00:00:00Z | 2026-01-16T14:56:39Z |
| alsa-2026:0608 | Moderate: vsftpd security update | 2026-01-14T00:00:00Z | 2026-01-16T14:54:25Z |
| alsa-2026:0668 | Important: net-snmp security update | 2026-01-15T00:00:00Z | 2026-01-16T14:53:15Z |
| alsa-2026:0694 | Important: firefox security update | 2026-01-15T00:00:00Z | 2026-01-16T14:51:10Z |
| alsa-2026:0695 | Moderate: libpq security update | 2026-01-15T00:00:00Z | 2026-01-16T14:48:26Z |
| alsa-2026:0700 | Moderate: transfig security update | 2026-01-15T00:00:00Z | 2026-01-16T14:46:41Z |
| alsa-2026:0697 | Important: gnupg2 security update | 2026-01-15T00:00:00Z | 2026-01-16T08:52:59Z |
| alsa-2026:0728 | Important: gnupg2 security update | 2026-01-15T00:00:00Z | 2026-01-16T08:41:48Z |
| alsa-2026:0719 | Important: gnupg2 security update | 2026-01-15T00:00:00Z | 2026-01-16T08:23:06Z |
| alsa-2025:21020 | Important: sssd security update | 2025-11-11T00:00:00Z | 2026-01-14T12:41:29Z |
| alsa-2026:0067 | Moderate: tar security update | 2026-01-05T00:00:00Z | 2026-01-13T08:42:22Z |
| alsa-2026:0247 | Important: mariadb:10.11 security update | 2026-01-07T00:00:00Z | 2026-01-12T10:57:59Z |
| alsa-2026:0136 | Important: mariadb10.11 security update | 2026-01-06T00:00:00Z | 2026-01-12T10:55:58Z |
| alsa-2026:0225 | Important: mariadb:10.3 security update | 2026-01-07T00:00:00Z | 2026-01-12T10:51:12Z |
| alsa-2026:0232 | Important: mariadb:10.11 security update | 2026-01-07T00:00:00Z | 2026-01-12T10:48:54Z |
| alsa-2026:0233 | Important: mariadb:10.5 security update | 2026-01-07T00:00:00Z | 2026-01-12T10:45:28Z |
| alsa-2026:0237 | Important: libpng security update | 2026-01-07T00:00:00Z | 2026-01-07T21:38:33Z |
| alsa-2026:0238 | Important: libpng security update | 2026-01-07T00:00:00Z | 2026-01-07T21:36:21Z |
| alsa-2026:0241 | Important: libpng security update | 2026-01-07T00:00:00Z | 2026-01-07T21:34:12Z |
| alsa-2026:0125 | Important: mingw-libpng security update | 2026-01-06T00:00:00Z | 2026-01-07T21:32:21Z |