Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-27567 |
6.5 (3.1)
|
Payload has Server-Side Request Forgery (SSRF) in Exte… |
payloadcms |
payload |
2026-02-24T14:22:37.803Z | 2026-02-24T14:22:37.803Z |
| CVE-2025-10010 |
6.8 (3.1)
|
Integrity Validation Bypass in CryptoPro Secure Disk f… |
CPSD IT SERVICES GMBH |
CryptoPro Secure Disk for BitLocker |
2026-02-24T14:13:29.155Z | 2026-02-24T14:53:28.726Z |
| CVE-2026-27483 |
8.8 (3.1)
|
MindsDB has Path Traversal in /api/files Leading to Re… |
mindsdb |
mindsdb |
2026-02-24T14:00:05.402Z | 2026-02-24T14:00:05.402Z |
| CVE-2026-27208 |
9.2 (3.1)
|
api-gateway-deploy Affected by Exploitable Command Inj… |
bleon-ethical |
api-gateway-deploy |
2026-02-24T13:52:43.155Z | 2026-02-24T13:52:43.155Z |
| CVE-2026-2807 |
N/A
|
Memory safety bugs fixed in Firefox 148 and Thunderbird 148 |
Mozilla |
Firefox |
2026-02-24T13:33:34.035Z | 2026-02-25T04:55:40.953Z |
| CVE-2026-2806 |
N/A
|
Uninitialized memory in the Graphics: Text component |
Mozilla |
Firefox |
2026-02-24T13:33:33.407Z | 2026-02-24T17:30:46.157Z |
| CVE-2026-2805 |
N/A
|
Invalid pointer in the DOM: Core & HTML component |
Mozilla |
Firefox |
2026-02-24T13:33:32.768Z | 2026-02-24T17:30:45.766Z |
| CVE-2026-2804 |
5.4 (3.1)
|
Use-after-free in the JavaScript: WebAssembly component |
Mozilla |
Firefox |
2026-02-24T13:33:32.144Z | 2026-02-24T17:30:44.942Z |
| CVE-2026-2803 |
N/A
|
Information disclosure, mitigation bypass in the Setti… |
Mozilla |
Firefox |
2026-02-24T13:33:31.491Z | 2026-02-24T17:30:44.561Z |
| CVE-2026-2802 |
4.2 (3.1)
|
Race condition in the JavaScript: GC component |
Mozilla |
Firefox |
2026-02-24T13:33:30.784Z | 2026-02-24T17:30:44.158Z |
| CVE-2026-2801 |
N/A
|
Incorrect boundary conditions in the JavaScript: WebAs… |
Mozilla |
Firefox |
2026-02-24T13:33:29.929Z | 2026-02-24T17:30:43.776Z |
| CVE-2026-2800 |
N/A
|
Spoofing issue in the WebAuthn component in Firefox fo… |
Mozilla |
Firefox |
2026-02-24T13:33:29.312Z | 2026-02-24T17:30:43.309Z |
| CVE-2026-2799 |
N/A
|
Use-after-free in the DOM: Core & HTML component |
Mozilla |
Firefox |
2026-02-24T13:33:28.665Z | 2026-02-24T17:30:42.844Z |
| CVE-2026-2798 |
8.8 (3.1)
|
Use-after-free in the DOM: Core & HTML component |
Mozilla |
Firefox |
2026-02-24T13:33:28.034Z | 2026-02-24T18:25:31.688Z |
| CVE-2026-2797 |
N/A
|
Use-after-free in the JavaScript: GC component |
Mozilla |
Firefox |
2026-02-24T13:33:27.406Z | 2026-02-24T17:30:42.064Z |
| CVE-2026-2796 |
N/A
|
JIT miscompilation in the JavaScript: WebAssembly component |
Mozilla |
Firefox |
2026-02-24T13:33:26.775Z | 2026-02-24T17:30:41.643Z |
| CVE-2026-2795 |
N/A
|
Use-after-free in the JavaScript: GC component |
Mozilla |
Firefox |
2026-02-24T13:33:26.111Z | 2026-02-24T17:30:41.221Z |
| CVE-2026-2794 |
N/A
|
Information disclosure due to uninitialized memory in … |
Mozilla |
Firefox |
2026-02-24T13:33:25.399Z | 2026-02-25T13:44:05.439Z |
| CVE-2026-2634 |
N/A
|
Spoofed web content presented under trusted domains us… |
Mozilla |
Firefox for iOS |
2026-02-24T13:33:24.725Z | 2026-02-24T13:33:24.725Z |
| CVE-2026-2793 |
N/A
|
Memory safety bugs fixed in Firefox ESR 115.33, Firefo… |
Mozilla |
Firefox |
2026-02-24T13:33:23.571Z | 2026-02-25T04:55:54.904Z |
| CVE-2026-2792 |
N/A
|
Memory safety bugs fixed in Firefox ESR 140.8, Thunder… |
Mozilla |
Firefox |
2026-02-24T13:33:22.842Z | 2026-02-25T04:55:56.359Z |
| CVE-2026-2791 |
N/A
|
Mitigation bypass in the Networking: Cache component |
Mozilla |
Firefox |
2026-02-24T13:33:22.237Z | 2026-02-24T17:30:40.073Z |
| CVE-2026-2790 |
N/A
|
Same-origin policy bypass in the Networking: JAR component |
Mozilla |
Firefox |
2026-02-24T13:33:21.600Z | 2026-02-24T17:30:39.461Z |
| CVE-2026-2789 |
N/A
|
Use-after-free in the Graphics: ImageLib component |
Mozilla |
Firefox |
2026-02-24T13:33:20.961Z | 2026-02-24T17:30:39.046Z |
| CVE-2026-2788 |
N/A
|
Incorrect boundary conditions in the Audio/Video: GMP … |
Mozilla |
Firefox |
2026-02-24T13:33:20.287Z | 2026-02-24T17:30:38.598Z |
| CVE-2026-2787 |
N/A
|
Use-after-free in the DOM: Window and Location component |
Mozilla |
Firefox |
2026-02-24T13:33:19.579Z | 2026-02-24T17:30:38.135Z |
| CVE-2026-2786 |
N/A
|
Use-after-free in the JavaScript Engine component |
Mozilla |
Firefox |
2026-02-24T13:33:18.980Z | 2026-02-24T17:30:37.620Z |
| CVE-2026-2785 |
N/A
|
Invalid pointer in the JavaScript Engine component |
Mozilla |
Firefox |
2026-02-24T13:33:18.254Z | 2026-02-24T17:30:37.096Z |
| CVE-2026-2784 |
N/A
|
Mitigation bypass in the DOM: Security component |
Mozilla |
Firefox |
2026-02-24T13:33:17.554Z | 2026-02-24T17:30:36.359Z |
| CVE-2026-2783 |
N/A
|
Information disclosure due to JIT miscompilation in th… |
Mozilla |
Firefox |
2026-02-24T13:33:16.921Z | 2026-02-24T17:30:35.131Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-48q6-99pr-mcvm |
|
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3wfp-66x3-wgq2 |
|
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3qgm-jcxp-m9m6 |
|
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnera… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-3px2-2xc4-mxr2 |
|
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3922-j2hh-9qcf |
5.4 (3.1)
|
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-x8jx-9xwq-xwq6 |
|
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 a… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-wwg9-hv2r-mj8w |
|
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ES… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-v49m-r4w3-2p5x |
|
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox … | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-v33x-35cm-8gjc |
|
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-r2q9-885m-j92q |
|
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Fire… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-qmr7-46p8-4c5r |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-mg9m-c3pr-5p64 |
7.6 (4.0)
|
A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and … | 2026-02-24T15:30:31Z | 2026-02-24T15:30:31Z |
| ghsa-m65f-px5x-xq9x |
|
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Fir… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-h67m-x9c3-v9wp |
8.8 (3.1)
|
Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-h3qc-gf9h-42g6 |
|
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Fire… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-gxg5-574v-j5f6 |
|
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Fi… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-gwgg-r543-4wvw |
|
Malicious scripts could cause desynchronization between the address bar and web content before a re… | 2026-02-24T15:30:31Z | 2026-02-24T15:30:31Z |
| ghsa-g5w7-69g8-vcwp |
|
Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Fire… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-99p8-j693-qhpc |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fir… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-8hm4-jmvc-cfg9 |
7.4 (4.0)
|
A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter … | 2026-02-24T15:30:31Z | 2026-02-24T15:30:31Z |
| ghsa-76rw-rj58-mpqc |
|
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-5mg4-r7qx-2frp |
|
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, F… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-59x3-pvmj-2pw2 |
|
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148 an… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-3jr5-gwfp-7mfw |
|
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affe… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-3hhv-j9r2-hr9c |
|
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firef… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-3cg8-wjp5-4rm6 |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox E… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-2255-92v8-4pvj |
|
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vuln… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-q2vg-xgjr-32v3 |
8.7 (4.0)
|
IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product… | 2026-02-24T15:30:30Z | 2026-02-24T15:30:30Z |
| ghsa-pwpc-5pp8-7qw9 |
5.3 (4.0)
|
RTU500 web interface: An unprivileged user can read user management information. The information ca… | 2026-02-24T15:30:30Z | 2026-02-24T15:30:30Z |
| ghsa-mwf2-qr4v-94h2 |
7.1 (4.0)
|
An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated u… | 2026-02-24T15:30:30Z | 2026-02-24T21:31:45Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-59 |
|
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_l… | django | 2024-07-10T05:15:00+00:00 | 2024-07-10T11:20:07.800540+00:00 |
| pysec-2024-58 |
|
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes… | django | 2024-07-10T05:15:00+00:00 | 2024-07-10T11:20:07.704786+00:00 |
| pysec-2024-57 |
|
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.cont… | django | 2024-07-10T05:15:00+00:00 | 2024-07-10T11:20:07.604887+00:00 |
| pysec-2024-56 |
|
An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urli… | django | 2024-07-10T05:15:00+00:00 | 2024-07-10T11:20:07.495359+00:00 |
| pysec-2024-60 |
7.5 (3.1)
|
A vulnerability was identified in the kjd/idna library, specifically within the `idna.enc… | idna | 2024-07-07T18:15:00+00:00 | 2024-07-11T17:21:37.216928+00:00 |
| pysec-2024-230 |
7.5 (3.1)
|
Certifi is a curated collection of Root Certificates for validating the trustworthiness o… | certifi | 2024-07-05T19:15:10+00:00 | 2025-02-12T21:21:51.559667+00:00 |
| pysec-2024-176 |
6.1 (3.1)
|
A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml ver… | zenml | 2024-06-30T16:15:03+00:00 | 2025-01-18T22:21:45.122426+00:00 |
| pysec-2024-167 |
|
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python… | nltk | 2024-06-27T22:15:10+00:00 | 2025-01-18T19:19:06.317325+00:00 |
| pysec-2024-54 |
6.5 (3.1)
|
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2024-06-24T18:15:00+00:00 | 2024-06-26T19:19:24.981233+00:00 |
| pysec-2024-53 |
|
langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides … | langchain-experimental | 2024-06-16T15:15:00+00:00 | 2024-06-16T17:20:32.187558+00:00 |
| pysec-2024-195 |
5.5 (3.1)
|
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow… | apache-airflow | 2024-06-14T09:15:09+00:00 | 2025-01-19T16:22:56.419822+00:00 |
| pysec-2024-98 |
9.8 (3.1)
|
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Submarine… | apache-submarine | 2024-06-12T15:15:00+00:00 | 2024-09-26T17:22:54.526846+00:00 |
| pysec-2024-97 |
9.8 (3.1)
|
** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerability in Apache Submarine… | apache-submarine | 2024-06-12T14:15:00+00:00 | 2024-09-26T17:22:54.470974+00:00 |
| pysec-2024-236 |
6.1 (3.1)
|
Jupyter Server Proxy allows users to run arbitrary external processes alongside their not… | jupyter-server-proxy | 2024-06-11T22:15:09+00:00 | 2025-02-26T23:22:41.524251+00:00 |
| pysec-2024-177 |
9.8 (3.1)
|
Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach… | langflow | 2024-06-10T20:15:15+00:00 | 2025-01-19T01:52:23.722576+00:00 |
| pysec-2024-52 |
|
lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless … | authlib | 2024-06-09T19:15:00+00:00 | 2024-06-09T21:20:21.309692+00:00 |
| pysec-2024-76 |
7.5 (3.1)
|
An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of eboo… | ebookmeta | 2024-06-07T19:15:00+00:00 | 2024-09-13T21:22:04.531357+00:00 |
| pysec-2024-117 |
9.8 (3.1)
|
man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code … | dtale | 2024-06-06T19:16:00+00:00 | 2024-11-03T20:22:34.425699+00:00 |
| pysec-2024-110 |
4.7 (3.1)
|
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, … | scikit-learn | 2024-06-06T19:16:00+00:00 | 2024-10-24T21:22:05.950602+00:00 |
| pysec-2024-108 |
7.5 (3.1)
|
A path traversal vulnerability exists in the parisneo/lollms application, affecting versi… | lollms | 2024-06-06T19:16:00+00:00 | 2024-10-17T17:21:59.592496+00:00 |
| pysec-2024-242 |
7.5 (3.1)
|
A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically … | mlflow | 2024-06-06T19:15:55+00:00 | 2025-04-08T10:23:24.995743+00:00 |
| pysec-2024-194 |
6.1 (3.1)
|
A clickjacking vulnerability exists in zenml-io/zenml versions up to and including 0.55.5… | zenml | 2024-06-06T19:15:54+00:00 | 2025-01-19T13:22:31.835293+00:00 |
| pysec-2024-193 |
3.3 (3.1)
|
An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to imp… | zenml | 2024-06-06T19:15:53+00:00 | 2025-01-19T13:22:31.701775+00:00 |
| pysec-2024-170 |
4.8 (3.1)
|
A stored Cross-Site Scripting (XSS) vulnerability was identified in the zenml-io/zenml re… | zenml | 2024-06-06T19:15:53+00:00 | 2025-01-18T19:19:08.253212+00:00 |
| pysec-2024-169 |
6.5 (3.1)
|
An improper authorization vulnerability exists in the zenml-io/zenml repository, specific… | zenml | 2024-06-06T19:15:53+00:00 | 2025-01-18T19:19:08.205431+00:00 |
| pysec-2024-239 |
8.8 (3.1)
|
A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to im… | mlflow | 2024-06-06T19:15:51+00:00 | 2025-04-08T10:23:24.852109+00:00 |
| pysec-2024-118 |
4.7 (3.1)
|
A Denial-of-Service (DoS) vulnerability exists in the `SitemapLoader` class of the `langc… | langchain | 2024-06-06T19:15:00+00:00 | 2024-11-03T20:22:34.854295+00:00 |
| pysec-2024-105 |
3.1 (3.1)
|
A race condition vulnerability exists in zenml-io/zenml versions up to and including 0.55… | zenml | 2024-06-06T19:15:00+00:00 | 2024-10-11T17:21:29.672975+00:00 |
| pysec-2024-184 |
7.5 (3.1)
|
A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio ve… | gradio | 2024-06-06T18:15:18+00:00 | 2025-01-19T04:23:00.017053+00:00 |
| pysec-2024-165 |
7.5 (3.1)
|
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on W… | jupyter-server | 2024-06-06T16:15:11+00:00 | 2025-01-18T19:19:04.842426+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-848 | Malicious code in npm_cimetadata (npm) | 2026-02-11T03:35:51Z | 2026-02-23T04:21:34Z |
| mal-2026-846 | Malicious code in cryptowallethash (PyPI) | 2026-02-10T23:03:29Z | 2026-02-10T23:05:44Z |
| mal-2026-847 | Malicious code in requests-auth-toolkit (PyPI) | 2026-02-10T22:45:40Z | 2026-02-10T22:45:40Z |
| mal-2024-12373 | Malicious code in gpu-discovery (PyPI) | 2026-02-10T22:28:06Z | 2026-02-14T18:48:58Z |
| mal-2026-845 | Malicious code in rzr-home (PyPI) | 2026-02-10T20:45:52Z | 2026-02-10T20:45:52Z |
| mal-2026-842 | Malicious code in amplify-python-logging (PyPI) | 2026-02-10T19:22:57Z | 2026-02-10T19:22:57Z |
| mal-2026-844 | Malicious code in vllm-plugins (PyPI) | 2026-02-10T19:19:17Z | 2026-02-10T19:19:17Z |
| mal-2026-843 | Malicious code in requests-core-plugin (PyPI) | 2026-02-10T19:14:49Z | 2026-02-10T19:14:49Z |
| mal-2026-841 | Malicious code in lyroxpy (PyPI) | 2026-02-10T19:02:39Z | 2026-02-10T19:02:39Z |
| mal-2026-839 | Malicious code in search-newfrontier-podlet (npm) | 2026-02-10T17:16:51Z | 2026-02-23T04:21:35Z |
| mal-2026-837 | Malicious code in notification-saved-search-settings-podlet (npm) | 2026-02-10T17:06:08Z | 2026-02-23T04:21:34Z |
| mal-2026-840 | Malicious code in search-savedsearch-podlet (npm) | 2026-02-10T17:06:06Z | 2026-02-23T04:21:35Z |
| mal-2026-836 | Malicious code in myads-layout (npm) | 2026-02-10T17:06:04Z | 2026-02-23T04:21:34Z |
| mal-2026-838 | Malicious code in realestate-atlas (npm) | 2026-02-10T17:06:02Z | 2026-02-23T04:21:35Z |
| mal-2026-829 | Malicious code in @uniconvex/dotenv (npm) | 2026-02-10T16:30:16Z | 2026-02-23T04:21:31Z |
| mal-2026-828 | Malicious code in @reimorg/config (npm) | 2026-02-10T16:30:16Z | 2026-02-23T04:21:31Z |
| mal-2026-833 | Malicious code in express-configer (npm) | 2026-02-10T16:15:42Z | 2026-02-23T04:21:32Z |
| mal-2026-830 | Malicious code in aligners (npm) | 2026-02-10T16:05:06Z | 2026-02-23T04:21:31Z |
| mal-2026-835 | Malicious code in sap-code-style-guides (npm) | 2026-02-10T15:58:34Z | 2026-02-23T04:21:35Z |
| mal-2026-832 | Malicious code in chai-as-approved (npm) | 2026-02-10T15:56:44Z | 2026-02-23T04:21:32Z |
| mal-2026-831 | Malicious code in bigmathix (npm) | 2026-02-10T15:48:53Z | 2026-02-23T04:21:32Z |
| mal-2026-834 | Malicious code in graphflowx (npm) | 2026-02-10T15:46:43Z | 2026-02-23T04:21:33Z |
| mal-2026-827 | Malicious code in narrow-array (npm) | 2026-02-10T13:49:16Z | 2026-02-23T04:21:34Z |
| mal-2026-826 | Malicious code in testppe-pkg (PyPI) | 2026-02-10T08:38:48Z | 2026-02-10T08:38:48Z |
| mal-2026-824 | Malicious code in dev-pipline-test (PyPI) | 2026-02-10T07:48:33Z | 2026-02-10T07:48:33Z |
| mal-2026-825 | Malicious code in devtools-webhook-cicd-utils (PyPI) | 2026-02-10T07:42:45Z | 2026-02-10T07:42:45Z |
| mal-2026-823 | Malicious code in ntoutils (PyPI) | 2026-02-10T07:25:38Z | 2026-02-10T07:25:38Z |
| mal-2026-821 | Malicious code in jwtdotenv (npm) | 2026-02-09T17:27:19Z | 2026-02-23T04:21:33Z |
| mal-2026-820 | Malicious code in json-web-sources (npm) | 2026-02-09T17:25:32Z | 2026-02-23T04:21:33Z |
| mal-2026-819 | Malicious code in json-mapping-sources (npm) | 2026-02-09T17:25:32Z | 2026-02-23T04:21:33Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-php-2025-14177 | Information Leak of Memory in getimagesize | 2026-01-08T11:48:30.537Z | 2026-01-08T12:08:29.041Z |
| bit-libphp-2025-14180 | NULL Pointer Dereference in PDO quoting | 2026-01-08T11:43:29.868Z | 2026-01-08T12:08:29.041Z |
| bit-libphp-2025-14178 | Heap buffer overflow in array_merge() | 2026-01-08T11:43:28.412Z | 2026-01-26T15:09:56.435Z |
| bit-libphp-2025-14177 | Information Leak of Memory in getimagesize | 2026-01-08T11:43:26.820Z | 2026-01-08T12:08:29.041Z |
| bit-discourse-2025-64528 | Users are able to find users by name even when `enable_names` is off | 2026-01-08T11:40:33.666Z | 2026-01-08T18:07:34.629Z |
| bit-composer-2025-67746 | Composer vulnerable to ANSI sequence injection | 2026-01-08T11:35:54.533Z | 2026-01-08T12:08:29.041Z |
| bit-gitea-2025-69413 | 2026-01-07T12:00:07.972Z | 2026-01-07T12:31:01.344Z | |
| bit-pytorch-2025-63396 | 2026-01-03T11:47:28.014Z | 2026-01-03T12:07:32.193Z | |
| bit-gitea-2025-68942 | 2026-01-03T11:37:48.385Z | 2026-01-03T12:07:32.193Z | |
| bit-gitea-2025-68941 | 2026-01-03T11:37:46.756Z | 2026-01-03T12:07:32.193Z | |
| bit-gitea-2025-68940 | 2026-01-03T11:37:45.335Z | 2026-01-03T12:07:32.193Z | |
| bit-gitea-2025-68939 | 2026-01-03T11:37:43.934Z | 2026-01-03T12:07:32.193Z | |
| bit-gitea-2025-68938 | 2026-01-03T11:37:42.629Z | 2026-01-03T12:07:32.193Z | |
| bit-pebble-2024-3250 | 2026-01-02T17:44:20.392Z | 2026-01-02T18:06:33.396Z | |
| bit-gitea-2025-68946 | 2026-01-01T11:37:50.117Z | 2026-01-01T12:06:33.381Z | |
| bit-gitea-2025-68945 | 2026-01-01T11:37:48.522Z | 2026-01-01T12:06:33.381Z | |
| bit-gitea-2025-68944 | 2026-01-01T11:37:47.146Z | 2026-01-01T12:06:33.381Z | |
| bit-gitea-2025-68943 | 2026-01-01T11:37:45.731Z | 2026-01-01T12:06:33.381Z | |
| bit-nifi-2025-66524 | Apache NiFi: Deserialization of Untrusted Data in GetAsanaObject Processor | 2025-12-23T11:44:08.985Z | 2025-12-23T12:07:14.245Z |
| bit-kibana-2025-68422 | Kibana Improper Authorization | 2025-12-20T11:39:27.247Z | 2025-12-20T12:06:39.262Z |
| bit-kibana-2025-68389 | Kibana Allocation of Resources Without Limits or Throttling | 2025-12-20T11:39:25.644Z | 2025-12-20T12:06:39.262Z |
| bit-kibana-2025-68387 | Kibana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 2025-12-20T11:39:24.143Z | 2025-12-20T12:06:39.262Z |
| bit-kibana-2025-68386 | Kibana Improper Authorization | 2025-12-20T11:39:22.798Z | 2025-12-20T12:06:39.262Z |
| bit-kibana-2025-68385 | Kibana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 2025-12-20T11:39:21.164Z | 2025-12-24T12:08:49.467Z |
| bit-haproxy-2025-11230 | Denial of service vulnerability in HAProxy mjson library | 2025-12-20T11:38:08.173Z | 2025-12-20T12:06:39.262Z |
| bit-elk-2025-68422 | Kibana Improper Authorization | 2025-12-20T11:36:41.895Z | 2025-12-20T12:06:39.262Z |
| bit-elk-2025-68389 | Kibana Allocation of Resources Without Limits or Throttling | 2025-12-20T11:36:40.368Z | 2025-12-20T12:06:39.262Z |
| bit-elk-2025-68387 | Kibana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 2025-12-20T11:36:38.841Z | 2025-12-20T12:06:39.262Z |
| bit-elk-2025-68386 | Kibana Improper Authorization | 2025-12-20T11:36:37.419Z | 2025-12-20T12:06:39.262Z |
| bit-elasticsearch-2025-68390 | Elasticsearch Allocation of Resources Without Limits or Throttling | 2025-12-20T11:36:36.080Z | 2025-12-20T12:06:39.262Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-nz19387 | Within HostnameError | 2026-01-30T14:52:23.218213Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ol60454 | Within HostnameError | 2026-01-30T14:52:23.086717Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ia26094 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:51:22.634752Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ph90623 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:49:52.682724Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oo14630 | tar | 2026-01-30T14:47:23.043882Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hy43775 | Within HostnameError | 2026-01-30T14:46:52.607713Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ol25917 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:44:22.881508Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rb28539 | Within HostnameError | 2026-01-30T14:43:52.571458Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bx37171 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T14:43:22.549529Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kz63902 | tar | 2026-01-30T14:41:22.559595Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fz95989 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:40:52.734894Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-la33013 | Within HostnameError | 2026-01-30T14:40:22.526589Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-mz27698 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T14:39:52.940858Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-jm36781 | Within HostnameError | 2026-01-30T14:37:22.513933Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-fr00621 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T14:36:52.496829Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pk92575 | ParseAddress function constructs domain-literal address components through repeated string concatenation | 2026-01-30T14:35:52.456913Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-gs30434 | Within HostnameError | 2026-01-30T14:35:22.588418Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yl27116 | tar | 2026-01-30T14:08:51.064236Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-py85990 | tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing | 2026-01-30T14:07:50.722290Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ym28538 | Prometheus Blackbox Exporter through 0 | 2026-01-30T14:06:20.601766Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xz45798 | Within HostnameError | 2026-01-30T14:05:20.961893Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-kg18353 | Within HostnameError | 2026-01-30T14:02:50.542288Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yk82785 | Within HostnameError | 2026-01-30T14:01:20.108833Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-sg80587 | It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session | 2026-01-30T14:00:21.027172Z | 2026-01-29T18:58:54Z |
| cleanstart-2025-jl63399 | Security fixes for CVE-2025-61729 applied in versions: 0.20.2-r1 | 2026-01-16T12:00:43.312220Z | 2025-12-06T13:34:11Z |
| cleanstart-2025-cn65903 | Security fixes for GHSA-6v2p-p543-phr9, GHSA-qxp5-gwg8-xv66, GHSA-vvgc-356p-c3xw applied in versions: 1.5.0-r0, 1.7.0-r0 | 2026-01-16T12:00:42.667592Z | 2025-09-29T13:20:40Z |
| cleanstart-2025-us16386 | Security fixes for GHSA-qxp5-gwg8-xv66, GHSA-vvgc-356p-c3xw applied in versions: 1.7.2-r0 | 2026-01-16T11:58:18.007779Z | 2025-12-23T06:02:25Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2024-021 | 2024-05-22T16:21:55.000Z | 2025-02-20T19:14:35.000Z | |
| drupal-contrib-2024-020 | 2024-05-22T16:03:46.000Z | 2025-02-20T18:43:21.000Z | |
| drupal-contrib-2024-018 | 2024-04-24T14:23:34.000Z | 2025-02-20T18:44:08.000Z | |
| drupal-contrib-2024-017 | 2024-04-24T13:16:40.000Z | 2025-02-20T18:44:32.000Z | |
| drupal-contrib-2024-016 | 2024-03-27T17:16:26.000Z | 2025-02-20T19:08:34.000Z | |
| drupal-contrib-2024-015 | 2024-03-06T17:06:37.000Z | 2025-02-20T19:08:51.000Z | |
| drupal-contrib-2024-014 | 2024-02-28T18:36:35.000Z | 2025-02-20T19:09:20.000Z | |
| drupal-contrib-2024-012 | 2024-02-28T18:19:01.000Z | 2025-02-20T19:09:55.000Z | |
| drupal-contrib-2024-011 | 2024-02-28T18:14:40.000Z | 2025-02-20T19:10:16.000Z | |
| drupal-contrib-2024-010 | 2024-02-21T16:58:11.000Z | 2025-02-20T18:36:16.000Z | |
| drupal-contrib-2024-009 | 2024-02-14T19:31:10.000Z | 2025-02-20T18:37:01.000Z | |
| drupal-contrib-2024-008 | 2024-02-07T17:56:55.000Z | 2025-02-20T18:37:40.000Z | |
| drupal-contrib-2024-007 | 2024-01-31T17:22:36.000Z | 2025-02-20T18:38:01.000Z | |
| drupal-contrib-2024-006 | 2024-01-24T15:54:55.000Z | 2025-02-20T18:38:32.000Z | |
| drupal-contrib-2024-005 | 2024-01-24T15:47:36.000Z | 2025-02-20T18:38:57.000Z | |
| drupal-contrib-2024-004 | 2024-01-24T15:45:49.000Z | 2025-02-20T18:39:20.000Z | |
| drupal-contrib-2024-003 | 2024-01-24T15:42:46.000Z | 2025-02-20T18:39:54.000Z | |
| drupal-contrib-2024-002 | 2024-01-10T18:00:05.000Z | 2025-02-20T18:40:20.000Z | |
| drupal-contrib-2023-055 | 2023-12-20T17:02:51.000Z | 2023-12-20T17:53:15.000Z | |
| drupal-contrib-2023-054 | 2023-12-06T16:16:28.000Z | 2023-12-07T02:47:34.000Z | |
| drupal-contrib-2023-053 | 2023-11-29T15:27:05.000Z | 2023-11-29T18:08:04.000Z | |
| drupal-contrib-2023-052 | 2023-11-15T14:24:12.000Z | 2023-11-15T17:19:15.000Z | |
| drupal-contrib-2023-051 | 2023-11-08T15:33:12.000Z | 2023-11-08T17:10:24.000Z | |
| drupal-contrib-2023-050 | 2023-11-08T15:30:45.000Z | 2023-11-08T17:10:18.000Z | |
| drupal-contrib-2023-049 | 2023-11-01T16:56:37.000Z | 2023-11-06T14:25:23.000Z | |
| drupal-contrib-2023-048 | 2023-10-04T15:41:34.000Z | 2023-10-04T16:35:18.000Z | |
| drupal-contrib-2023-047 | 2023-09-27T16:33:34.000Z | 2023-09-28T21:17:46.000Z | |
| drupal-contrib-2023-045 | 2023-09-13T15:47:17.000Z | 2023-09-13T17:42:33.000Z | |
| drupal-contrib-2023-044 | 2023-09-06T16:33:36.000Z | 2023-09-18T14:27:44.000Z | |
| drupal-contrib-2023-043 | 2023-09-06T15:23:32.000Z | 2023-09-06T16:48:26.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000029 | Multiple vulnerabilities in Quick Agent | 2025-04-25T13:49+09:00 | 2025-04-25T13:49+09:00 |
| jvndb-2025-000028 | i-PRO Configuration Tool vulnerable to use of hard-coded cryptographic key | 2025-04-24T13:50+09:00 | 2025-04-24T13:50+09:00 |
| jvndb-2025-000027 | Active! mail vulnerable to stack-based buffer overflow | 2025-04-18T16:50+09:00 | 2025-04-18T16:50+09:00 |
| jvndb-2025-003213 | TP-Link Deco BE65 Pro vulnerable to OS command injection | 2025-04-11T13:52+09:00 | 2025-04-11T13:52+09:00 |
| jvndb-2025-000026 | Multiple vulnerabilities in BizRobo! | 2025-04-10T15:36+09:00 | 2025-04-10T15:36+09:00 |
| jvndb-2025-003091 | Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (April 2025) | 2025-04-09T14:55+09:00 | 2025-04-09T14:55+09:00 |
| jvndb-2025-002990 | Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT 'AC-WPS-11ac series' | 2025-04-07T17:44+09:00 | 2025-04-07T17:44+09:00 |
| jvndb-2025-000025 | WinRAR vulnerable to the symbolic link based "Mark of the Web" check bypass | 2025-04-03T12:29+09:00 | 2025-04-03T12:29+09:00 |
| jvndb-2025-000022 | Multiple vulnerabilities in JTEKT ELECTRONICS CORPORATION's products | 2025-04-02T15:12+09:00 | 2025-04-02T15:12+09:00 |
| jvndb-2025-002790 | Out-of-bounds Write vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers | 2025-04-02T15:05+09:00 | 2025-04-02T15:05+09:00 |
| jvndb-2025-000023 | WordPress plugin "Welcart e-Commerce" vulnerable to untrusted data deserialization | 2025-04-01T14:20+09:00 | 2025-04-01T14:20+09:00 |
| jvndb-2025-002714 | Improper symbolic link file handling in FutureNet NXR series, VXR series and WXR series routers | 2025-03-31T16:59+09:00 | 2025-04-03T15:19+09:00 |
| jvndb-2025-000024 | a-blog cms vulnerable to untrusted data deserialization | 2025-03-28T10:46+09:00 | 2025-03-28T10:46+09:00 |
| jvndb-2025-000021 | Multiple vulnerabilities in PowerCMS | 2025-03-26T18:13+09:00 | 2025-03-26T18:13+09:00 |
| jvndb-2025-002592 | Multiple vulnerabilities in CHOCO TEI WATCHER mini | 2025-03-26T13:25+09:00 | 2025-03-26T13:25+09:00 |
| jvndb-2025-000019 | Multiple vulnerabilities in AssetView | 2025-03-25T17:10+09:00 | 2025-03-25T17:10+09:00 |
| jvndb-2025-000018 | Multiple vulnerabilities in home gateway HGW-BL1500HM | 2025-03-19T15:33+09:00 | 2025-03-28T11:48+09:00 |
| jvndb-2025-000020 | +F FS010M vulnerable to OS command injection | 2025-03-18T15:01+09:00 | 2025-03-18T15:01+09:00 |
| jvndb-2025-000017 | hostapd vulnerable to improper processing of RADIUS packets | 2025-03-12T14:19+09:00 | 2025-03-12T14:19+09:00 |
| jvndb-2025-000016 | Multiple vulnerabilities in RemoteView Agent (for Windows) | 2025-03-06T14:27+09:00 | 2025-03-10T15:22+09:00 |
| jvndb-2025-001898 | Multiple vulnerabilities in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) | 2025-03-04T14:56+09:00 | 2025-03-04T14:56+09:00 |
| jvndb-2025-001605 | "RoboForm Password Manager" App for Android vulnerable to authentication bypass using an alternate path or channel | 2025-02-20T20:15+09:00 | 2025-02-20T20:15+09:00 |
| jvndb-2025-000014 | Multiple cross-site scripting vulnerabilities in Movable Type | 2025-02-19T16:19+09:00 | 2025-02-19T16:19+09:00 |
| jvndb-2025-000015 | RevoWorks SCVX and RevoWorks Browser vulnerable to incorrect resource transfer between spheres | 2025-02-19T14:51+09:00 | 2025-02-19T14:51+09:00 |
| jvndb-2025-001563 | Out-of-bounds write vulnerability in FUJIFILM Business Innovation Corp. MFPs | 2025-02-18T16:33+09:00 | 2025-02-18T16:33+09:00 |
| jvndb-2025-001562 | Out-of-bounds read vulnerability in OMRON CX-Programmer | 2025-02-18T16:24+09:00 | 2025-02-18T16:24+09:00 |
| jvndb-2025-001548 | Out-of-bounds read vulnerability in Cente middleware | 2025-02-17T18:22+09:00 | 2025-02-17T18:22+09:00 |
| jvndb-2025-000012 | Multiple vulnerabilities in The LuxCal Web Calendar | 2025-02-17T13:43+09:00 | 2025-02-17T13:43+09:00 |
| jvndb-2025-000013 | acmailer CGI and acmailer DB vulnerable to OS command injection | 2025-02-14T16:39+09:00 | 2025-02-14T16:39+09:00 |
| jvndb-2025-000002 | Multiple vulnerabilities in NEC Aterm series (NV25-003) | 2025-02-14T15:48+09:00 | 2025-02-14T15:48+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-07004 | WordPress SpiceForms Form Builder plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06988 | WordPress Sosh Share Buttons plugin跨站请求伪造漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06987 | WordPress SocialChamp with WordPress plugin跨站请求伪造漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06986 | WordPress Short Link plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06985 | WordPress Shipping Rate By Cities plugin SQL注入漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06984 | WordPress SearchWiz plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06913 | WordPress Responsive Accordion Slider plugin未经授权的数据修改漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06912 | WordPress LinkedIn SC plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06911 | WordPress Kunze Law plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06910 | WordPress Internal Link Builder plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06909 | WordPress Gotham Block Extra Light plugin路径遍历漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06908 | WordPress Gotham Block Extra Light plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06907 | WordPress GetContentFromURL plugin服务端请求伪造漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06906 | WordPress Float Payment Gateway plugin未经授权的数据修改漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06905 | WordPress Flat Shipping Rate by City for WooCommerce plugin SQL注入漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06904 | WordPress Electric Studio Download Counter plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06903 | WordPress Aplazo Payment Gateway plugin缺少权限漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06902 | WordPress AJS Footnotes plugin跨站脚本漏洞 | 2026-01-19 | 2026-01-23 |
| cnvd-2026-06808 | Cyber Cafe Management System add-users.php端点跨站脚本漏洞 | 2026-01-19 | 2026-01-22 |
| cnvd-2026-06807 | Cyber Cafe Management System add-users.php端点跨站脚本漏洞 | 2026-01-19 | 2026-01-22 |
| cnvd-2026-06806 | Cyber Cafe Management System add-users.php端点SQL注入漏洞 | 2026-01-19 | 2026-01-22 |
| cnvd-2026-06805 | Cyber Cafe Management System adminprofile.php端点SQL注入漏洞 | 2026-01-19 | 2026-01-22 |
| cnvd-2026-06433 | D-Link DIR-806A命令注入漏洞 | 2026-01-19 | 2026-01-19 |
| cnvd-2026-06093 | Tenda AX-3 fromAdvSetMacMtuWan函数栈缓冲区溢出漏洞 | 2026-01-19 | 2026-01-21 |
| cnvd-2026-06092 | Tenda AX-3 fromAdvSetMacMtuWan函数堆栈缓冲区溢出漏洞 | 2026-01-19 | 2026-01-21 |
| cnvd-2026-06091 | Tenda AX-3 fromAdvSetMacMtuWan函数栈缓冲区溢出漏洞 | 2026-01-19 | 2026-01-21 |
| cnvd-2026-06090 | Tenda AX-3 fromAdvSetMacMtuWan函数堆栈缓冲区溢出漏洞 | 2026-01-19 | 2026-01-21 |
| cnvd-2026-06089 | Tenda AX-3 fromAdvSetMacMtuWan函数堆栈缓冲区溢出漏洞 | 2026-01-19 | 2026-01-21 |
| cnvd-2026-06088 | Tenda AX1806 sub_4CA50函数堆栈缓冲区溢出漏洞 | 2026-01-19 | 2026-01-21 |
| cnvd-2026-06087 | Tenda AX1806 sub_65B5C函数堆栈缓冲区溢出漏洞 | 2026-01-19 | 2026-01-21 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01534 | Уязвимость функции smtcfb_write() модуля drivers/video/fbdev/sm712fb.c драйвера поддержки… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01533 | Уязвимость функции mt8183_da7219_max98357_dev_probe() модуля sound/soc/mediatek/mt8183/mt… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01532 | Уязвимость функции qla2x00_bsg_job_done() модуля drivers/scsi/qla2xxx/qla_bsg.c драйвера … | 10.02.2026 | 10.02.2026 |
| bdu:2026-01531 | Уязвимость функции __udf_iget() модуля fs/udf/inode.c файловой системы ядра операционной … | 10.02.2026 | 10.02.2026 |
| bdu:2026-01530 | Уязвимость функции mt7601u_rx_next_seg_len() модуля drivers/net/wireless/mediatek/mt7601u… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01529 | Уязвимость функции lio_target_nacl_info_show() модуля drivers/target/iscsi/iscsi_target_c… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01528 | Уязвимость функции bnxt_get_nvram_directory() модуля drivers/net/ethernet/broadcom/bnxt/b… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01527 | Уязвимость функции ext4_iget_extra_inode() модуля fs/ext4/inode.c файловой системы Ext4 я… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01526 | Уязвимость функции ieee80211_probe_client() модуля net/mac80211/cfg.c реализации стека ma… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01525 | Уязвимость функции brcmf_c_preinit_dcmds() модуля drivers/net/wireless/broadcom/brcm80211… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01524 | Уязвимость функции prepare_to_relocate() ядра операционной системы Linux, позволяющая нар… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01523 | Уязвимость функций lpfc_debugfs_multixripools_write() и lpfc_debugfs_nvmestat_write() ядр… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01522 | Уязвимость функции raid5_end_write_request() ядра операционной системы Linux, позволяющая… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01521 | Уязвимость функций ext4_mb_clear_bb() и ext4_free_blocks() ядра операционной системы Linu… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01520 | Уязвимость функции usb_udc_uevent() ядра операционной системы Linux, позволяющая нарушите… | 10.02.2026 | 10.02.2026 |
| bdu:2026-01516 | Уязвимость функции convert___skb_to_skb() ядра операционной системы Linux, позволяющая на… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01515 | Уязвимость операционной системы HPE Alletra, системы хранения данных HPE Nimble Storage A… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01514 | Уязвимость функции optc1_enable_optc_clock() ядра операционной системы Linux, позволяющая… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01510 | Уязвимость функции __ieee80211_scan_completed() ядра операционной системы Linux, позволяю… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01509 | Уязвимость функций nilfs_relax_pressure_in_lock() и nilfs_construct_segment() ядра операц… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01508 | Уязвимость функции cpe_mime_handlers() микропрограммного обеспечения маршрутизаторов Link… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01507 | Уязвимость функции ntfs_read_inode_mount() ядра операционной системы Linux, позволяющая н… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01506 | Уязвимость функции formSetWanDiag() микропрограммного обеспечения маршрутизаторов Tenda G… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01505 | Уязвимость функции null_init_tag_set() модуля drivers/block/null_blk/main.c драйвера блоч… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01504 | Уязвимость функции pot_hole() ядра операционной системы Linux, позволяющая нарушителю ока… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01503 | Уязвимость функции usbnet_probe () модуля drivers/net/usb/usbnet.c драйвера сетевых адапт… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01502 | Уязвимость функции bcmgenet_desc_rx() модуля drivers/net/ethernet/broadcom/genet/bcmgenet… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01501 | Уязвимость функции snd_pcm_oss_period_size() ядра операционной системы Linux, позволяющая… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01500 | Уязвимость функции sja1105_table_delete_entry() модуля drivers/net/dsa/sja1105/sja1105_st… | 09.02.2026 | 09.02.2026 |
| bdu:2026-01499 | Уязвимость функции jfs_link() модуля fs/jfs/namei.c файловой системы JFS ядра операционно… | 09.02.2026 | 09.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0029 | Multiples vulnérabilités dans VMware Tanzu Gemfire | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0028 | Multiples vulnérabilités dans MariaDB | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0027 | Vulnérabilité dans NetApp ONTAP | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0026 | Vulnérabilité dans Google Pixel | 2026-01-13T00:00:00.000000 | 2026-01-13T00:00:00.000000 |
| certfr-2026-avi-0025 | Vulnérabilité dans Microsoft Edge | 2026-01-12T00:00:00.000000 | 2026-01-12T00:00:00.000000 |
| certfr-2026-avi-0024 | Multiples vulnérabilités dans VMware Tanzu Greenplum Backup and Restore | 2026-01-12T00:00:00.000000 | 2026-01-12T00:00:00.000000 |
| certfr-2026-avi-0023 | Multiples vulnérabilités dans les produits Axis | 2026-01-12T00:00:00.000000 | 2026-01-12T00:00:00.000000 |
| certfr-2026-avi-0022 | Multiples vulnérabilités dans les produits Microsoft | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0021 | Vulnérabilité dans Microsoft Edge | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0020 | Multiples vulnérabilités dans les produits IBM | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0019 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0018 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0017 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0016 | Vulnérabilité dans les produits Moxa | 2026-01-09T00:00:00.000000 | 2026-01-09T00:00:00.000000 |
| certfr-2026-avi-0015 | Multiples vulnérabilités dans les produits Centreon | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0014 | Multiples vulnérabilités dans GitLab | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0013 | Vulnérabilité dans Tenable Nessus Agent | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0012 | Multiples vulnérabilités dans Trend Micro Apex Central | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0011 | Vulnérabilité dans Google Android | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0010 | Multiples vulnérabilités dans Curl | 2026-01-07T00:00:00.000000 | 2026-01-07T00:00:00.000000 |
| certfr-2026-avi-0009 | Vulnérabilité dans Google Chrome | 2026-01-07T00:00:00.000000 | 2026-01-07T00:00:00.000000 |
| certfr-2026-avi-0008 | Multiples vulnérabilités dans Joomla! | 2026-01-07T00:00:00.000000 | 2026-01-07T00:00:00.000000 |
| certfr-2026-avi-0007 | Vulnérabilité dans Stormshield Network Security | 2026-01-06T00:00:00.000000 | 2026-01-06T00:00:00.000000 |
| certfr-2026-avi-0006 | Multiples vulnérabilités dans Veeam Backup & Replication | 2026-01-06T00:00:00.000000 | 2026-01-06T00:00:00.000000 |
| certfr-2026-avi-0005 | Multiples vulnérabilités dans Centreon Open Tickets | 2026-01-06T00:00:00.000000 | 2026-01-06T00:00:00.000000 |
| certfr-2026-avi-0004 | Vulnérabilité dans MariaDB | 2026-01-05T00:00:00.000000 | 2026-01-05T00:00:00.000000 |
| certfr-2026-avi-0003 | Multiples vulnérabilités dans les produits Qnap | 2026-01-05T00:00:00.000000 | 2026-01-05T00:00:00.000000 |
| certfr-2026-avi-0002 | Multiples vulnérabilités dans les produits IBM | 2026-01-02T00:00:00.000000 | 2026-01-02T00:00:00.000000 |
| certfr-2026-avi-0001 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-02T00:00:00.000000 | 2026-01-02T00:00:00.000000 |
| certfr-2025-avi-1142 | Multiples vulnérabilités dans Moxa NPort | 2025-12-31T00:00:00.000000 | 2025-12-31T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2014-ale-010 | Vulnérabilité de l'implémentation des protocoles SSL/TLS dans Microsoft Windows | 2014-11-11T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-009 | Vulnérabilité dans Microsoft OLE | 2014-10-22T00:00:00.000000 | 2014-11-12T00:00:00.000000 |
| certfr-2014-ale-008 | Vulnérabilité dans Drupal | 2014-10-16T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-007 | Vulnérabilité dans SSLv3 | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-ale-006 | Vulnérabilité dans GNU bash | 2014-09-25T00:00:00.000000 | 2014-09-30T00:00:00.000000 |
| certfr-2014-ale-005 | Vulnérabilité dans Microsoft Internet Explorer | 2014-04-28T00:00:00.000000 | 2014-05-02T00:00:00.000000 |
| certfr-2014-ale-004 | Vulnérabilité dans Apache Struts | 2014-04-25T00:00:00.000000 | 2014-04-29T00:00:00.000000 |
| certfr-2014-ale-003 | Vulnérabilité dans OpenSSL | 2014-04-08T00:00:00.000000 | 2014-07-30T00:00:00.000000 |
| certfr-2014-ale-002 | Vulnérabilité dans Microsoft Word | 2014-03-25T00:00:00.000000 | 2014-04-09T00:00:00.000000 |
| certfr-2014-ale-001 | Vulnérabilité dans Microsoft Internet Explorer | 2014-02-21T00:00:00.000000 | 2014-03-12T00:00:00.000000 |
| certa-2013-ale-008 | Vulnérabilité critique dans le noyau de Microsoft Windows | 2013-11-28T00:00:00.000000 | 2014-01-16T00:00:00.000000 |
| certa-2013-ale-007 | Vulnérabilité dans un composant graphique de Microsoft | 2013-11-06T00:00:00.000000 | 2013-12-10T00:00:00.000000 |
| certa-2013-ale-006 | Vulnérabilité dans Microsoft Internet Explorer | 2013-09-18T00:00:00.000000 | 2013-10-09T00:00:00.000000 |
| certa-2013-ale-005 | Vulnérabilité dans le noyau Linux | 2013-05-14T00:00:00.000000 | 2013-05-24T00:00:00.000000 |
| certa-2013-ale-004 | Vulnérabilité dans Adobe ColdFusion | 2013-05-10T00:00:00.000000 | 2013-05-15T00:00:00.000000 |
| certa-2013-ale-003 | Vulnérabilité dans Microsoft Internet Explorer 8 | 2013-05-06T00:00:00.000000 | 2013-05-15T00:00:00.000000 |
| certa-2013-ale-002 | Vulnérabilités dans Adobe Reader et Acrobat | 2013-02-14T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| certa-2013-ale-001 | Vulnérabilités dans Oracle Java | 2013-01-10T00:00:00.000000 | 2013-01-15T00:00:00.000000 |
| certa-2012-ale-010 | Vulnérabilité dans Internet Explorer | 2012-12-31T00:00:00.000000 | 2013-01-15T00:00:00.000000 |
| certa-2012-ale-009 | Vulnérabilité dans les pilotes NVidia | 2012-12-26T00:00:00.000000 | 2013-01-07T00:00:00.000000 |
| certa-2012-ale-008 | Vulnérabilité dans certains terminaux Samsung | 2012-12-18T00:00:00.000000 | 2012-12-18T00:00:00.000000 |
| certa-2012-ale-007 | Vulnérabilité dans MySQL | 2012-12-06T00:00:00.000000 | 2013-01-07T00:00:00.000000 |
| certa-2012-ale-006 | Vulnérabilité dans Internet Explorer | 2012-09-18T00:00:00.000000 | 2012-09-21T00:00:00.000000 |
| certa-2012-ale-005 | Vulnérabilité dans Oracle Java | 2012-08-27T00:00:00.000000 | 2012-08-31T00:00:00.000000 |
| certa-2012-ale-004 | Vulnérabilité dans Microsoft Exchange et Fast Search Server 2010 | 2012-07-25T00:00:00.000000 | 2012-08-16T00:00:00.000000 |
| certa-2012-ale-003 | Vulnérabilité dans Microsoft XML Core Services | 2012-06-14T00:00:00.000000 | 2012-08-17T00:00:00.000000 |
| certa-2012-ale-002 | Vulnérabilité dans Windows RDP | 2012-03-14T00:00:00.000000 | 2012-04-13T00:00:00.000000 |
| certa-2012-ale-001 | Vulnérabilité dans Cisco IronPort | 2012-02-01T00:00:00.000000 | 2013-02-05T00:00:00.000000 |
| certa-2011-ale-008 | Vulnérabilité dans Adobe Reader et Acrobat | 2011-12-07T00:00:00.000000 | 2012-01-10T00:00:00.000000 |
| certa-2011-ale-007 | Vulnérabilité dans ftpd et ProFTPD sur FreeBSD | 2011-12-02T00:00:00.000000 | 2011-12-26T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2025-312 | Heap-buffer-overflow in ZSTD_decompressMultiFrame | 2025-05-02T00:14:14.459388Z | 2026-01-29T14:23:29.688478Z |
| osv-2025-300 | Negative-size-param in recurse_update_offsets | 2025-04-26T00:15:04.274172Z | 2025-04-26T00:15:04.274471Z |
| osv-2025-298 | Heap-buffer-overflow in i18n::phonenumbers::UnicodeText::const_iterator::operator-- | 2025-04-26T00:02:46.771719Z | 2025-10-11T14:20:31.062038Z |
| osv-2025-291 | Use-of-uninitialized-value in Poco::Net::NTLMCredentials::parseChallengeMessage | 2025-04-20T00:07:34.286645Z | 2025-04-20T00:07:34.287298Z |
| osv-2025-290 | Heap-buffer-overflow in pcpp::TelnetLayer::toString | 2025-04-19T00:05:45.140280Z | 2025-09-25T14:31:44.695948Z |
| osv-2025-289 | Stack-buffer-overflow in ot::Cli::Utils::OutputLine | 2025-04-19T00:05:17.593162Z | 2025-04-19T00:05:17.593788Z |
| osv-2025-280 | Heap-buffer-overflow in Assimp::SceneCombiner::CopyScene | 2025-04-15T00:04:03.423453Z | 2026-01-25T14:19:05.873424Z |
| osv-2025-275 | UNKNOWN READ in void std::__1::vector<unsigned char, std::__1::allocator<unsigned char>>::__cons | 2025-04-14T00:02:37.519708Z | 2025-04-17T14:43:50.559313Z |
| osv-2025-271 | Use-of-uninitialized-value in luaS_new | 2025-04-11T00:04:20.869490Z | 2025-04-11T00:04:20.869967Z |
| osv-2025-267 | Stack-buffer-overflow in snap_usedef | 2025-04-08T00:17:16.034122Z | 2025-07-23T14:22:40.655455Z |
| osv-2025-266 | Heap-buffer-overflow in lj_buf_ruleb128 | 2025-04-08T00:17:06.279554Z | 2026-01-27T14:24:04.437262Z |
| osv-2025-264 | Security exception in org.joni.Parser.parseCharClass | 2025-04-08T00:00:08.174777Z | 2025-04-08T00:00:08.175341Z |
| osv-2025-262 | UNKNOWN WRITE in _lou_handlePassVariableAction | 2025-04-07T00:02:21.621602Z | 2025-09-25T14:33:42.888095Z |
| osv-2025-260 | Heap-buffer-overflow in bfd_getb16 | 2025-04-06T00:00:51.202273Z | 2025-04-06T00:00:51.202704Z |
| osv-2025-258 | Global-buffer-overflow in parseExtraField | 2025-04-05T00:05:58.760780Z | 2025-04-05T00:05:58.761154Z |
| osv-2025-256 | Global-buffer-overflow in QByteArray::QByteArray | 2025-04-05T00:02:36.742745Z | 2025-04-05T00:02:36.743233Z |
| osv-2025-253 | Security exception in org.apache.lucene.analysis.ckb.SoraniNormalizer.normalize | 2025-04-03T00:17:24.000398Z | 2025-11-17T14:50:20.772111Z |
| osv-2025-251 | Heap-buffer-overflow in icu_78::RegexMatcher::MatchChunkAt | 2025-04-02T00:16:00.337471Z | 2025-04-02T00:16:00.337850Z |
| osv-2025-249 | Heap-use-after-free in lj_strfmt_pushvf | 2025-04-02T00:09:53.120387Z | 2025-07-23T14:23:01.826780Z |
| osv-2025-248 | Heap-buffer-overflow in cli_bm_addpatt | 2025-04-02T00:00:13.427589Z | 2025-04-02T00:00:13.428120Z |
| osv-2025-240 | Security exception in com.powsybl.commons.xml.XmlUtil.lambda$skipSubElements$0 | 2025-03-28T00:05:50.145107Z | 2025-03-30T14:32:19.516483Z |
| osv-2025-230 | Heap-buffer-overflow in wasm_loader_prepare_bytecode | 2025-03-22T00:05:22.916187Z | 2025-03-22T00:05:22.916485Z |
| osv-2025-226 | UNKNOWN READ in extract_sess_version | 2025-03-21T00:19:10.852617Z | 2025-03-21T00:19:10.852969Z |
| osv-2025-219 | Heap-buffer-overflow in opj_j2k_read_tile_header | 2025-03-18T00:18:30.566980Z | 2026-02-11T14:21:43.026699Z |
| osv-2025-215 | Security exception in graphql.parser.GraphqlAntlrToLanguage.createType | 2025-03-18T00:09:36.655072Z | 2025-03-18T00:09:36.655425Z |
| osv-2025-207 | Security exception in org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone | 2025-03-16T00:02:33.765869Z | 2025-06-20T17:14:14.229009Z |
| osv-2025-202 | UNKNOWN READ in _blit_xrgb32_lerp_spans | 2025-03-15T00:01:51.127135Z | 2026-02-24T14:28:08.371682Z |
| osv-2025-190 | Heap-buffer-overflow in std::__1::__function::__func<cv::PngDecoder::compose_frame | 2025-03-11T00:04:32.361664Z | 2025-03-11T00:04:32.362119Z |
| osv-2025-178 | Heap-buffer-overflow in usm_set_user_password | 2025-02-28T00:16:54.655227Z | 2025-02-28T00:16:54.655745Z |
| osv-2025-177 | Segv on unknown address in chunk_free_object | 2025-02-28T00:16:24.018716Z | 2025-02-28T00:16:24.019131Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2024-0424 | Unsound usages of `core::slice::from_raw_parts_mut` | 2024-12-19T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0433 | Malicious plugin names, recipients, or identities can cause arbitrary binary execution | 2024-12-18T12:00:00Z | 2025-01-03T18:23:54Z |
| rustsec-2024-0432 | Malicious plugin names, recipients, or identities can cause arbitrary binary execution | 2024-12-18T12:00:00Z | 2025-01-03T18:23:54Z |
| rustsec-2024-0437 | Crash due to uncontrolled recursion in protobuf crate | 2024-12-12T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0423 | gtk-layer-shell-sys GTK3 bindings - no longer maintained | 2024-12-09T12:00:00Z | 2024-12-09T13:12:34Z |
| rustsec-2024-0422 | gtk-layer-shell GTK3 bindings - no longer maintained | 2024-12-09T12:00:00Z | 2024-12-09T13:12:34Z |
| rustsec-2024-0421 | `idna` accepts Punycode labels that do not produce any non-ASCII when decoded | 2024-12-09T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0447 | Panics on Malformed Untrusted Input | 2024-12-05T12:00:00Z | 2025-12-24T14:48:25Z |
| rustsec-2024-0428 | Undefined behaviour in `kvm_ioctls::ioctls::vm::VmFd::create_device` | 2024-12-05T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0409 | Build corruption when using `PYO3_CONFIG_FILE` environment variable | 2024-12-04T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0408 | Unsound usages of `std::slice::from_raw_parts` | 2024-12-04T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0400 | `ruzstd` uninit and out-of-bounds memory reads | 2024-11-28T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0399 | rustls network-reachable panic in `Acceptor::accept` | 2024-11-22T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0398 | Bias of Polynomial Coefficients in Secret Sharing | 2024-11-16T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0401 | Denial of service because of stack overflow with malicious decompression input | 2024-11-14T12:00:00Z | 2024-12-04T12:13:35Z |
| rustsec-2024-0445 | cap-primitives doesn't fully sandbox all the Windows device filenames | 2024-11-05T12:00:00Z | 2025-12-19T21:01:24Z |
| rustsec-2024-0438 | Wasmtime doesn't fully sandbox all the Windows device filenames | 2024-11-02T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2024-0379 | Multiple soundness issues | 2024-10-31T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0381 | Replaced by `pqcrypto-mlkem` | 2024-10-24T12:00:00Z | 2024-11-10T12:05:32Z |
| rustsec-2024-0380 | Replaced by `pqcrypto-mldsa` | 2024-10-24T12:00:00Z | 2024-11-10T12:05:32Z |
| rustsec-2024-0378 | Risk of use-after-free in `borrowed` reads from Python weak references | 2024-10-12T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0402 | Borsh serialization of HashMap is non-canonical | 2024-10-11T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0436 | paste - no longer maintained | 2024-10-07T12:00:00Z | 2026-01-27T21:51:15Z |
| rustsec-2024-0377 | Heap Buffer overflow using c_chars_to_str function | 2024-10-07T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0439 | Race condition could lead to WebAssembly control-flow integrity and type safety violations | 2024-10-03T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2024-0440 | Runtime crash when combining tail calls with stack traces | 2024-10-02T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2024-0376 | Remotely exploitable Denial of Service in Tonic | 2024-10-01T12:00:00Z | 2025-09-11T07:02:22Z |
| rustsec-2024-0375 | `atty` is unmaintained | 2024-09-25T12:00:00Z | 2024-09-26T12:26:22Z |
| rustsec-2024-0374 | Segmentation fault due to use of uninitialized memory | 2024-09-22T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2024-0427 | get-size-derive is unmaintained | 2024-09-15T12:00:00Z | 2024-12-22T09:01:06Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:0126 | Moderate: poppler security update | 2026-01-06T00:00:00Z | 2026-01-07T14:21:37Z |
| alsa-2026:0125 | Important: mingw-libpng security update | 2026-01-06T00:00:00Z | 2026-01-07T21:32:21Z |
| alsa-2026:0123 | Moderate: python3.12 security update | 2026-01-06T00:00:00Z | 2026-01-07T14:18:43Z |
| alsa-2026:0108 | Moderate: gcc-toolset-15-binutils security update | 2026-01-06T00:00:00Z | 2026-01-07T14:17:02Z |
| alsa-2026:0067 | Moderate: tar security update | 2026-01-05T00:00:00Z | 2026-01-13T08:42:22Z |
| alsa-2026:0052 | Moderate: gcc-toolset-14-binutils security update | 2026-01-05T00:00:00Z | 2026-01-05T20:18:34Z |
| alsa-2026:0026 | Important: thunderbird security update | 2026-01-05T00:00:00Z | 2026-01-05T10:18:14Z |
| alsa-2026:0025 | Important: thunderbird security update | 2026-01-05T00:00:00Z | 2026-01-05T10:10:00Z |
| alsa-2026:0002 | Moderate: tar security update | 2026-01-05T00:00:00Z | 2026-01-05T09:20:37Z |
| alsa-2025:23948 | Moderate: grafana security update | 2025-12-22T00:00:00Z | 2025-12-23T13:42:03Z |
| alsa-2025:23940 | Moderate: python3.12 security update | 2025-12-22T00:00:00Z | 2025-12-23T05:59:49Z |
| alsa-2025:23932 | Important: httpd security update | 2025-12-22T00:00:00Z | 2025-12-23T06:01:50Z |
| alsa-2025:23919 | Important: httpd security update | 2025-12-22T00:00:00Z | 2026-01-05T20:20:59Z |
| alsa-2025:23856 | Important: thunderbird security update | 2025-12-22T00:00:00Z | 2025-12-23T16:45:01Z |
| alsa-2025:23745 | Important: git-lfs security update | 2025-12-22T00:00:00Z | 2025-12-22T12:34:52Z |
| alsa-2025:23744 | Important: git-lfs security update | 2025-12-22T00:00:00Z | 2025-12-22T12:38:08Z |
| alsa-2025:23739 | Important: mod_md security update | 2025-12-22T00:00:00Z | 2025-12-22T13:37:02Z |
| alsa-2025:23738 | Important: mod_md security update | 2025-12-22T00:00:00Z | 2025-12-22T13:38:35Z |
| alsa-2025:23732 | Important: httpd:2.4 security update | 2025-12-22T00:00:00Z | 2025-12-22T14:02:23Z |
| alsa-2025:23729 | Important: opentelemetry-collector security update | 2025-12-21T00:00:00Z | 2025-12-23T13:07:45Z |
| alsa-2025:23700 | Important: webkit2gtk3 security update | 2025-12-18T00:00:00Z | 2025-12-22T13:39:46Z |
| alsa-2025:23667 | Important: git-lfs security update | 2025-12-18T00:00:00Z | 2025-12-22T13:42:09Z |
| alsa-2025:23664 | Important: opentelemetry-collector security update | 2025-12-18T00:00:00Z | 2025-12-23T13:09:37Z |
| alsa-2025:23663 | Important: webkit2gtk3 security update | 2025-12-18T00:00:00Z | 2025-12-22T14:04:48Z |
| alsa-2025:23543 | Important: container-tools:rhel8 security update | 2025-12-17T00:00:00Z | 2025-12-24T09:25:49Z |
| alsa-2025:23530 | Important: python39:3.9 security update | 2025-12-17T00:00:00Z | 2025-12-22T14:10:23Z |
| alsa-2025:23484 | Moderate: libssh security update | 2025-12-17T00:00:00Z | 2025-12-21T19:50:15Z |
| alsa-2025:23483 | Moderate: libssh security update | 2025-12-17T00:00:00Z | 2025-12-21T19:54:52Z |
| alsa-2025:23481 | Moderate: openssh security update | 2025-12-17T00:00:00Z | 2025-12-21T20:00:09Z |
| alsa-2025:23480 | Moderate: openssh security update | 2025-12-17T00:00:00Z | 2025-12-21T20:03:34Z |