Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-69375 |
8.1 (3.1)
|
WordPress Portfolio Builder plugin <= 1.2.5 - Local Fi… |
SolverWp |
Portfolio Builder |
2026-02-20T15:46:52.069Z | 2026-02-24T20:51:03.533Z |
| CVE-2025-69395 |
8.1 (3.1)
|
WordPress Gable theme <= 1.5 - Local File Inclusion vu… |
ThemeREX |
Gable |
2026-02-20T15:46:56.223Z | 2026-02-24T20:51:03.370Z |
| CVE-2025-69396 |
8.1 (3.1)
|
WordPress Splendour theme <= 1.23 - Local File Inclusi… |
ThemeREX |
Splendour |
2026-02-20T15:46:56.394Z | 2026-02-24T20:51:03.165Z |
| CVE-2025-69397 |
8.1 (3.1)
|
WordPress Tint theme <= 1.7 - Local File Inclusion vul… |
ThemeREX |
Tint |
2026-02-20T15:46:56.567Z | 2026-02-24T20:51:03.011Z |
| CVE-2025-69398 |
8.1 (3.1)
|
WordPress Plank theme <= 1.7 - Local File Inclusion vu… |
ThemeREX |
Plank |
2026-02-20T15:46:56.752Z | 2026-02-24T20:51:02.811Z |
| CVE-2025-69399 |
8.1 (3.1)
|
WordPress Cobble theme <= 1.7 - Local File Inclusion v… |
ThemeREX |
Cobble |
2026-02-20T15:46:56.948Z | 2026-02-24T20:51:02.652Z |
| CVE-2025-69400 |
8.1 (3.1)
|
WordPress Yokoo theme <= 1.1.11 - Local File Inclusion… |
ThemeREX |
Yokoo |
2026-02-20T15:46:57.137Z | 2026-02-24T20:51:02.474Z |
| CVE-2025-69402 |
8.1 (3.1)
|
WordPress R&F theme <= 1.5 - Local File Inclusion vuln… |
ThemeREX |
R&F |
2026-02-20T15:46:57.536Z | 2026-02-24T20:51:02.244Z |
| CVE-2025-69406 |
8.1 (3.1)
|
WordPress FreightCo theme <= 1.1.7 - Local File Inclus… |
ThemeREX |
FreightCo |
2026-02-20T15:46:58.338Z | 2026-02-24T20:51:01.980Z |
| CVE-2025-69407 |
8.1 (3.1)
|
WordPress Struktur theme <= 2.5.1 - Local File Inclusi… |
Select-Themes |
Struktur |
2026-02-20T15:46:58.538Z | 2026-02-24T20:51:01.621Z |
| CVE-2025-69408 |
8.1 (3.1)
|
WordPress HealthFirst theme <= 1.0.1 - Local File Incl… |
Mikado-Themes |
HealthFirst |
2026-02-20T15:46:58.713Z | 2026-02-24T20:51:01.374Z |
| CVE-2025-69409 |
8.1 (3.1)
|
WordPress PJ | Life & Business Coaching theme <= 3.0.0… |
axiomthemes |
PJ | Life & Business Coaching |
2026-02-20T15:46:58.882Z | 2026-02-24T20:51:01.152Z |
| CVE-2025-69410 |
8.1 (3.1)
|
WordPress Belletrist theme <= 1.2 - Local File Inclusi… |
Edge-Themes |
Belletrist |
2026-02-20T15:46:59.059Z | 2026-02-24T20:51:00.989Z |
| CVE-2026-22344 |
8.1 (3.1)
|
WordPress FiveStar theme <= 1.7 - Local File Inclusion… |
Mikado-Themes |
FiveStar |
2026-02-20T15:46:59.662Z | 2026-02-24T20:51:00.843Z |
| CVE-2026-22361 |
8.1 (3.1)
|
WordPress A-Mart theme <= 1.0.2 - Local File Inclusion… |
axiomthemes |
A-Mart |
2026-02-20T15:47:01.916Z | 2026-02-24T20:51:00.699Z |
| CVE-2026-22363 |
8.1 (3.1)
|
WordPress Rhodos theme <= 1.3.3 - Local File Inclusion… |
axiomthemes |
Rhodos |
2026-02-20T15:47:02.437Z | 2026-02-24T20:51:00.543Z |
| CVE-2026-22367 |
8.1 (3.1)
|
WordPress Coworking theme <= 1.6.1 - Local File Inclus… |
AncoraThemes |
Coworking |
2026-02-20T15:47:03.323Z | 2026-02-24T20:51:00.406Z |
| CVE-2026-22369 |
8.1 (3.1)
|
WordPress Ironfit theme <= 1.5 - Local File Inclusion … |
AncoraThemes |
Ironfit |
2026-02-20T15:47:03.701Z | 2026-02-24T20:50:59.952Z |
| CVE-2026-22371 |
8.1 (3.1)
|
WordPress Gustavo theme <= 1.2.2 - Local File Inclusio… |
AncoraThemes |
Gustavo |
2026-02-20T15:47:04.076Z | 2026-02-24T20:50:59.804Z |
| CVE-2026-22373 |
8.1 (3.1)
|
WordPress Fooddy theme <= 1.3.10 - Local File Inclusio… |
AncoraThemes |
Fooddy |
2026-02-20T15:47:05.132Z | 2026-02-24T20:50:59.622Z |
| CVE-2026-22375 |
8.1 (3.1)
|
WordPress Impacto Patronus theme <= 1.2.3 - Local File… |
AncoraThemes |
Impacto Patronus |
2026-02-20T15:47:05.586Z | 2026-02-24T20:50:59.430Z |
| CVE-2026-22379 |
8.1 (3.1)
|
WordPress Netmix theme <= 1.0.10 - Local File Inclusio… |
AncoraThemes |
Netmix |
2026-02-20T15:47:06.345Z | 2026-02-24T20:50:59.202Z |
| CVE-2026-3091 |
6.7 (3.1)
|
An uncontrolled search path element vulnerability… |
Synology |
Synology Presto Client |
2026-02-24T02:31:20.298Z | 2026-02-24T20:48:54.091Z |
| CVE-2026-26283 |
6.2 (3.1)
|
ImageMagick has possible infinite loop in JPEG encoder… |
ImageMagick |
ImageMagick |
2026-02-24T01:55:59.350Z | 2026-02-24T20:47:41.990Z |
| CVE-2026-26284 |
6.5 (3.1)
|
ImageMagick has heap overflow in pcd decoder that lead… |
ImageMagick |
ImageMagick |
2026-02-24T02:00:19.417Z | 2026-02-24T20:46:56.730Z |
| CVE-2026-3054 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
Alinto SOGo cross site scripting |
Alinto |
SOGo |
2026-02-24T02:02:06.992Z | 2026-02-24T20:45:48.226Z |
| CVE-2026-3057 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
a54552239 pearProjectApi Backend Task.php dateTotalFor… |
a54552239 |
pearProjectApi |
2026-02-24T02:02:08.977Z | 2026-02-24T20:42:56.315Z |
| CVE-2026-26198 |
9.8 (3.1)
|
ormar is vulnerable to SQL Injection through aggregate… |
collerek |
ormar |
2026-02-24T02:03:47.094Z | 2026-02-24T20:35:44.673Z |
| CVE-2026-22377 |
8.1 (3.1)
|
WordPress Saveo theme <= 1.1.2 - Local File Inclusion … |
AncoraThemes |
Saveo |
2026-02-20T15:47:05.960Z | 2026-02-24T20:30:39.293Z |
| CVE-2025-11847 |
4.9 (3.1)
|
A null pointer dereference vulnerability in the I… |
Zyxel |
VMG3625-T50B firmware |
2026-02-24T02:09:44.684Z | 2026-02-24T20:27:08.473Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-23984 | An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated u… | 2026-02-24T14:16:23.307 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23983 | A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to r… | 2026-02-24T14:16:23.143 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23982 | An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user… | 2026-02-24T14:16:22.980 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23980 | Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability i… | 2026-02-24T14:16:22.807 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23969 | Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execu… | 2026-02-24T14:16:22.623 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23859 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-… | 2026-02-24T20:27:47.460 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23858 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input … | 2026-02-24T20:27:47.303 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-23678 | Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command i… | 2026-02-24T16:24:08.090 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-22766 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with … | 2026-02-24T20:27:46.957 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-22765 | Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerabilit… | 2026-02-24T20:27:46.790 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-22553 | All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in… | 2026-02-24T21:16:28.713 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-21410 | InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious … | 2026-02-24T21:16:25.790 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-1773 | IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product… | 2026-02-24T14:16:22.420 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-1772 | RTU500 web interface: An unprivileged user can read user management information. The information ca… | 2026-02-24T14:16:22.180 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-1768 | A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypa… | 2026-02-24T20:27:46.300 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0402 | A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash… | 2026-02-24T15:21:37.410 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0401 | A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to… | 2026-02-24T15:21:37.267 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0400 | A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fi… | 2026-02-24T15:21:37.127 | 2026-02-24T21:52:01.367 |
| fkie_cve-2026-0399 | Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management … | 2026-02-24T15:21:36.980 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-69985 | FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Executi… | 2026-02-24T16:24:07.120 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-67445 | TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cste… | 2026-02-24T15:21:36.707 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-63409 | Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authe… | 2026-02-24T16:24:06.990 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-62512 | Piwigo is an open source photo gallery application for the web. In version 15.5.0 and likely earlie… | 2026-02-24T18:29:32.930 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-47904 | Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malic… | 2026-02-24T16:24:06.680 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-33181 | NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T20:27:43.127 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-33180 | NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T20:27:42.943 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-33179 | NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T20:27:42.733 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-1789 | Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows use… | 2026-02-24T20:27:42.597 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-1787 | Local admin could to leak information from the Genetec Update Service configuration web page. An au… | 2026-02-24T20:27:42.413 | 2026-02-24T21:52:01.367 |
| fkie_cve-2025-14963 | A vulnerability identified in the Trellix HX Agent driver file fekern.sys allowed a threat actor w… | 2026-02-24T18:29:32.613 | 2026-02-24T21:52:01.367 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-3q93-28v9-5x6v |
4.9 (3.1)
|
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fi… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-3px2-2xc4-mxr2 |
|
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3922-j2hh-9qcf |
5.4 (3.1)
|
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-3547-c34m-73j3 |
6.5 (3.1)
6.9 (4.0)
|
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement ra… | 2026-02-24T18:31:02Z | 2026-02-24T18:31:02Z |
| ghsa-x8jx-9xwq-xwq6 |
|
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 a… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-wwg9-hv2r-mj8w |
|
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ES… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-v49m-r4w3-2p5x |
|
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox … | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-v33x-35cm-8gjc |
|
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-r837-hpv7-pc2f |
8.4 (3.1)
|
DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in t… | 2026-02-24T12:31:40Z | 2026-02-24T18:31:01Z |
| ghsa-r2q9-885m-j92q |
|
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Fire… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-qmr7-46p8-4c5r |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-q6rm-rhj9-jpg5 |
|
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-p4fg-vw73-vr29 |
|
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-mcwp-v5q8-7gcp |
8.8 (3.1)
|
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated… | 2026-02-24T06:31:30Z | 2026-02-24T18:31:01Z |
| ghsa-m65f-px5x-xq9x |
|
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Fir… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-hjq8-wc3q-9xf3 |
|
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, F… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-h67m-x9c3-v9wp |
8.8 (3.1)
|
Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-h3qc-gf9h-42g6 |
|
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Fire… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-gxg5-574v-j5f6 |
|
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Fi… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-gjwv-rvwj-p62j |
|
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-g9cv-cvhp-755f |
|
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-g5w7-69g8-vcwp |
|
Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Fire… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-99p8-j693-qhpc |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fir… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-94rx-4fcc-c849 |
|
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-8r55-rv5w-6pfm |
6.5 (3.1)
|
Airflow versions before 2.11.1 have a vulnerability that allows authenticated users with audit log … | 2026-02-24T12:31:40Z | 2026-02-24T18:31:01Z |
| ghsa-839v-3vpr-fpgf |
|
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-7xqm-gm4h-p23x |
|
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vuln… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-76rw-rj58-mpqc |
|
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ghsa-6hhh-7cj8-7mp2 |
9.1 (3.1)
|
Smolder versions through 1.51 for Perl uses insecure rand() function for cryptographic functions. … | 2026-02-24T00:31:34Z | 2026-02-24T18:31:01Z |
| ghsa-5mg4-r7qx-2frp |
|
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, F… | 2026-02-24T15:30:31Z | 2026-02-24T18:31:01Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2018-152 |
7.2 (3.1)
|
An authorization-check flaw was discovered in federation configurations of the OpenStack … | keystone | 2018-07-19T13:29:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2018-149 |
6.1 (3.1)
|
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of In… | galaxy-app | 2018-06-26T16:29:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2017-147 |
7.8 (3.1)
|
In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of da… | pyspark | 2017-09-13T16:29:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2017-145 |
4.7 (3.1)
|
OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local… | nova | 2017-08-09T18:29:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2017-143 |
5.5 (3.1)
|
The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypas… | glance | 2017-03-29T14:59:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2016-38 |
4.3 (3.1)
|
The Fernet Token Provider in OpenStack Identity (Keystone) 9.0.x before 9.0.1 (mitaka) al… | keystone | 2016-06-13T14:59:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2015-40 |
|
Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack … | horizon | 2015-08-20T20:59:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2015-39 |
|
The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo… | glance | 2015-08-19T15:59:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2015-38 |
|
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not p… | glance | 2015-02-24T15:59:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2015-37 |
|
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not p… | glance | 2015-02-24T15:59:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-116 |
|
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 thr… | swift | 2014-01-23T01:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-113 |
|
The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly p… | nova | 2014-03-25T16:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-112 |
|
The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse … | nova | 2014-05-08T14:29:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-111 |
|
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver … | nova | 2014-02-06T17:00:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-109 |
|
OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not … | keystone | 2014-08-25T14:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-108 |
|
The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Ju… | keystone | 2014-08-25T14:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-107 |
|
The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Ju… | keystone | 2014-08-25T14:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-106 |
|
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before ic… | keystone | 2014-04-15T14:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-105 |
|
The memcache token backend in OpenStack Identity (Keystone) 2013.1 through 2.013.1.4, 201… | keystone | 2014-04-01T06:35:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-102 |
|
OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehou… | glance | 2014-02-14T15:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2013-44 |
|
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly i… | nova | 2013-03-22T21:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2013-43 |
|
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authe… | nova | 2013-03-22T21:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2013-42 |
|
The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.… | keystone | 2013-09-23T20:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2013-41 |
|
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and H… | keystone | 2013-05-21T18:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2013-39 |
|
OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keysto… | keystone | 2013-03-22T21:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2010-32 |
|
ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to… | Zope | 2010-09-08T20:00:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2009-13 |
|
MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to… | moin | 2009-04-03T18:30:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2009-12 |
|
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the crackli… | moin | 2009-03-30T01:30:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-14 |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CMS 3.0.5 and 3.0.6 a… | Plone | 2008-03-20T00:44:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-13 |
|
Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (a… | moin | 2008-07-30T18:41:00Z | 2024-11-25T18:35:18.357593Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33726 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.327193Z |
| gsd-2024-33831 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.326184Z |
| gsd-2024-33817 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.323149Z |
| gsd-2024-33782 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.322441Z |
| gsd-2024-33775 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.322245Z |
| gsd-2024-33783 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.322051Z |
| gsd-2024-33742 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.321372Z |
| gsd-2024-33678 | Cross-Site Request Forgery (CSRF) vulnerability in ClickCease ClickCease Click Fraud Prot… | 2024-04-27T05:02:18.319802Z |
| gsd-2024-33757 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.319530Z |
| gsd-2024-33811 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.319336Z |
| gsd-2024-33825 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.318128Z |
| gsd-2024-33698 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.315544Z |
| gsd-2024-33836 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.309729Z |
| gsd-2024-33796 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.308365Z |
| gsd-2024-33780 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.307884Z |
| gsd-2024-33750 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.304976Z |
| gsd-2024-33725 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.300660Z |
| gsd-2024-33832 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.298682Z |
| gsd-2024-33804 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.298401Z |
| gsd-2024-33778 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.295751Z |
| gsd-2024-33815 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.295529Z |
| gsd-2024-33694 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-27T05:02:18.294663Z |
| gsd-2024-33806 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.291234Z |
| gsd-2024-33677 | Cross-Site Request Forgery (CSRF) vulnerability in Renzo Johnson Contact Form 7 Extension… | 2024-04-27T05:02:18.290583Z |
| gsd-2024-33842 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.286185Z |
| gsd-2024-33737 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.285475Z |
| gsd-2024-33772 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.282306Z |
| gsd-2024-31152 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:17.731991Z |
| gsd-2024-4273 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:16.625570Z |
| gsd-2024-4227 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:16.624403Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-704 | Malicious code in testing-package-xdsfdsfsc (npm) | 2026-02-03T16:22:25Z | 2026-02-07T10:45:40Z |
| mal-2026-789 | Malicious code in syf-typings (npm) | 2026-02-06T07:06:46Z | 2026-02-06T21:46:29Z |
| mal-2026-807 | Malicious code in web3-sinon (npm) | 2026-02-06T14:44:08Z | 2026-02-06T18:21:39Z |
| mal-2026-806 | Malicious code in web3-chain-sinon (npm) | 2026-02-06T14:44:08Z | 2026-02-06T18:21:39Z |
| mal-2026-804 | Malicious code in breadcrumb-service (npm) | 2026-02-06T12:30:53Z | 2026-02-06T16:19:57Z |
| mal-2026-805 | Malicious code in aligned-arrays (npm) | 2026-02-06T14:24:56Z | 2026-02-06T16:19:56Z |
| mal-2026-802 | Malicious code in @sbseg-plugin/qbo-web-app-ui (npm) | 2026-02-06T11:10:48Z | 2026-02-06T16:19:56Z |
| mal-2026-801 | Malicious code in @rsgweb/utils (npm) | 2026-02-06T11:10:48Z | 2026-02-06T16:19:56Z |
| mal-2026-800 | Malicious code in @rsgweb/tina (npm) | 2026-02-06T11:10:48Z | 2026-02-06T16:19:56Z |
| mal-2026-799 | Malicious code in @rsgweb/rockstar-account (npm) | 2026-02-06T11:10:48Z | 2026-02-06T16:19:56Z |
| mal-2026-798 | Malicious code in @rsgweb/modules-core-www-page (npm) | 2026-02-06T11:10:48Z | 2026-02-06T16:19:56Z |
| mal-2026-797 | Malicious code in @rsgweb/modules-core-feedback (npm) | 2026-02-06T11:10:48Z | 2026-02-06T16:19:56Z |
| mal-2026-796 | Malicious code in @rdxportal/ui-components (npm) | 2026-02-06T11:10:48Z | 2026-02-06T16:19:56Z |
| mal-2026-795 | Malicious code in @opposhop/nuxt-ssr-cache (npm) | 2026-02-06T11:10:47Z | 2026-02-06T16:19:56Z |
| mal-2026-794 | Malicious code in @meli-lint/eslint-config-tests-jest (npm) | 2026-02-06T11:10:46Z | 2026-02-06T16:19:56Z |
| mal-2026-793 | Malicious code in @meli-lint/eslint-config-base-ts (npm) | 2026-02-06T11:10:46Z | 2026-02-06T16:19:56Z |
| mal-2026-792 | Malicious code in @meli-lint/eslint-config-base (npm) | 2026-02-06T11:10:47Z | 2026-02-06T16:19:56Z |
| mal-2026-791 | Malicious code in @hashicorp-internal/vault-reporting (npm) | 2026-02-06T11:10:46Z | 2026-02-06T16:19:56Z |
| mal-2026-788 | Malicious code in @sporting-life/sportinglife-betslip-sdk (npm) | 2026-02-06T03:57:32Z | 2026-02-06T16:19:56Z |
| mal-2026-787 | Malicious code in @sporting-life/sportinglife-be (npm) | 2026-02-06T04:07:15Z | 2026-02-06T16:19:56Z |
| mal-2026-786 | Malicious code in @rsgweb/locale-tools (npm) | 2026-02-06T03:46:00Z | 2026-02-06T16:19:56Z |
| mal-2026-808 | Malicious code in carcent (PyPI) | 2026-02-06T15:23:01Z | 2026-02-06T15:23:01Z |
| mal-2026-803 | Malicious code in moveworks-pipeline-test (PyPI) | 2026-02-06T11:36:06Z | 2026-02-06T11:36:06Z |
| mal-2026-790 | Malicious code in p7zip-full (PyPI) | 2026-02-06T09:30:38Z | 2026-02-06T09:30:38Z |
| mal-2025-47509 | Malicious code in syf-api-legacy (npm) | 2025-09-22T04:00:48Z | 2026-02-06T07:35:22Z |
| mal-2025-4581 | Malicious code in syf-api (npm) | 2025-05-26T06:27:11Z | 2026-02-06T07:35:22Z |
| mal-2026-730 | Malicious code in zappr (npm) | 2026-02-04T05:14:29Z | 2026-02-06T03:05:28Z |
| mal-2026-729 | Malicious code in zalando-consent-api (npm) | 2026-02-04T05:14:29Z | 2026-02-06T03:05:28Z |
| mal-2026-771 | Malicious code in test-npm-style (npm) | 2026-02-05T19:06:12Z | 2026-02-06T03:05:27Z |
| mal-2026-770 | Malicious code in xpack-per-user (npm) | 2026-02-05T18:36:26Z | 2026-02-06T03:05:27Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-elk-2026-0532 | External Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini Connector | 2026-01-16T08:39:05.407Z | 2026-01-16T09:10:29.256Z |
| bit-elk-2026-0531 | Allocation of Resources Without Limits or Throttling in Kibana Fleet | 2026-01-16T08:39:03.612Z | 2026-01-16T09:10:29.256Z |
| bit-elk-2026-0530 | Allocation of Resources Without Limits or Throttling in Kibana Leading to Excessive Allocation | 2026-01-16T08:39:01.662Z | 2026-01-16T09:10:29.256Z |
| bit-mastodon-2026-22245 | Mastodon has SSRF Protection bypass | 2026-01-13T11:27:28.319Z | 2026-01-13T12:01:00.363Z |
| bit-virtualenv-2026-22702 | virtualenv Has TOCTOU Vulnerabilities in Directory Creation | 2026-01-13T08:53:06.703Z | 2026-01-13T09:11:00.781Z |
| bit-gitlab-2025-3950 | Exposure of Private Personal Information to an Unauthorized Actor in GitLab | 2026-01-13T09:08:23.763Z | 2026-01-13T09:11:00.781Z |
| bit-gitlab-2025-13781 | Missing Authorization in GitLab | 2026-01-13T09:07:23.273Z | 2026-01-13T09:11:00.781Z |
| bit-gitlab-2025-11246 | Insufficient Granularity of Access Control in GitLab | 2026-01-13T09:06:35.458Z | 2026-01-13T09:11:00.781Z |
| bit-gitlab-2025-10569 | Allocation of Resources Without Limits or Throttling in GitLab | 2026-01-13T09:06:21.471Z | 2026-01-13T09:11:00.781Z |
| bit-ghost-2026-22597 | Ghost has SSRF via External Media Inliner | 2026-01-13T08:40:27.429Z | 2026-01-13T09:11:00.781Z |
| bit-ghost-2026-22595 | Ghost has Staff Token permission bypass | 2026-01-13T08:40:23.758Z | 2026-01-13T09:11:00.781Z |
| bit-ghost-2026-22594 | Ghost has Staff 2FA bypass | 2026-01-13T08:40:22.071Z | 2026-01-13T09:11:00.781Z |
| bit-cosign-2026-22703 | Cosign verification accepts any valid Rekor entry under certain conditions | 2026-01-13T08:37:37.120Z | 2026-01-13T09:11:00.781Z |
| bit-drupal-2025-13083 | Drupal core - Moderately critical - Information disclosure - SA-CORE-2025-008 | 2025-11-25T17:56:46.824Z | 2026-01-10T12:08:11.327Z |
| bit-parse-2025-68150 | Parse Server has Server-Side Request Forgery (SSRF) in Instagram OAuth Adapter | 2025-12-18T11:46:18.950Z | 2026-01-08T18:07:34.629Z |
| bit-parse-2025-68115 | Parse Server vulnerable to Cross-Site Scripting (XSS) via Unescaped Mustache Template Variables | 2025-12-18T11:46:17.211Z | 2026-01-08T18:07:34.629Z |
| bit-parse-2025-67727 | Parse Server GitHub CI workflow vulnerable to RCE through Improper Privilege Management | 2025-12-18T11:46:15.637Z | 2026-01-08T18:07:34.629Z |
| bit-parse-2025-64502 | Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details | 2025-11-12T11:45:03.650Z | 2026-01-08T18:07:34.629Z |
| bit-openldap-2021-27212 | 2024-03-06T11:00:07.978Z | 2026-01-08T18:07:34.629Z | |
| bit-mongodb-2025-13644 | MongoDB may be susceptible to Invariant Failure due to batched delete | 2025-12-12T11:19:13.963Z | 2026-01-08T18:07:34.629Z |
| bit-mongodb-2025-13643 | MongoDB Server may allow queries to be terminated by unauthorized users | 2025-12-12T11:19:08.903Z | 2026-01-08T18:07:34.629Z |
| bit-mastodon-2025-67500 | Mastodon Error Handling Discrepancy Enables Private Status Existence Enumeration | 2025-12-11T11:41:16.693Z | 2026-01-08T18:07:34.629Z |
| bit-mastodon-2025-62605 | Mastodon quotes control can be bypassed | 2025-10-23T08:44:09.997Z | 2026-01-08T18:07:34.629Z |
| bit-mastodon-2025-62176 | Mastadon streaming server allows OAuth clients without the `read` scope to subscribe to public channels | 2025-10-15T08:44:06.235Z | 2026-01-08T18:07:34.629Z |
| bit-mastodon-2025-62175 | Mastodon streaming API fails to disconnect disabled and suspended users | 2025-10-15T08:44:04.530Z | 2026-01-08T18:07:34.629Z |
| bit-mastodon-2025-62174 | Mastodon allows continued access after password reset via CLI | 2025-10-15T08:44:02.890Z | 2026-01-08T18:07:34.629Z |
| bit-lua-2020-24370 | 2024-03-06T10:56:50.799Z | 2026-01-08T18:07:34.629Z | |
| bit-kyverno-2025-46342 | Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements | 2025-09-12T11:43:04.352Z | 2026-01-08T18:07:34.629Z |
| bit-kyverno-2025-29778 | Kyverno ignores subjectRegExp and IssuerRegExp | 2025-09-12T11:43:02.825Z | 2026-01-08T18:07:34.629Z |
| bit-discourse-2025-64528 | Users are able to find users by name even when `enable_names` is off | 2026-01-08T11:40:33.666Z | 2026-01-08T18:07:34.629Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2018-039 | 2018-06-06T13:01:46.000Z | 2023-08-11T21:29:11.000Z | |
| drupal-contrib-2018-038 | 2018-06-06T12:58:31.000Z | 2023-08-11T21:28:55.000Z | |
| drupal-contrib-2018-057 | 2018-08-29T16:26:33.000Z | 2023-08-11T21:25:35.000Z | |
| drupal-contrib-2018-055 | 2018-08-08T17:14:32.000Z | 2023-08-11T21:24:54.000Z | |
| drupal-contrib-2018-067 | 2018-10-17T16:29:08.000Z | 2023-08-11T21:21:48.000Z | |
| drupal-contrib-2018-059 | 2018-09-05T17:22:50.000Z | 2023-08-11T21:18:37.000Z | |
| drupal-contrib-2018-074 | 2018-11-28T17:32:56.000Z | 2023-08-11T21:15:17.000Z | |
| drupal-contrib-2018-073 | 2018-10-31T17:53:57.000Z | 2023-08-11T21:14:25.000Z | |
| drupal-contrib-2018-071 | 2018-10-31T14:59:17.000Z | 2023-08-11T21:13:17.000Z | |
| drupal-contrib-2018-081 | 2018-12-19T17:53:49.000Z | 2023-08-11T21:10:49.000Z | |
| drupal-contrib-2018-078 | 2018-12-05T19:24:02.000Z | 2023-08-11T21:09:51.000Z | |
| drupal-contrib-2019-004 | 2019-01-23T17:01:58.000Z | 2023-08-11T19:25:48.000Z | |
| drupal-contrib-2019-014 | 2019-02-06T18:13:19.000Z | 2023-08-11T19:23:01.000Z | |
| drupal-contrib-2019-013 | 2019-02-06T17:36:06.000Z | 2023-08-11T19:22:41.000Z | |
| drupal-contrib-2019-010 | 2019-01-23T18:22:41.000Z | 2023-08-11T19:00:18.000Z | |
| drupal-contrib-2019-025 | 2019-02-20T17:56:44.000Z | 2023-08-11T18:57:13.000Z | |
| drupal-contrib-2019-024 | 2019-02-20T17:49:58.000Z | 2023-08-11T18:56:41.000Z | |
| drupal-contrib-2019-023 | 2019-02-20T17:47:47.000Z | 2023-08-11T18:56:27.000Z | |
| drupal-contrib-2019-022 | 2019-02-20T17:44:08.000Z | 2023-08-11T18:55:29.000Z | |
| drupal-contrib-2019-021 | 2019-02-20T17:39:43.000Z | 2023-08-11T18:55:05.000Z | |
| drupal-contrib-2019-019 | 2019-02-20T17:37:45.000Z | 2023-08-11T18:53:47.000Z | |
| drupal-contrib-2019-033 | 2019-03-06T18:16:22.000Z | 2023-08-11T18:50:05.000Z | |
| drupal-contrib-2019-030 | 2019-02-27T17:28:36.000Z | 2023-08-11T18:48:35.000Z | |
| drupal-contrib-2019-046 | 2019-05-15T17:07:58.000Z | 2023-08-11T18:46:39.000Z | |
| drupal-contrib-2019-039 | 2019-03-20T13:26:14.000Z | 2023-08-11T18:43:25.000Z | |
| drupal-contrib-2019-055 | 2019-07-10T16:30:00.000Z | 2023-08-11T18:39:41.000Z | |
| drupal-contrib-2019-050 | 2019-05-22T16:29:17.000Z | 2023-08-11T18:37:20.000Z | |
| drupal-contrib-2019-048 | 2019-05-15T17:13:59.000Z | 2023-08-11T18:36:19.000Z | |
| drupal-contrib-2019-047 | 2019-05-15T17:09:57.000Z | 2023-08-11T18:35:51.000Z | |
| drupal-contrib-2019-066 | 2019-09-18T15:07:56.000Z | 2023-08-11T18:34:46.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2024-014918 | Authentication Bypass Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2024-12-17T15:23+09:00 | 2024-12-17T15:23+09:00 |
| jvndb-2024-000128 | Multiple vulnerabilities in SHARP routers | 2024-12-17T07:54+09:00 | 2024-12-17T07:54+09:00 |
| jvndb-2024-000127 | "Shonen Jump+" App for Android fails to restrict custom URL schemes properly | 2024-12-16T15:07+09:00 | 2024-12-16T15:07+09:00 |
| jvndb-2024-014825 | WordPress Plugin "My WP Customize Admin/Frontend" vulnerable to cross-site scripting | 2024-12-16T13:57+09:00 | 2024-12-16T13:57+09:00 |
| jvndb-2024-014793 | Multiple vulnerabilities in FXC AE1021 and AE1021PE | 2024-12-16T11:51+09:00 | 2024-12-16T11:51+09:00 |
| jvndb-2024-014079 | Trend Micro Deep Security Agent for Windows and Deep Security Notifier on DSVA vulnerable to OS command injection | 2024-12-06T12:11+09:00 | 2024-12-06T12:11+09:00 |
| jvndb-2023-000085 | "Skylark" App fails to restrict custom URL schemes properly | 2023-08-24T13:34+09:00 | 2024-12-03T15:51+09:00 |
| jvndb-2024-000124 | Multiple vulnerabilities in UNIVERGE IX/IX-R/IX-V series routers | 2024-12-02T16:38+09:00 | 2024-12-02T16:38+09:00 |
| jvndb-2024-000123 | Multiple FCNT Android devices vulnerable to authentication bypass | 2024-11-29T15:30+09:00 | 2024-11-29T15:30+09:00 |
| jvndb-2024-013702 | Multiple vulnerabilities in FUJI ELECTRIC products | 2024-11-29T14:42+09:00 | 2024-11-29T14:42+09:00 |
| jvndb-2024-000122 | HAProxy vulnerable to HTTP request/response smuggling | 2024-11-27T14:36+09:00 | 2024-11-27T14:36+09:00 |
| jvndb-2024-003025 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2024-03-27T14:26+09:00 | 2024-11-27T14:34+09:00 |
| jvndb-2024-012461 | Multiple vulnerabilities in SoftBank Mesh Wi-Fi router RP562B | 2024-11-13T14:26+09:00 | 2024-11-26T16:11+09:00 |
| jvndb-2024-000020 | Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater | 2024-02-20T14:14+09:00 | 2024-11-26T15:26+09:00 |
| jvndb-2024-000088 | Multiple vulnerabilities in ELECOM wireless LAN routers and access points | 2024-08-27T14:40+09:00 | 2024-11-26T15:17+09:00 |
| jvndb-2024-000121 | WordPress Plugin "WP Admin UI Customize" vulnerable to cross-site scripting | 2024-11-26T13:57+09:00 | 2024-11-26T13:57+09:00 |
| jvndb-2024-000106 | Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software | 2024-10-21T11:58+09:00 | 2024-11-21T11:37+09:00 |
| jvndb-2024-000120 | "Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key | 2024-11-20T13:56+09:00 | 2024-11-20T13:56+09:00 |
| jvndb-2024-000119 | Multiple vulnerabilities in FitNesse | 2024-11-15T13:37+09:00 | 2024-11-20T11:18+09:00 |
| jvndb-2024-012941 | Multiple vulnerabilities in Rakuten Turbo 5G | 2024-11-19T10:41+09:00 | 2024-11-19T10:41+09:00 |
| jvndb-2024-000118 | WordPress Plugin "VK All in One Expansion Unit" vulnerable to cross-site scripting | 2024-11-13T13:50+09:00 | 2024-11-13T13:50+09:00 |
| jvndb-2024-009481 | Insecure initial password configuration issue in SEIKO EPSON Web Config | 2024-10-01T14:14+09:00 | 2024-11-12T10:25+09:00 |
| jvndb-2024-000109 | baserCMS plugin "BurgerEditor" vulnerable to directory listing | 2024-10-10T14:57+09:00 | 2024-11-06T14:45+09:00 |
| jvndb-2024-012017 | Trend Micro Deep Security 20 Agent for Windows vulnerable to improper access control | 2024-11-06T11:00+09:00 | 2024-11-06T11:00+09:00 |
| jvndb-2024-011833 | Incorrect authorization vulnerability in OMRON Sysmac Studio | 2024-11-05T15:29+09:00 | 2024-11-05T15:29+09:00 |
| jvndb-2024-011747 | Command injection vulnerability in Trend Micro Cloud Edge | 2024-11-01T14:28+09:00 | 2024-11-01T14:28+09:00 |
| jvndb-2024-011744 | REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers | 2024-11-01T13:49+09:00 | 2024-11-01T13:49+09:00 |
| jvndb-2024-000116 | Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials | 2024-10-30T15:07+09:00 | 2024-10-30T15:07+09:00 |
| jvndb-2024-011256 | Multiple vulnerabilities in Sharp and Toshiba Tec MFPs | 2024-10-28T17:33+09:00 | 2024-10-28T17:33+09:00 |
| jvndb-2024-000115 | Chatwork Desktop Application (Windows) uses a potentially dangerous function | 2024-10-28T14:29+09:00 | 2024-10-28T14:29+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-08443 | Online Course Registration System /enroll.php文件SQL注入漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08434 | iccDEV CIccCLUT::Init函数未定义行为漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08433 | iccDEV未定义行为漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08432 | iccDEV内存泄漏漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08431 | iccDEV CIccXmlArrayType::ParseTextCountNum函数整数溢出漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08430 | iccDEV CIccXform::Create函数释放后重用漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07962 | Soda PDF Desktop目录遍历漏洞 | 2025-12-15 | 2026-01-27 |
| cnvd-2026-07961 | Soda PDF Desktop越界写入漏洞 | 2025-12-15 | 2026-01-27 |
| cnvd-2026-07960 | Soda PDF Desktop权限提升漏洞 | 2026-01-09 | 2026-01-27 |
| cnvd-2026-07959 | Soda PDF Desktop越界读取信息泄露漏洞(CNVD-2026-07959) | 2026-01-09 | 2026-01-27 |
| cnvd-2026-07958 | Soda PDF Desktop内存损坏信息泄露漏洞 | 2026-01-09 | 2026-01-27 |
| cnvd-2026-07957 | Soda PDF Desktop越界读取信息泄露漏洞 | 2026-01-09 | 2026-01-27 |
| cnvd-2026-07956 | iccDEV CIccProfileXml::ParseBasic函数堆缓冲区溢出漏洞 | 2026-01-14 | 2026-01-27 |
| cnvd-2026-07955 | iccDEV SIccCalcOp::Describe函数堆缓冲区溢出漏洞 | 2026-01-14 | 2026-01-27 |
| cnvd-2026-07954 | iccDEV拒绝服务漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07953 | iccDEV空指针成员调用漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07206 | Microsoft SharePoint Server远程代码执行漏洞(CNVD-2026-07206) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07205 | Microsoft SharePoint Server欺骗漏洞(CNVD-2026-07205) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07204 | Microsoft SharePoint远程代码执行漏洞(CNVD-2026-07204) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07203 | Microsoft SharePoint信息泄露漏洞(CNVD-2026-07203) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07202 | Microsoft SharePoint Server远程代码执行漏洞(CNVD-2026-07202) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07201 | Microsoft Office代码执行漏洞(CNVD-2026-07201) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07200 | Microsoft Office代码执行漏洞(CNVD-2026-07200) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07199 | Microsoft Office Click-To-Run代码执行漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07198 | Microsoft Excel代码执行漏洞(CNVD-2026-07198) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-07197 | Microsoft Excel代码执行漏洞(CNVD-2026-07197) | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08442 | iccDEV SIccCalcOp::ArgsPushed函数类型混淆漏洞 | 2026-01-14 | 2026-01-26 |
| cnvd-2026-08441 | iccDEV CIccProfileXml::ParseBasic函数类型混淆漏洞 | 2026-01-14 | 2026-01-26 |
| cnvd-2026-08440 | iccDEV CIccTagXmlTagData::ToXml函数类型混淆漏洞 | 2026-01-14 | 2026-01-26 |
| cnvd-2026-08439 | iccDEV CIccTag:IsTypeCompressed函数类型混淆漏洞 | 2026-01-14 | 2026-01-26 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2025-15026 | Уязвимость функции do_register_framebuffer() компонента fbdev/core/fbmem.c ядра операцион… | 03.12.2025 | 16.02.2026 |
| bdu:2025-15025 | Уязвимость компонента blocklayout/extent_tree.c ядра операционной системы Linux, позволяю… | 03.12.2025 | 16.02.2026 |
| bdu:2025-15024 | Уязвимость компонента fbdev ядра операционной системы Linux, позволяющая нарушителю оказа… | 03.12.2025 | 16.02.2026 |
| bdu:2025-15023 | Уязвимость компонента drivers/iommu/amd/init.c ядра операционной системы Linux, позволяющ… | 03.12.2025 | 16.02.2026 |
| bdu:2025-15022 | Уязвимость ядра операционной системы Linux, связанная с недостатком использования функции… | 03.12.2025 | 16.02.2026 |
| bdu:2025-15002 | Уязвимость компонента net/vmw_vsock/virtio_transport.c ядра операционной системы Linux, п… | 03.12.2025 | 16.02.2026 |
| bdu:2025-15000 | Уязвимость компонента fs/ntfs3/file.c ядра операционной системы Linux, позволяющая наруши… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14999 | Уязвимость функции mem_pool_alloc() компонента mm/kmemleak.c ядра операционной системы Li… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14997 | Уязвимость функции find_hw_thread_mask() компонента drivers/infiniband/hw/hfi1/affinity.c… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14981 | Уязвимость компонента ipv6 ядра операционной системы Linux, позволяющая нарушителю вызват… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14979 | Уязвимость компонента huge_memory.c ядра операционной системы Linux, позволяющая нарушите… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14978 | Уязвимость компонента dmaengine ядра операционной системы Linux, позволяющая нарушителю в… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14977 | Уязвимость компонента ipv6 ядра операционной системы Linux, позволяющая нарушителю оказат… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14972 | Уязвимость компонента hid-ntrig ядра операционной системы Linux, позволяющая нарушителю в… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14971 | Уязвимость компонента scsi.c операционной системы Linux, позволяющая нарушителю вызвать о… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14970 | Уязвимость функции rray_index_nospec() ядра операционной системы Linux, позволяющая наруш… | 03.12.2025 | 16.02.2026 |
| bdu:2025-14968 | Уязвимость компонента drm/amdkfd ядра операционной системы Linux, позволяющая нарушителю … | 03.12.2025 | 16.02.2026 |
| bdu:2025-14933 | Уязвимость компонента rseq.c ядра операционной системы Linux, позволяющая нарушителю оказ… | 02.12.2025 | 16.02.2026 |
| bdu:2025-14438 | Уязвимость функции elf_swap_shdr() программного средства разработки GNU Binutils, связанн… | 18.11.2025 | 16.02.2026 |
| bdu:2025-14421 | Уязвимость сервера FreeIpa, связанная с недостатками разграничения доступа, позволяющая н… | 18.11.2025 | 16.02.2026 |
| bdu:2025-14122 | Уязвимость функции __iodyn_find_io_region() ядра операционной системы Linux, позволяющая … | 14.11.2025 | 16.02.2026 |
| bdu:2025-14121 | Уязвимость функции arch_sync_kernel_mappings() ядра операционной системы Linux, позволяющ… | 14.11.2025 | 16.02.2026 |
| bdu:2025-14120 | Уязвимость функции __populate_section_memmap() ядра операционной системы Linux, позволяющ… | 14.11.2025 | 16.02.2026 |
| bdu:2025-14119 | Уязвимость функции set_track_prepare() ядра операционной системы Linux, позволяющая наруш… | 14.11.2025 | 16.02.2026 |
| bdu:2025-14118 | Уязвимость функции batadv_nc_skb_decode_packet() ядра операционной системы Linux, позволя… | 14.11.2025 | 16.02.2026 |
| bdu:2025-14117 | Уязвимость функции ocfs2_delete_osb() ядра операционной системы Linux, позволяющая наруши… | 14.11.2025 | 16.02.2026 |
| bdu:2025-14116 | Уязвимость компонента scsi ядра операционной системы Linux, позволяющая нарушителю вызват… | 14.11.2025 | 16.02.2026 |
| bdu:2025-14114 | Уязвимость функции __cifs_sfu_make_node() ядра операционной системы Linux, позволяющая на… | 14.11.2025 | 16.02.2026 |
| bdu:2025-14100 | Уязвимость функции do_sme_acc() ядра операционной системы Linux, позволяющая нарушителю в… | 14.11.2025 | 16.02.2026 |
| bdu:2025-14099 | Уязвимость функции bpf_exec_tx_verdict() компонента bpf ядра операционной системы Linux, … | 14.11.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-1118 | Vulnérabilité dans Mozilla Firefox | 2025-12-17T00:00:00.000000 | 2025-12-17T00:00:00.000000 |
| certfr-2025-avi-1117 | Multiples vulnérabilités dans GLPI | 2025-12-17T00:00:00.000000 | 2025-12-17T00:00:00.000000 |
| certfr-2025-avi-1116 | Multiples vulnérabilités dans Google Chrome | 2025-12-17T00:00:00.000000 | 2025-12-17T00:00:00.000000 |
| certfr-2025-avi-1115 | Vulnérabilité dans Trend Micro Apex One | 2025-12-16T00:00:00.000000 | 2025-12-16T00:00:00.000000 |
| certfr-2025-avi-1114 | Multiples vulnérabilités dans Tenable Nessus | 2025-12-16T00:00:00.000000 | 2025-12-16T00:00:00.000000 |
| certfr-2025-avi-1113 | Multiples vulnérabilités dans Moodle | 2025-12-16T00:00:00.000000 | 2025-12-16T00:00:00.000000 |
| certfr-2025-avi-1112 | Multiples vulnérabilités dans les produits Elastic | 2025-12-15T00:00:00.000000 | 2025-12-15T00:00:00.000000 |
| certfr-2025-avi-1110 | Multiples vulnérabilités dans les produits Apple | 2025-12-15T00:00:00.000000 | 2025-12-15T00:00:00.000000 |
| certfr-2025-avi-1109 | Vulnérabilité dans strongSwan | 2025-12-15T00:00:00.000000 | 2025-12-15T00:00:00.000000 |
| certfr-2025-avi-1103 | Multiples vulnérabilités dans Microsoft Edge | 2025-12-12T00:00:00.000000 | 2025-12-15T00:00:00.000000 |
| certfr-2025-avi-1096 | Multiples vulnérabilités dans Google Chrome | 2025-12-11T00:00:00.000000 | 2025-12-15T00:00:00.000000 |
| certfr-2025-avi-1108 | Multiples vulnérabilités dans les produits IBM | 2025-12-12T00:00:00.000000 | 2025-12-12T00:00:00.000000 |
| certfr-2025-avi-1107 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-12-12T00:00:00.000000 | 2025-12-12T00:00:00.000000 |
| certfr-2025-avi-1106 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-12-12T00:00:00.000000 | 2025-12-12T00:00:00.000000 |
| certfr-2025-avi-1105 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-12-12T00:00:00.000000 | 2025-12-12T00:00:00.000000 |
| certfr-2025-avi-1104 | Vulnérabilité dans Microsoft Windows Admin Center | 2025-12-12T00:00:00.000000 | 2025-12-12T00:00:00.000000 |
| certfr-2025-avi-1102 | Multiples vulnérabilités dans les produits NetApp | 2025-12-12T00:00:00.000000 | 2025-12-12T00:00:00.000000 |
| certfr-2025-avi-1101 | Multiples vulnérabilités dans les produits Netgate | 2025-12-12T00:00:00.000000 | 2025-12-12T00:00:00.000000 |
| certfr-2025-avi-1100 | Multiples vulnérabilités dans les produits Atlassian | 2025-12-12T00:00:00.000000 | 2025-12-12T00:00:00.000000 |
| certfr-2025-avi-1099 | Multiples vulnérabilités dans les produits Mozilla | 2025-12-11T00:00:00.000000 | 2025-12-11T00:00:00.000000 |
| certfr-2025-avi-1098 | Vulnérabilité dans Broadcom Carbon Black Cloud | 2025-12-11T00:00:00.000000 | 2025-12-11T00:00:00.000000 |
| certfr-2025-avi-1095 | Multiples vulnérabilités dans GitLab | 2025-12-11T00:00:00.000000 | 2025-12-11T00:00:00.000000 |
| certfr-2025-avi-1094 | Multiples vulnérabilités dans les produits Microsoft | 2025-12-10T00:00:00.000000 | 2025-12-10T00:00:00.000000 |
| certfr-2025-avi-1093 | Vulnérabilité dans Microsoft Azure Monitor Agent | 2025-12-10T00:00:00.000000 | 2025-12-10T00:00:00.000000 |
| certfr-2025-avi-1092 | Multiples vulnérabilités dans Microsoft Windows | 2025-12-10T00:00:00.000000 | 2025-12-10T00:00:00.000000 |
| certfr-2025-avi-1091 | Multiples vulnérabilités dans Microsoft Office | 2025-12-10T00:00:00.000000 | 2025-12-10T00:00:00.000000 |
| certfr-2025-avi-1090 | Vulnérabilité dans les produits Moxa | 2025-12-10T00:00:00.000000 | 2025-12-10T00:00:00.000000 |
| certfr-2025-avi-1089 | Vulnérabilité dans les produits Bitdefender | 2025-12-10T00:00:00.000000 | 2025-12-10T00:00:00.000000 |
| certfr-2025-avi-1088 | Multiples vulnérabilités dans Ivanti Endpoint Manager (EPM) | 2025-12-10T00:00:00.000000 | 2025-12-10T00:00:00.000000 |
| certfr-2025-avi-1087 | Multiples vulnérabilités dans les produits Mozilla | 2025-12-10T00:00:00.000000 | 2025-12-10T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2010-ale-003 | Vulnérabilité dans Microsoft VBScript | 2010-03-02T00:00:00.000000 | 2010-04-13T00:00:00.000000 |
| certa-2010-ale-004 | Vulnérabilité dans Microsoft Internet Explorer | 2010-03-10T00:00:00.000000 | 2010-03-31T00:00:00.000000 |
| certa-2010-ale-002 | Vulnérabilité dans le sous-système MS-DOS de Microsoft Windows | 2010-01-21T00:00:00.000000 | 2010-02-10T00:00:00.000000 |
| certa-2010-ale-001 | Vulnérabilité dans Microsoft Internet Explorer | 2010-01-15T00:00:00.000000 | 2010-01-22T00:00:00.000000 |
| certa-2009-ale-023 | Vulnérabilité dans Adobe Reader et Adobe Acrobat | 2009-12-15T00:00:00.000000 | 2010-01-13T00:00:00.000000 |
| certa-2009-ale-021 | Vulnérabilité dans Adobe Illustrator | 2009-12-10T00:00:00.000000 | 2010-01-08T00:00:00.000000 |
| certa-2009-ale-022 | Vulnérabilité dans TANDBERG MXP | 2009-12-11T00:00:00.000000 | 2009-12-11T00:00:00.000000 |
| certa-2009-ale-020 | Vulnérabilité dans Internet Explorer | 2009-11-21T00:00:00.000000 | 2009-12-09T00:00:00.000000 |
| certa-2009-ale-018 | Vulnérabilité dans Adobe Reader et Adobe Acrobat | 2009-10-09T00:00:00.000000 | 2009-10-14T00:00:00.000000 |
| certa-2009-ale-015 | Vulnérabilités du serveur FTP de Microsoft IIS | 2009-09-01T00:00:00.000000 | 2009-10-14T00:00:00.000000 |
| certa-2009-ale-016 | Vulnérabilité de SMBv2 dans Microsoft Windows | 2009-09-09T00:00:00.000000 | 2009-10-13T00:00:00.000000 |
| certa-2009-ale-011 | Vulnérabilité dans Microsoft Office Web Components Control | 2009-07-13T00:00:00.000000 | 2009-08-12T00:00:00.000000 |
| certa-2009-ale-013 | Vulnérabilité Shockwave Flash pour les produits Adobe | 2009-07-23T00:00:00.000000 | 2009-07-31T00:00:00.000000 |
| certa-2009-ale-012 | Vulnérabilité dans Mozilla Firefox | 2009-07-15T00:00:00.000000 | 2009-07-17T00:00:00.000000 |
| certa-2009-ale-010 | Vulnérabilité dans le contrôle ActiveX Microsoft Video | 2009-07-07T00:00:00.000000 | 2009-07-15T00:00:00.000000 |
| certa-2009-ale-009 | Vulnérabilité dans Microsoft DirectShow | 2009-05-29T00:00:00.000000 | 2009-07-14T00:00:00.000000 |
| certa-2009-ale-008 | Vulnérabilité Java de Mac OS X | 2009-05-20T00:00:00.000000 | 2009-06-17T00:00:00.000000 |
| certa-2009-ale-007 | Vulnérabilité WebDAV sous Microsoft IIS | 2009-05-18T00:00:00.000000 | 2009-06-10T00:00:00.000000 |
| certa-2009-ale-003 | Vulnérabilité dans Apple Mac OS X | 2009-03-24T00:00:00.000000 | 2009-06-02T00:00:00.000000 |
| certa-2009-ale-006 | Multiples vulnérabilités dans Adobe Reader et Adobe Acrobat | 2009-04-28T00:00:00.000000 | 2009-05-13T00:00:00.000000 |
| certa-2009-ale-005 | Vulnérabilité de PowerPoint | 2009-04-03T00:00:00.000000 | 2009-05-13T00:00:00.000000 |
| certa-2009-ale-002 | Vulnérabilité dans Microsoft Excel | 2009-02-25T00:00:00.000000 | 2009-04-15T00:00:00.000000 |
| certa-2008-ale-015 | Vulnérabilité dans le convertisseur de texte de WordPad | 2008-12-10T00:00:00.000000 | 2009-04-15T00:00:00.000000 |
| certa-2008-ale-012 | Vulnérabilité dans Microsoft Windows | 2008-10-10T00:00:00.000000 | 2009-04-15T00:00:00.000000 |
| certa-2009-ale-004 | Vulnérabilité dans Mozilla Firefox | 2009-03-27T00:00:00.000000 | 2009-03-30T00:00:00.000000 |
| certa-2009-ale-001 | Vulnérabilité dans l'interprétation JBIG2 des produits Adobe | 2009-02-20T00:00:00.000000 | 2009-03-20T00:00:00.000000 |
| certa-2008-ale-017 | Vulnérabilité dans Microsoft SQL Server | 2008-12-12T00:00:00.000000 | 2009-02-11T00:00:00.000000 |
| certa-2008-ale-014 | Vulnérabilité dans Opera | 2008-11-20T00:00:00.000000 | 2009-01-06T00:00:00.000000 |
| certa-2008-ale-016 | Vulnérabilité dans Microsoft Internet Explorer | 2008-12-10T00:00:00.000000 | 2008-12-17T00:00:00.000000 |
| certa-2007-ale-007 | Vulnérabilité de Microsoft Windows Explorer | 2007-03-09T00:00:00.000000 | 2008-10-09T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2021-777 | Heap-use-after-free in xmlAddNextSibling | 2021-05-20T00:00:30.166614Z | 2025-10-17T14:10:52.851254Z |
| osv-2022-94 | Heap-buffer-overflow in cli_strlcat | 2022-01-27T00:02:12.465969Z | 2025-10-16T14:17:58.148053Z |
| osv-2022-636 | UNKNOWN READ in fp_cmp_mag | 2022-07-27T00:00:35.300337Z | 2025-10-16T14:17:55.562757Z |
| osv-2022-1068 | UNKNOWN READ in fp_cmp_mag | 2022-10-21T00:00:11.246872Z | 2025-10-16T14:12:59.899057Z |
| osv-2025-835 | Heap-use-after-free in JS_DefineProperty | 2025-10-14T00:11:08.472824Z | 2025-10-14T00:11:08.473391Z |
| osv-2024-351 | UNKNOWN READ in H5SL__release_common | 2024-04-30T00:03:47.754456Z | 2025-10-11T15:15:24.788105Z |
| osv-2025-298 | Heap-buffer-overflow in i18n::phonenumbers::UnicodeText::const_iterator::operator-- | 2025-04-26T00:02:46.771719Z | 2025-10-11T14:20:31.062038Z |
| osv-2024-381 | Heap-buffer-overflow in H5F__accum_free | 2024-04-30T00:12:14.936195Z | 2025-10-10T16:22:08.455396Z |
| osv-2025-818 | Heap-buffer-overflow in std::__1::pair<int, arrow::util::RleBitPackedParser::ControlFlow> arrow::util::R | 2025-10-07T00:03:45.262747Z | 2025-10-10T14:38:33.479652Z |
| osv-2025-788 | Heap-buffer-overflow in int arrow::bit_util::BitReader::GetBatch<int> | 2025-09-28T00:00:36.076414Z | 2025-10-10T14:35:28.235525Z |
| osv-2025-827 | Global-buffer-overflow in void jxl::N_SSE4::WriteToOutputStage::StoreUnsignedRow<unsigned char> | 2025-10-10T00:09:16.816189Z | 2025-10-10T00:09:16.816846Z |
| osv-2025-825 | UNKNOWN WRITE in RescalerImportRowExpand_SSE2 | 2025-10-09T00:14:42.650822Z | 2025-10-09T00:14:42.651395Z |
| osv-2025-824 | Use-of-uninitialized-value in JS_DefineProperty | 2025-10-08T00:04:16.630040Z | 2025-10-08T00:04:16.630688Z |
| osv-2025-819 | Use-of-uninitialized-value in HasAlpha32b_SSE2 | 2025-10-07T00:04:07.544365Z | 2025-10-07T00:04:07.544831Z |
| osv-2025-809 | Use-of-uninitialized-value in WebPCleanupTransparentArea | 2025-10-05T00:04:29.576718Z | 2025-10-05T00:04:29.577250Z |
| osv-2025-808 | Use-of-uninitialized-value in WebPMultRow_C | 2025-10-04T00:07:11.139186Z | 2025-10-04T00:07:11.139704Z |
| osv-2025-803 | Global-buffer-overflow in icaltime_day_of_year | 2025-10-02T00:11:54.061581Z | 2025-10-02T00:11:54.061989Z |
| osv-2025-797 | Heap-buffer-overflow in ProcessRows | 2025-09-30T00:07:53.914184Z | 2025-09-30T00:07:53.914578Z |
| osv-2025-796 | Heap-buffer-overflow in AddGreenToBlueAndRed_AVX2 | 2025-09-30T00:07:08.673173Z | 2025-09-30T00:07:08.673608Z |
| osv-2025-793 | Heap-use-after-free in parse_from_header | 2025-09-29T00:08:32.876425Z | 2025-09-29T00:08:32.876798Z |
| osv-2024-370 | Heap-buffer-overflow in H5O__chunk_protect | 2024-04-30T00:08:00.120801Z | 2025-09-27T15:27:53.336806Z |
| osv-2025-787 | Heap-buffer-overflow in DwaCompressor_uncompress | 2025-09-27T00:18:30.312049Z | 2025-09-27T00:18:30.312655Z |
| osv-2022-795 | UNKNOWN READ in pcl::PLYReader::read | 2022-08-28T00:00:11.408403Z | 2025-09-26T14:12:06.751834Z |
| osv-2025-783 | Heap-buffer-overflow in inspect_process | 2025-09-26T00:06:21.859576Z | 2025-09-26T00:06:21.859964Z |
| osv-2025-262 | UNKNOWN WRITE in _lou_handlePassVariableAction | 2025-04-07T00:02:21.621602Z | 2025-09-25T14:33:42.888095Z |
| osv-2025-290 | Heap-buffer-overflow in pcpp::TelnetLayer::toString | 2025-04-19T00:05:45.140280Z | 2025-09-25T14:31:44.695948Z |
| osv-2024-86 | Security exception in org.threeten.bp.format.DateTimeFormatterBuilder$CompositePrinterParser.parse | 2024-02-09T00:00:11.154046Z | 2025-09-25T14:31:01.295253Z |
| osv-2024-171 | Security exception in org.threeten.bp.format.DateTimeFormatterBuilder$CompositePrinterParser.parse | 2024-03-15T00:08:01.855772Z | 2025-09-25T14:28:39.920838Z |
| osv-2024-184 | Security exception in org.threeten.bp.format.DateTimeFormatterBuilder$CompositePrinterParser.parse | 2024-03-21T00:13:27.175097Z | 2025-09-25T14:28:31.599671Z |
| osv-2018-6 | Use-of-uninitialized-value in DosSlashToUnix | 2021-01-13T00:00:02.571744Z | 2025-09-25T14:18:29.826514Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2024-0441 | Panic when using a dropped extenref-typed element segment | 2024-04-02T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2024-0440 | Runtime crash when combining tail calls with stack traces | 2024-10-02T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2024-0439 | Race condition could lead to WebAssembly control-flow integrity and type safety violations | 2024-10-03T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2024-0438 | Wasmtime doesn't fully sandbox all the Windows device filenames | 2024-11-02T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2023-0093 | Miscompilation of `i8x16.select` with the same inputs on x86\_64 | 2023-03-03T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2023-0092 | Undefined Behavior in Rust runtime functions | 2023-04-21T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2023-0091 | Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86\_64 | 2023-09-05T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2023-0090 | Guest-controlled out-of-bounds read/write on x86\_64 | 2023-03-02T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2022-0102 | Out of bounds read/write with zero-memory-pages configuration | 2022-11-05T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2022-0100 | Use After Free with `externref`s in Wasmtime | 2022-07-12T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2022-0099 | Use after free with `externref`s and epoch interruption in Wasmtime | 2022-03-28T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2022-0098 | Data leakage between instances in the pooling allocator | 2022-11-05T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2022-0097 | Out of bounds write in `wasmtime_trap_code` C API function | 2022-11-07T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2022-0095 | Miscompilation of `i8x16.swizzle` and `select` with v128 inputs | 2022-06-27T12:00:00Z | 2025-05-02T08:23:27Z |
| rustsec-2023-0089 | atomic-polyfill is unmaintained | 2023-07-11T12:00:00Z | 2025-04-29T08:31:10Z |
| rustsec-2025-0026 | registry is unmaintained | 2025-01-13T12:00:00Z | 2025-04-29T08:11:21Z |
| rustsec-2025-0025 | rustc-serialize is unmaintained | 2025-04-28T12:00:00Z | 2025-04-28T13:38:14Z |
| rustsec-2022-0044 | `markdown` (1.0.0 and higher) is maintained | 2022-01-17T12:00:00Z | 2025-04-28T10:35:27Z |
| rustsec-2025-0021 | SHA-1 collision attacks are not detected | 2025-04-03T12:00:00Z | 2025-04-08T07:10:04Z |
| rustsec-2025-0017 | The `trust-dns` project has been rebranded to `hickory-dns` | 2025-03-23T12:00:00Z | 2025-03-23T07:00:21Z |
| rustsec-2025-0014 | humantime is unmaintained | 2025-03-08T12:00:00Z | 2025-03-13T00:41:50Z |
| rustsec-2025-0013 | resolve is unmaintained | 2025-02-21T12:00:00Z | 2025-03-07T15:52:15Z |
| rustsec-2025-0011 | `openpgp-card-sequoia` is unmaintained. | 2025-03-04T12:00:00Z | 2025-03-07T15:47:21Z |
| rustsec-2025-0010 | Versions of *ring* prior to 0.17 are unmaintained. | 2025-03-05T12:00:00Z | 2025-03-07T15:46:47Z |
| rustsec-2025-0007 | *ring* is unmaintained | 2025-02-20T12:00:00Z | 2025-03-06T21:16:59Z |
| rustsec-2021-0087 | columnar: `Read` on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec()) | 2021-01-07T12:00:00Z | 2025-02-01T00:07:11Z |
| rustsec-2025-0001 | gix-worktree-state nonexclusive checkout sets executable files world-writable | 2025-01-18T12:00:00Z | 2025-01-22T17:11:51Z |
| rustsec-2024-0434 | Missing facility to signal rotation of a verified cryptographic identity | 2024-01-07T12:00:00Z | 2025-01-22T10:27:39Z |
| rustsec-2024-0359 | The kstring integration in gix-attributes is unsound | 2024-07-24T12:00:00Z | 2025-01-19T00:36:24Z |
| rustsec-2024-0433 | Malicious plugin names, recipients, or identities can cause arbitrary binary execution | 2024-12-18T12:00:00Z | 2025-01-03T18:23:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2025:23134 | Moderate: mysql:8.0 security update | 2025-12-11T00:00:00Z | 2025-12-12T10:33:42Z |
| alsa-2025:23142 | Important: wireshark security update | 2025-12-11T00:00:00Z | 2025-12-12T10:27:48Z |
| alsa-2025:23139 | Moderate: libsoup3 security update | 2025-12-11T00:00:00Z | 2025-12-12T10:26:40Z |
| alsa-2025:23137 | Moderate: mysql:8.4 security update | 2025-12-11T00:00:00Z | 2025-12-12T10:24:42Z |
| alsa-2025:23109 | Moderate: mysql security update | 2025-12-11T00:00:00Z | 2025-12-12T10:21:57Z |
| alsa-2025:23128 | Important: firefox security update | 2025-12-11T00:00:00Z | 2025-12-12T10:19:27Z |
| alsa-2025:23088 | Moderate: grafana security update | 2025-12-11T00:00:00Z | 2025-12-12T10:18:20Z |
| alsa-2025:23083 | Important: wireshark security update | 2025-12-10T00:00:00Z | 2025-12-12T10:17:19Z |
| alsa-2025:23035 | Important: firefox security update | 2025-12-10T00:00:00Z | 2025-12-12T10:16:15Z |
| alsa-2025:23034 | Important: firefox security update | 2025-12-10T00:00:00Z | 2025-12-12T10:14:54Z |
| alsa-2025:23008 | Moderate: mysql8.4 security update | 2025-12-10T00:00:00Z | 2025-12-12T10:13:50Z |
| alsa-2025:23048 | Important: tomcat security update | 2025-12-10T00:00:00Z | 2025-12-11T14:01:21Z |
| alsa-2025:23086 | Moderate: luksmeta security update | 2025-12-11T00:00:00Z | 2025-12-11T13:43:22Z |
| alsa-2025:22760 | Important: abrt security update | 2025-12-04T00:00:00Z | 2025-12-10T10:40:28Z |
| alsa-2025:22854 | Moderate: kernel security update | 2025-12-08T00:00:00Z | 2025-12-10T08:12:35Z |
| alsa-2025:22790 | Important: webkit2gtk3 security update | 2025-12-08T00:00:00Z | 2025-12-08T14:01:28Z |
| alsa-2025:22789 | Important: webkit2gtk3 security update | 2025-12-08T00:00:00Z | 2025-12-08T13:59:43Z |
| alsa-2025:22800 | Moderate: kernel-rt security update | 2025-12-08T00:00:00Z | 2025-12-08T13:58:04Z |
| alsa-2025:22801 | Moderate: kernel security update | 2025-12-08T00:00:00Z | 2025-12-08T13:53:19Z |
| alsa-2025:22405 | Moderate: kernel security update | 2025-12-01T00:00:00Z | 2025-12-08T12:22:10Z |
| alsa-2025:20994 | Important: ipa security update | 2025-11-11T00:00:00Z | 2025-12-05T09:05:25Z |
| alsa-2025:21931 | Moderate: kernel security update | 2025-11-24T00:00:00Z | 2025-12-05T08:40:44Z |
| alsa-2025:21036 | Important: pcs security update | 2025-11-11T00:00:00Z | 2025-12-05T08:31:28Z |
| alsa-2025:21038 | Important: kea security update | 2025-11-11T00:00:00Z | 2025-12-05T08:28:57Z |
| alsa-2025:21936 | Important: valkey security update | 2025-11-24T00:00:00Z | 2025-12-05T08:20:47Z |
| alsa-2025:22668 | Moderate: go-toolset:rhel8 security update | 2025-12-03T00:00:00Z | 2025-12-05T08:01:54Z |
| alsa-2025:22012 | Important: buildah security update | 2025-11-25T00:00:00Z | 2025-12-05T07:44:58Z |
| alsa-2025:22361 | Moderate: qt6-qtquick3d security update | 2025-12-01T00:00:00Z | 2025-12-05T07:43:58Z |
| alsa-2025:22394 | Moderate: qt6-qtsvg security update | 2025-12-01T00:00:00Z | 2025-12-05T07:42:49Z |
| alsa-2025:22417 | Important: gimp:2.8 security update | 2025-12-01T00:00:00Z | 2025-12-04T13:28:20Z |