Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-26351 |
4.8 (4.0)
|
GetSimpleCMS-CE < 3.3.22 Stored XSS via components.php |
GetSimpleCMS-CE |
GetSimpleCMS-CE |
2026-02-24T22:05:54.420Z | 2026-02-24T22:05:54.420Z |
| CVE-2025-67970 |
5.3 (3.1)
|
WordPress Schedula plugin <= 1.0 - Broken Access Contr… |
vertim |
Schedula |
2026-02-20T15:46:28.741Z | 2026-02-24T21:57:13.412Z |
| CVE-2025-67974 |
7.5 (3.1)
|
WordPress WPLegalPages plugin <= 3.5.4 - Broken Access… |
WP Legal Pages |
WPLegalPages |
2026-02-20T15:46:29.701Z | 2026-02-24T21:53:36.484Z |
| CVE-2025-67977 |
8.2 (3.1)
|
WordPress HAPPY plugin <= 1.0.8 - Broken Access Contro… |
VillaTheme |
HAPPY |
2026-02-20T15:46:30.439Z | 2026-02-24T21:52:32.526Z |
| CVE-2025-68000 |
6.5 (3.1)
|
WordPress Testimonial Slider plugin <= 2.0.15 - Broken… |
PickPlugins |
Testimonial Slider |
2026-02-20T15:46:33.875Z | 2026-02-24T21:51:29.012Z |
| CVE-2025-68005 |
6.5 (3.1)
|
WordPress Easy Hotel Booking plugin <= 1.8.7 - Broken … |
themewant |
Easy Hotel Booking |
2026-02-20T15:46:34.209Z | 2026-02-24T21:50:56.107Z |
| CVE-2025-68022 |
6.3 (3.1)
|
WordPress Plugin BlueX for WooCommerce plugin <= 3.1.6… |
soporteblue |
Plugin BlueX for WooCommerce |
2026-02-20T15:46:34.974Z | 2026-02-24T21:49:32.667Z |
| CVE-2025-68043 |
7.3 (3.1)
|
WordPress LottieFiles plugin <= 3.0.0 - Broken Access … |
LottieFiles |
LottieFiles |
2026-02-20T15:46:36.994Z | 2026-02-24T21:48:53.355Z |
| CVE-2025-68069 |
7.1 (3.1)
|
WordPress Directorist plugin <= 8.5.10 - Broken Access… |
wpWax |
Directorist |
2026-02-20T15:46:38.064Z | 2026-02-24T21:46:58.272Z |
| CVE-2026-27117 |
5.5 (3.1)
|
bit7z has a path traversal vulnerability |
rikyoz |
bit7z |
2026-02-24T21:46:12.714Z | 2026-02-24T21:46:12.714Z |
| CVE-2026-23858 |
5.4 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS… |
Dell |
Wyse Management Suite |
2026-02-24T19:31:31.325Z | 2026-02-24T21:45:53.723Z |
| CVE-2025-68534 |
6.5 (3.1)
|
WordPress PDF for WPForms plugin <= 6.3.0 - Broken Acc… |
add-ons.org |
PDF for WPForms |
2026-02-20T15:46:39.366Z | 2026-02-24T21:45:43.432Z |
| CVE-2026-23859 |
2.7 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS… |
Dell |
Wyse Management Suite |
2026-02-24T19:35:02.937Z | 2026-02-24T21:41:09.368Z |
| CVE-2026-24443 |
8.6 (4.0)
|
EventSentry < 6.0.1.20 Web Reports Unverified Password… |
NETIKUS.NET ltd |
EventSentry |
2026-02-24T20:14:44.688Z | 2026-02-24T21:40:48.632Z |
| CVE-2026-25882 |
5.5 (4.0)
|
Fiber has a Denial of Service Vulnerability via Route … |
gofiber |
fiber |
2026-02-24T21:05:28.211Z | 2026-02-24T21:39:51.170Z |
| CVE-2026-25891 |
7.7 (4.0)
|
Fiber has an Arbitrary File Read in Static Middleware … |
gofiber |
fiber |
2026-02-24T21:08:48.675Z | 2026-02-24T21:39:11.118Z |
| CVE-2026-27593 |
9.3 (3.1)
|
Statamic is vulnerable to account takeover via passwor… |
statamic |
cms |
2026-02-24T21:38:17.354Z | 2026-02-24T21:38:17.354Z |
| CVE-2026-25899 |
7.5 (3.1)
|
Fiber is Vulnerable to Denial of Service via Flash Coo… |
gofiber |
fiber |
2026-02-24T21:11:17.804Z | 2026-02-24T21:37:33.970Z |
| CVE-2026-27195 |
6.9 (4.0)
|
Wasmtime is vulnerable to panic when dropping a `[Type… |
bytecodealliance |
wasmtime |
2026-02-24T21:15:20.366Z | 2026-02-24T21:36:54.122Z |
| CVE-2025-67624 |
6.5 (3.1)
|
WordPress Optimize More! – Images plugin <= 1.1.3 - Br… |
Arya Dhiratara |
Optimize More! – Images |
2026-02-20T15:46:28.340Z | 2026-02-24T21:35:27.833Z |
| CVE-2025-67993 |
6.5 (3.1)
|
WordPress Atarim plugin <= 4.2.1 - Broken Access Contr… |
Vito Peleg |
Atarim |
2026-02-20T15:46:32.736Z | 2026-02-24T21:35:27.406Z |
| CVE-2025-68026 |
6.5 (3.1)
|
WordPress LC Wizard plugin <= 2.1.1 - Settings Change … |
Niaj Morshed |
LC Wizard |
2026-02-20T15:46:35.938Z | 2026-02-24T21:35:27.229Z |
| CVE-2025-68024 |
6.5 (3.1)
|
WordPress Addonify – WooCommerce Wishlist plugin <= 2.… |
Addonify |
Addonify – WooCommerce Wishlist |
2026-02-20T15:46:35.579Z | 2026-02-24T21:35:27.062Z |
| CVE-2025-68050 |
6.5 (3.1)
|
WordPress Leadpages plugin <= 1.1.3 - Broken Access Co… |
Leadpages |
Leadpages |
2026-02-20T15:46:37.392Z | 2026-02-24T21:35:26.684Z |
| CVE-2026-26340 |
8.7 (4.0)
|
Tattile Smart+ / Vega / Basic <= 1.181.5 Unauthenticat… |
Tattile s.r.l. |
Smart+ |
2026-02-24T18:40:35.393Z | 2026-02-24T21:34:06.523Z |
| CVE-2026-26341 |
9.3 (4.0)
|
Tattile Smart+ / Vega / Basic <= 1.181.5 Default Credentials |
Tattile s.r.l. |
Smart+ |
2026-02-24T18:40:54.212Z | 2026-02-24T21:33:18.810Z |
| CVE-2026-27572 |
6.9 (4.0)
|
Wasmtime can panic when adding excessive fields to a `… |
bytecodealliance |
wasmtime |
2026-02-24T21:31:50.186Z | 2026-02-24T21:31:50.186Z |
| CVE-2025-33180 |
8 (3.1)
|
NVIDIA Cumulus Linux and NVOS products contain a … |
NVIDIA |
Cumulus Linux GA |
2026-02-24T18:41:48.632Z | 2026-02-24T21:31:41.482Z |
| CVE-2025-33181 |
7.3 (3.1)
|
NVIDIA Cumulus Linux and NVOS products contain a … |
NVIDIA |
Cumulus Linux GA |
2026-02-24T18:42:04.490Z | 2026-02-24T21:29:14.387Z |
| CVE-2025-68542 |
6.5 (3.1)
|
WordPress Checkout Gateway for IRIS plugin <= 1.3 - Br… |
vgdevsolutions |
Checkout Gateway for IRIS |
2026-02-20T15:46:40.232Z | 2026-02-24T21:28:40.712Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-25650 | MCP Salesforce Connector is a Model Context Protocol (MCP) server implementation for Salesforce int… | 2026-02-06T19:16:09.743 | 2026-02-24T20:59:52.390 |
| fkie_cve-2023-34382 | Deserialization of Untrusted Data vulnerability in weDevs Dokan – Best WooCommerce Multivendor Mark… | 2023-12-19T20:15:07.340 | 2026-02-24T20:59:24.530 |
| fkie_cve-2026-25647 | Lute is a structured Markdown engine supporting Go and JavaScript. Lute 1.7.6 and earlier (as used … | 2026-02-06T19:16:09.593 | 2026-02-24T20:59:10.180 |
| fkie_cve-2020-36748 | The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and i… | 2023-07-01T06:15:09.433 | 2026-02-24T20:59:03.343 |
| fkie_cve-2022-3194 | The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product re… | 2024-01-16T16:15:09.883 | 2026-02-24T20:58:39.753 |
| fkie_cve-2026-1769 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-02-06T18:15:56.193 | 2026-02-24T20:58:11.823 |
| fkie_cve-2022-3915 | The Dokan WordPress plugin before 3.7.6 does not properly sanitise and escape a parameter before us… | 2022-12-12T18:15:11.817 | 2026-02-24T20:58:05.303 |
| fkie_cve-2026-23989 | REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization m… | 2026-02-06T19:16:08.470 | 2026-02-24T20:57:55.337 |
| fkie_cve-2023-26525 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2023-12-20T18:15:11.680 | 2026-02-24T20:57:36.037 |
| fkie_cve-2026-24903 | OrcaStatLLM Researcher is an LLM Based Research Paper Generator. A Stored Cross-Site Scripting (XSS… | 2026-02-06T18:15:58.830 | 2026-02-24T20:57:19.450 |
| fkie_cve-2026-24851 | OpenFGA is a high-performance and flexible authorization/permission engine built for developers and… | 2026-02-06T18:15:58.673 | 2026-02-24T20:52:16.493 |
| fkie_cve-2026-26745 | OpenSourcePOS 3.4.1 has a second order SQL Injection vulnerability in the handling of the currency_… | 2026-02-20T17:25:55.807 | 2026-02-24T20:45:24.933 |
| fkie_cve-2026-2822 | A security vulnerability has been detected in JeecgBoot up to 3.9.1. The affected element is an unk… | 2026-02-20T05:17:53.663 | 2026-02-24T20:45:10.790 |
| fkie_cve-2019-25454 | phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated a… | 2026-02-20T23:16:02.077 | 2026-02-24T20:44:04.553 |
| fkie_cve-2019-25453 | phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticate… | 2026-02-20T23:16:01.893 | 2026-02-24T20:43:34.470 |
| fkie_cve-2026-2690 | A flaw has been found in itsourcecode Event Management System 1.0. Affected by this vulnerability i… | 2026-02-19T07:17:47.670 | 2026-02-24T20:42:50.850 |
| fkie_cve-2026-26746 | OpenSourcePOS 3.4.1 contains a Local File Inclusion (LFI) vulnerability in the Sales.php::getInvoic… | 2026-02-20T17:25:55.920 | 2026-02-24T20:42:28.327 |
| fkie_cve-2025-62326 | HCL Digital Experience is susceptible to stored cross-site scripting (XSS) in the administrative us… | 2026-02-20T20:25:18.607 | 2026-02-24T20:42:11.723 |
| fkie_cve-2026-2689 | A vulnerability was detected in itsourcecode Event Management System 1.0. Affected is an unknown fu… | 2026-02-19T07:17:47.447 | 2026-02-24T20:41:54.953 |
| fkie_cve-2019-25364 | MailCarrier 2.51 contains a buffer overflow vulnerability in the POP3 USER command that allows remo… | 2026-02-18T22:16:22.260 | 2026-02-24T20:41:08.130 |
| fkie_cve-2019-25326 | ipPulse 1.92 contains a denial of service vulnerability that allows local attackers to crash the ap… | 2026-02-18T22:16:18.980 | 2026-02-24T20:38:18.883 |
| fkie_cve-2025-70329 | TOTOLink X5000R v9.1.0cu_2415_B20250515 contains an OS command injection vulnerability in the setIp… | 2026-02-23T20:28:53.603 | 2026-02-24T20:38:09.483 |
| fkie_cve-2025-69700 | Tenda FH1203 V2.0.1.6 contains a stack-based buffer overflow vulnerability in the modify_add_client… | 2026-02-23T14:16:21.233 | 2026-02-24T20:37:59.887 |
| fkie_cve-2026-24853 | Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to … | 2026-02-13T23:16:11.800 | 2026-02-24T20:32:18.710 |
| fkie_cve-2026-3131 | Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and… | 2026-02-24T20:27:50.883 | 2026-02-24T20:27:50.883 |
| fkie_cve-2026-3105 | SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint used for retrievin… | 2026-02-24T20:27:50.713 | 2026-02-24T20:27:50.713 |
| fkie_cve-2026-27477 | Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requi… | 2026-02-24T20:27:50.173 | 2026-02-24T20:27:50.173 |
| fkie_cve-2026-26342 | Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an au… | 2026-02-24T20:27:48.310 | 2026-02-24T20:27:48.310 |
| fkie_cve-2026-26341 | Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with defau… | 2026-02-24T20:27:48.103 | 2026-02-24T20:27:48.103 |
| fkie_cve-2026-26340 | Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP str… | 2026-02-24T20:27:47.793 | 2026-02-24T20:27:47.793 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-6v48-fcq6-ff23 |
7.1 (4.0)
|
Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory | 2026-02-24T21:43:15Z | 2026-02-24T21:43:15Z |
| ghsa-mxhj-88fx-4pcv |
8.6 (4.0)
|
Fickling: OBJ opcode call invisibility bypasses all safety checks | 2026-02-24T21:41:31Z | 2026-02-24T21:41:31Z |
| ghsa-wxjg-wxm8-w2qc |
9.8 (3.1)
9.3 (4.0)
|
All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-wh6f-f7pf-3hqg |
9.8 (3.1)
9.3 (4.0)
|
InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious … | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-w6wm-hqx9-7cq8 |
8.7 (4.0)
|
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an au… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-mjm8-6393-j3wg |
|
A cross-site scripting (XSS) vulnerability in a FileMaker WebDirect custom homepage could lead to u… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-hr94-5hp8-p3qr |
4.3 (3.1)
|
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an at… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-c8xr-66ch-xcpx |
8.7 (4.0)
|
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP str… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-8c83-cvgq-pp7w |
8.6 (4.0)
|
EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the a… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-682g-r279-6gq6 |
9.3 (4.0)
|
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with defau… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-3fr2-qc88-c4cv |
|
Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and… | 2026-02-24T21:31:47Z | 2026-02-24T21:31:47Z |
| ghsa-xph9-72vf-6x2f |
5.8 (4.0)
|
Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows use… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-vcqv-v77g-qhch |
5.4 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input … | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-qv39-5mwf-4pj2 |
8.0 (3.1)
|
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-p5fg-p22w-8pfg |
7.3 (3.1)
|
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-mhh4-8fhx-47qg |
8.0 (3.1)
|
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-p… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-fpg9-3qpq-vpm5 |
5.8 (4.0)
|
Local admin could to leak information from the Genetec Update Service configuration web page. An au… | 2026-02-24T21:31:45Z | 2026-02-24T21:31:46Z |
| ghsa-fc3q-vg8h-qrfp |
|
A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypa… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-f46g-p3mm-9g3p |
2.7 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-cp7r-fhjg-f2vc |
7.2 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with … | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-58vr-q64v-x475 |
8.8 (3.1)
|
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerabilit… | 2026-02-24T21:31:46Z | 2026-02-24T21:31:46Z |
| ghsa-mwf2-qr4v-94h2 |
7.1 (4.0)
|
An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated u… | 2026-02-24T15:30:30Z | 2026-02-24T21:31:45Z |
| ghsa-h294-8fxm-m2pj |
2.3 (4.0)
|
A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to r… | 2026-02-24T15:30:30Z | 2026-02-24T21:31:45Z |
| ghsa-gvxg-9hqx-f4rg |
5.3 (4.0)
|
Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability i… | 2026-02-24T15:30:30Z | 2026-02-24T21:31:45Z |
| ghsa-fvj5-5qvq-g8wf |
8.8 (3.1)
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T21:31:45Z |
| ghsa-6xhx-53c5-f9qr |
6.6 (3.1)
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Lin… | 2026-02-24T18:31:03Z | 2026-02-24T21:31:45Z |
| ghsa-48m2-v2r8-h23m |
5.3 (4.0)
|
Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execu… | 2026-02-24T15:30:30Z | 2026-02-24T21:31:45Z |
| ghsa-3m2g-v7jf-7fxc |
7.1 (4.0)
|
An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user… | 2026-02-24T15:30:30Z | 2026-02-24T21:31:45Z |
| ghsa-m6xw-mq4p-x7xv |
7.3 (3.1)
|
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffe… | 2026-02-23T21:31:26Z | 2026-02-24T21:31:41Z |
| ghsa-5jj2-qhxw-rpq6 |
5.0 (3.1)
|
libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. | 2026-02-23T21:31:26Z | 2026-02-24T21:31:41Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-85 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-20T08:46:02.775917Z |
| pysec-2024-84 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-20T08:46:02.679012Z |
| pysec-2024-83 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-20T08:46:02.578402Z |
| pysec-2024-82 |
8.8 (3.1)
|
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-20T08:46:02.480722Z |
| pysec-2023-278 |
5.3 (3.1)
|
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T21:15:00Z | 2026-02-20T08:46:02.362066Z |
| pysec-2026-1 |
|
A PyPI user account compromised by an attacker and was able to upload a malicious version… | dydx-v4-client | 2026-01-28T21:09:02+00:00 | |
| pysec-2025-52 |
|
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2020-220 |
|
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| pysec-2025-72 |
|
The `num2words` project was compromised via a phishing attack and two new versions were u… | num2words | 2025-07-31T14:34:47+00:00 | |
| pysec-2025-71 |
|
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… | cadwyn | 2025-07-21T21:15:25+00:00 | 2025-07-23T15:24:03.825615+00:00 |
| pysec-2025-70 |
10.0 (3.1)
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… | langchain-community | 2025-06-23T21:15:25+00:00 | 2025-07-16T21:23:40.211079+00:00 |
| pysec-2024-259 |
9.8 (3.1)
|
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… | torch | 2024-10-29T21:15:04+00:00 | 2025-07-16T03:09:57.748865+00:00 |
| pysec-2024-258 |
|
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… | scrapy | 2024-05-20T08:15:08+00:00 | 2025-07-15T17:37:50.051730+00:00 |
| pysec-2025-69 |
|
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… | roundup | 2025-07-13T20:15:25+00:00 | 2025-07-13T21:23:01.161315+00:00 |
| pysec-2025-68 |
8.0 (3.1)
|
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.449399+00:00 |
| pysec-2025-67 |
9.8 (3.1)
|
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.385619+00:00 |
| pysec-2025-66 |
|
Improper privilege management in a REST interface allowed registered users to access unau… | streampipes | 2025-03-03T11:15:11+00:00 | 2025-07-08T15:23:46.628375+00:00 |
| pysec-2025-65 |
|
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… | llama-index | 2025-07-07T13:15:28+00:00 | 2025-07-07T15:23:42.730681+00:00 |
| pysec-2025-61 |
|
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … | pillow | 2025-07-01T19:15:27Z | 2025-07-07T14:12:46.226030Z |
| pysec-2025-64 |
9.8 (3.1)
|
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… | python-a2a | 2025-06-17T07:15:18+00:00 | 2025-07-02T21:23:13.806273+00:00 |
| pysec-2025-63 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… | vllm | 2025-03-19T16:15:32+00:00 | 2025-07-01T23:22:49.176005+00:00 |
| pysec-2025-62 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… | vllm | 2025-02-07T20:15:34+00:00 | 2025-07-01T23:22:49.083695+00:00 |
| pysec-2025-60 |
|
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… | apache-iotdb | 2025-05-14T11:16:28+00:00 | 2025-07-01T21:22:47.232036+00:00 |
| pysec-2025-59 |
|
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… | apache-iotdb | 2025-05-14T11:15:47+00:00 | 2025-07-01T21:22:47.177405+00:00 |
| pysec-2024-257 |
7.5 (3.1)
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-03-22T23:15:07+00:00 | 2025-06-30T15:23:50.085549+00:00 |
| pysec-2025-58 |
8.8 (3.1)
|
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… | vllm | 2025-01-27T18:15:41+00:00 | 2025-06-27T21:22:36.583615+00:00 |
| pysec-2025-57 |
|
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… | zenml | 2025-03-20T10:15:48+00:00 | 2025-06-27T17:22:55.175431+00:00 |
| pysec-2025-56 |
4.3 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… | octoprint | 2025-04-22T18:15:59+00:00 | 2025-06-27T17:22:53.513680+00:00 |
| pysec-2024-256 |
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-12-03T16:15:24+00:00 | 2025-06-27T17:22:53.325430+00:00 |
| pysec-2025-55 |
|
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.407481+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2022-6083 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2022-297182 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2022-1002526 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2021-81810 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2021-47527 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2021-1002352 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2020-995566 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2020-245024 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2019-15690 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2019-1002162 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2019-1000032 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2019-1000029 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2018-161617 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2018-100199 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2017-171479 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2017-171069 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2016-1000247 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2016-1000212 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2015-9731 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2015-9679 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2014-1197 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2012-6884 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2010-26432 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2010-13616 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2009-5515 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2009-5243 | The format of the source doesn't require a description, click on the link for more details. | |
| gsd-2024-33884 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.534455Z |
| gsd-2024-33901 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.525896Z |
| gsd-2024-33887 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.503613Z |
| gsd-2024-33895 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.493081Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-1026 | Malicious code in rncalendareventsexample (npm) | 2026-02-24T21:35:58Z | 2026-02-24T21:35:58Z |
| mal-2026-1027 | Malicious code in rtxbbtyols (npm) | 2026-02-24T18:40:07Z | 2026-02-24T18:40:07Z |
| mal-2026-1019 | Malicious code in spark-audit-notify (PyPI) | 2026-02-24T16:18:43Z | 2026-02-24T17:28:41Z |
| mal-2026-1025 | Malicious code in @unitedcapitalfinancialadvisors/finlife-component-library (npm) | 2026-02-24T16:56:49Z | 2026-02-24T16:56:56Z |
| mal-2026-1024 | Malicious code in @protonme/routing (npm) | 2026-02-24T16:56:49Z | 2026-02-24T16:56:49Z |
| mal-2026-1023 | Malicious code in @kiukicom/sidebar (npm) | 2026-02-24T16:56:48Z | 2026-02-24T16:56:49Z |
| mal-2026-1022 | Malicious code in @coinmetro/app (npm) | 2026-02-24T16:56:48Z | 2026-02-24T16:56:49Z |
| mal-2026-1021 | Malicious code in @atg-aml-shared/kyc-domain (npm) | 2026-02-24T16:56:48Z | 2026-02-24T16:56:48Z |
| mal-2026-1020 | Malicious code in @ai-studio-web/app (npm) | 2026-02-24T16:56:48Z | 2026-02-24T16:56:48Z |
| mal-2026-163 | Malicious code in do-not-install-this-package-002 (PyPI) | 2026-01-08T13:35:59Z | 2026-02-24T15:52:32Z |
| mal-2026-1018 | Malicious code in do-not-install-this-package-003 (PyPI) | 2026-02-24T15:18:17Z | 2026-02-24T15:18:17Z |
| mal-2026-1016 | Malicious code in js-multer (npm) | 2026-02-24T15:01:43Z | 2026-02-24T15:01:43Z |
| mal-2026-1014 | Malicious code in chai-iotype (npm) | 2026-02-24T15:01:43Z | 2026-02-24T15:01:43Z |
| mal-2026-1013 | Malicious code in chai-as-pause (npm) | 2026-02-24T14:59:19Z | 2026-02-24T14:59:19Z |
| mal-2026-1017 | Malicious code in json-mapping-srcs (npm) | 2026-02-24T14:49:33Z | 2026-02-24T14:49:33Z |
| mal-2026-1015 | Malicious code in es1int-config (npm) | 2026-02-24T14:44:00Z | 2026-02-24T14:44:01Z |
| mal-2026-1006 | Malicious code in chai-tools (npm) | 2026-02-24T14:31:45Z | 2026-02-24T14:31:46Z |
| mal-2026-1011 | Malicious code in node-argon (npm) | 2026-02-24T14:30:26Z | 2026-02-24T14:30:27Z |
| mal-2026-1005 | Malicious code in argon-web3-chain (npm) | 2026-02-24T14:30:26Z | 2026-02-24T14:30:27Z |
| mal-2025-2008 | Malicious code in usvr-agent (PyPI) | 2025-03-03T13:45:33Z | 2026-02-24T14:27:42Z |
| mal-2026-1007 | Malicious code in dotenvx-ext (npm) | 2026-02-24T14:25:56Z | 2026-02-24T14:25:56Z |
| mal-2026-1010 | Malicious code in modify-setting (npm) | 2026-02-24T14:18:58Z | 2026-02-24T14:18:58Z |
| mal-2026-1008 | Malicious code in es1int-re1ease (npm) | 2026-02-24T14:08:28Z | 2026-02-24T14:08:29Z |
| mal-2026-1012 | Malicious code in ultimates-express (npm) | 2026-02-24T14:01:31Z | 2026-02-24T14:01:32Z |
| mal-2026-1009 | Malicious code in express-soaps (npm) | 2026-02-24T14:01:31Z | 2026-02-24T14:01:32Z |
| mal-2026-1004 | Malicious code in request-httpx-9 (PyPI) | 2026-02-24T09:11:42Z | 2026-02-24T09:11:42Z |
| mal-2026-1002 | Malicious code in newrubylogger (RubyGems) | 2026-02-23T20:50:29Z | 2026-02-23T20:50:29Z |
| mal-2026-1003 | Malicious code in cnnct-eaas-corre (PyPI) | 2026-02-23T16:00:12Z | 2026-02-23T16:00:12Z |
| mal-2026-1001 | Malicious code in request-httpx-4 (PyPI) | 2026-02-23T12:37:17Z | 2026-02-23T12:37:17Z |
| mal-2026-1000 | Malicious code in scraper-npm (PyPI) | 2026-02-23T08:59:49Z | 2026-02-23T09:51:45Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-tensorflow-2021-37691 | Division by zero in LSH in TensorFlow Lite | 2024-03-06T11:16:41.709Z | 2026-02-24T21:09:55.900Z |
| bit-superset-2021-37839 | Improper access to dataset metadata information | 2025-02-05T07:29:47.009Z | 2026-02-24T21:09:55.900Z |
| bit-grafana-2021-39226 | Snapshot authentication bypass in grafana | 2024-03-06T10:59:36.715Z | 2026-02-24T21:09:55.900Z |
| bit-superset-2021-28125 | Apache Superset Open Redirect | 2025-02-05T07:29:54.416Z | 2026-02-24T18:11:25.008Z |
| bit-tomcat-2026-24733 | Apache Tomcat: Security constraint bypass with HTTP/0.9 | 2026-02-20T09:52:58.708Z | 2026-02-24T09:11:39.593Z |
| bit-tomcat-2025-66614 | Apache Tomcat: Client certificate verification bypass due to virtual host mapping | 2026-02-20T09:52:57.300Z | 2026-02-24T09:11:39.593Z |
| bit-python-2026-0865 | wsgiref.headers.Headers allows header newline injection | 2026-01-26T14:50:04.789Z | 2026-02-24T09:11:39.593Z |
| bit-libpython-2026-0865 | wsgiref.headers.Headers allows header newline injection | 2026-01-26T14:43:33.890Z | 2026-02-24T09:11:39.593Z |
| bit-grafana-2025-41117 | XSS in Grafana Explore stack trace | 2026-02-20T08:41:19.089Z | 2026-02-24T09:11:39.593Z |
| bit-airflow-2025-65995 | Apache Airflow: Disclosure of secrets to UI via kwargs | 2026-02-24T08:38:47.831Z | 2026-02-24T09:11:39.593Z |
| bit-python-2026-1299 | email BytesGenerator header injection due to unquoted newlines | 2026-02-03T08:53:00.053Z | 2026-02-23T12:55:58.474Z |
| bit-python-2025-15282 | Header injection via newlines in data URL mediatype | 2026-01-26T14:49:40.631Z | 2026-02-23T12:55:58.474Z |
| bit-libpython-2026-1299 | email BytesGenerator header injection due to unquoted newlines | 2026-02-03T08:45:06.015Z | 2026-02-23T12:55:58.474Z |
| bit-libpython-2025-15282 | Header injection via newlines in data URL mediatype | 2026-01-26T14:43:08.856Z | 2026-02-23T12:55:58.474Z |
| bit-ghost-2026-26980 | Ghost has a SQL Injection in its Content API | 2026-02-21T08:39:22.999Z | 2026-02-21T09:08:21.332Z |
| bit-cosign-2026-24122 | Cosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be Overlooked | 2026-02-21T08:36:39.661Z | 2026-02-21T09:08:21.332Z |
| bit-cilium-2026-26963 | Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled | 2026-02-21T08:36:53.368Z | 2026-02-21T09:08:21.332Z |
| bit-python-2026-0672 | Header injection in http.cookies.Morsel | 2026-01-26T14:50:03.015Z | 2026-02-20T15:52:56.451Z |
| bit-python-2025-11468 | Folding email comments of unfoldable characters doesn't preserve parenthesis | 2026-01-26T14:49:32.088Z | 2026-02-20T15:52:56.451Z |
| bit-libpython-2026-0672 | Header injection in http.cookies.Morsel | 2026-01-26T14:43:32.238Z | 2026-02-20T15:52:56.451Z |
| bit-libpython-2025-11468 | Folding email comments of unfoldable characters doesn't preserve parenthesis | 2026-01-26T14:42:59.991Z | 2026-02-20T15:52:56.451Z |
| bit-tomcat-2026-24734 | Apache Tomcat Native, Apache Tomcat: OCSP revocation bypass | 2026-02-20T09:53:00.269Z | 2026-02-20T10:18:37.619Z |
| bit-nifi-2026-25903 | Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates | 2026-02-20T08:45:57.883Z | 2026-02-20T09:09:49.097Z |
| bit-milvus-2025-64513 | Milvus Proxy has Critical Authentication Bypass Vulnerability | 2026-02-20T08:43:34.608Z | 2026-02-20T09:09:49.097Z |
| bit-jenkins-2026-27100 | 2026-02-20T08:43:34.823Z | 2026-02-20T09:09:49.097Z | |
| bit-jenkins-2026-27099 | 2026-02-20T08:43:33.019Z | 2026-02-20T09:09:49.097Z | |
| bit-grafana-2026-21722 | Public Dashboards time range restriction on annotations can be bypassed | 2026-02-20T08:41:29.411Z | 2026-02-20T09:09:49.097Z |
| bit-grafana-2026-21721 | Dashboard Permissions Scope Bypass Enables Cross‑Dashboard Privilege Escalation | 2026-02-20T08:41:27.652Z | 2026-02-20T09:09:49.097Z |
| bit-milvus-2026-26190 | Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise | 2026-02-19T08:47:10.808Z | 2026-02-19T09:13:37.164Z |
| bit-gitlab-2021-22175 | 2024-03-06T11:20:35.887Z | 2026-02-19T09:13:37.164Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-yn08405 | Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 7.1.1-r7 | 2026-02-19T00:39:05.944714Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-oj16660 | Security fixes for GHSA-2gh3-rmm4-6rq5, GHSA-434x-w66g-qw3r, GHSA-r6v5-fh4h-64xc, GHSA-xwfj-jgwm-7wp5 applied in versions: 1.28.2-r0, 1.28.4-r0 | 2026-02-19T00:39:07.225007Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-nn87556 | Security fixes for GHSA-2gh3-rmm4-6rq5, GHSA-434x-w66g-qw3r, GHSA-r6v5-fh4h-64xc, GHSA-xwfj-jgwm-7wp5 applied in versions: 1.28.2-r0, 1.29.0-r0 | 2026-02-19T00:39:07.788394Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-ln12820 | vulnerability has been identified in Node | 2026-02-19T00:58:49.154512Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-kn30288 | Security fixes for GHSA-2gh3-rmm4-6rq5, GHSA-434x-w66g-qw3r, GHSA-r6v5-fh4h-64xc, GHSA-rhfx-m35p-ff5j, GHSA-xwfj-jgwm-7wp5 applied in versions: 1.27.5-r1, 1.27.6-r0 | 2026-02-19T00:39:07.163109Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-zt77083 | When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers | 2026-02-18T00:40:43.959662Z | 2026-02-17T14:16:07Z |
| cleanstart-2026-lr19699 | Within HostnameError | 2026-02-18T00:37:41.636616Z | 2026-02-17T14:16:07Z |
| cleanstart-2026-dt95939 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-18T00:37:41.674179Z | 2026-02-17T14:16:07Z |
| cleanstart-2026-vg57433 | Within HostnameError | 2026-02-17T00:39:45.599344Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-uh39784 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-02-17T00:40:45.017480Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-jr03360 | Within HostnameError | 2026-02-17T00:39:45.300172Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-gg58376 | Within HostnameError | 2026-02-17T00:41:15.939977Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-kk07808 | issue has been found in third-party PNM decoding associated with libpng 1 | 2026-02-14T00:37:45.311656Z | 2026-02-13T12:28:27Z |
| cleanstart-2026-wv76464 | libexpat in Expat before 2 | 2026-02-13T00:43:45.311968Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-tr92727 | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... | 2026-02-13T00:41:14.875956Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-mh09144 | issue was discovered in libexpat before 2 | 2026-02-13T00:45:17.459930Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-jb30245 | Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 0.47.2-r0 | 2026-02-13T00:39:45.274258Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-gv85693 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-02-13T00:40:14.240914Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-fi29887 | During the TLS 1 | 2026-02-13T00:39:44.225771Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-ca79883 | Security fixes for GHSA-6v2p-p943-phr9, GHSA-c6gw-w398-hv78, GHSA-f6x5-jh6r-wrfv, GHSA-hcg3-p754-cr77, GHSA-j5w8-q4qc-rx2x, GHSA-qxp5-gw88-xv66, GHSA-v778-237x-gjrc, GHSA-vvgc-356p-c3xw applied in versions: 1.15.0-r1 | 2026-02-13T00:40:14.901695Z | 2026-02-12T13:07:54Z |
| cleanstart-2026-xb34574 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-11T00:40:59.223419Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-ls08172 | Within HostnameError | 2026-02-11T00:41:59.030674Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-im73098 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-11T00:40:59.052841Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-cv28298 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-02-11T00:41:59.034081Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-by71381 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-02-11T00:41:59.117560Z | 2026-02-10T22:11:02Z |
| cleanstart-2026-tj33788 | Within HostnameError | 2026-02-10T00:39:24.476012Z | 2026-02-09T12:51:17Z |
| cleanstart-2026-gp14462 | Security fixes for GHSA-vvgc-356p-c3xw applied in versions: 0.18.0-r0 | 2026-02-10T00:39:23.397354Z | 2026-02-09T12:51:17Z |
| cleanstart-2026-jn44153 | Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-gx3x-vq4p-mhhv, GHSA-j5w8-q4qc-rx2x applied in versions: 1.18.0-r0, 1.19.0-r1 | 2026-02-06T00:39:29.662228Z | 2026-02-05T12:20:16Z |
| cleanstart-2026-bz58799 | Within HostnameError | 2026-02-06T00:39:29.590361Z | 2026-02-05T12:20:16Z |
| cleanstart-2026-zm20570 | Moby is an open-source project created by Docker for software containerization | 2026-02-06T00:54:29.621254Z | 2026-02-03T13:35:45Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2026-009 | 2026-02-11T16:53:32.000Z | 2026-02-12T15:37:20.000Z | |
| drupal-contrib-2026-010 | 2026-02-11T16:54:18.000Z | 2026-02-11T16:54:18.000Z | |
| drupal-contrib-2026-008 | 2026-02-04T17:23:40.000Z | 2026-02-04T17:23:40.000Z | |
| drupal-contrib-2026-007 | 2026-01-28T17:29:32.000Z | 2026-01-28T17:29:32.000Z | |
| drupal-contrib-2026-006 | 2026-01-28T17:28:31.000Z | 2026-01-28T17:28:31.000Z | |
| drupal-contrib-2026-005 | 2026-01-14T17:57:31.000Z | 2026-01-14T18:33:02.000Z | |
| drupal-contrib-2026-004 | 2026-01-14T17:56:28.000Z | 2026-01-14T17:56:28.000Z | |
| drupal-contrib-2026-003 | 2026-01-14T17:55:41.000Z | 2026-01-14T17:55:41.000Z | |
| drupal-contrib-2026-002 | 2026-01-14T17:54:33.000Z | 2026-01-14T17:54:33.000Z | |
| drupal-contrib-2026-001 | 2026-01-14T17:53:33.000Z | 2026-01-14T17:53:33.000Z | |
| drupal-contrib-2025-126 | 2025-12-17T17:47:13.000Z | 2025-12-17T17:47:13.000Z | |
| drupal-contrib-2025-125 | 2025-12-10T17:53:01.000Z | 2025-12-10T19:09:57.000Z | |
| drupal-contrib-2025-119 | 2025-12-03T18:48:23.000Z | 2025-12-03T19:05:53.000Z | |
| drupal-contrib-2025-124 | 2025-12-03T18:49:57.000Z | 2025-12-03T18:49:57.000Z | |
| drupal-contrib-2025-123 | 2025-12-03T18:49:40.000Z | 2025-12-03T18:49:40.000Z | |
| drupal-contrib-2025-122 | 2025-12-03T18:49:18.000Z | 2025-12-03T18:49:18.000Z | |
| drupal-contrib-2025-121 | 2025-12-03T18:48:57.000Z | 2025-12-03T18:48:57.000Z | |
| drupal-contrib-2025-120 | 2025-12-03T18:48:37.000Z | 2025-12-03T18:48:37.000Z | |
| drupal-contrib-2025-118 | 2025-12-03T18:48:10.000Z | 2025-12-03T18:48:10.000Z | |
| drupal-contrib-2025-117 | 2025-12-03T18:47:37.000Z | 2025-12-03T18:47:37.000Z | |
| drupal-contrib-2025-088 | 2025-07-09T16:37:40.000Z | 2025-11-22T09:22:47.000Z | |
| drupal-contrib-2025-116 | 2025-11-05T18:09:13.000Z | 2025-11-05T18:09:13.000Z | |
| drupal-contrib-2025-115 | 2025-11-05T18:08:01.000Z | 2025-11-05T18:08:01.000Z | |
| drupal-contrib-2025-114 | 2025-10-29T16:44:39.000Z | 2025-10-29T20:15:52.000Z | |
| drupal-contrib-2025-113 | 2025-10-22T16:35:12.000Z | 2025-10-22T16:35:12.000Z | |
| drupal-contrib-2025-112 | 2025-10-22T16:34:46.000Z | 2025-10-22T16:34:46.000Z | |
| drupal-contrib-2025-111 | 2025-09-24T17:28:05.000Z | 2025-09-24T17:28:05.000Z | |
| drupal-contrib-2025-110 | 2025-09-24T17:27:41.000Z | 2025-09-24T17:27:41.000Z | |
| drupal-contrib-2025-109 | 2025-09-24T17:27:33.000Z | 2025-09-24T17:27:33.000Z | |
| drupal-contrib-2025-108 | 2025-09-24T17:27:20.000Z | 2025-09-24T17:27:20.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-004359 | Security information for Hitachi Disk Array Systems | 2026-02-20T18:35+09:00 | 2026-02-20T18:35+09:00 |
| jvndb-2026-000027 | WordPress Plugin "Survey Maker" vulnerable to cross-site scripting | 2026-02-20T12:32+09:00 | 2026-02-20T12:32+09:00 |
| jvndb-2026-000028 | Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries | 2026-02-20T12:31+09:00 | 2026-02-20T12:31+09:00 |
| jvndb-2026-003912 | Vulnerability in Cosminexus HTTP Server and Hitachi Web Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003911 | Vulnerability in Cosminexus HTTP Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003910 | Multiple Vulnerabilities in Cosminexus HTTP Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003909 | Multiple Vulnerabilities in Hitachi Command Suite products | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003908 | Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003907 | Multiple Vulnerabilities in JP1 | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003906 | Multiple Vulnerabilities in Cosminexus | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003905 | Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-000025 | Joomla! CMS vulnerable to cross-site scripting | 2026-02-17T12:46+09:00 | 2026-02-17T12:46+09:00 |
| jvndb-2026-000023 | FileZen vulnerable to OS command injection | 2026-02-13T16:51+09:00 | 2026-02-13T17:08+09:00 |
| jvndb-2026-000024 | Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries | 2026-02-12T13:32+09:00 | 2026-02-12T13:32+09:00 |
| jvndb-2026-000022 | Oki Electric Industry products and OEM products register Windows services with unquoted file paths | 2026-02-09T15:21+09:00 | 2026-02-09T15:21+09:00 |
| jvndb-2026-000021 | web2py vulnerable to open redirect | 2026-02-05T15:01+09:00 | 2026-02-05T15:01+09:00 |
| jvndb-2026-000017 | Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows | 2026-02-03T14:57+09:00 | 2026-02-05T14:41+09:00 |
| jvndb-2026-000020 | Multiple vulnerabilities in Movable Type | 2026-02-04T16:15+09:00 | 2026-02-04T16:15+09:00 |
| jvndb-2026-000016 | Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries | 2026-02-03T14:57+09:00 | 2026-02-04T12:39+09:00 |
| jvndb-2024-002831 | ELECOM wireless LAN routers vulnerable to OS command injection | 2024-02-22T08:15+09:00 | 2026-02-04T12:02+09:00 |
| jvndb-2025-000041 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-06-24T14:50+09:00 | 2026-02-03T15:35+09:00 |
| jvndb-2024-000078 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2024-07-30T15:34+09:00 | 2026-02-03T15:35+09:00 |
| jvndb-2026-000019 | Multiple vulnerabilities in ELECOM wireless LAN products | 2026-02-03T14:57+09:00 | 2026-02-03T14:57+09:00 |
| jvndb-2026-000015 | Sonatype Nexus Repository vulnerable to server-side request forgery | 2026-02-02T15:18+09:00 | 2026-02-02T15:18+09:00 |
| jvndb-2026-000014 | OS command injection in raspap-webgui | 2026-02-02T15:18+09:00 | 2026-02-02T15:18+09:00 |
| jvndb-2026-000013 | Multiple Microsoft Office products vulnerable to untrusted search path | 2026-02-02T15:18+09:00 | 2026-02-02T15:18+09:00 |
| jvndb-2026-000012 | Multiple vulnerabilities in Cybozu Garoon | 2026-02-02T15:18+09:00 | 2026-02-02T15:18+09:00 |
| jvndb-2026-000018 | Undocumented "TelnetEnable" functionality of End of Service NETGEAR products | 2026-01-30T14:23+09:00 | 2026-01-30T14:23+09:00 |
| jvndb-2026-002119 | Multiple vulnerabilities in BROTHER MFPs (multifunction printers) | 2026-01-30T11:26+09:00 | 2026-01-30T11:26+09:00 |
| jvndb-2026-002030 | Multiple Vulnerabilities in Cosminexus | 2026-01-29T10:32+09:00 | 2026-01-29T10:32+09:00 |
| ID | Description | Updated |
|---|---|---|
| ts-2026-001 | TS-2026-001 | 2026-01-15T00:00 |
| ts-2025-008 | TS-2025-008 | 2025-11-19T00:00 |
| ts-2025-007 | TS-2025-007 | 2025-11-07T00:00 |
| ts-2025-006 | TS-2025-006 | 2025-10-28T00:00 |
| ts-2025-005 | TS-2025-005 | 2025-08-07T00:00 |
| ts-2025-004 | TS-2025-004 | 2025-05-27T00:00 |
| ts-2025-003 | TS-2025-003 | 2025-05-21T00:00 |
| ts-2025-002 | TS-2025-002 | 2025-05-15T00:00 |
| ts-2025-001 | TS-2025-001 | 2025-03-07T00:00 |
| ts-2024-013 | TS-2024-013 | 2024-12-04T00:00 |
| ts-2024-012 | TS-2024-012 | 2024-10-02T00:00 |
| ts-2024-011 | TS-2024-011 | 2024-07-22T00:00 |
| ts-2024-010 | TS-2024-010 | 2024-07-19T00:00 |
| ts-2024-009 | TS-2024-009 | 2024-06-27T00:00 |
| ts-2024-008 | TS-2024-008 | 2024-06-14T00:00 |
| ts-2024-007 | TS-2024-007 | 2024-06-12T00:00 |
| ts-2024-006 | TS-2024-006 | 2024-05-22T00:00 |
| ts-2024-005 | TS-2024-005 | 2024-05-08T00:00 |
| ts-2024-004 | TS-2024-004 | 2024-05-06T00:00 |
| ts-2024-003 | TS-2024-003 | 2024-04-23T00:00 |
| ts-2024-002 | TS-2024-002 | 2024-01-30T00:00 |
| ts-2024-001 | TS-2024-001 | 2024-01-08T00:00 |
| ts-2023-009 | TS-2023-009 | 2023-12-22T00:00 |
| ts-2023-008 | TS-2023-008 | 2023-11-01T00:00 |
| ts-2023-007 | TS-2023-007 | 2023-10-26T00:00 |
| ts-2023-006 | TS-2023-006 | 2023-08-22T00:00 |
| ts-2023-005 | TS-2023-005 | 2023-04-28T00:00 |
| ts-2023-004 | TS-2023-004 | 2023-04-04T00:00 |
| ts-2023-003 | TS-2023-003 | 2023-03-22T00:00 |
| ts-2023-002 | TS-2023-002 | 2023-01-24T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-10895 | WordPress插件Pixel Manager for WooCommerce信息泄露漏洞 | 2025-11-20 | 2026-02-14 |
| cnvd-2026-10894 | WordPress插件Quiz Maker信息泄露漏洞 | 2025-11-21 | 2026-02-14 |
| cnvd-2026-10893 | WordPress插件WP FullCalendar信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10892 | WordPress插件WP Directory Kit信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10891 | WordPress插件CubeWP – All-in-One Dynamic Content Framework信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10890 | WordPress插件Contact Form 7 GetResponse Extension信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10889 | WordPress插件Cargus信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10888 | WordPress插件Booking Ultra Pro信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10887 | MailEnable存在未明漏洞(CNVD-2026-10887) | 2025-12-18 | 2026-02-14 |
| cnvd-2026-10885 | FRRouting拒绝服务漏洞(CNVD-2026-10885) | 2025-10-31 | 2026-02-14 |
| cnvd-2026-06351 | 用友网络科技股份有限公司U8+渠道管理(高级版)存在SQL注入漏洞(CNVD-C-2025-1245200) | 2025-12-31 | 2026-02-14 |
| cnvd-2026-10886 | MailEnable存在未明漏洞 | 2025-12-18 | 2026-02-13 |
| cnvd-2026-10884 | FRRouting拒绝服务漏洞(CNVD-2026-10884) | 2025-10-31 | 2026-02-13 |
| cnvd-2026-10883 | FRRouting拒绝服务漏洞(CNVD-2026-10883) | 2025-10-31 | 2026-02-13 |
| cnvd-2026-10882 | FRRouting拒绝服务漏洞 | 2025-10-31 | 2026-02-13 |
| cnvd-2026-10881 | mall-swarm授权问题漏洞(CNVD-2026-10881) | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10880 | mall-swarm存在未明漏洞 | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10879 | mall-swarm授权问题漏洞(CNVD-2026-10879) | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10878 | mall-swarm授权问题漏洞(CNVD-2026-10878) | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10877 | mall-swarm授权问题漏洞(CNVD-2026-10877) | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10876 | mall-swarm授权问题漏洞 | 2025-12-10 | 2026-02-13 |
| cnvd-2026-10875 | Huawei HarmonyOS卡框架模块多线程竞争条件漏洞 | 2026-01-19 | 2026-02-13 |
| cnvd-2026-10874 | Huawei HarmonyOS和EMUI克隆模块中间人攻击漏洞 | 2026-01-19 | 2026-02-13 |
| cnvd-2026-10873 | Huawei HarmonyOS和EMUI媒体库模块权限验证绕过漏洞(CNVD-2026-10873) | 2026-01-19 | 2026-02-13 |
| cnvd-2026-10872 | Huawei HarmonyOS和EMUI媒体库模块权限验证绕过漏洞 | 2026-01-19 | 2026-02-13 |
| cnvd-2026-10871 | WordPress插件metasync存在未明漏洞 | 2026-02-04 | 2026-02-12 |
| cnvd-2026-10870 | WordPress插件Simple User Registration访问控制错误漏洞 | 2026-02-04 | 2026-02-12 |
| cnvd-2026-10859 | Adobe Substance 3D Modeler越界写入漏洞(CNVD-2026-10859) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10858 | Adobe Substance 3D Modeler越界写入漏洞(CNVD-2026-10858) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10857 | Rockwell Automation FactoryTalk Linx权限提升漏洞(CNVD-2026-10857) | 2025-10-17 | 2026-02-12 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01844 | Уязвимость сервиса безопасности Advanced DNS Security (ADNS) операционной системы PAN-OS,… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01843 | Уязвимость функции loadRLE() загрузчика TGA-изображений (PluginTARGA.cpp) графической биб… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01842 | Уязвимость функции ws_user_gerList() сценария pwg.users.php системы управления контентом … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01841 | Уязвимость компонента Updater облачной платформы управления контейнерами Arcane, позволяю… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01840 | Уязвимость ИИ-агента OpenClaw (ранее - ClawdBot или MoltBot), связанная с отсутствием про… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01839 | Уязвимость функции blocked_path() пакета Python для создания приложений для моделей машин… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01838 | Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, свя… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01837 | Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01836 | Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01835 | Уязвимость драйвера ESXi base микропрограммного обеспечения сетевых контроллеров Intel 80… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01834 | Уязвимость микропрограммного обеспечения контроллеров Intel Ethernet серии E810, связанна… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01833 | Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01832 | Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01831 | Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01830 | Уязвимость компонента File input браузера Google Chrome, позволяющая нарушителю осуществи… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01829 | Уязвимость компонента PictureInPicture браузера Google Chrome, позволяющая нарушителю ока… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01828 | Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю оказать во… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01827 | Уязвимость функции конфиденциальности Fenced Frames браузера Google Chrome, позволяющая н… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01826 | Уязвимость компонента WebGPU браузера Google Chrome, позволяющая нарушителю вызвать отказ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01825 | Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01824 | Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01823 | Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01822 | Уязвимость операционных систем Fortinet FortiOS, связанная с недостаточной проверкой исто… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01821 | Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01820 | Уязвимость интерфейса командной строки операционных систем Fortinet FortiOS, позволяющая … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01819 | Уязвимость графического пользовательского интерфейса операционных систем Fortinet FortiOS… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01818 | Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01817 | Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01816 | Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01815 | Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с не… | 16.02.2026 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0203 | Vulnérabilité dans Microsoft Azure Linux | 2026-02-24T00:00:00.000000 | 2026-02-24T00:00:00.000000 |
| certfr-2026-avi-0202 | Multiples vulnérabilités dans les produits SonicWall | 2026-02-24T00:00:00.000000 | 2026-02-24T00:00:00.000000 |
| certfr-2026-avi-0201 | Multiples vulnérabilités dans Mattermost Server | 2026-02-24T00:00:00.000000 | 2026-02-24T00:00:00.000000 |
| certfr-2026-avi-0200 | Vulnérabilité dans Centreon open tickets | 2026-02-24T00:00:00.000000 | 2026-02-24T00:00:00.000000 |
| certfr-2026-avi-0199 | Multiples vulnérabilités dans les produits VMware | 2026-02-24T00:00:00.000000 | 2026-02-24T00:00:00.000000 |
| certfr-2026-avi-0198 | Multiples vulnérabilités dans Google Chrome | 2026-02-24T00:00:00.000000 | 2026-02-24T00:00:00.000000 |
| certfr-2026-avi-0197 | Multiples vulnérabilités dans Microsoft Edge | 2026-02-23T00:00:00.000000 | 2026-02-23T00:00:00.000000 |
| certfr-2026-avi-0187 | Multiples vulnérabilités dans Tenable Security Center | 2026-02-19T00:00:00.000000 | 2026-02-23T00:00:00.000000 |
| certfr-2026-avi-0196 | Multiples vulnérabilités dans les produits IBM | 2026-02-20T00:00:00.000000 | 2026-02-20T00:00:00.000000 |
| certfr-2026-avi-0195 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-02-20T00:00:00.000000 | 2026-02-20T00:00:00.000000 |
| certfr-2026-avi-0194 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-02-20T00:00:00.000000 | 2026-02-20T00:00:00.000000 |
| certfr-2026-avi-0193 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-02-20T00:00:00.000000 | 2026-02-20T00:00:00.000000 |
| certfr-2026-avi-0192 | Multiples vulnérabilités dans le noyau Linux de Debian | 2026-02-20T00:00:00.000000 | 2026-02-20T00:00:00.000000 |
| certfr-2026-avi-0191 | Vulnérabilité dans Traefik | 2026-02-20T00:00:00.000000 | 2026-02-20T00:00:00.000000 |
| certfr-2026-avi-0190 | Multiples vulnérabilités dans Microsoft Edge | 2026-02-19T00:00:00.000000 | 2026-02-19T00:00:00.000000 |
| certfr-2026-avi-0189 | Vulnérabilité dans F5 BIG-IP | 2026-02-19T00:00:00.000000 | 2026-02-19T00:00:00.000000 |
| certfr-2026-avi-0188 | Multiples vulnérabilités dans les produits Splunk | 2026-02-19T00:00:00.000000 | 2026-02-19T00:00:00.000000 |
| certfr-2026-avi-0186 | Multiples vulnérabilités dans Google Chrome | 2026-02-19T00:00:00.000000 | 2026-02-19T00:00:00.000000 |
| certfr-2026-avi-0185 | Vulnérabilité dans Microsoft Windows | 2026-02-18T00:00:00.000000 | 2026-02-18T00:00:00.000000 |
| certfr-2026-avi-0184 | Multiples vulnérabilités dans Microsoft Edge | 2026-02-18T00:00:00.000000 | 2026-02-18T00:00:00.000000 |
| certfr-2026-avi-0183 | Vulnérabilité dans HPE Aruba Networking ClearPass Policy Manager | 2026-02-18T00:00:00.000000 | 2026-02-18T00:00:00.000000 |
| certfr-2026-avi-0182 | Multiples vulnérabilités dans Atlassian Confluence | 2026-02-18T00:00:00.000000 | 2026-02-18T00:00:00.000000 |
| certfr-2026-avi-0181 | Vulnérabilité dans Apache Tomcat | 2026-02-18T00:00:00.000000 | 2026-02-18T00:00:00.000000 |
| certfr-2026-avi-0180 | Vulnérabilité dans NetApp StorageGRID | 2026-02-18T00:00:00.000000 | 2026-02-18T00:00:00.000000 |
| certfr-2026-avi-0179 | Multiples vulnérabilités dans SPIP | 2026-02-18T00:00:00.000000 | 2026-02-18T00:00:00.000000 |
| certfr-2026-avi-0178 | Multiples vulnérabilités dans Tenable Security Center | 2026-02-18T00:00:00.000000 | 2026-02-18T00:00:00.000000 |
| certfr-2026-avi-0177 | Multiples vulnérabilités dans Moodle | 2026-02-17T00:00:00.000000 | 2026-02-17T00:00:00.000000 |
| certfr-2026-avi-0176 | Vulnérabilité dans Mattermost Server | 2026-02-17T00:00:00.000000 | 2026-02-17T00:00:00.000000 |
| certfr-2026-avi-0175 | Multiples vulnérabilités dans les produits Mozilla | 2026-02-17T00:00:00.000000 | 2026-02-17T00:00:00.000000 |
| certfr-2026-avi-0174 | Multiples vulnérabilités dans LibreNMS | 2026-02-17T00:00:00.000000 | 2026-02-17T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-ale-014 | [MàJ] Vulnérabilité dans React Server Components | 2025-12-05T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile | 2026-01-30T00:00:00.000000 | 2026-02-03T00:00:00.000000 |
| certfr-2025-ale-013 | [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| certfr-2025-ale-012 | Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-ale-010 | [MàJ] Multiples vulnérabilités dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| certfr-2025-ale-011 | Incidents de sécurité dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-009 | Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-ale-004 | Activités de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-ale-008 | [MàJ] Vulnérabilité dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-ale-007 | Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-006 | Vulnérabilité dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-005 | Vulnérabilité dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-003 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-ale-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| certfr-2025-ale-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| certfr-2024-ale-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-30T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-ale-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2025-03-31T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-ale-015 | [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-ale-012 | [MàJ] Vulnérabilités affectant OpenPrinting CUPS | 2024-09-27T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-011 | Vulnérabilité dans SonicWall | 2024-09-10T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-010 | Multiples vulnérabilités dans Roundcube | 2024-08-09T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| certfr-2024-ale-009 | Vulnérabilité dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| certfr-2024-ale-008 | [MàJ] Vulnérabilité dans les produits Check Point | 2024-05-30T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-007 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-006 | [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-12T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-004 | [MàJ] Vulnérabilité dans Fortinet FortiOS | 2024-02-09T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-003 | [MàJ] Incident affectant les solutions AnyDesk | 2024-02-05T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways | 2024-01-11T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-002 | [MàJ] Multiples Vulnérabilités dans GitLab | 2024-01-12T00:00:00.000000 | 2024-02-22T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2025-202 | UNKNOWN READ in _blit_xrgb32_lerp_spans | 2025-03-15T00:01:51.127135Z | 2026-02-24T14:28:08.371682Z |
| osv-2024-245 | Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept | 2024-04-08T00:11:03.595756Z | 2026-02-24T14:25:14.639761Z |
| osv-2023-395 | Stack-buffer-overflow in sc_path_print | 2023-05-14T14:00:57.078498Z | 2026-02-24T14:19:51.229594Z |
| osv-2022-1201 | Stack-buffer-overflow in msc_zero_object | 2022-11-24T13:00:10.344351Z | 2026-02-24T14:15:48.115519Z |
| osv-2022-1188 | Stack-buffer-overflow in authentic_get_tagged_data | 2022-11-20T13:01:57.719130Z | 2026-02-24T14:15:46.375365Z |
| osv-2024-387 | Heap-buffer-overflow in H5F_addr_encode | 2024-04-30T00:13:39.184262Z | 2026-02-21T16:08:55.576515Z |
| osv-2023-216 | Heap-buffer-overflow in H5G__node_cmp3 | 2023-03-23T13:00:48.081705Z | 2026-02-21T15:10:24.227224Z |
| osv-2023-430 | Heap-buffer-overflow in H5MM_xstrdup | 2023-05-26T14:00:26.078002Z | 2026-02-21T14:59:46.714683Z |
| osv-2023-370 | Heap-buffer-overflow in H5FS__sect_link | 2023-05-06T14:01:04.165113Z | 2026-02-21T14:59:05.344946Z |
| osv-2023-359 | Heap-buffer-overflow in H5MM_memcpy | 2023-05-01T14:02:33.841821Z | 2026-02-21T14:58:42.218274Z |
| osv-2023-392 | Negative-size-param in H5MM_memcpy | 2023-05-13T14:00:26.093088Z | 2026-02-21T14:58:35.196227Z |
| osv-2023-381 | UNKNOWN READ in H5FL__blk_gc_list | 2023-05-08T14:02:04.934252Z | 2026-02-21T14:57:47.361752Z |
| osv-2023-89 | Heap-buffer-overflow in H5O__mtime_new_encode | 2023-02-21T13:00:30.347876Z | 2026-02-21T14:56:49.681507Z |
| osv-2023-76 | Heap-buffer-overflow in H5SM_delete | 2023-02-18T13:00:50.471845Z | 2026-02-21T14:34:05.952250Z |
| osv-2023-133 | Heap-buffer-overflow in H5L__extern_traverse | 2023-03-02T13:02:08.499899Z | 2026-02-21T14:33:35.359548Z |
| osv-2022-1235 | Heap-buffer-overflow in _rrparse | 2022-12-04T13:00:30.303410Z | 2026-02-21T14:09:00.932849Z |
| osv-2022-1165 | Heap-buffer-overflow in parse_content_length | 2022-11-12T13:00:05.964113Z | 2026-02-19T14:11:05.455361Z |
| osv-2026-261 | Segv on unknown address in ___interceptor_strtol | 2026-02-19T00:09:21.893775Z | 2026-02-19T00:09:21.894076Z |
| osv-2026-259 | Use-of-uninitialized-value in tsip_parse_input | 2026-02-18T00:14:29.378028Z | 2026-02-18T00:14:29.378341Z |
| osv-2023-96 | Heap-buffer-overflow in load_buffer | 2023-02-23T13:00:28.515290Z | 2026-02-17T14:26:31.096424Z |
| osv-2023-35 | Heap-buffer-overflow in parse_classes_64 | 2023-01-29T13:01:45.762871Z | 2026-02-17T14:24:57.461377Z |
| osv-2022-993 | Stack-use-after-return in check_buffer | 2022-09-29T00:02:10.256639Z | 2026-02-17T14:24:32.097178Z |
| osv-2023-819 | Heap-buffer-overflow in ucl_object_dtor_unref_single | 2023-09-09T14:01:07.368928Z | 2026-02-17T14:21:16.973749Z |
| osv-2023-78 | Heap-buffer-overflow in ucl_object_dtor_unref_single | 2023-02-18T13:01:01.445224Z | 2026-02-17T14:21:11.808505Z |
| osv-2022-1137 | Heap-buffer-overflow in io_memory_read | 2022-11-05T00:00:44.243862Z | 2026-02-17T14:20:32.701723Z |
| osv-2021-1261 | UNKNOWN READ in kh_get_ucl_hash_node | 2021-09-15T00:00:41.384284Z | 2026-02-17T14:15:50.348749Z |
| osv-2026-255 | UNKNOWN WRITE in nmeaid_to_prn | 2026-02-17T00:17:19.574579Z | 2026-02-17T00:17:19.574905Z |
| osv-2021-525 | Use-of-uninitialized-value in void edge_filtering_chroma_internal<unsigned char> | 2021-03-16T00:00:19.176877Z | 2026-02-15T14:06:52.827050Z |
| osv-2026-244 | Use-of-uninitialized-value in ihevcd_fmt_conv | 2026-02-15T00:03:36.246033Z | 2026-02-15T00:03:36.246568Z |
| osv-2024-679 | Heap-buffer-overflow in readImage4v2 | 2024-07-25T00:14:34.485446Z | 2026-02-14T14:21:51.563139Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2026-0022 | Panic when dropping a `[Typed]Func::call_async` future | 2026-02-24T12:00:00Z | 2026-02-24T19:42:18Z |
| rustsec-2026-0021 | Panic adding excessive fields to a `wasi:http/types.fields` instance | 2026-02-24T12:00:00Z | 2026-02-24T19:42:18Z |
| rustsec-2026-0020 | Guest-controlled resource exhaustion in WASI implementations | 2026-02-24T12:00:00Z | 2026-02-24T19:42:18Z |
| rustsec-2026-0019 | `tracing-check` was removed from crates.io for malicious code | 2026-02-24T12:00:00Z | 2026-02-24T17:23:12Z |
| rustsec-2026-0018 | `rpc-check` was removed from crates.io for malicious code | 2026-02-24T12:00:00Z | 2026-02-24T16:32:13Z |
| rustsec-2025-0153 | hexchat crate is unsound and unmaintained | 2025-11-17T12:00:00Z | 2026-02-24T10:32:45Z |
| rustsec-2026-0013 | Type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature targeting Python 3.12 and up | 2026-02-18T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2026-0010 | `polymarket-clients-sdk` was removed from crates.io for malicious code | 2026-02-06T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2025-0148 | `finch-rust` was removed from crates.io for malicious code | 2025-12-05T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2025-0147 | `evm-units` was removed from crates.io for malicious code | 2025-12-03T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2025-0146 | `sha-rust` was removed from crates.io for malicious code | 2025-12-05T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2025-0145 | `uniswap-utils` was removed from crates.io for malicious code | 2025-12-03T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2026-0017 | `clob-sdk` was removed from crates.io for malicious code | 2026-02-20T12:00:00Z | 2026-02-21T01:48:10Z |
| rustsec-2026-0016 | `polymarkets-rs-clob-client` was removed from crates.io for malicious code | 2026-02-20T12:00:00Z | 2026-02-20T18:09:09Z |
| rustsec-2026-0012 | Unsoundness in opt-in ARMv8 assembly backend for `keccak` | 2026-02-12T12:00:00Z | 2026-02-20T04:00:15Z |
| rustsec-2026-0015 | `polymarkets-client-sdk` was removed from crates.io for malicious code | 2026-02-19T12:00:00Z | 2026-02-19T22:41:14Z |
| rustsec-2026-0014 | `rpc-check` was removed from crates.io for malicious code | 2026-02-19T12:00:00Z | 2026-02-19T22:41:14Z |
| rustsec-2026-0011 | `polymarket-client-sdks` was removed from crates.io for malicious code | 2026-02-13T12:00:00Z | 2026-02-14T08:13:56Z |
| rustsec-2025-0152 | `finch_cli_rust` was removed from crates.io for malicious code | 2025-12-09T12:00:00Z | 2026-02-13T04:43:42Z |
| rustsec-2025-0151 | `sha-rst` was removed from crates.io for malicious code | 2025-12-09T12:00:00Z | 2026-02-13T04:43:42Z |
| rustsec-2025-0150 | `finch-rst` was removed from crates.io for malicious code | 2025-12-09T12:00:00Z | 2026-02-13T04:43:42Z |
| rustsec-2025-0142 | Segmentation fault and invalid memory read in `mnl::cb_run` | 2025-10-18T12:00:00Z | 2026-02-10T13:23:41Z |
| rustsec-2025-0149 | World Writable Directory in /var/log/below Allows Local Privilege Escalation | 2025-03-12T12:00:00Z | 2026-02-08T07:26:28Z |
| rustsec-2026-0009 | Denial of Service via Stack Exhaustion | 2026-02-05T12:00:00Z | 2026-02-06T09:12:16Z |
| rustsec-2026-0008 | Potential undefined behavior when dereferencing Buf struct | 2026-02-02T12:00:00Z | 2026-02-05T06:08:13Z |
| rustsec-2026-0007 | Integer overflow in `BytesMut::reserve` | 2026-02-03T12:00:00Z | 2026-02-04T06:56:11Z |
| rustsec-2025-0140 | Non-utf8 String can be created with `TimeBuf::as_str` | 2025-12-29T12:00:00Z | 2026-02-04T06:56:11Z |
| rustsec-2026-0006 | Wasmtime segfault or unused out-of-sandbox load with `f64.copysign` operator on x86-64 | 2026-01-26T12:00:00Z | 2026-01-30T05:41:11Z |
| rustsec-2025-0143 | Unsound APIs of public `constant::Reader` and `StructSchema` | 2025-12-24T12:00:00Z | 2026-01-29T05:56:50Z |
| rustsec-2025-0144 | Timing side-channel in ML-DSA decomposition | 2025-12-12T12:00:00Z | 2026-01-27T22:28:37Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:3187 | Important: grafana-pcp security update | 2026-02-24T00:00:00Z | 2026-02-24T17:14:01Z |
| alsa-2026:3188 | Important: grafana security update | 2026-02-24T00:00:00Z | 2026-02-24T17:11:47Z |
| alsa-2026:3110 | Important: kernel-rt security update | 2026-02-23T00:00:00Z | 2026-02-24T13:03:08Z |
| alsa-2026:3083 | Important: kernel security update | 2026-02-23T00:00:00Z | 2026-02-24T12:59:25Z |
| alsa-2026:3032 | Important: munge security update | 2026-02-23T00:00:00Z | 2026-02-23T14:44:19Z |
| alsa-2026:2720 | Moderate: kernel security update | 2026-02-16T00:00:00Z | 2026-02-23T13:27:24Z |
| alsa-2026:3042 | Moderate: openssl security update | 2026-02-23T00:00:00Z | 2026-02-23T09:07:14Z |
| alsa-2026:2914 | Important: grafana security update | 2026-02-18T00:00:00Z | 2026-02-19T18:04:08Z |
| alsa-2026:2920 | Important: grafana security update | 2026-02-18T00:00:00Z | 2026-02-19T10:58:19Z |
| alsa-2026:2706 | Important: golang security update | 2026-02-16T00:00:00Z | 2026-02-18T13:54:31Z |
| alsa-2026:2781 | Important: nodejs:24 security update | 2026-02-17T00:00:00Z | 2026-02-18T13:51:36Z |
| alsa-2026:2776 | Moderate: edk2 security update | 2026-02-17T00:00:00Z | 2026-02-18T13:48:45Z |
| alsa-2026:2719 | Important: gnupg2 security update | 2026-02-16T00:00:00Z | 2026-02-18T13:46:37Z |
| alsa-2026:2786 | Moderate: glibc security update | 2026-02-17T00:00:00Z | 2026-02-18T13:44:36Z |
| alsa-2026:2799 | Moderate: php security update | 2026-02-17T00:00:00Z | 2026-02-18T13:30:42Z |
| alsa-2026:2821 | Moderate: kernel-rt security update | 2026-02-17T00:00:00Z | 2026-02-18T13:25:58Z |
| alsa-2026:2707 | Important: gimp security update | 2026-02-16T00:00:00Z | 2026-02-17T10:29:58Z |
| alsa-2026:2709 | Important: golang security update | 2026-02-16T00:00:00Z | 2026-02-17T10:27:57Z |
| alsa-2026:2708 | Important: go-toolset:rhel8 security update | 2026-02-16T00:00:00Z | 2026-02-16T14:22:53Z |
| alsa-2026:2421 | Important: nodejs:22 security update | 2026-02-10T00:00:00Z | 2026-02-13T10:53:31Z |
| alsa-2026:2627 | Moderate: gcc-toolset-14-binutils security update | 2026-02-12T00:00:00Z | 2026-02-13T08:03:55Z |
| alsa-2026:0667 | Important: firefox security update | 2026-01-15T00:00:00Z | 2026-02-12T10:37:47Z |
| alsa-2026:1377 | Moderate: image-builder security update | 2026-01-27T00:00:00Z | 2026-02-12T10:36:07Z |
| alsa-2026:2212 | Moderate: kernel security update | 2026-02-09T00:00:00Z | 2026-02-12T10:34:27Z |
| alsa-2026:2282 | Moderate: kernel security update | 2026-02-09T00:00:00Z | 2026-02-12T10:29:43Z |
| alsa-2026:2420 | Important: nodejs:24 security update | 2026-02-10T00:00:00Z | 2026-02-12T10:19:24Z |
| alsa-2026:2422 | Important: nodejs:20 security update | 2026-02-10T00:00:00Z | 2026-02-12T10:15:50Z |
| alsa-2026:2438 | Important: pcs security update | 2026-02-10T00:00:00Z | 2026-02-12T10:14:13Z |
| alsa-2026:2452 | Important: pcs security update | 2026-02-10T00:00:00Z | 2026-02-12T10:12:36Z |
| alsa-2026:2470 | Moderate: php:7.4 security update | 2026-02-10T00:00:00Z | 2026-02-12T10:10:23Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osec-2026-02 | ARP unbounded memory usage | 2026-02-18T10:30:00Z | 2026-02-18T10:30:00Z |
| osec-2022-01 | Infinite loop in console output on xen | 2022-12-07T00:00:00Z | 2026-02-18T09:30:00Z |
| osec-2026-01 | Buffer Over-Read in OCaml Marshal Deserialization | 2026-02-17T13:30:00Z | 2026-02-17T15:00:00Z |
| osec-2025-01 | Albatross console out of memory | 2025-08-15T00:18:22Z | 2026-01-13T12:00:00Z |
| osec-2019-02 | Grant unshare vulnerability in mirage-xen | 2019-04-26T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2019-01 | Memory disclosure in mirage-net-xen | 2019-03-21T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2016-02 | Memory disclosure in mirage-net-xen | 2016-05-03T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2023-01 | Time of check time of use issue in opam's cache | 2023-05-25T12:00:00Z | 2026-01-09T12:00:00Z |
| osec-2016-01 | Buffer overflow and information leak in OCaml < 4.03.0 | 2016-04-29T00:18:22Z | 2026-01-01T12:00:00Z |
| osec-2018-01 | An integer overflow in the `bigarray` serialization module leads to arbitrary code execution | 2018-04-06T18:29:00Z | 2025-12-16T12:00:00Z |
| osec-2017-01 | Local privilege escalation issue with ocaml binaries | 2017-06-23T15:19:47Z | 2025-12-16T12:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| hsec-2024-0004 | Hackage package and doc upload stored XSS vulnerability | 2026-01-16T11:18:20Z | 2026-01-16T11:18:20Z |
| hsec-2025-0007 | cmark-gfm: resource exhaustion due to quadratic complexity in parser | 2025-12-27T08:58:56Z | 2025-12-27T08:58:56Z |
| hsec-2025-0006 | Private key leak via inherited file descriptor | 2025-11-17T02:22:38Z | 2025-11-17T02:22:38Z |
| hsec-2025-0005 | cabal-install dependency confusion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0004 | Broken Path Sanitization in spacecookie Library | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0003 | Use after free in multithreaded lzma (.xz) decoder | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0002 | Double Public Key Signing Function Oracle Attack on Ed25519 | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0001 | Subword division operations may produce incorrect results | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0009 | Public key confusion in third-party blocks | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0008 | Sign extension error in the PPC64le FFI | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0007 | Sign extension error in the AArch64 NCG | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0006 | fromIntegral: conversion error | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0003 | process: command injection via argument list on Windows | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0002 | out-of-bounds write when there are many bzip2 selectors | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0001 | Reflected XSS vulnerability in keter | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0015 | cabal-install uses expired key policies | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0014 | Arbitrary file write is possible when using PDF output or --extract-media with untrusted input | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0013 | git-annex plaintext storage of embedded credentials on encrypted remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0012 | git-annex checksum exposure to encrypted special remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0011 | git-annex GPG decryption attack via compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0010 | git-annex private data exfiltration to compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0009 | git-annex command injection via malicious SSH hostname | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0008 | Stored XSS in hledger-web | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0007 | readFloat: memory exhaustion with large exponent | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0006 | x509-validation does not enforce pathLenConstraint | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0005 | tls-extra: certificate validation does not check Basic Constraints | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0004 | xml-conduit unbounded entity expansion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0003 | code injection in xmonad-contrib | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0002 | Improper Verification of Cryptographic Signature | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0001 | Hash flooding vulnerability in aeson | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |