Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-47770 |
8.6 (4.0)
8.8 (3.1)
|
OpenPLC 3 - Remote Code Execution |
Autonomy |
OpenPLC |
2026-01-21T17:27:32.000Z | 2026-01-22T16:23:03.426Z |
| CVE-2021-47748 |
9.3 (4.0)
9.8 (3.1)
|
Hasura GraphQL 1.3.3 - Remote Code Execution |
Hasura |
GraphQL |
2026-01-21T17:27:31.545Z | 2026-01-22T16:22:23.413Z |
| CVE-2021-47746 |
8.6 (4.0)
7.5 (3.1)
|
NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write |
NodeBB |
NodeBB Plugin Emoji |
2026-01-21T17:27:31.014Z | 2026-01-22T16:21:42.322Z |
| CVE-2025-64097 |
9.5 (4.0)
|
NervesHub has Insufficient Token Entropy that Allows A… |
nerves-hub |
nerves_hub_web |
2026-01-22T14:57:00.362Z | 2026-01-22T16:16:06.007Z |
| CVE-2026-1328 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Totolink NR1800X POST Request cstecgi.cgi setWizardCfg… |
Totolink |
NR1800X |
2026-01-22T14:32:13.191Z | 2026-01-22T16:14:48.638Z |
| CVE-2025-69821 |
7.4 (3.1)
|
An issue in Beat XP VEGA Smartwatch (Firmware Ver… |
n/a |
n/a |
2026-01-22T00:00:00.000Z | 2026-01-22T16:12:50.212Z |
| CVE-2025-69822 |
7.4 (3.1)
|
An issue in Atomberg Atomberg Erica Smart Fan Fir… |
n/a |
n/a |
2026-01-22T00:00:00.000Z | 2026-01-22T16:09:34.142Z |
| CVE-2026-23967 |
7.5 (3.1)
|
sm-crypto Affected by Signature Malleability in SM2-DSA |
JuneAndGreen |
sm-crypto |
2026-01-22T01:59:30.555Z | 2026-01-22T16:03:58.987Z |
| CVE-2025-69764 |
9.8 (3.1)
|
Tenda AX3 firmware v16.03.12.11 contains a stack-… |
n/a |
n/a |
2026-01-22T00:00:00.000Z | 2026-01-22T16:00:37.796Z |
| CVE-2025-15530 |
6.9 (4.0)
5.3 (3.1)
5.3 (3.0)
|
Open5GS s11-handler.c assertion |
n/a |
Open5GS |
2026-01-17T11:02:06.505Z | 2026-01-22T15:59:49.318Z |
| CVE-2026-24009 |
8.1 (3.1)
|
Docling Core vulnerable to Remote Code Execution via u… |
docling-project |
docling-core |
2026-01-22T15:04:52.745Z | 2026-01-22T15:59:19.883Z |
| CVE-2026-23965 |
7.5 (3.1)
|
sm-crypto Affected by Signature Forgery in SM2-DSA |
JuneAndGreen |
sm-crypto |
2026-01-22T02:05:43.426Z | 2026-01-22T15:58:10.585Z |
| CVE-2025-69763 |
9.8 (3.1)
|
Tenda AX3 firmware v16.03.12.11 contains a stack … |
n/a |
n/a |
2026-01-21T00:00:00.000Z | 2026-01-22T15:55:24.447Z |
| CVE-2021-47830 |
5.1 (4.0)
|
GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF |
GetSimple CMS |
My SMTP Contact Plugin |
2026-01-21T17:27:34.157Z | 2026-01-22T15:54:36.412Z |
| CVE-2021-47846 |
8.8 (4.0)
8.2 (3.1)
|
Digital Crime Report Management System 1.0 - SQL Injection |
I Want Source Codes |
Digital Crime Report Management System |
2026-01-21T17:27:34.674Z | 2026-01-22T15:53:32.751Z |
| CVE-2021-47848 |
8.8 (4.0)
8.2 (3.1)
|
Blitar Tourism 1.0 - Authentication Bypass SQLi |
satndy |
Aplikasi-Biro-Travel |
2026-01-21T17:27:35.197Z | 2026-01-22T15:52:57.546Z |
| CVE-2021-47849 |
8.7 (4.0)
6.2 (3.1)
|
Mini Mouse 9.3.0 - Local File inclusion / Path Traversal |
Yodinfo |
Mini Mouse |
2026-01-21T17:27:35.714Z | 2026-01-22T15:51:58.114Z |
| CVE-2025-13888 |
9.1 (3.1)
|
Openshift-gitops-operator: openshift gitops: namespace… |
redhat-developer |
gitops-operator |
2025-12-15T15:36:49.274Z | 2026-01-22T15:50:50.274Z |
| CVE-2025-69762 |
9.8 (3.1)
|
Tenda AX3 firmware v16.03.12.11 contains a stack … |
n/a |
n/a |
2026-01-21T00:00:00.000Z | 2026-01-22T15:50:36.774Z |
| CVE-2026-23966 |
9.1 (3.1)
|
sm-crypto Affected by Private Key Recovery in SM2-PKE |
JuneAndGreen |
sm-crypto |
2026-01-22T02:06:54.003Z | 2026-01-22T15:49:07.259Z |
| CVE-2021-47850 |
8.7 (4.0)
7.5 (3.1)
|
Mini Mouse 9.2.0 - Path Traversal |
Yodinfo |
Mini Mouse |
2026-01-21T17:27:36.189Z | 2026-01-22T15:46:05.970Z |
| CVE-2025-32056 |
4 (3.1)
|
Anti-Theft Bypass for Infotainment ECU |
Bosch |
Infotainment system ECU |
2026-01-22T15:21:21.945Z | 2026-01-22T15:44:40.651Z |
| CVE-2025-32057 |
6.5 (3.1)
|
Misconfigured SSL/TLS communication of Redbend service… |
Bosch |
Infotainment system ECU |
2026-01-22T15:22:21.626Z | 2026-01-22T15:43:11.681Z |
| CVE-2024-2236 |
5.9 (3.1)
|
Libgcrypt: vulnerable to marvin attack |
|
|
2024-03-06T22:07:16.617Z | 2026-01-22T15:42:49.964Z |
| CVE-2023-41175 |
6.5 (3.1)
|
Libtiff: potential integer overflow in raw2tiff.c |
|
|
2023-10-05T18:55:26.876Z | 2026-01-22T15:42:35.970Z |
| CVE-2023-40745 |
6.5 (3.1)
|
Libtiff: integer overflow in tiffcp.c |
|
|
2023-10-05T18:55:26.192Z | 2026-01-22T15:42:32.593Z |
| CVE-2023-6277 |
6.5 (3.1)
|
Libtiff: out-of-memory in tiffopen via a craft file |
Red Hat |
Red Hat Enterprise Linux 6 |
2023-11-24T18:20:16.683Z | 2026-01-22T15:42:19.205Z |
| CVE-2021-47851 |
9.3 (4.0)
9.8 (3.1)
|
Mini Mouse 9.2.0 - Remote Code Execution |
Yodinfo |
Mini Mouse |
2026-01-21T17:27:36.666Z | 2026-01-22T15:42:13.487Z |
| CVE-2023-3576 |
5.5 (3.1)
|
Libtiff: memory leak in tiffcrop.c |
Red Hat |
Red Hat Enterprise Linux 9 |
2023-10-04T18:02:23.926Z | 2026-01-22T15:42:09.746Z |
| CVE-2025-70644 |
7.5 (3.1)
|
Tenda AX-1806 v1.0.0.1 was discovered to contain … |
n/a |
n/a |
2026-01-21T00:00:00.000Z | 2026-01-22T15:40:00.719Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-24795 |
5.1 (4.0)
|
An Out-of-bounds Write in CloverHackyColor/CloverBootloader |
CloverHackyColor |
CloverBootloader |
2026-01-27T08:23:47.447Z | 2026-01-27T21:38:51.796Z |
| CVE-2026-24794 |
9.2 (4.0)
|
Chunk Unloading Security Vulnerability in CardboardPow… |
CardboardPowered |
cardboard |
2026-01-27T08:21:22.643Z | 2026-01-27T21:39:21.583Z |
| CVE-2026-24686 |
4.7 (3.1)
|
go-tuf Path Traversal in TAP 4 Multirepo Client Allows… |
theupdateframework |
go-tuf |
2026-01-27T00:45:43.422Z | 2026-01-27T14:40:01.511Z |
| CVE-2026-24490 |
8.1 (3.1)
|
MobSF has Stored XSS via Manifest Analysis - Dialer Co… |
MobSF |
Mobile-Security-Framework-MobSF |
2026-01-27T00:40:36.483Z | 2026-01-27T14:43:35.345Z |
| CVE-2026-24489 |
5.3 (3.1)
|
Gakido vulnerable to HTTP Header Injection (CRLF Injection) |
HappyHackingSpace |
gakido |
2026-01-27T00:36:34.230Z | 2026-01-27T14:46:42.530Z |
| CVE-2026-24486 |
8.6 (3.1)
|
Python-Multipart has Arbitrary File Write via Non-Defa… |
Kludex |
python-multipart |
2026-01-27T00:34:06.229Z | 2026-01-27T20:51:06.407Z |
| CVE-2026-24480 |
8.7 (4.0)
|
QGIS had validated RCE and Repository Takeover via Git… |
qgis |
QGIS |
2026-01-27T00:32:04.725Z | 2026-01-27T20:54:42.308Z |
| CVE-2026-24479 |
9.3 (4.0)
|
HUSTOJ has Arbitrary File Write (Zip Slip) in Problem … |
zhblue |
hustoj |
2026-01-27T00:43:42.799Z | 2026-01-27T14:42:04.040Z |
| CVE-2026-24476 |
5.3 (4.0)
|
Shaarli vulnerable to stored XSS via Suggested Tags |
shaarli |
Shaarli |
2026-01-26T22:26:59.886Z | 2026-01-27T15:20:27.830Z |
| CVE-2026-24470 |
8.1 (3.1)
|
Skipper Ingress Controller Allows Unauthorized Access … |
zalando |
skipper |
2026-01-26T22:23:43.325Z | 2026-01-27T14:51:35.229Z |
| CVE-2026-24408 |
0 (3.1)
|
sigstore has CSRF possibility in OIDC authentication d… |
sigstore |
sigstore-python |
2026-01-26T22:21:35.047Z | 2026-01-27T21:35:14.119Z |
| CVE-2026-24400 |
8.2 (4.0)
|
AssertJ has XML External Entity (XXE) vulnerability wh… |
assertj |
assertj |
2026-01-26T22:19:02.161Z | 2026-01-27T21:36:26.716Z |
| CVE-2026-24344 |
7.3 (4.0)
|
Multiple Buffer Overflows in EZCast Pro II Dongle |
EZCast |
EZCast Pro II |
2026-01-27T09:04:34.750Z | 2026-01-27T14:25:06.534Z |
| CVE-2026-24003 |
4.3 (3.1)
|
EvseV2G has sequence state validation bypass |
EVerest |
everest-core |
2026-01-26T22:12:47.914Z | 2026-01-27T21:37:27.245Z |
| CVE-2026-23864 |
7.5 (3.1)
|
Multiple denial of service vulnerabilities exist … |
Meta |
react-server-dom-webpack |
2026-01-26T19:16:38.250Z | 2026-01-26T20:26:45.709Z |
| CVE-2026-23683 |
4.3 (3.1)
|
Missing Authorization check in SAP Fiori App (Intercom… |
SAP_SE |
SAP Fiori App (Intercompany Balance Reconciliation) |
2026-01-27T00:22:13.153Z | 2026-01-28T04:55:17.259Z |
| CVE-2026-22709 |
9.8 (3.1)
|
vm2 has a Sandbox Escape |
patriksimek |
vm2 |
2026-01-26T21:32:00.215Z | 2026-01-27T21:42:27.920Z |
| CVE-2026-22696 |
9.3 (4.0)
|
dcap-qvl has Missing Verification for QE Identity |
Phala-Network |
dcap-qvl |
2026-01-26T21:28:41.284Z | 2026-01-27T21:43:00.366Z |
| CVE-2026-21721 |
8.1 (3.1)
|
Dashboard Permissions Scope Bypass Enables Cross‑Dashb… |
Grafana |
grafana/grafana |
2026-01-27T09:07:55.160Z | 2026-02-07T23:18:39.807Z |
| CVE-2026-21408 |
7.3 (3.0)
5.4 (4.0)
|
beat-access for Windows version 3.0.3 and prior c… |
FUJIFILM Business Innovation Corp. |
beat-access for Windows |
2026-01-27T05:08:20.229Z | 2026-01-27T20:50:14.682Z |
| CVE-2026-1484 |
4.2 (3.1)
|
Glib: integer overflow leading to buffer underflow and… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-27T13:41:54.223Z | 2026-02-03T20:02:21.846Z |
| CVE-2026-1465 |
8.7 (4.0)
|
A heap-based buffer over-read or buffer overflow in ti… |
anyrtcIO-Community |
anyRTC-RTMP-OpenSource |
2026-01-27T08:15:57.520Z | 2026-01-27T21:40:07.901Z |
| CVE-2026-1464 |
4.6 (4.0)
|
A possible integer overflow vulnerability in RawThera… |
MuntashirAkon |
AppManager |
2026-01-27T08:18:17.832Z | 2026-01-27T21:39:51.512Z |
| CVE-2026-1449 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Hisense TransTech Smart Bus Management System TireMng.… |
Hisense TransTech |
Smart Bus Management System |
2026-01-26T23:32:10.536Z | 2026-01-27T21:27:30.367Z |
| CVE-2026-1445 |
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
|
iJason-Liu Books_Manager upload_bookCover.php unrestri… |
iJason-Liu |
Books_Manager |
2026-01-26T22:02:05.762Z | 2026-01-27T21:38:38.532Z |
| CVE-2026-1444 |
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
|
iJason-Liu Books_Manager add_book_check.php cross site… |
iJason-Liu |
Books_Manager |
2026-01-26T21:32:05.930Z | 2026-01-27T21:41:33.130Z |
| CVE-2026-1361 |
7.8 (3.1)
|
ASDA-Soft Stack-based Buffer Overflow Vulnerability |
Delta Electronics |
ASDA-Soft |
2026-01-27T03:11:57.514Z | 2026-01-27T14:20:21.194Z |
| CVE-2026-1224 |
4.9 (3.1)
|
Tanium addressed an uncontrolled resource consumption … |
Tanium |
Discover |
2026-01-26T17:36:33.504Z | 2026-02-02T20:01:38.031Z |
| CVE-2026-1213 |
5.3 (4.0)
|
Askbot 0.12.2 - Insecure Direct Object Reference (IDOR) |
askbot |
askbot |
2026-01-27T14:04:18.274Z | 2026-01-27T20:48:18.851Z |
| CVE-2026-1190 |
3.1 (3.1)
|
Org.keycloak/keycloak-services: keycloak saml brokerin… |
Red Hat |
Red Hat Build of Keycloak |
2026-01-26T19:36:53.857Z | 2026-01-26T20:57:50.911Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-24470 | Skipper is an HTTP router and reverse proxy for service composition. Prior to version 0.24.0, when … | 2026-01-26T23:16:09.123 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-24408 | sigstore-python is a Python tool for generating and verifying Sigstore signatures. Prior to version… | 2026-01-26T23:16:08.973 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-24400 | AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine (JVM). Starting in… | 2026-01-26T23:16:08.803 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-24344 | Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause… | 2026-01-27T09:15:48.767 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-24003 | EVerest is an EV charging software stack. In versions up to and including 2025.12.1, it is possible… | 2026-01-26T22:15:56.513 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-23864 | Multiple denial of service vulnerabilities exist in React Server Components, affecting the followin… | 2026-01-26T20:16:16.773 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-23683 | SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks f… | 2026-01-27T01:16:01.813 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-22709 | vm2 is an open source vm/sandbox for Node.js. In vm2 prior to version 3.10.2, `Promise.prototype.th… | 2026-01-26T22:15:55.890 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-22696 | dcap-qvl implements the quote verification logic for DCAP (Data Center Attestation Primitives). A v… | 2026-01-26T22:15:55.733 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-21721 | The dashboard permissions API does not verify the target dashboard scope and only checks the dashbo… | 2026-01-27T09:15:48.640 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-21408 | beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which m… | 2026-01-27T06:15:59.583 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1484 | A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to … | 2026-01-27T14:15:56.050 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1465 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in anyrtcIO-C… | 2026-01-27T09:15:48.330 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1464 | Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager (app/src/main/java/org/apa… | 2026-01-27T09:15:48.080 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1449 | A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is … | 2026-01-27T00:15:50.790 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1445 | A vulnerability was found in iJason-Liu Books_Manager up to 298ba736387ca37810466349af13a0fdf828e99… | 2026-01-26T22:15:54.607 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1444 | A vulnerability has been found in iJason-Liu Books_Manager up to 298ba736387ca37810466349af13a0fdf8… | 2026-01-26T22:15:54.377 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1361 | ASDA-Soft Stack-based Buffer Overflow Vulnerability | 2026-01-27T04:16:03.580 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1224 | Tanium addressed an uncontrolled resource consumption vulnerability in Discover. | 2026-01-26T18:16:28.850 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1213 | All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user… | 2026-01-27T14:15:55.887 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-1190 | A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a clien… | 2026-01-26T20:16:09.813 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-0925 | Tanium addressed an improper input validation vulnerability in Discover. | 2026-01-26T18:16:28.457 | 2026-01-27T14:59:34.073 |
| fkie_cve-2026-0810 | A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings … | 2026-01-26T20:16:09.600 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-9820 | A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function tha… | 2026-01-26T20:16:09.370 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-9615 | A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belo… | 2026-01-26T20:16:09.207 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-9522 | Blind Server-Side Request Forgery (SSRF) in Omada Controllers through webhook functionality, enabli… | 2026-01-26T20:16:09.070 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-9521 | Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid … | 2026-01-26T20:16:08.927 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-9520 | An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permis… | 2026-01-26T20:16:08.770 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-71178 | Crucial Storage Executive installer versions prior to 11.08.082025.00 contain a DLL preloading vuln… | 2026-01-26T18:16:28.103 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-70982 | Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low… | 2026-01-26T17:16:11.943 | 2026-01-27T14:59:34.073 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-g3rf-97c9-wqv8 |
4.2 (3.1)
|
Vulnerability in the Oracle Planning and Budgeting Cloud Service product of Oracle Hyperion (compon… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-frv5-jjr8-238f |
5.8 (3.1)
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Driver). The supported … | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-fj76-ww29-89p7 |
6.5 (3.1)
|
Vulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences Applic… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-f8c6-q94w-2f64 |
6.1 (3.1)
|
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Por… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-f4hj-p58g-9m5p |
5.8 (3.1)
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Driver). The supported … | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-9v9c-vvj8-53qg |
8.5 (4.0)
|
Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended End… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-9fv6-v649-fp9h |
5.4 (3.1)
|
Vulnerability in the Oracle Utilities Application Framework product of Oracle Utilities Application… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-9259-996q-pvq8 |
6.9 (4.0)
|
Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Mil… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-8rqc-9qph-j7v9 |
4.9 (3.1)
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported vers… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-8prm-7g9f-q54x |
7.2 (4.0)
|
Use of a Broken or Risky Cryptographic Algorithm (DES) vulnerability in the Password class in C2S… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-833x-x4qj-r9cv |
4.9 (3.1)
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supporte… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-6hm3-9gpx-9f63 |
5.3 (3.1)
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported v… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-6684-47x9-759j |
5.0 (3.1)
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystems). Supported … | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-5rm3-299f-6m9v |
6.1 (3.1)
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition prod… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-5mc7-p6pj-r3f5 |
5.9 (4.0)
|
User-controlled header names and values containing newlines can allow injecting HTTP headers. | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-4f9w-qx2j-3j6q |
5.4 (3.1)
|
Vulnerability in the Oracle APEX Sample Applications product of Oracle APEX (component: Brookstrut … | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-4c67-8q63-xrxq |
5.9 (4.0)
|
The imaplib module, when passed a user-controlled command, can have additional commands injected us… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-34rv-96cq-9vvh |
7.0 (3.1)
|
Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affect… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-242j-c957-58gr |
5.3 (3.1)
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported … | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-jq9g-gj4g-q8w7 |
9.8 (3.1)
|
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attac… | 2026-01-20T06:30:26Z | 2026-01-21T00:31:41Z |
| ghsa-w2pg-hw7v-f7m9 |
7.5 (3.1)
|
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash … | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-q3r6-8php-frm2 |
6.1 (3.1)
|
HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the `ba… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-pm9v-wcw9-xgpv |
2.8 (3.1)
|
A flaw in Node.js's permission model allows a file's access and modification timestamps to be chang… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-ggxc-26fx-987r |
5.9 (3.1)
|
A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-cr56-64wj-q2r7 |
2.7 (3.1)
|
HackerOne community member Faraz Ahmed (PakCyberbot) has reported a format string injection in the … | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-c9rv-m5vg-q72h |
6.1 (3.1)
|
HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the ban… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-9jwr-p39p-hwg2 |
7.1 (3.1)
|
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are in… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-982f-qxrw-6prp |
6.1 (3.1)
|
HackerOne community member Huynh Pham Thanh Luc (nigh7c0r3) has reported a reflected XSS vulnerabil… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-7xhv-hcmf-4rfv |
5.8 (3.1)
|
A flaw in Node.js's permission model allows Unix Domain Socket (UDS) connections to bypass network … | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-52xj-vx8w-46qj |
5.9 (3.1)
|
We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors … | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-30972 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.290464Z |
| gsd-2024-30971 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.271152Z |
| gsd-2024-30970 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.064920Z |
| gsd-2024-3097 | The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unau… | 2024-04-03T05:02:29.928864Z |
| gsd-2024-30969 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.246126Z |
| gsd-2024-30968 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.292545Z |
| gsd-2024-30967 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.259011Z |
| gsd-2024-30966 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.306878Z |
| gsd-2024-30965 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability … | 2024-04-03T05:02:29.194026Z |
| gsd-2024-30964 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.160224Z |
| gsd-2024-30963 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.038330Z |
| gsd-2024-30962 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.349083Z |
| gsd-2024-30961 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.221106Z |
| gsd-2024-30960 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.169350Z |
| gsd-2024-3096 | In PHP version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a passwo… | 2024-04-03T05:02:29.926434Z |
| gsd-2024-30959 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.285246Z |
| gsd-2024-30958 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.065535Z |
| gsd-2024-30957 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.211154Z |
| gsd-2024-30956 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.338071Z |
| gsd-2024-30955 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.129691Z |
| gsd-2024-30954 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.307092Z |
| gsd-2024-30953 | A stored cross-site scripting (XSS) vulnerability in Htmly v2.9.5 allows attackers to exe… | 2024-04-03T05:02:29.146333Z |
| gsd-2024-30952 | A stored cross-site scripting (XSS) vulnerability in PESCMS-TEAM v2.3.6 allows attackers … | 2024-04-03T05:02:29.052820Z |
| gsd-2024-30951 | FUDforum v3.1.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerab… | 2024-04-03T05:02:29.336540Z |
| gsd-2024-30950 | A stored cross-site scripting (XSS) vulnerability in FUDforum v3.1.3 allows attackers to … | 2024-04-03T05:02:29.116159Z |
| gsd-2024-3095 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.964152Z |
| gsd-2024-30949 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.146731Z |
| gsd-2024-30948 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.352787Z |
| gsd-2024-30947 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.303198Z |
| gsd-2024-30946 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability … | 2024-04-03T05:02:29.127814Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| MAL-2025-192469 | Malicious code in elf-stats (npm) | 2025-12-11T19:46:09Z | 2025-12-19T09:25:43Z |
| MAL-2025-192449 | Malicious code in elf-stats-sugarplum-mitten-141 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| MAL-2025-192448 | Malicious code in elf-stats-sparkly-snowglobe-243 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| MAL-2025-192447 | Malicious code in elf-stats-snowy-toolkit-186 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| MAL-2025-192446 | Malicious code in elf-stats-silvered-wishlist-243 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| MAL-2025-192445 | Malicious code in elf-stats-silvered-mailbag-755 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| MAL-2025-192444 | Malicious code in elf-stats-merry-icicle-449 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| MAL-2025-192443 | Malicious code in elf-stats-jolly-hammer-980 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| MAL-2025-192442 | Malicious code in elf-stats-ember-stockpile-448 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| MAL-2025-192441 | Malicious code in elf-stats-cosy-garland-592 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| MAL-2025-192440 | Malicious code in elf-stats-candystriped-snowglobe-426 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-0000-kam193-3fabc78b2d6a644c | Malicious code in connections-api-hidden-runner (PyPI) | 2025-12-19T08:23:35Z | 2025-12-19T08:23:35Z |
| MAL-0000-KAM193-3FABC78B2D6A644C | Malicious code in connections-api-hidden-runner (PyPI) | 2025-12-19T08:23:35Z | 2025-12-19T08:23:35Z |
| mal-0000-kam193-b35338995e5b550a | Malicious code in hidden-powershell-runner-ax7 (PyPI) | 2025-12-19T08:23:06Z | 2025-12-19T08:23:06Z |
| MAL-0000-KAM193-B35338995E5B550A | Malicious code in hidden-powershell-runner-ax7 (PyPI) | 2025-12-19T08:23:06Z | 2025-12-19T08:23:06Z |
| mal-2025-192609 | Malicious code in f5rest (PyPI) | 2025-12-18T19:50:55Z | 2025-12-18T19:50:55Z |
| MAL-2025-192609 | Malicious code in f5rest (PyPI) | 2025-12-18T19:50:55Z | 2025-12-18T19:50:55Z |
| mal-2025-192608 | Malicious code in f5-logger (PyPI) | 2025-12-18T19:50:28Z | 2025-12-18T19:50:28Z |
| MAL-2025-192608 | Malicious code in f5-logger (PyPI) | 2025-12-18T19:50:28Z | 2025-12-18T19:50:28Z |
| mal-2025-192607 | Malicious code in bigip (PyPI) | 2025-12-18T19:49:24Z | 2025-12-18T19:49:24Z |
| MAL-2025-192607 | Malicious code in bigip (PyPI) | 2025-12-18T19:49:24Z | 2025-12-18T19:49:24Z |
| mal-2025-192494 | Malicious code in elf-stats-ember-stocking-807 (npm) | 2025-12-11T19:46:09Z | 2025-12-18T06:26:30Z |
| MAL-2025-192494 | Malicious code in elf-stats-ember-stocking-807 (npm) | 2025-12-11T19:46:09Z | 2025-12-18T06:26:30Z |
| mal-2025-192605 | Malicious code in trondec (PyPI) | 2025-12-17T17:56:56Z | 2025-12-17T17:56:56Z |
| MAL-2025-192605 | Malicious code in trondec (PyPI) | 2025-12-17T17:56:56Z | 2025-12-17T17:56:56Z |
| mal-2025-192512 | Malicious code in elf-stats-marzipan-cocoa-977 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T09:26:26Z |
| mal-2025-192507 | Malicious code in elf-stats-holly-stocking-294 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T09:26:26Z |
| mal-2025-192502 | Malicious code in elf-stats-fuzzy-fireplace-615 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T09:26:26Z |
| mal-2025-192470 | Malicious code in elf-stats-aurora-sleigh-694 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T09:26:26Z |
| MAL-2025-192512 | Malicious code in elf-stats-marzipan-cocoa-977 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T09:26:26Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2023-3038 | Golang Go: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2023-11-30T23:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-2856 | Golang Go: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2023-11-07T23:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-2238 | Broadcom Brocade SANnav: Mehrere Schwachstellen | 2023-08-30T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-2146 | ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service | 2019-02-04T23:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-2144 | ImageMagick: Schwachstelle ermöglicht Codeausführung | 2019-03-24T23:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-1128 | OpenLDAP: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen | 2019-07-28T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-1126 | OpenLDAP: Schwachstelle ermöglicht Denial of Service | 2021-02-14T23:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-0966 | VMware Tanzu Spring Framework: Schwachstelle ermöglicht Denial of Service | 2023-04-13T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-0697 | VMware Tanzu Spring Framework: Mehrere Schwachstellen | 2023-03-20T23:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-0695 | PHP: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2023-03-20T23:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-0624 | ImageMagick: Schwachstelle ermöglicht Denial of Service | 2020-10-22T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-0622 | ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service | 2020-12-06T23:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-0620 | ImageMagick: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2021-05-16T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-0455 | OpenLDAP: Schwachstelle ermöglicht Manipulation von Dateien | 2022-05-04T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2022-2114 | PHP: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2021-01-06T23:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2022-1035 | VMware Tanzu Spring Framework: Schwachstelle ermöglicht Denial of Service | 2022-03-28T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2022-1013 | PostgreSQL: Schwachstelle ermöglicht Codeausführung | 2022-08-11T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2022-0590 | Apache Commons: Schwachstelle ermöglicht Codeausführung | 2022-07-06T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2024-3160 | Checkmk: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2024-10-13T22:00:00.000+00:00 | 2024-10-13T22:00:00.000+00:00 |
| wid-sec-w-2024-3159 | Google Chrome: Schwachstelle ermöglicht Codeausführung | 2024-10-13T22:00:00.000+00:00 | 2024-10-13T22:00:00.000+00:00 |
| wid-sec-w-2024-3158 | Progress Software Telerik Report Server: Mehrere Schwachstellen | 2024-10-13T22:00:00.000+00:00 | 2024-10-13T22:00:00.000+00:00 |
| wid-sec-w-2024-3156 | Irfan Skiljan IrfanView: Mehrere Schwachstellen ermöglichen Codeausführung | 2024-10-13T22:00:00.000+00:00 | 2024-10-13T22:00:00.000+00:00 |
| wid-sec-w-2024-3152 | Microsoft GitHub Enterprise: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-10-13T22:00:00.000+00:00 | 2024-10-13T22:00:00.000+00:00 |
| wid-sec-w-2024-3151 | Kemp LoadMaster: Schwachstelle ermöglicht Befehlsinjektion | 2024-10-10T22:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| wid-sec-w-2024-3149 | Hashicorp Vault: Schwachstelle ermöglicht Privilegieneskalation | 2024-10-10T22:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| wid-sec-w-2024-3145 | IBM Storage Scale: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2024-10-10T22:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| wid-sec-w-2024-3144 | Rockwell Automation ControlLogix: Schwachstelle ermöglicht Denial of Service | 2024-10-10T22:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| wid-sec-w-2024-3143 | Samsung Exynos: Schwachstelle ermöglicht Denial of Service | 2024-10-10T22:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| wid-sec-w-2024-3107 | Ivanti Endpoint Manager Mobile: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2024-10-08T22:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| wid-sec-w-2024-2198 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2024-09-22T22:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2013:0648 | Red Hat Security Advisory: jbossweb security update | 2013-03-14T16:40:00+00:00 | 2026-01-28T22:54:21+00:00 |
| rhsa-2013:0647 | Red Hat Security Advisory: jbossweb security update | 2013-03-14T16:46:00+00:00 | 2026-01-28T22:54:20+00:00 |
| rhsa-2013:0644 | Red Hat Security Advisory: apache-cxf security update | 2013-03-13T18:45:00+00:00 | 2026-01-28T22:54:20+00:00 |
| rhsa-2013:0642 | Red Hat Security Advisory: tomcat5 security update | 2013-03-12T17:56:00+00:00 | 2026-01-28T22:54:20+00:00 |
| rhsa-2013:0531 | Red Hat Security Advisory: java-1.6.0-sun security update | 2013-02-20T21:40:00+00:00 | 2026-01-28T22:54:20+00:00 |
| rhsa-2013:0641 | Red Hat Security Advisory: tomcat5 security update | 2013-03-12T17:55:00+00:00 | 2026-01-28T22:54:19+00:00 |
| rhsa-2013:0638 | Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.2 update | 2013-03-12T17:52:00+00:00 | 2026-01-28T22:54:19+00:00 |
| rhsa-2013:0548 | Red Hat Security Advisory: CloudForms Common 1.1.2 update | 2013-02-21T18:56:00+00:00 | 2026-01-28T22:54:19+00:00 |
| rhsa-2013:0623 | Red Hat Security Advisory: tomcat6 security update | 2013-03-11T18:14:00+00:00 | 2026-01-28T22:54:18+00:00 |
| rhsa-2013:0611 | Red Hat Security Advisory: ruby security update | 2013-03-07T18:50:00+00:00 | 2026-01-28T22:54:18+00:00 |
| rhsa-2013:0582 | Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.1 update | 2013-02-28T18:53:00+00:00 | 2026-01-28T22:54:18+00:00 |
| rhsa-2013:0266 | Red Hat Security Advisory: tomcat6 security update | 2013-02-19T20:31:00+00:00 | 2026-01-28T22:54:18+00:00 |
| rhsa-2013:0544 | Red Hat Security Advisory: Subscription Asset Manager 1.2 update | 2013-02-21T19:04:00+00:00 | 2026-01-28T22:54:17+00:00 |
| rhsa-2013:0533 | Red Hat Security Advisory: JBoss Enterprise SOA Platform 5.3.1 update | 2013-02-20T21:33:00+00:00 | 2026-01-28T22:54:17+00:00 |
| rhsa-2013:0532 | Red Hat Security Advisory: java-1.7.0-oracle security update | 2013-02-20T21:41:00+00:00 | 2026-01-28T22:54:16+00:00 |
| rhsa-2013:0275 | Red Hat Security Advisory: java-1.7.0-openjdk security update | 2013-02-20T11:24:00+00:00 | 2026-01-28T22:54:16+00:00 |
| rhsa-2013:0274 | Red Hat Security Advisory: java-1.6.0-openjdk security update | 2013-02-20T11:06:00+00:00 | 2026-01-28T22:54:16+00:00 |
| rhsa-2013:0267 | Red Hat Security Advisory: tomcat7 security update | 2013-02-19T20:30:00+00:00 | 2026-01-28T22:54:16+00:00 |
| rhsa-2013:0273 | Red Hat Security Advisory: java-1.6.0-openjdk security update | 2013-02-20T10:45:00+00:00 | 2026-01-28T22:54:15+00:00 |
| rhsa-2013:0268 | Red Hat Security Advisory: tomcat7 security update | 2013-02-19T20:32:00+00:00 | 2026-01-28T22:54:15+00:00 |
| rhsa-2013:0265 | Red Hat Security Advisory: tomcat6 security update | 2013-02-19T20:29:00+00:00 | 2026-01-28T22:54:15+00:00 |
| rhsa-2013:0235 | Red Hat Security Advisory: jbossweb security update | 2013-02-04T23:36:00+00:00 | 2026-01-28T22:54:14+00:00 |
| rhsa-2013:0221 | Red Hat Security Advisory: JBoss Enterprise BRMS Platform 5.3.1 update | 2013-01-31T19:31:00+00:00 | 2026-01-28T22:54:14+00:00 |
| rhsa-2013:0220 | Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1 update | 2013-01-31T19:41:00+00:00 | 2026-01-28T22:54:14+00:00 |
| rhsa-2013:0207 | Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 security update | 2013-01-30T20:57:00+00:00 | 2026-01-28T22:54:14+00:00 |
| rhsa-2013:0206 | Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 security update | 2013-01-30T20:56:00+00:00 | 2026-01-28T22:54:14+00:00 |
| rhsa-2013:0193 | Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 update | 2013-01-24T18:31:00+00:00 | 2026-01-28T22:54:14+00:00 |
| rhsa-2013:0203 | Red Hat Security Advisory: rubygem-activesupport security update | 2013-01-29T05:00:00+00:00 | 2026-01-28T22:54:13+00:00 |
| rhsa-2013:0202 | Red Hat Security Advisory: rubygem-activesupport security update | 2013-01-28T23:10:00+00:00 | 2026-01-28T22:54:13+00:00 |
| rhsa-2013:0201 | Red Hat Security Advisory: rubygem-activesupport security update | 2013-01-28T23:07:00+00:00 | 2026-01-28T22:54:11+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-20180117-nx-os | Cisco NX-OS Software Pong Packet Denial of Service Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20180117-ntr | Cisco D9800 Network Transport Receiver OS Command Injection Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20180117-ise | Cisco Identity Services Engine DOM Cross-Site Scripting Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20180117-iess | Cisco IOS Software for Industrial Ethernet 4010 Series Switches Test Command Arbitrary Code Execution and Denial of Service Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20180117-esc | Cisco Elastic Services Controller Information Disclosure Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20180117-cps | Cisco Policy Suite Unauthenticated Information Disclosure Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20180117-cpi | Cisco Prime Infrastructure Privilege Escalation Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20180117-acpe | Cisco AnyConnect Profile Editor XML External Entity Injection Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20180117-300-500-smb2 | Cisco Small Business 300 and 500 Series Managed Switches HTTP Response Splitting Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20180117-300-500-smb1 | Cisco Small Business 300 and 500 Series Managed Switches Cross-Site Scripting Vulnerability | 2018-01-17T16:00:00+00:00 | 2018-01-17T16:00:00+00:00 |
| cisco-sa-20171129-nss | Cisco Nexus Series Switches CLI Command Injection Vulnerability | 2017-11-29T16:00:00+00:00 | 2018-01-11T18:32:00+00:00 |
| cisco-sa-20171129-fxnx | Cisco FXOS and NX-OS System Software CLI Command Injection Vulnerability | 2017-11-29T16:00:00+00:00 | 2018-01-11T18:32:00+00:00 |
| cisco-sa-20180110-ucm | Cisco Unified Communications Manager Cross-Site Scripting Vulnerability | 2018-01-10T16:00:00+00:00 | 2018-01-10T16:00:00+00:00 |
| cisco-sa-20180103-wnrp | Cisco WebEx Network Recording Player Buffer Overflow Vulnerability | 2018-01-03T16:00:00+00:00 | 2018-01-03T16:00:00+00:00 |
| cisco-sa-20180103-warfp | Cisco WebEx Advanced Recording Format Player Remote Code Execution Vulnerability | 2018-01-03T16:00:00+00:00 | 2018-01-03T16:00:00+00:00 |
| cisco-sa-20171129-nxos2 | Cisco NX-OS System Software Image Signature Bypass Vulnerability | 2017-11-29T16:00:00+00:00 | 2017-11-29T16:00:00+00:00 |
| cisco-sa-20171129-nxos1 | Cisco NX-OS System Software Patch Installation Arbitrary File Write Vulnerability | 2017-11-29T16:00:00+00:00 | 2017-11-29T16:00:00+00:00 |
| cisco-sa-20171129-nxos | Cisco NX-OS System Software Patch Signature Bypass Vulnerability | 2017-11-29T16:00:00+00:00 | 2017-11-29T16:00:00+00:00 |
| cisco-sa-20171129-ipp | Cisco IP Phone 8800 Series Denial of Service Vulnerability | 2017-11-29T16:00:00+00:00 | 2017-11-29T16:00:00+00:00 |
| cisco-sa-20171018-ccs | Cisco Cloud Services Platform 2100 Unauthorized Access Vulnerability | 2017-10-18T16:00:00+00:00 | 2017-10-18T16:00:00+00:00 |
| cisco-sa-20171004-asa | Cisco Adaptive Security Appliance Software Direct Authentication Denial of Service Vulnerability | 2017-10-04T16:00:00+00:00 | 2017-10-12T13:48:00+00:00 |
| cisco-sa-20170927-vpls | Cisco IOS Software for Cisco Catalyst 6800 Series Switches VPLS Denial of Service Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-restapi | Cisco IOS XE Software Web UI REST API Authentication Bypass Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-privesc | Cisco IOS XE Software Web UI Privilege Escalation Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-pnp | Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-lisp | Cisco IOS XE Software Locator/ID Separation Protocol Authentication Bypass Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-cc | Cisco IOS XE Software for Cisco ASR 1000 Series and cBR-8 Routers Line Card Console Access Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170727-ospf | Multiple Cisco Products OSPF LSA Manipulation Vulnerability | 2017-07-27T16:00:00+00:00 | 2017-08-03T14:07:00+00:00 |
| cisco-sa-20170705-cpn | Cisco Prime Network Information Disclosure Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-06T20:36:00+00:00 |
| cisco-sa-20170705-waas1 | Cisco Wide Area Application Services Central Manager Information Disclosure Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-26327 | An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations. | 2024-02-02T08:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2024-25629 | c-ares out of bounds read in ares__read_line() | 2024-02-02T08:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2024-2511 | Unbounded memory growth with session handling in TLSv1.3 | 2024-04-02T07:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2023-50711 | `serde` deserialization for `FamStructWrapper` lacks bound checks that could potentially lead to out-of-bounds memory access | 2024-01-01T08:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2023-45288 | HTTP/2 CONTINUATION flood in net/http | 2024-04-02T07:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2023-33461 | iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return. | 2023-06-01T07:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2022-40898 | An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. | 2022-12-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2022-32746 | A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes such as userAccountControl. | 2022-08-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2022-32149 | Denial of service via crafted Accept-Language header in golang.org/x/text/language | 2022-10-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2022-29526 | Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter the Faccessat function could incorrectly report that a file is accessible. | 2022-06-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-3672 | A flaw was found in c-ares library where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability. | 2021-11-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-28361 | An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected) the iSCSI target can crash with a NULL pointer dereference. | 2021-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-24032 | Beginning in v1.4.1 and prior to v1.4.9 due to an incomplete fix for CVE-2021-24031 the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties. | 2021-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-23336 | Web Cache Poisoning | 2021-02-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-20286 | A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service. | 2021-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-20277 | A flaw was found in Samba's libldb. Multiple consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. | 2021-05-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2020-27840 | A flaw was found in samba. Spaces used in a string around a domain name (DN) while supposed to be ignored can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory resulting in a crash. The highest threat from this vulnerability is to system availability. | 2021-05-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2020-22217 | Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. | 2023-08-01T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. | 2020-02-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2019-3833 | Openwsman versions up to and including 2.6.9 are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server. | 2019-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2019-3816 | Openwsman versions up to and including 2.6.9 are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. | 2019-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2019-20907 | In Lib/tarfile.py in Python through 3.8.3 an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open because _proc_pax lacks header validation. | 2020-07-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2017-18207 | The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions. | 2018-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2017-17522 | Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting | 2017-12-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2015-9251 | jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option causing text/javascript responses to be executed. | 2018-01-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2012-6708 | jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions jQuery only deems the input to be HTML if it explicitly starts with the '<' character limiting exploitability only to attackers who can control the beginning of a string which is far less common. | 2018-01-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2012-2677 | Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool | 2012-07-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2007-4559 | Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive a related issue to CVE-2001-1267. | 2007-08-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2025-32728 | In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. | 2025-04-02T00:00:00.000Z | 2025-05-23T00:00:00.000Z |
| msrc_cve-2025-47181 | Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability | 2025-05-13T07:00:00.000Z | 2025-05-22T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2024:12286-1 | MozillaFirefox-104.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12285-1 | corepack16-16.17.0-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12284-1 | minetest-5.6.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12283-1 | python310-azure-storage-blob-12.13.1-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12282-1 | grafana-8.5.10-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12281-1 | pdns-recursor-4.7.2-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12280-1 | corepack16-16.17.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12279-1 | freetype2-devel-2.12.1-3.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12278-1 | libtirpc-devel-1.3.3-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12277-1 | chromedriver-104.0.5112.101-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12276-1 | libredwg-devel-0.12.5-3.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12275-1 | gvim-9.0.0224-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12274-1 | spotifyd-0.3.3-9.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12273-1 | python-lxml-doc-4.9.1-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12272-1 | freeciv-3.0.3-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12271-1 | liblzma5-32bit-5.2.6-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12270-1 | rsync-3.2.5-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12269-1 | EternalTerminal-6.2.1-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12268-1 | libecpg6-14.5-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12267-1 | postgresql13-13.8-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12266-1 | postgresql12-12.12-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12265-1 | postgresql11-11.17-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12264-1 | postgresql10-10.22-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12263-1 | java-1_8_0-openj9-1.8.0.345-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12262-1 | java-17-openj9-17.0.4.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12261-1 | java-11-openj9-11.0.16.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12260-1 | grafana-8.3.10-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12259-1 | golang-github-prometheus-node_exporter-1.3.1-2.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12258-1 | libyajl-devel-2.1.0-6.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12257-1 | kernel-devel-5.19.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-gitlab-2022-1940 | 2024-03-06T11:15:46.972Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1936 | 2024-03-06T11:15:48.324Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1935 | 2024-03-06T11:15:49.678Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1821 | 2024-03-06T11:15:50.999Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1783 | 2024-03-06T11:15:52.301Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1680 | 2024-03-06T11:15:53.587Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1545 | 2024-03-06T11:15:54.901Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1510 | 2024-03-06T11:15:56.261Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1460 | 2024-03-06T11:15:57.540Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1433 | 2024-03-06T11:15:58.824Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1431 | 2024-03-06T11:16:00.095Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1428 | 2024-03-06T11:16:01.352Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1426 | 2024-03-06T11:16:02.593Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1423 | 2024-03-06T11:16:03.952Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1417 | 2024-03-06T11:16:05.259Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1416 | 2024-03-06T11:16:06.582Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1413 | 2024-03-06T11:16:07.926Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1406 | 2024-03-06T11:16:09.232Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1352 | 2024-03-06T11:16:10.678Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1193 | 2024-03-06T11:16:12.003Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1190 | 2024-03-06T11:16:13.356Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1189 | 2024-03-06T11:16:14.701Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1188 | 2024-03-06T11:16:16.032Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1185 | 2024-03-06T11:16:17.437Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1175 | 2024-03-06T11:16:18.710Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1174 | 2024-03-06T11:16:20.087Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1162 | 2024-03-06T11:16:21.468Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1157 | 2024-03-06T11:16:22.823Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1148 | 2024-03-06T11:16:24.187Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1124 | 2024-03-06T11:16:25.583Z | 2025-04-03T14:40:37.652Z |
| ID | Description | Updated |
|---|---|---|
| var-202312-0469 | Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function … | 2024-01-18T22:52:33.011000Z |
| var-202311-0502 | This privilege escalation vulnerability, if exploited, cloud allow a local OS-authentica… | 2024-01-18T22:52:33.993000Z |
| var-202312-0490 | In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function o… | 2024-01-18T22:52:32.988000Z |
| var-202312-2012 | TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorr… | 2024-01-18T22:52:31.749000Z |
| var-202307-0210 | An OS command injection vulnerability exists in the ys_thirdparty user_delete functionali… | 2024-01-18T22:50:51.279000Z |
| var-202311-2304 | Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId paramete… | 2024-01-18T22:50:49.208000Z |
| var-202312-0888 | Memory corruption in Graphics Linux while assigning shared virtual memory region during I… | 2024-01-18T22:50:48.680000Z |
| var-202312-0470 | Tenda AX9 V22.03.01.46 is vulnerable to command injection. Shenzhen Tenda Technology Co.,… | 2024-01-18T22:50:48.831000Z |
| var-202312-1919 | Memory corruption while using the UIM diag command to get the operators name. 315 5g iot … | 2024-01-18T22:50:47.716000Z |
| var-200912-0340 | Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configura… | 2024-01-18T22:49:38.783000Z |
| var-202312-1228 | Memory corruption in MPP performance while accessing DSM watermark using external memory … | 2024-01-18T22:49:20.239000Z |
| var-202312-0600 | A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When usin… | 2024-01-18T22:49:20.551000Z |
| var-202312-0453 | Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function … | 2024-01-18T22:49:20.636000Z |
| var-202312-0369 | There is a SQL injection vulnerability in some ZTE mobile internet products. Due to ins… | 2024-01-18T22:49:20.702000Z |
| var-202401-0720 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the f… | 2024-01-18T22:49:18.867000Z |
| var-202401-0657 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the… | 2024-01-18T22:49:18.918000Z |
| var-201401-0373 | Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x befo… | 2024-01-18T22:48:23.885000Z |
| var-202307-0252 | A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR3… | 2024-01-18T22:48:10.720000Z |
| var-202312-0479 | Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability … | 2024-01-18T22:48:08.234000Z |
| var-202311-1679 | When Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file an out o… | 2024-01-18T22:47:10.218000Z |
| var-202311-1678 | Stack-based buffer overflow may occur when Fuji Electric Tellus Lite V-Simulator parses a… | 2024-01-18T22:47:10.285000Z |
| var-202311-1677 | A user with a standard account in Fuji Electric Tellus Lite may overwrite files in the sy… | 2024-01-18T22:47:10.256000Z |
| var-202312-0421 | Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability … | 2024-01-18T22:47:09.692000Z |
| var-202312-1807 | Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter… | 2024-01-18T22:47:05.413000Z |
| var-202401-0687 | FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory T… | 2024-01-18T22:47:04.441000Z |
| var-202307-0255 | An OS command injection vulnerability exists in the ys_thirdparty check_system_user funct… | 2024-01-18T22:45:29.658000Z |
| var-202307-0211 | A directory traversal vulnerability exists in the luci2-io file-export mib functionality … | 2024-01-18T22:45:29.714000Z |
| var-202312-0446 | Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability … | 2024-01-18T22:45:27.096000Z |
| var-202312-0404 | Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function … | 2024-01-18T22:45:27.132000Z |
| var-202312-2483 | Moonlight-common-c contains the core GameStream client code shared between Moonlight clie… | 2024-01-18T22:45:26.170000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2024:3805-1 | Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4) | 2024-10-30T13:33:56Z | 2024-10-30T13:33:56Z |
| suse-su-2024:3804-1 | Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3) | 2024-10-30T13:33:48Z | 2024-10-30T13:33:48Z |
| suse-su-2024:3803-1 | Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2) | 2024-10-30T13:33:39Z | 2024-10-30T13:33:39Z |
| suse-su-2024:3802-1 | Security update for java-11-openjdk | 2024-10-30T13:28:32Z | 2024-10-30T13:28:32Z |
| suse-su-2024:3800-1 | Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP2) | 2024-10-30T12:03:59Z | 2024-10-30T12:03:59Z |
| suse-su-2024:3799-1 | Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP4) | 2024-10-30T11:33:51Z | 2024-10-30T11:33:51Z |
| suse-su-2024:3798-1 | Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) | 2024-10-30T11:33:44Z | 2024-10-30T11:33:44Z |
| suse-su-2024:3797-1 | Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP3) | 2024-10-30T11:04:15Z | 2024-10-30T11:04:15Z |
| suse-su-2024:3796-1 | Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2) | 2024-10-30T11:04:07Z | 2024-10-30T11:04:07Z |
| suse-su-2024:3794-1 | Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP2) | 2024-10-30T11:03:51Z | 2024-10-30T11:03:51Z |
| suse-su-2024:3793-1 | Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) | 2024-10-30T09:04:16Z | 2024-10-30T09:04:16Z |
| suse-su-2024:3790-1 | Security update for xwayland | 2024-10-30T08:19:38Z | 2024-10-30T08:19:38Z |
| suse-su-2024:3789-1 | Security update for xwayland | 2024-10-30T08:19:22Z | 2024-10-30T08:19:22Z |
| suse-su-2024:3788-1 | Security update for xorg-x11-server | 2024-10-30T08:19:05Z | 2024-10-30T08:19:05Z |
| suse-su-2024:3787-1 | Security update for xorg-x11-server | 2024-10-30T08:18:42Z | 2024-10-30T08:18:42Z |
| suse-su-2024:3786-1 | Security update for xorg-x11-server | 2024-10-30T08:18:26Z | 2024-10-30T08:18:26Z |
| suse-su-2024:3785-1 | Security update for pcp | 2024-10-30T07:56:17Z | 2024-10-30T07:56:17Z |
| suse-su-2024:3783-1 | Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) | 2024-10-30T04:33:43Z | 2024-10-30T04:33:43Z |
| suse-su-2024:3782-1 | Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2) | 2024-10-30T03:33:38Z | 2024-10-30T03:33:38Z |
| suse-su-2024:3780-1 | Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4) | 2024-10-29T20:48:10Z | 2024-10-29T20:48:10Z |
| suse-su-2024:3779-1 | Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) | 2024-10-29T19:03:46Z | 2024-10-29T19:03:46Z |
| suse-su-2024:3777-1 | Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4) | 2024-10-29T17:03:51Z | 2024-10-29T17:03:51Z |
| suse-su-2024:3775-1 | Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6) | 2024-10-29T16:03:49Z | 2024-10-29T16:03:49Z |
| suse-su-2024:3774-1 | Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) | 2024-10-29T15:03:59Z | 2024-10-29T15:03:59Z |
| suse-su-2024:3773-1 | Security update for go1.23-openssl | 2024-10-29T13:54:31Z | 2024-10-29T13:54:31Z |
| suse-su-2024:3772-1 | Security update for go1.22-openssl | 2024-10-29T13:54:03Z | 2024-10-29T13:54:03Z |
| suse-su-2024:3771-1 | Security update for pgadmin4 | 2024-10-29T12:55:34Z | 2024-10-29T12:55:34Z |
| suse-su-2024:3770-1 | Security update for libgsf | 2024-10-29T12:55:13Z | 2024-10-29T12:55:13Z |
| suse-su-2024:3768-1 | Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP2) | 2024-10-29T06:03:42Z | 2024-10-29T06:03:42Z |
| suse-su-2024:3767-1 | Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP2) | 2024-10-29T04:33:35Z | 2024-10-29T04:33:35Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-22262 | Huawei HarmonyOS virtualization file模块路径遍历漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22261 | Huawei HarmonyOS NearLink协议栈SSAP模块越界读取漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22259 | Huawei HarmonyOS distributed notification service内存错误引用漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22258 | Huawei HarmonyOS audio codec模块越界访问漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22257 | Huawei HarmonyOS ArkWeb组件认证管理类漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22256 | Huawei HarmonyOS audio codec模块数组索引验证不当漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22255 | Huawei HarmonyOS virtualization base模块竞争条件漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22254 | Huawei HarmonyOS multimodalinput模块非预期注入事件漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22253 | Huawei HarmonyOS kernel hufs模块竞争条件漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22252 | Huawei HarmonyOS ability模块不可信数据反序列化漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22251 | Huawei HarmonyOS card management模块迭代器失效漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22250 | Huawei HarmonyOS wantagent模块迭代器失效漏洞 | 2025-08-18 | 2025-09-22 |
| cnvd-2025-22249 | PDF-XChange Editor越界读取漏洞(CNVD-2025-22249) | 2025-03-28 | 2025-09-22 |
| cnvd-2025-22248 | PDF-XChange Editor越界写入漏洞(CNVD-2025-22248) | 2025-06-27 | 2025-09-22 |
| cnvd-2025-22319 | Wavlink WL-WN578W2授权问题漏洞 | 2025-09-16 | 2025-09-19 |
| cnvd-2025-22318 | Wavlink WL-WN578W2访问控制错误漏洞 | 2025-09-16 | 2025-09-19 |
| cnvd-2025-22105 | Art Gallery Management System changeimage3.php文件SQL注入漏洞 | 2025-06-27 | 2025-09-19 |
| cnvd-2025-22104 | Art Gallery Management System changeimage2.php文件SQL注入漏洞 | 2025-06-27 | 2025-09-19 |
| cnvd-2025-22103 | Art Gallery Management System changeimage1.php文件SQL注入漏洞 | 2025-06-27 | 2025-09-19 |
| cnvd-2025-22102 | Art Gallery Management System changeimage.php文件SQL注入漏洞 | 2025-06-27 | 2025-09-19 |
| cnvd-2025-22101 | Art Gallery Management System add-artist.php文件SQL注入漏洞 | 2025-06-27 | 2025-09-19 |
| cnvd-2025-22100 | ChanCMS服务端请求伪造漏洞 | 2025-09-12 | 2025-09-19 |
| cnvd-2025-22099 | Wavlink WL-WN578W2 sub_409184命令注入漏洞 | 2025-09-16 | 2025-09-19 |
| cnvd-2025-22098 | Wavlink WL-WN578W2 sub_404DBC函数操作系统命令注入漏洞 | 2025-09-16 | 2025-09-19 |
| cnvd-2025-22097 | Wavlink WL-WN578W2 sub_404850函数操作系统命令注入漏洞 | 2025-09-16 | 2025-09-19 |
| cnvd-2025-22096 | Wavlink WL-WN578W2 sub_401C5C函数命令注入漏洞 | 2025-09-16 | 2025-09-19 |
| cnvd-2025-22095 | Wavlink WL-WN578W2 sub_401340函数命令注入漏洞 | 2025-09-16 | 2025-09-19 |
| cnvd-2025-22094 | Gazelle跨站脚本漏洞 | 2025-09-16 | 2025-09-19 |
| cnvd-2025-22093 | Kubernetes信任管理问题漏洞 | 2025-09-18 | 2025-09-19 |
| cnvd-2025-22092 | JeeWMS跨站脚本漏洞 | 2025-09-18 | 2025-09-19 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTFR-2024-AVI-0310 | Vulnérabilité dans les produits Juniper | 2024-04-16T00:00:00.000000 | 2024-04-16T00:00:00.000000 |
| CERTFR-2024-AVI-0309 | Vulnérabilité dans Stormshield Network Security | 2024-04-16T00:00:00.000000 | 2024-04-16T00:00:00.000000 |
| certfr-2024-avi-0308 | Vulnérabilité dans Stormshield Network Security | 2024-04-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-avi-0307 | Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-avi-0306 | Multiples vulnérabilités dans Microsoft Edge | 2024-04-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| CERTFR-2024-AVI-0308 | Vulnérabilité dans Stormshield Network Security | 2024-04-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| CERTFR-2024-AVI-0307 | Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| CERTFR-2024-AVI-0306 | Multiples vulnérabilités dans Microsoft Edge | 2024-04-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-avi-0305 | Multiples vulnérabilités dans les produits IBM | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0304 | Multiples vulnérabilités dans Debian LTS buster | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0303 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0302 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0301 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0300 | Multiples vulnérabilités dans PHP | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0283 | Multiples vulnérabilités dans les produits SAP | 2024-04-09T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| CERTFR-2024-AVI-0305 | Multiples vulnérabilités dans les produits IBM | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| CERTFR-2024-AVI-0304 | Multiples vulnérabilités dans Debian LTS buster | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| CERTFR-2024-AVI-0303 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| CERTFR-2024-AVI-0302 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| CERTFR-2024-AVI-0301 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| CERTFR-2024-AVI-0300 | Multiples vulnérabilités dans PHP | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| CERTFR-2024-AVI-0283 | Multiples vulnérabilités dans les produits SAP | 2024-04-09T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0299 | Multiples vulnérabilités dans les produits Citrix | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0298 | Vulnérabilité dans Spring Framework | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0297 | Multiples vulnérabilités dans Juniper | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0296 | Multiples vulnérabilités dans GitLab | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0295 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0294 | Multiples vulnérabilités dans Google Chrome | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0293 | Multiples vulnérabilités dans Mitel MiCollab | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| CERTFR-2024-AVI-0299 | Multiples vulnérabilités dans les produits Citrix | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |