Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-68141 |
7.4 (3.1)
|
EVerest vulnerable to null pointer dereference during … |
EVerest |
everest-core |
2026-01-21T19:56:14.482Z | 2026-01-22T16:50:38.843Z |
| CVE-2026-22807 |
8.8 (3.1)
|
vLLM affected by RCE via auto_map dynamic module loadi… |
vllm-project |
vllm |
2026-01-21T21:13:11.894Z | 2026-01-22T16:50:33.696Z |
| CVE-2026-22808 |
5.5 (4.0)
|
Fleet Windows MDM endpoint has a Cross-site Scripting … |
fleetdm |
fleet |
2026-01-21T21:18:26.283Z | 2026-01-22T16:50:28.717Z |
| CVE-2026-22822 |
9.3 (4.0)
|
External Secrets Operator insecurely retrieves secrets… |
external-secrets |
external-secrets |
2026-01-21T21:22:05.249Z | 2026-01-22T16:50:23.708Z |
| CVE-2026-22849 |
7.2 (4.0)
|
Saleor lacks proper HTML sanitization in rich text fields |
saleor |
saleor |
2026-01-21T21:31:14.664Z | 2026-01-22T16:50:18.828Z |
| CVE-2026-23499 |
8.5 (4.0)
|
Saleor vulnerable to stored XSS via Unrestricted File Upload |
saleor |
saleor |
2026-01-21T21:36:19.702Z | 2026-01-22T16:50:13.686Z |
| CVE-2026-23517 |
6.3 (4.0)
|
Fleet has an Access Control vulnerability in debug/ppr… |
fleetdm |
fleet |
2026-01-21T21:45:34.561Z | 2026-01-22T16:49:56.246Z |
| CVE-2026-23518 |
9.3 (4.0)
|
Fleet has a JWT signature bypass vulnerability in Azur… |
fleetdm |
fleet |
2026-01-21T21:50:47.998Z | 2026-01-22T16:49:50.477Z |
| CVE-2026-23960 |
7.3 (4.0)
|
Argo Workflows affected by stored XSS in the artifact … |
argoproj |
argo-workflows |
2026-01-21T22:02:50.491Z | 2026-01-22T16:49:43.075Z |
| CVE-2026-23524 |
9.8 (3.1)
|
Laravel Redis Horizontal Scaling Insecure Deserialization |
laravel |
reverb |
2026-01-21T22:07:55.682Z | 2026-01-22T16:49:37.182Z |
| CVE-2026-23968 |
6.8 (4.0)
|
Copier safe template has arbitrary filesystem read acc… |
copier-org |
copier |
2026-01-21T22:13:25.377Z | 2026-01-22T16:49:32.054Z |
| CVE-2026-23986 |
6.9 (4.0)
|
Copier safe template has arbitrary filesystem write ac… |
copier-org |
copier |
2026-01-21T22:20:37.720Z | 2026-01-22T16:49:26.426Z |
| CVE-2026-23990 |
5.3 (3.1)
|
Flux Operator Web UI Impersonation Bypass via Empty OI… |
controlplaneio-fluxcd |
flux-operator |
2026-01-21T22:25:57.025Z | 2026-01-22T16:49:21.454Z |
| CVE-2026-23996 |
3.7 (3.1)
|
FastAPI Api Key has a timing side-channel in verify_ke… |
Athroniaeth |
fastapi-api-key |
2026-01-21T22:29:24.107Z | 2026-01-22T16:49:16.733Z |
| CVE-2026-24046 |
7.1 (3.1)
|
Backstage has a Possible Symlink Path Traversal in Sca… |
backstage |
backstage |
2026-01-21T22:36:30.794Z | 2026-01-22T16:49:11.684Z |
| CVE-2026-24047 |
6.3 (3.1)
|
@backstage/cli-common has a possible `resolveSafeChild… |
backstage |
backstage |
2026-01-21T22:45:06.956Z | 2026-01-22T16:49:06.720Z |
| CVE-2026-23630 |
6.3 (4.0)
|
Docmost is vulnerable to stored Cross-Site Scripting (… |
docmost |
docmost |
2026-01-21T22:51:27.158Z | 2026-01-22T16:49:01.024Z |
| CVE-2026-24048 |
3.5 (3.1)
|
Backstage has a Possible SSRF when reading from allowe… |
backstage |
backstage |
2026-01-21T22:51:44.015Z | 2026-01-22T16:48:55.954Z |
| CVE-2026-22200 |
8.7 (4.0)
|
osTicket (1.18.x < 1.18.3, 1.17.x < 1.17.7) PDF Export… |
Enhancesoft |
osTicket |
2026-01-12T18:34:12.781Z | 2026-01-22T16:36:11.800Z |
| CVE-2026-23959 |
6.9 (4.0)
|
CoreShop Vulnerable to SQL Injection via Admin custome… |
coreshop |
CoreShop |
2026-01-22T01:57:58.566Z | 2026-01-22T16:28:21.076Z |
| CVE-2025-9900 |
8.8 (3.1)
|
Libtiff: libtiff write-what-where |
|
|
2025-09-23T16:26:22.846Z | 2026-01-22T16:27:07.093Z |
| CVE-2025-65098 |
7.4 (3.1)
|
Typebot Vulnerable to Credential Theft via Client-Side… |
baptisteArno |
typebot.io |
2026-01-22T14:59:20.488Z | 2026-01-22T16:25:45.772Z |
| CVE-2021-47770 |
8.6 (4.0)
8.8 (3.1)
|
OpenPLC 3 - Remote Code Execution |
Autonomy |
OpenPLC |
2026-01-21T17:27:32.000Z | 2026-01-22T16:23:03.426Z |
| CVE-2021-47748 |
9.3 (4.0)
9.8 (3.1)
|
Hasura GraphQL 1.3.3 - Remote Code Execution |
Hasura |
GraphQL |
2026-01-21T17:27:31.545Z | 2026-01-22T16:22:23.413Z |
| CVE-2021-47746 |
8.6 (4.0)
7.5 (3.1)
|
NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write |
NodeBB |
NodeBB Plugin Emoji |
2026-01-21T17:27:31.014Z | 2026-01-22T16:21:42.322Z |
| CVE-2025-64097 |
9.5 (4.0)
|
NervesHub has Insufficient Token Entropy that Allows A… |
nerves-hub |
nerves_hub_web |
2026-01-22T14:57:00.362Z | 2026-01-22T16:16:06.007Z |
| CVE-2026-1328 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Totolink NR1800X POST Request cstecgi.cgi setWizardCfg… |
Totolink |
NR1800X |
2026-01-22T14:32:13.191Z | 2026-01-22T16:14:48.638Z |
| CVE-2025-69821 |
7.4 (3.1)
|
An issue in Beat XP VEGA Smartwatch (Firmware Ver… |
n/a |
n/a |
2026-01-22T00:00:00.000Z | 2026-01-22T16:12:50.212Z |
| CVE-2025-69822 |
7.4 (3.1)
|
An issue in Atomberg Atomberg Erica Smart Fan Fir… |
n/a |
n/a |
2026-01-22T00:00:00.000Z | 2026-01-22T16:09:34.142Z |
| CVE-2026-23967 |
7.5 (3.1)
|
sm-crypto Affected by Signature Malleability in SM2-DSA |
JuneAndGreen |
sm-crypto |
2026-01-22T01:59:30.555Z | 2026-01-22T16:03:58.987Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-23864 |
7.5 (3.1)
|
Multiple denial of service vulnerabilities exist … |
Meta |
react-server-dom-webpack |
2026-01-26T19:16:38.250Z | 2026-01-26T20:26:45.709Z |
| CVE-2026-23683 |
4.3 (3.1)
|
Missing Authorization check in SAP Fiori App (Intercom… |
SAP_SE |
SAP Fiori App (Intercompany Balance Reconciliation) |
2026-01-27T00:22:13.153Z | 2026-01-28T04:55:17.259Z |
| CVE-2026-22709 |
9.8 (3.1)
|
vm2 has a Sandbox Escape |
patriksimek |
vm2 |
2026-01-26T21:32:00.215Z | 2026-01-27T21:42:27.920Z |
| CVE-2026-22696 |
9.3 (4.0)
|
dcap-qvl has Missing Verification for QE Identity |
Phala-Network |
dcap-qvl |
2026-01-26T21:28:41.284Z | 2026-01-27T21:43:00.366Z |
| CVE-2026-21721 |
8.1 (3.1)
|
Dashboard Permissions Scope Bypass Enables Cross‑Dashb… |
Grafana |
grafana/grafana |
2026-01-27T09:07:55.160Z | 2026-02-07T23:18:39.807Z |
| CVE-2026-21408 |
7.3 (3.0)
5.4 (4.0)
|
beat-access for Windows version 3.0.3 and prior c… |
FUJIFILM Business Innovation Corp. |
beat-access for Windows |
2026-01-27T05:08:20.229Z | 2026-01-27T20:50:14.682Z |
| CVE-2026-1484 |
4.2 (3.1)
|
Glib: integer overflow leading to buffer underflow and… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-27T13:41:54.223Z | 2026-02-03T20:02:21.846Z |
| CVE-2026-1465 |
8.7 (4.0)
|
A heap-based buffer over-read or buffer overflow in ti… |
anyrtcIO-Community |
anyRTC-RTMP-OpenSource |
2026-01-27T08:15:57.520Z | 2026-01-27T21:40:07.901Z |
| CVE-2026-1464 |
4.6 (4.0)
|
A possible integer overflow vulnerability in RawThera… |
MuntashirAkon |
AppManager |
2026-01-27T08:18:17.832Z | 2026-01-27T21:39:51.512Z |
| CVE-2026-1449 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Hisense TransTech Smart Bus Management System TireMng.… |
Hisense TransTech |
Smart Bus Management System |
2026-01-26T23:32:10.536Z | 2026-01-27T21:27:30.367Z |
| CVE-2026-1445 |
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
|
iJason-Liu Books_Manager upload_bookCover.php unrestri… |
iJason-Liu |
Books_Manager |
2026-01-26T22:02:05.762Z | 2026-01-27T21:38:38.532Z |
| CVE-2026-1444 |
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
|
iJason-Liu Books_Manager add_book_check.php cross site… |
iJason-Liu |
Books_Manager |
2026-01-26T21:32:05.930Z | 2026-01-27T21:41:33.130Z |
| CVE-2026-1361 |
7.8 (3.1)
|
ASDA-Soft Stack-based Buffer Overflow Vulnerability |
Delta Electronics |
ASDA-Soft |
2026-01-27T03:11:57.514Z | 2026-01-27T14:20:21.194Z |
| CVE-2026-1224 |
4.9 (3.1)
|
Tanium addressed an uncontrolled resource consumption … |
Tanium |
Discover |
2026-01-26T17:36:33.504Z | 2026-02-02T20:01:38.031Z |
| CVE-2026-1213 |
5.3 (4.0)
|
Askbot 0.12.2 - Insecure Direct Object Reference (IDOR) |
askbot |
askbot |
2026-01-27T14:04:18.274Z | 2026-01-27T20:48:18.851Z |
| CVE-2026-1190 |
3.1 (3.1)
|
Org.keycloak/keycloak-services: keycloak saml brokerin… |
Red Hat |
Red Hat Build of Keycloak |
2026-01-26T19:36:53.857Z | 2026-01-26T20:57:50.911Z |
| CVE-2026-0925 |
2.7 (3.1)
|
Tanium addressed an improper input validation vulnerab… |
Tanium |
Discover |
2026-01-26T17:51:34.091Z | 2026-02-02T20:01:37.786Z |
| CVE-2026-0810 |
6.8 (3.1)
|
Gix-date: gix-date: undefined behavior due to invalid … |
GitoxideLabs |
gitoxide |
2026-01-26T19:36:45.705Z | 2026-01-26T20:59:13.425Z |
| CVE-2025-9820 |
4 (3.1)
|
Gnutls: stack-based buffer overflow in gnutls_pkcs11_t… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-26T19:58:32.886Z | 2026-01-26T20:12:19.249Z |
| CVE-2025-9615 |
3.3 (3.0)
|
Networkmanager: networkmanager file access |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-01-26T19:58:17.401Z | 2026-01-26T20:15:40.818Z |
| CVE-2025-9522 |
5.1 (4.0)
|
Blind Server-Side Request Forgery (SSRF) in Omada Controller |
TP-Link Systems Inc. |
Omada Controller |
2026-01-26T19:35:59.689Z | 2026-02-03T19:08:42.704Z |
| CVE-2025-9521 |
2.1 (4.0)
|
Password Confirmation Bypass in Omada Controller |
TP-Link Systems Inc. |
Omada Controller |
2026-01-26T19:35:26.711Z | 2026-02-03T19:02:21.894Z |
| CVE-2025-9520 |
8.3 (4.0)
|
IDOR Leading to Owner Account Hijacking in Omada Controller |
TP-Link Systems Inc. |
Omada Controller |
2026-01-26T19:34:44.585Z | 2026-01-26T21:11:52.235Z |
| CVE-2025-71178 |
7.1 (4.0)
|
Crucial Storage Executive < 11.08.082025.00 Installer … |
Micron Technology, Inc. |
Crucial Storage Executive |
2026-01-26T17:55:02.467Z | 2026-01-26T19:48:35.855Z |
| CVE-2025-70982 |
9.9 (3.1)
|
Incorrect access control in the importUser functi… |
n/a |
n/a |
2026-01-26T00:00:00.000Z | 2026-01-26T17:18:42.391Z |
| CVE-2025-67274 |
7.5 (3.1)
|
An issue in continuous.software aangine v.2025.2 … |
n/a |
n/a |
2026-01-26T00:00:00.000Z | 2026-01-26T17:01:06.328Z |
| CVE-2025-57785 |
6.5 (3.1)
|
Double free in XSLT in 'show_index' |
Hiawatha |
Hiawatha Web server |
2026-01-26T17:46:09.707Z | 2026-01-26T20:54:04.714Z |
| CVE-2025-57784 |
4 (3.1)
|
Tomahawk authentication timing attack due to usage of … |
Hiawatha |
Hiawatha Web server |
2026-01-26T17:47:19.382Z | 2026-01-26T20:52:06.748Z |
| CVE-2025-57783 |
5.3 (3.1)
|
Improper header parsing may lead to request smuggling |
Hiawatha |
Hiawatha Web server |
2026-01-26T17:45:36.947Z | 2026-01-26T20:55:04.568Z |
| CVE-2025-41728 |
5.3 (3.1)
|
Beckhoff: Information leak via Beckhoff Device Manager |
Beckhoff Automation |
Beckhoff.Device.Manager.XAR |
2026-01-27T11:37:55.689Z | 2026-01-27T13:49:51.297Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-67274 | An issue in continuous.software aangine v.2025.2 allows a remote attacker to obtain sensitive infor… | 2026-01-26T17:16:11.693 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-57785 | A Double Free in XSLT `show_index` has been identified in Hiawatha webserver version 11.7 which all… | 2026-01-26T18:16:27.570 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-57784 | Tomahawk auth timing attack due to usage of `strcmp` has been identified in Hiawatha webserver vers… | 2026-01-26T18:16:27.467 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-57783 | Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver ver… | 2026-01-26T18:16:27.350 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-41728 | A low privileged remote attacker may be able to disclose confidential information from the memory o… | 2026-01-27T12:15:57.717 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-41727 | A local low privileged attacker can bypass the authentication of the Device Manager user interface,… | 2026-01-27T12:15:57.573 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-41726 | A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to t… | 2026-01-27T12:15:57.400 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-30248 | DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allo… | 2026-01-26T23:15:54.373 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-14971 | The Link Invoice Payment for WooCommerce plugin for WordPress is vulnerable to unauthorized modific… | 2026-01-27T07:16:05.880 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-14756 | Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 … | 2026-01-26T19:16:08.573 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-14525 | A flaw was found in kubevirt. A user within a virtual machine (VM), if the guest agent is active, c… | 2026-01-26T20:16:08.163 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-14459 | A flaw was found in KubeVirt Containerized Data Importer (CDI). This vulnerability allows a user to… | 2026-01-26T20:16:07.983 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-12387 | A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigge… | 2026-01-27T12:15:57.243 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-12386 | Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo.… | 2026-01-27T12:15:56.473 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-11687 | A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the … | 2026-01-26T20:16:07.817 | 2026-01-27T14:59:34.073 |
| fkie_cve-2020-36960 | Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject … | 2026-01-26T18:16:27.020 | 2026-01-27T14:59:34.073 |
| fkie_cve-2020-36959 | IDT PC Audio 1.0.6499.0 contains an unquoted service path vulnerability that allows local users to … | 2026-01-26T18:16:26.840 | 2026-01-27T14:59:34.073 |
| fkie_cve-2020-36958 | Kite 1.2020.1119.0 contains an unquoted service path vulnerability in the KiteService Windows servi… | 2026-01-26T18:16:26.663 | 2026-01-27T14:59:34.073 |
| fkie_cve-2020-36957 | PDF Complete 3.5.310.2002 contains an unquoted service path vulnerability in its pdfsvc.exe service… | 2026-01-26T18:16:26.490 | 2026-01-27T14:59:34.073 |
| fkie_cve-2020-36956 | Openfire 4.6.0 contains a stored cross-site scripting vulnerability in the nodejs plugin that allow… | 2026-01-26T18:16:26.313 | 2026-01-27T14:59:34.073 |
| fkie_cve-2020-36955 | Grav CMS 1.6.30 with Admin Plugin 1.9.18 contains a persistent cross-site scripting vulnerability t… | 2026-01-26T18:16:26.137 | 2026-01-27T14:59:34.073 |
| fkie_cve-2020-36954 | Xeroneit Library Management System 3.1 contains a stored cross-site scripting vulnerability in the … | 2026-01-26T18:16:25.957 | 2026-01-27T14:59:34.073 |
| fkie_cve-2020-36953 | MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that… | 2026-01-26T18:16:25.580 | 2026-01-27T14:59:34.073 |
| fkie_cve-2020-36952 | IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to… | 2026-01-26T16:15:54.690 | 2026-01-27T14:59:34.073 |
| fkie_cve-2025-62056 | Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes News Event news-event.… | 2026-01-22T17:15:58.757 | 2026-01-27T14:15:55.037 |
| fkie_cve-2023-29240 | An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files u… | 2023-05-03T15:15:13.423 | 2026-01-27T13:50:53.093 |
| fkie_cve-2025-23419 | When multiple server blocks are configured to share the same IP address and port, an attacker can u… | 2025-02-05T18:15:33.347 | 2026-01-27T13:30:41.190 |
| fkie_cve-2025-54755 | A directory traversal vulnerability exists in TMUI that allows a highly privileged authenticated at… | 2025-10-15T14:15:49.573 | 2026-01-27T13:30:32.340 |
| fkie_cve-2026-0696 | In ConnectWise PSA versions older than 2026.1, certain session cookies were not set with the HttpOn… | 2026-01-16T14:15:54.940 | 2026-01-27T13:15:54.403 |
| fkie_cve-2026-0695 | In ConnectWise PSA versions older than 2026.1, Time Entry notes stored in the Time Entry Audit Trai… | 2026-01-16T14:15:54.793 | 2026-01-27T13:15:54.260 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-6hm3-9gpx-9f63 |
5.3 (3.1)
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported v… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-6684-47x9-759j |
5.0 (3.1)
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystems). Supported … | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-5rm3-299f-6m9v |
6.1 (3.1)
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition prod… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-5mc7-p6pj-r3f5 |
5.9 (4.0)
|
User-controlled header names and values containing newlines can allow injecting HTTP headers. | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-4f9w-qx2j-3j6q |
5.4 (3.1)
|
Vulnerability in the Oracle APEX Sample Applications product of Oracle APEX (component: Brookstrut … | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-4c67-8q63-xrxq |
5.9 (4.0)
|
The imaplib module, when passed a user-controlled command, can have additional commands injected us… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-34rv-96cq-9vvh |
7.0 (3.1)
|
Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affect… | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-242j-c957-58gr |
5.3 (3.1)
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported … | 2026-01-21T00:31:42Z | 2026-01-21T00:31:42Z |
| ghsa-jq9g-gj4g-q8w7 |
9.8 (3.1)
|
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attac… | 2026-01-20T06:30:26Z | 2026-01-21T00:31:41Z |
| ghsa-w2pg-hw7v-f7m9 |
7.5 (3.1)
|
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash … | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-q3r6-8php-frm2 |
6.1 (3.1)
|
HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the `ba… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-pm9v-wcw9-xgpv |
2.8 (3.1)
|
A flaw in Node.js's permission model allows a file's access and modification timestamps to be chang… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-ggxc-26fx-987r |
5.9 (3.1)
|
A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-cr56-64wj-q2r7 |
2.7 (3.1)
|
HackerOne community member Faraz Ahmed (PakCyberbot) has reported a format string injection in the … | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-c9rv-m5vg-q72h |
6.1 (3.1)
|
HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the ban… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-9jwr-p39p-hwg2 |
7.1 (3.1)
|
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are in… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-982f-qxrw-6prp |
6.1 (3.1)
|
HackerOne community member Huynh Pham Thanh Luc (nigh7c0r3) has reported a reflected XSS vulnerabil… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-7xhv-hcmf-4rfv |
5.8 (3.1)
|
A flaw in Node.js's permission model allows Unix Domain Socket (UDS) connections to bypass network … | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-52xj-vx8w-46qj |
5.9 (3.1)
|
We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors … | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-2prx-vw7r-hjgr |
7.1 (3.1)
|
HackerOne community member Jad Ghamloush (0xjad) has reported an authorization bypass vulnerability… | 2026-01-20T21:31:35Z | 2026-01-20T21:31:35Z |
| ghsa-47vw-q2cv-jhr7 |
6.1 (3.1)
|
Abacre Retail Point of Sale 14.0.0.396 is affected by a stored cross-site scripting (XSS) vulnerabi… | 2026-01-20T18:31:57Z | 2026-01-20T21:31:34Z |
| ghsa-r89r-9rx7-mx5c |
9.3 (4.0)
|
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability i… | 2026-01-13T15:37:05Z | 2026-01-20T21:31:33Z |
| ghsa-4qcj-q7xx-whc4 |
8.0 (3.1)
7.1 (4.0)
|
Command Injection vulnerability in TP-Link WA850RE (httpd modules) allows authenticated adjacent at… | 2025-12-18T18:30:31Z | 2026-01-20T21:31:31Z |
| ghsa-x8ff-m84r-p2gr |
7.8 (3.1)
7.0 (4.0)
|
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allo… | 2025-09-10T12:30:20Z | 2026-01-20T21:31:30Z |
| ghsa-w4mq-qvfm-cqjm |
5.5 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_dsp_rproc: Add… | 2025-10-01T12:30:27Z | 2026-01-20T21:31:30Z |
| ghsa-rx53-49wx-mxjw |
5.5 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix one NULL pointer … | 2025-09-22T21:30:18Z | 2026-01-20T21:31:30Z |
| ghsa-rw8m-hvvr-gqpp |
8.1 (3.1)
6.9 (4.0)
|
In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse Ope… | 2025-12-15T06:31:16Z | 2026-01-20T21:31:30Z |
| ghsa-mwhg-gwrr-ff82 |
7.1 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memor… | 2025-09-23T06:30:27Z | 2026-01-20T21:31:30Z |
| ghsa-mrpv-wrf5-7wr6 |
7.8 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-… | 2025-09-22T21:30:18Z | 2026-01-20T21:31:30Z |
| ghsa-jgc8-85r3-j7pm |
6.3 (3.1)
2.1 (4.0)
|
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerabi… | 2025-09-12T21:32:15Z | 2026-01-20T21:31:30Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-30945 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.110526Z |
| gsd-2024-30944 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.369100Z |
| gsd-2024-30943 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.093610Z |
| gsd-2024-30942 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.284214Z |
| gsd-2024-30941 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.275185Z |
| gsd-2024-30940 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.223125Z |
| gsd-2024-3094 | Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0… | 2024-04-03T05:02:29.955063Z |
| gsd-2024-30939 | An issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allo… | 2024-04-03T05:02:29.040492Z |
| gsd-2024-30938 | SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive … | 2024-04-03T05:02:29.237518Z |
| gsd-2024-30937 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.065322Z |
| gsd-2024-30936 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.245068Z |
| gsd-2024-30935 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.184880Z |
| gsd-2024-30934 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.112191Z |
| gsd-2024-30933 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.120193Z |
| gsd-2024-30932 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.354854Z |
| gsd-2024-30931 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.255804Z |
| gsd-2024-30930 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.143181Z |
| gsd-2024-3093 | The Font Farsi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admi… | 2024-04-03T05:02:29.890309Z |
| gsd-2024-30929 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute… | 2024-04-03T05:02:29.241814Z |
| gsd-2024-30928 | SQL Injection vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitr… | 2024-04-03T05:02:29.189737Z |
| gsd-2024-30927 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute… | 2024-04-03T05:02:29.333210Z |
| gsd-2024-30926 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute… | 2024-04-03T05:02:29.055973Z |
| gsd-2024-30925 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute… | 2024-04-03T05:02:29.156144Z |
| gsd-2024-30924 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute… | 2024-04-03T05:02:29.249524Z |
| gsd-2024-30923 | SQL Injection vulnerability in DerbyNet v9.0 and below allows a remote attacker to execut… | 2024-04-03T05:02:29.346418Z |
| gsd-2024-30922 | SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrar… | 2024-04-03T05:02:29.248690Z |
| gsd-2024-30921 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to… | 2024-04-03T05:02:29.350677Z |
| gsd-2024-30920 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to… | 2024-04-03T05:02:29.243317Z |
| gsd-2024-3092 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 be… | 2024-04-03T05:02:29.940077Z |
| gsd-2024-30919 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-03T05:02:29.349533Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| MAL-2025-192507 | Malicious code in elf-stats-holly-stocking-294 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T09:26:26Z |
| MAL-2025-192502 | Malicious code in elf-stats-fuzzy-fireplace-615 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T09:26:26Z |
| MAL-2025-192470 | Malicious code in elf-stats-aurora-sleigh-694 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T09:26:26Z |
| mal-2025-192510 | Malicious code in elf-stats-jubilant-wreath-403 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T08:26:30Z |
| mal-2025-192490 | Malicious code in elf-stats-cosy-ribbon-689 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T08:26:30Z |
| MAL-2025-192510 | Malicious code in elf-stats-jubilant-wreath-403 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T08:26:30Z |
| MAL-2025-192490 | Malicious code in elf-stats-cosy-ribbon-689 (npm) | 2025-12-11T19:46:09Z | 2025-12-16T08:26:30Z |
| mal-2025-192193 | Malicious code in elf-stats-whimsical-snowflake-250 (npm) | 2025-12-03T15:59:29Z | 2025-12-16T07:25:30Z |
| mal-2025-192103 | Malicious code in elf-stats-mulled-wishlist-789 (npm) | 2025-12-03T15:59:29Z | 2025-12-16T07:25:30Z |
| mal-2025-192056 | Malicious code in elf-stats-gingersnap-reindeer-987 (npm) | 2025-12-03T15:59:29Z | 2025-12-16T07:25:30Z |
| MAL-2025-192193 | Malicious code in elf-stats-whimsical-snowflake-250 (npm) | 2025-12-03T15:59:29Z | 2025-12-16T07:25:30Z |
| MAL-2025-192103 | Malicious code in elf-stats-mulled-wishlist-789 (npm) | 2025-12-03T15:59:29Z | 2025-12-16T07:25:30Z |
| MAL-2025-192056 | Malicious code in elf-stats-gingersnap-reindeer-987 (npm) | 2025-12-03T15:59:29Z | 2025-12-16T07:25:30Z |
| mal-2025-191971 | Malicious code in @testfei/hallo-word (npm) | 2025-12-03T02:55:45Z | 2025-12-16T06:26:40Z |
| MAL-2025-191971 | Malicious code in @testfei/hallo-word (npm) | 2025-12-03T02:55:45Z | 2025-12-16T06:26:40Z |
| mal-2025-191545 | Malicious code in wfui-test-e2e (npm) | 2025-12-02T05:10:24Z | 2025-12-15T08:26:49Z |
| MAL-2025-191545 | Malicious code in wfui-test-e2e (npm) | 2025-12-02T05:10:24Z | 2025-12-15T08:26:49Z |
| mal-2025-192472 | Malicious code in elf-stats-candlelit-nutcracker-184 (npm) | 2025-12-11T19:46:09Z | 2025-12-15T05:25:54Z |
| MAL-2025-192472 | Malicious code in elf-stats-candlelit-nutcracker-184 (npm) | 2025-12-11T19:46:09Z | 2025-12-15T05:25:54Z |
| mal-0000-ossf-package-analysis-10cb4544e5ccc9bc | Malicious code in stitch-ui-toolbox (npm) | 2025-12-15T01:26:07Z | 2025-12-15T01:26:07Z |
| MAL-0000-OSSF-PACKAGE-ANALYSIS-10CB4544E5CCC9BC | Malicious code in stitch-ui-toolbox (npm) | 2025-12-15T01:26:07Z | 2025-12-15T01:26:07Z |
| mal-0000-ossf-package-analysis-f77b546bc36b17b6 | Malicious code in @ikarem/telemetry (npm) | 2025-12-14T05:39:54Z | 2025-12-14T05:39:54Z |
| MAL-0000-OSSF-PACKAGE-ANALYSIS-F77B546BC36B17B6 | Malicious code in @ikarem/telemetry (npm) | 2025-12-14T05:39:54Z | 2025-12-14T05:39:54Z |
| mal-0000-ossf-package-analysis-0bdd063a8851ad4a | Malicious code in @ikarem/telemetry (npm) | 2025-12-14T05:20:40Z | 2025-12-14T05:20:40Z |
| MAL-0000-OSSF-PACKAGE-ANALYSIS-0BDD063A8851AD4A | Malicious code in @ikarem/telemetry (npm) | 2025-12-14T05:20:40Z | 2025-12-14T05:20:40Z |
| mal-0000-ossf-package-analysis-c075254afb72ad18 | Malicious code in @ikarem/telemetry (npm) | 2025-12-14T05:15:54Z | 2025-12-14T05:15:54Z |
| MAL-0000-OSSF-PACKAGE-ANALYSIS-C075254AFB72AD18 | Malicious code in @ikarem/telemetry (npm) | 2025-12-14T05:15:54Z | 2025-12-14T05:15:54Z |
| mal-0000-ossf-package-analysis-74f76e276cfff1c1 | Malicious code in @ikarem/telemetry (npm) | 2025-12-14T05:08:54Z | 2025-12-14T05:08:54Z |
| MAL-0000-OSSF-PACKAGE-ANALYSIS-74F76E276CFFF1C1 | Malicious code in @ikarem/telemetry (npm) | 2025-12-14T05:08:54Z | 2025-12-14T05:08:54Z |
| mal-0000-ossf-package-analysis-43ab3fc889bb1c1c | Malicious code in @ikarem/telemetry (npm) | 2025-12-14T05:03:06Z | 2025-12-14T05:03:06Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-2123 | Microsoft Windows: Mehrere Schwachstellen | 2024-09-10T22:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| wid-sec-w-2024-1958 | Linux Kernel: Schwachstelle ermöglicht DoS | 2024-08-29T22:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| wid-sec-w-2023-0597 | Veeam Backup & Replication: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2023-03-07T23:00:00.000+00:00 | 2024-10-10T22:00:00.000+00:00 |
| wid-sec-w-2024-3139 | Progress Software Telerik Report Server: Mehrere Schwachstellen | 2024-10-09T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-3137 | OWASP ModSecurity: Schwachstelle ermöglicht Denial of Service | 2024-10-09T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-3136 | GitLab: Mehrere Schwachstellen | 2024-10-09T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-3135 | DrayTek Vigor: Schwachstelle ermöglicht Codeausführung | 2024-10-09T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-3132 | VMware NSX und Cloud Foundation: Mehrere Schwachstellen | 2024-10-09T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-3131 | PaloAlto Networks Cortex XSOAR: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-10-09T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-3130 | PaloAlto Networks PAN-OS: Mehrere Schwachstellen ermöglichen Denial of Service und Privilegieneskalation | 2024-10-09T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-3128 | Microsoft Teams: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-10-09T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-1950 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2024-08-28T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-1619 | Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2024-07-15T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-1446 | LibreOffice: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2024-06-24T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-1076 | npm: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2022-01-24T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-0559 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-03-05T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-0474 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2024-02-22T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-0330 | Fortinet FortiOS: Mehrere Schwachstellen ermöglichen Codeausführung | 2024-02-08T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-0135 | Linux Kernel: Mehrere Schwachstellen | 2024-01-16T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-0002 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2024-01-01T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2023-3205 | sudo: Schwachstelle ermöglicht Privilegieneskalation | 2023-12-21T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2023-3172 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2023-12-18T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2023-2997 | vim: Schwachstelle ermöglicht Denial of Service | 2023-11-22T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2023-2962 | vim: Mehrere Schwachstellen | 2023-11-16T23:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2023-2497 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2023-09-27T22:00:00.000+00:00 | 2024-10-09T22:00:00.000+00:00 |
| wid-sec-w-2024-3123 | Microsoft Office: Mehrere Schwachstellen | 2024-10-08T22:00:00.000+00:00 | 2024-10-08T22:00:00.000+00:00 |
| wid-sec-w-2024-3120 | Ivanti Cloud Services Appliance: Mehrere Schwachstellen | 2024-10-08T22:00:00.000+00:00 | 2024-10-08T22:00:00.000+00:00 |
| wid-sec-w-2024-3118 | PaloAlto Networks GlobalProtect: Schwachstelle ermöglicht Privilegieneskalation | 2024-10-08T22:00:00.000+00:00 | 2024-10-08T22:00:00.000+00:00 |
| wid-sec-w-2024-3117 | Adobe Magento: Mehrere Schwachstellen | 2024-10-08T22:00:00.000+00:00 | 2024-10-08T22:00:00.000+00:00 |
| wid-sec-w-2024-3116 | PHP: Schwachstelle ermöglicht Manipulation von Dateien | 2024-10-08T22:00:00.000+00:00 | 2024-10-08T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2013:0201 | Red Hat Security Advisory: rubygem-activesupport security update | 2013-01-28T23:07:00+00:00 | 2026-01-28T22:54:11+00:00 |
| rhsa-2013:0198 | Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 update | 2013-01-24T19:06:00+00:00 | 2026-01-28T22:54:11+00:00 |
| rhsa-2013:0197 | Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 update | 2013-01-24T18:52:00+00:00 | 2026-01-28T22:54:11+00:00 |
| rhsa-2013:0196 | Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 update | 2013-01-24T18:44:00+00:00 | 2026-01-28T22:54:11+00:00 |
| rhsa-2013:0195 | Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 update | 2013-01-24T18:41:00+00:00 | 2026-01-28T22:54:11+00:00 |
| rhsa-2013:0194 | Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 update | 2013-01-24T18:07:00+00:00 | 2026-01-28T22:54:11+00:00 |
| rhsa-2013:0192 | Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 update | 2013-01-24T18:27:00+00:00 | 2026-01-28T22:54:11+00:00 |
| rhsa-2013:0191 | Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 update | 2013-01-24T18:28:00+00:00 | 2026-01-28T22:54:10+00:00 |
| rhsa-2013:0164 | Red Hat Security Advisory: jbossweb security update | 2013-01-15T19:02:00+00:00 | 2026-01-28T22:54:10+00:00 |
| rhsa-2013:0163 | Red Hat Security Advisory: jbossweb security update | 2013-01-15T18:54:00+00:00 | 2026-01-28T22:54:10+00:00 |
| rhsa-2013:0162 | Red Hat Security Advisory: JBoss Enterprise SOA Platform 4.2.0.CP05 and 4.3.0.CP05 update | 2013-01-15T18:53:00+00:00 | 2026-01-28T22:54:10+00:00 |
| rhsa-2013:0158 | Red Hat Security Advisory: tomcat6 security update | 2013-01-14T20:45:00+00:00 | 2026-01-28T22:54:09+00:00 |
| rhsa-2013:0157 | Red Hat Security Advisory: tomcat6 security update | 2013-01-14T20:43:00+00:00 | 2026-01-28T22:54:09+00:00 |
| rhsa-2013:0155 | Red Hat Security Advisory: Ruby on Rails security update | 2013-01-10T22:32:00+00:00 | 2026-01-28T22:54:09+00:00 |
| rhsa-2013:0154 | Red Hat Security Advisory: Ruby on Rails security update | 2013-01-10T20:39:00+00:00 | 2026-01-28T22:54:09+00:00 |
| rhsa-2013:0153 | Red Hat Security Advisory: Ruby on Rails security update | 2013-01-10T20:36:00+00:00 | 2026-01-28T22:54:09+00:00 |
| rhsa-2013:0151 | Red Hat Security Advisory: JBoss Enterprise Portal Platform 4.3 CP07 security update | 2013-01-10T05:36:00+00:00 | 2026-01-28T22:54:08+00:00 |
| rhsa-2013:0147 | Red Hat Security Advisory: jbossas security update | 2013-01-08T20:30:00+00:00 | 2026-01-28T22:54:08+00:00 |
| rhsa-2013:0146 | Red Hat Security Advisory: jbossweb security update | 2013-01-08T20:25:00+00:00 | 2026-01-28T22:54:08+00:00 |
| rhsa-2013:0128 | Red Hat Security Advisory: conga security, bug fix, and enhancement update | 2013-01-08T04:31:00+00:00 | 2026-01-28T22:54:08+00:00 |
| rhsa-2013:0005 | Red Hat Security Advisory: tomcat6 security update | 2013-01-03T22:49:00+00:00 | 2026-01-28T22:54:07+00:00 |
| rhsa-2013:0004 | Red Hat Security Advisory: tomcat6 security update | 2013-01-03T22:47:00+00:00 | 2026-01-28T22:54:07+00:00 |
| rhsa-2012:1592 | Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update | 2012-12-18T22:23:00+00:00 | 2026-01-28T22:54:07+00:00 |
| rhsa-2012:1591 | Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update | 2012-12-18T22:17:00+00:00 | 2026-01-28T22:54:07+00:00 |
| rhsa-2012:1542 | Red Hat Security Advisory: CloudForms Commons 1.1 security update | 2012-12-04T19:24:00+00:00 | 2026-01-28T22:54:07+00:00 |
| rhsa-2012:1365 | Red Hat Security Advisory: bind security update | 2012-10-12T19:39:00+00:00 | 2026-01-28T22:54:06+00:00 |
| rhsa-2012:1268 | Red Hat Security Advisory: bind security update | 2012-09-14T09:27:00+00:00 | 2026-01-28T22:54:06+00:00 |
| rhsa-2012:1267 | Red Hat Security Advisory: bind security and bug fix update | 2012-09-14T09:26:00+00:00 | 2026-01-28T22:54:06+00:00 |
| rhsa-2012:1266 | Red Hat Security Advisory: bind97 security update | 2012-09-14T09:24:00+00:00 | 2026-01-28T22:54:05+00:00 |
| rhsa-2012:1149 | Red Hat Security Advisory: sudo security and bug fix update | 2012-08-07T16:49:00+00:00 | 2026-01-28T22:54:05+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-20170705-waas | Cisco Wide Area Application Services Core Dump Denial of Service Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-staros | Cisco StarOS Border Gateway Protocol Process Denial of Service Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-prime | Cisco Prime Network Privilege Escalation Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-ise1 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-iosxr | Cisco IOS XR Software Multicast Source Discovery Protocol Session Denial of Service Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-ios | Cisco IOS XR Software Incorrect Permissions Privilege Escalation Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170621-waas | Cisco Wide Area Application Services TCP Fragment Denial of Service Vulnerability | 2017-06-21T16:00:00+00:00 | 2017-06-21T16:00:00+00:00 |
| cisco-sa-20170621-ucce | Cisco Unified Contact Center Express Clear Text Authentication Vulnerability | 2017-06-21T16:00:00+00:00 | 2017-06-21T16:00:00+00:00 |
| cisco-sa-20170621-piwf1 | Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerabilities | 2017-06-21T16:00:00+00:00 | 2017-06-21T16:00:00+00:00 |
| cisco-sa-20170621-piwf | Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerability | 2017-06-21T16:00:00+00:00 | 2017-06-21T16:00:00+00:00 |
| cisco-sa-20170322-ztp | Cisco IOS XE Software for Cisco ASR 920 Series Routers Zero Touch Provisioning Denial of Service Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170322-xeci | Cisco IOS XE Software HTTP Command Injection Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170322-webui | Cisco IOS XE Software Web User Interface Denial of Service Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170322-l2tp | Cisco IOS and IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170322-dhcpc | Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170320-aniipv6 | Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability | 2017-03-20T16:00:00+00:00 | 2017-03-20T16:00:00+00:00 |
| cisco-sa-20170320-ani | Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability | 2017-03-20T16:00:00+00:00 | 2017-03-20T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-26646 | .NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability | 2025-05-13T07:00:00.000Z | 2025-05-22T07:00:00.000Z |
| msrc_cve-2024-56662 | acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl | 2024-12-02T00:00:00.000Z | 2025-05-21T00:00:00.000Z |
| msrc_cve-2024-42093 | net/dpaa2: Avoid explicit cpumask var allocation on stack | 2024-07-01T07:00:00.000Z | 2025-05-21T00:00:00.000Z |
| msrc_cve-2024-41057 | cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() | 2024-07-01T07:00:00.000Z | 2025-05-21T00:00:00.000Z |
| msrc_cve-2025-29975 | Microsoft PC Manager Elevation of Privilege Vulnerability | 2025-05-13T07:00:00.000Z | 2025-05-20T07:00:00.000Z |
| msrc_cve-2025-29971 | Web Threat Defense (WTD.sys) Denial of Service Vulnerability | 2025-05-13T07:00:00.000Z | 2025-05-16T07:00:00.000Z |
| msrc_cve-2024-47619 | tranport: TLS host name wildcard matching too lax | 2025-05-02T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2024-45770 | Pcp: pmpost symlink attack allows escalating pcp to root user | 2024-09-01T07:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2024-45769 | Pcp: pmcd heap corruption through metric pmstore operations | 2024-09-01T07:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2024-39134 | A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c. | 2024-06-02T07:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2024-39133 | Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c. | 2024-06-02T07:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2024-27316 | Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames | 2024-04-02T07:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2024-0914 | Opencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin) | 2024-01-01T08:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2023-45802 | Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST | 2023-10-01T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2023-43907 | OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c. | 2023-10-01T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2023-43622 | Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 | 2023-10-01T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2023-25690 | Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy | 2023-03-10T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2022-37436 | Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting | 2023-01-04T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2022-25858 | Regular Expression Denial of Service (ReDoS) | 2022-07-02T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2021-38561 | golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input this can be used as a vector for a denial-of-service attack. | 2022-12-02T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2021-31618 | NULL pointer dereference on specially crafted HTTP/2 request | 2021-06-02T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2020-35357 | A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution. | 2023-08-01T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2020-18770 | An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. | 2023-08-01T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2019-13045 | Irssi has a use after free when sending SASL login to the server | 2019-06-02T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2017-5974 | Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file. | 2017-03-02T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2025-30393 | Microsoft Excel Remote Code Execution Vulnerability | 2025-05-13T07:00:00.000Z | 2025-05-14T07:00:00.000Z |
| msrc_cve-2025-30388 | Windows Graphics Component Remote Code Execution Vulnerability | 2025-05-13T07:00:00.000Z | 2025-05-14T07:00:00.000Z |
| msrc_cve-2025-30386 | Microsoft Office Remote Code Execution Vulnerability | 2025-05-13T07:00:00.000Z | 2025-05-14T07:00:00.000Z |
| msrc_cve-2025-30383 | Microsoft Excel Remote Code Execution Vulnerability | 2025-05-13T07:00:00.000Z | 2025-05-14T07:00:00.000Z |
| msrc_cve-2025-30379 | Microsoft Excel Remote Code Execution Vulnerability | 2025-05-13T07:00:00.000Z | 2025-05-14T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2024:12256-1 | binutils-2.39-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12255-1 | libvarnishapi3-7.1.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12254-1 | ucode-intel-20220809-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12253-1 | nim-1.6.6-3.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12252-1 | helm-3.9.3-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12251-1 | chromedriver-104.0.5112.79-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12250-1 | python310-loguru-0.6.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12249-1 | ruby3.1-rubygem-tzinfo-1.2-1.2.10-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12248-1 | ruby3.1-rubygem-http-cookie-1.0.5-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12247-1 | ruby3.1-rubygem-http-5.1.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12246-1 | budgie-control-center-1.1.0+0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12245-1 | librpmbuild9-4.17.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12244-1 | ruby3.1-rubygem-activerecord-7.0-7.0.3.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12243-1 | ctdb-4.16.4+git.297.1497eb221ed-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12242-1 | libostree-1-1-2022.5-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12241-1 | ldb-tools-2.5.2-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12240-1 | cosign-1.10.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12239-1 | wayshot-1.1.9-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12238-1 | tuigreet-0.7.1-6.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12237-1 | python310-httptools-0.4.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12236-1 | python310-Django-4.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12235-1 | libunbound8-1.16.2-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12234-1 | java-1_8_0-openjdk-1.8.0.345-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12233-1 | gnutls-3.7.7-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12232-1 | rsync-3.2.4-3.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12231-1 | logcli-2.6.1+git.1658128747.6bd05c9a4-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12230-1 | go1.18-1.18.5-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12229-1 | go1.17-1.17.13-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12228-1 | MozillaThunderbird-102.1.0-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| opensuse-su-2024:12227-1 | MozillaFirefox-103.0.1-1.1 on GA media | 2024-06-15T00:00:00Z | 2024-06-15T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-gitlab-2022-1121 | 2024-03-06T11:16:26.945Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1120 | 2024-03-06T11:16:28.335Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1111 | 2024-03-06T11:16:29.660Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1105 | 2024-03-06T11:16:31.138Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1100 | 2024-03-06T11:16:32.598Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-1099 | 2024-03-06T11:16:34.135Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0751 | 2024-03-06T11:16:35.547Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0741 | 2024-03-06T11:16:36.941Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0740 | 2024-03-06T11:16:38.346Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0738 | 2024-03-06T11:16:39.601Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0735 | 2024-03-06T11:16:40.990Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0549 | 2024-03-06T11:16:42.226Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0489 | 2024-03-06T11:16:43.455Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0488 | 2024-03-06T11:16:44.693Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0477 | 2024-03-06T11:16:45.995Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0427 | 2024-03-06T11:16:47.256Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0425 | 2024-03-06T11:16:48.536Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0390 | 2024-03-06T11:16:49.861Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0373 | 2024-03-06T11:16:51.155Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0371 | 2024-03-06T11:16:52.466Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0344 | 2024-03-06T11:16:53.780Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0283 | 2024-03-06T11:16:55.036Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0249 | 2024-03-06T11:16:56.288Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0244 | 2024-03-06T11:16:57.561Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0172 | 2024-03-06T11:16:58.812Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0167 | 2024-03-06T11:17:00.135Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0154 | 2024-03-06T11:17:01.421Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0152 | 2024-03-06T11:17:02.671Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0151 | 2024-03-06T11:17:03.928Z | 2025-04-03T14:40:37.652Z | |
| bit-gitlab-2022-0136 | 2024-03-06T11:17:05.190Z | 2025-04-03T14:40:37.652Z |
| ID | Description | Updated |
|---|---|---|
| var-202312-1202 | Moonlight-common-c contains the core GameStream client code shared between Moonlight clie… | 2024-01-18T22:45:26.858000Z |
| var-202312-0929 | Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authe… | 2024-01-18T22:45:26.954000Z |
| var-201903-0206 | An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT80… | 2024-01-18T22:44:19.219000Z |
| var-202312-0868 | Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64… | 2024-01-18T22:43:29.117000Z |
| var-202312-0471 | Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'd… | 2024-01-18T22:43:29.307000Z |
| var-202401-0723 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the f… | 2024-01-18T22:43:26.905000Z |
| var-202202-1223 | A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_42… | 2024-01-18T22:41:52.596000Z |
| var-202307-0440 | An access violation vulnerability exists in the eventcore functionality of Milesight UR32… | 2024-01-18T22:41:46.579000Z |
| var-202307-0209 | A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decr… | 2024-01-18T22:41:46.715000Z |
| var-202312-1220 | An improper handling of a malformed API answer packets to API clients in Bosch BT softwar… | 2024-01-18T22:41:44.312000Z |
| var-202312-1136 | Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList par… | 2024-01-18T22:41:44.383000Z |
| var-202401-0266 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the fu… | 2024-01-18T22:41:42.924000Z |
| var-200505-0466 | The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and possibly other product… | 2024-01-18T22:41:10.758000Z |
| var-201311-0288 | D-Link DSL-2760U The gateway contains a cross-site scripting vulnerability.By the remotel… | 2024-01-18T22:39:50.077000Z |
| var-202203-1742 | D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerab… | 2024-01-18T22:39:34.167000Z |
| var-202307-1134 | Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overfl… | 2024-01-18T22:39:31.518000Z |
| var-202310-1634 | An issue in TP-Link Tapo C100 v1.1.15 Build 211130 Rel.15378n(4555) and before allows att… | 2024-01-18T22:39:27.028000Z |
| var-202312-0482 | Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'l… | 2024-01-18T22:39:25.554000Z |
| var-202312-0419 | Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function … | 2024-01-18T22:39:25.592000Z |
| var-202312-0314 | There is a buffer overflow vulnerability in some ZTE mobile internet producsts. Due to i… | 2024-01-18T22:39:25.668000Z |
| var-202312-0313 | There is a command injection vulnerability in some ZTE mobile internet products. Due t… | 2024-01-18T22:39:25.689000Z |
| var-202401-0404 | Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows atta… | 2024-01-18T22:39:24.166000Z |
| var-202312-2175 | Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter… | 2024-01-18T22:39:24.733000Z |
| var-202312-2070 | Improper neutralization of special elements in the SMA100 SSL-VPN management interface al… | 2024-01-18T22:39:24.800000Z |
| var-202401-0719 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the fu… | 2024-01-18T22:39:22.822000Z |
| var-202312-1728 | Information disclosure when the trusted application metadata symbol addresses are accesse… | 2024-01-18T22:36:36.230000Z |
| var-202312-0405 | Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_de… | 2024-01-18T22:36:36.890000Z |
| var-202312-2404 | ** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fort… | 2024-01-18T22:36:32.416000Z |
| var-202312-2276 | Memory Corruption in SPS Application while exporting public key in sorter TA. 315 5g iot … | 2024-01-18T22:36:32.529000Z |
| var-201311-0308 | Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.… | 2024-01-18T22:30:55.959000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2024:3766-1 | Security update for openssl-3 | 2024-10-29T01:34:29Z | 2024-10-29T01:34:29Z |
| suse-su-2024:3765-1 | Security update for openssl-1_1 | 2024-10-29T01:34:06Z | 2024-10-29T01:34:06Z |
| suse-su-2024:3764-1 | Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6) | 2024-10-28T20:49:11Z | 2024-10-28T20:49:11Z |
| suse-su-2024:3760-1 | Security update for python3 | 2024-10-28T03:33:33Z | 2024-10-28T03:33:33Z |
| suse-su-2024:3757-1 | Security update for openssl-1_1 | 2024-10-25T10:30:29Z | 2024-10-25T10:30:29Z |
| suse-su-2024:3159-2 | Security update for postgresql16 | 2024-10-24T08:44:33Z | 2024-10-24T08:44:33Z |
| suse-su-2024:3756-1 | Security update for cups-filters | 2024-10-24T08:29:03Z | 2024-10-24T08:29:03Z |
| suse-su-2024:3755-1 | Security update for go1.21-openssl | 2024-10-24T07:54:03Z | 2024-10-24T07:54:03Z |
| suse-su-2024:3754-1 | Security update for buildah | 2024-10-24T03:34:37Z | 2024-10-24T03:34:37Z |
| suse-su-2024:3753-1 | Security update for podman | 2024-10-24T03:34:18Z | 2024-10-24T03:34:18Z |
| suse-su-2024:3752-1 | Security update for webkit2gtk3 | 2024-10-24T03:33:43Z | 2024-10-24T03:33:43Z |
| suse-su-2024:3751-1 | Security update for webkit2gtk3 | 2024-10-24T01:33:35Z | 2024-10-24T01:33:35Z |
| suse-su-2024:3750-1 | Security update for apache2 | 2024-10-23T15:33:25Z | 2024-10-23T15:33:25Z |
| suse-su-2024:3749-1 | Security update for python-pyOpenSSL | 2024-10-23T15:32:52Z | 2024-10-23T15:32:52Z |
| suse-su-2024:3748-1 | Security update for cargo-c | 2024-10-23T11:33:35Z | 2024-10-23T11:33:35Z |
| suse-su-2024:3747-1 | Security update for protobuf | 2024-10-22T13:41:37Z | 2024-10-22T13:41:37Z |
| suse-su-2024:3746-1 | Security update for protobuf | 2024-10-22T13:40:55Z | 2024-10-22T13:40:55Z |
| suse-su-2024:3745-1 | Security update for protobuf | 2024-10-22T13:39:36Z | 2024-10-22T13:39:36Z |
| suse-su-2024:3744-1 | Security update for qemu | 2024-10-22T13:34:33Z | 2024-10-22T13:34:33Z |
| suse-su-2024:3742-1 | Security update for apache2 | 2024-10-21T13:58:26Z | 2024-10-21T13:58:26Z |
| suse-su-2024:3741-1 | Security update for podman | 2024-10-21T12:33:42Z | 2024-10-21T12:33:42Z |
| suse-su-2024:3733-1 | Security update for php7 | 2024-10-18T15:48:27Z | 2024-10-18T15:48:27Z |
| suse-su-2024:3732-1 | Security update for php74 | 2024-10-18T14:47:15Z | 2024-10-18T14:47:15Z |
| suse-su-2024:3731-1 | Security update for MozillaThunderbird | 2024-10-18T14:29:47Z | 2024-10-18T14:29:47Z |
| suse-su-2024:3729-1 | Security update for php8 | 2024-10-18T13:22:52Z | 2024-10-18T13:22:52Z |
| suse-su-2024:3728-1 | Security update for buildah | 2024-10-18T13:15:50Z | 2024-10-18T13:15:50Z |
| suse-su-2024:3720-1 | Security update for jetty-minimal | 2024-10-18T06:33:56Z | 2024-10-18T06:33:56Z |
| suse-su-2024:3719-1 | Security update for python-starlette | 2024-10-18T05:54:46Z | 2024-10-18T05:54:46Z |
| suse-su-2024:3717-1 | Security update for OpenIPMI | 2024-10-18T00:33:54Z | 2024-10-18T00:33:54Z |
| suse-su-2024:3711-1 | Security update for cups-filters | 2024-10-17T12:33:36Z | 2024-10-17T12:33:36Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2025-22091 | Mattermost输入验证错误漏洞(CNVD-2025-22091) | 2025-09-18 | 2025-09-19 |
| cnvd-2025-21928 | PDF-XChange Editor远程代码执行漏洞(CNVD-2025-21928) | 2025-06-27 | 2025-09-19 |
| cnvd-2025-21912 | PDF-XChange Editor EMF功能越界读取漏洞(CNVD-2025-21912) | 2025-08-11 | 2025-09-19 |
| cnvd-2025-21891 | PDF-XChange Editor EMF功能越界读取漏洞 | 2025-08-11 | 2025-09-19 |
| cnvd-2025-21856 | Student Record System session.php文件SQL注入漏洞 | 2025-07-04 | 2025-09-19 |
| cnvd-2025-21855 | Student Record System register.php文件SQL注入漏洞 | 2025-07-04 | 2025-09-19 |
| cnvd-2025-21854 | Student Record System manage-subjects.php文件SQL注入漏洞 | 2025-07-04 | 2025-09-19 |
| cnvd-2025-21853 | Student Record System manage-students.php文件SQL注入漏洞 | 2025-07-04 | 2025-09-19 |
| cnvd-2025-21851 | Medical Card Generation System /admin/unreadenq.ph文件SQL注入漏洞 | 2025-06-11 | 2025-09-19 |
| cnvd-2025-21850 | Medical Card Generation System /admin/readenq.php文件SQL注入漏洞 | 2025-06-11 | 2025-09-19 |
| cnvd-2025-21849 | Medical Card Generation System /admin/manage-card.php文件SQL注入漏洞 | 2025-06-11 | 2025-09-19 |
| cnvd-2025-21848 | Medical Card Generation System跨站脚本漏洞 | 2025-07-07 | 2025-09-19 |
| cnvd-2025-21847 | Medical Card Generation System Manage Card功能跨站请求伪造漏洞 | 2025-07-07 | 2025-09-19 |
| cnvd-2025-21844 | Vehicle Parking Management System view-outgoingvehicle-detail.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21843 | Vehicle Parking Management System view--detail.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21842 | Vehicle Parking Management System signup.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21841 | Vehicle Parking Management System search-vehicle.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21840 | Vehicle Parking Management System reg-users.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21839 | Vehicle Parking Management System profile.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21706 | Vehicle Parking Management System print.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21705 | Vehicle Parking Management System manage-outgoingvehicle.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21704 | Vehicle Parking Management System manage-incomingvehicle.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21692 | Online Library Management System存在未明漏洞(CNVD-2025-21692) | 2025-03-12 | 2025-09-19 |
| cnvd-2025-21691 | Vehicle Parking Management System manage-category.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21690 | Vehicle Parking Management System index.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21689 | Vehicle Parking Management System forgot-password.php文件SQL注入漏洞 | 2025-07-18 | 2025-09-19 |
| cnvd-2025-21688 | Online Library Management System跨站脚本漏洞 | 2025-07-21 | 2025-09-19 |
| cnvd-2025-21687 | Online Library Management System /admin/student-history.php文件SQL注入漏洞 | 2025-07-21 | 2025-09-19 |
| cnvd-2025-21686 | Online Library Management System存在未明漏洞 | 2025-08-01 | 2025-09-19 |
| cnvd-2025-20837 | Belkin F9K1122堆栈缓冲区溢出漏洞(CNVD-2025-20837) | 2025-07-11 | 2025-09-19 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTFR-2024-AVI-0298 | Vulnérabilité dans Spring Framework | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| CERTFR-2024-AVI-0297 | Multiples vulnérabilités dans Juniper | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| CERTFR-2024-AVI-0296 | Multiples vulnérabilités dans GitLab | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| CERTFR-2024-AVI-0295 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| CERTFR-2024-AVI-0294 | Multiples vulnérabilités dans Google Chrome | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| CERTFR-2024-AVI-0293 | Multiples vulnérabilités dans Mitel MiCollab | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0292 | Multiples vulnérabilités dans les produits Microsoft | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0291 | Multiples vulnérabilités dans Microsoft Azure | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0290 | Vulnérabilité dans Microsoft .Net | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0289 | Multiples vulnérabilités dans Microsoft Windows | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0288 | Vulnérabilité dans Microsoft Office | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0287 | Multiples vulnérabilités dans les produits Fortinet | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0286 | Multiples vulnérabilités dans les produits Xen | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0285 | Vulnérabilité dans WordPress | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0284 | Multiples vulnérabilités dans les produits Adobe | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0108 | Multiples vulnérabilités dans les produits Fortinet | 2024-02-09T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0292 | Multiples vulnérabilités dans les produits Microsoft | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0291 | Multiples vulnérabilités dans Microsoft Azure | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0290 | Vulnérabilité dans Microsoft .Net | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0289 | Multiples vulnérabilités dans Microsoft Windows | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0288 | Vulnérabilité dans Microsoft Office | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0287 | Multiples vulnérabilités dans les produits Fortinet | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0286 | Multiples vulnérabilités dans les produits Xen | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0285 | Vulnérabilité dans WordPress | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0284 | Multiples vulnérabilités dans les produits Adobe | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| CERTFR-2024-AVI-0108 | Multiples vulnérabilités dans les produits Fortinet | 2024-02-09T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0282 | Vulnérabilité dans les produits Schneider | 2024-04-09T00:00:00.000000 | 2024-04-09T00:00:00.000000 |
| certfr-2024-avi-0281 | Multiples vulnérabilités dans les produits Siemens | 2024-04-09T00:00:00.000000 | 2024-04-09T00:00:00.000000 |
| certfr-2024-avi-0280 | Vulnérabilité dans OpenSSL | 2024-04-09T00:00:00.000000 | 2024-04-09T00:00:00.000000 |
| CERTFR-2024-AVI-0282 | Vulnérabilité dans les produits Schneider | 2024-04-09T00:00:00.000000 | 2024-04-09T00:00:00.000000 |